lolp1/outut.txt

## outut.txt
[Debug] -> STAGE ONE STARTING
[Debug]Loader.exe] -> AntiDebugTrap traps #1 and #2 enabled and set on a timer, first elapsed event passed.
[Debug]Loader.exe] -> Wow-64.exe was open. Killing the process and reloading it in its suspended state.
[Debug]Loader.exe] -> Preparing the download of loader.dll using a newly generated name for the file obtained using a simple AES tool.
[Debug]Loader.exe] -> Downloading the new loader.dll URL obtained by extracting info from a meta-data file restricted from non-local server assets. completed, meta-data stored in memory for later use.
[Debug]Loader.exe] -> Download of randomized named loader.dll completed, using the existing meta-data stored in memory to grab its URL it was downloaded from. Loader.dll loaded into process.

[Debug] -> STAGE ONE COMPLETE, STAGE TWO STARTING
[Debug]Loader.dll] -> AntiDebugTrap traps #1 and #2 and their timer disabled, methods #3 and #4 are set on a timer, first elapsed event passed.
[Debug]Loader.dll] -> WowNet.Domain.dll checking users credential's are valid before grabbing files.. passed.
[Debug]Loader.dll] -> WowNet.Domain.dll name randomized using meta-data stored in memory prior to stage two.
[Debug]Loader.dll] -> WowNet.Domain.dll downloading the encrypted WowNet.dll file ... download complete.
[Debug]Loader.dll] -> WowNet.Domain.dll is decrypting WowNet.dll ... decryption complete.
[Debug]Loader.dll] -> Decrypted DLL headers stripped,and split into sections so the entry is not so large to look suspect.
[Debug]Loader.dll] -> Decrypted DLL loaded complete.

[Debug] -> STAGE ONE COMPLETE, STAGE TWO COMPLETE, FINAL STAGE STARTED.
[Debug]WowNet.dll] -> AntiDebugTrap traps #3 and #4 and their timer disabled, methods #5 and #6 and at random #7 is enabled, #5 and #6 are set on a timer, first elapsed event passed.
[Debug]WowNet.dll] -> Users security token for SSO is cached in several locations, and a session is creeated and if one existed already if the sections tokens do not match old one is killed and data report made.
[Debug]WowNet.dll] -> Heart-beat started, session valid checking started, waiting for the real Wow-64.exe window to spawn.
[Debug]WowNet.dll] -> Basic warden report cache requested before loading core.. no new matches.
[Debug]WowNet.dll] -> Core loaded.
[Debug]WowNet.dll] -> Enabled.
[Debug]WowNet.dll] -> User closed WowNet.UI, max time allowed to save settings or clean up is ~2000 before the process must be killed.
[Debug]WowNet.dll] -> Settings-Saved=true SSO-Session-Killed=true, Disabled=true, Core-Disabled=true,  Wow-64.exe terminated in 872 Milliseconds after WM_DESTROY was intercepted.
	[Debug] -> STAGE ONE STARTING
	[Debug]Loader.exe] -> AntiDebugTrap traps #1 and #2 enabled and set on a timer, first elapsed event passed.
	[Debug]Loader.exe] -> Wow-64.exe was open. Killing the process and reloading it in its suspended state.
	[Debug]Loader.exe] -> Preparing the download of loader.dll using a newly generated name for the file obtained using a simple AES tool.
	[Debug]Loader.exe] -> Downloading the new loader.dll URL obtained by extracting info from a meta-data file restricted from non-local server assets. completed, meta-data stored in memory for later use.
	[Debug]Loader.exe] -> Download of randomized named loader.dll completed, using the existing meta-data stored in memory to grab its URL it was downloaded from. Loader.dll loaded into process.

	[Debug] -> STAGE ONE COMPLETE, STAGE TWO STARTING
	[Debug]Loader.dll] -> AntiDebugTrap traps #1 and #2 and their timer disabled, methods #3 and #4 are set on a timer, first elapsed event passed.
	[Debug]Loader.dll] -> WowNet.Domain.dll checking users credential's are valid before grabbing files.. passed.
	[Debug]Loader.dll] -> WowNet.Domain.dll name randomized using meta-data stored in memory prior to stage two.
	[Debug]Loader.dll] -> WowNet.Domain.dll downloading the encrypted WowNet.dll file ... download complete.
	[Debug]Loader.dll] -> WowNet.Domain.dll is decrypting WowNet.dll ... decryption complete.
	[Debug]Loader.dll] -> Decrypted DLL headers stripped,and split into sections so the entry is not so large to look suspect.
	[Debug]Loader.dll] -> Decrypted DLL loaded complete.

	[Debug] -> STAGE ONE COMPLETE, STAGE TWO COMPLETE, FINAL STAGE STARTED.
	[Debug]WowNet.dll] -> AntiDebugTrap traps #3 and #4 and their timer disabled, methods #5 and #6 and at random #7 is enabled, #5 and #6 are set on a timer, first elapsed event passed.
	[Debug]WowNet.dll] -> Users security token for SSO is cached in several locations, and a session is creeated and if one existed already if the sections tokens do not match old one is killed and data report made.
	[Debug]WowNet.dll] -> Heart-beat started, session valid checking started, waiting for the real Wow-64.exe window to spawn.
	[Debug]WowNet.dll] -> Basic warden report cache requested before loading core.. no new matches.
	[Debug]WowNet.dll] -> Core loaded.
	[Debug]WowNet.dll] -> Enabled.
	[Debug]WowNet.dll] -> User closed WowNet.UI, max time allowed to save settings or clean up is ~2000 before the process must be killed.
	[Debug]WowNet.dll] -> Settings-Saved=true SSO-Session-Killed=true, Disabled=true, Core-Disabled=true, Wow-64.exe terminated in 872 Milliseconds after WM_DESTROY was intercepted.