r00tten/c14c8d99ab4652e631b61af1dca873b4_shellcode_r2

## c14c8d99ab4652e631b61af1dca873b4_shellcode_r2
af @ 0xbe
afvb -52 sus.imp.VirtualProtectEx int32_t @ 0xbe
afvb -84 sus.imp.ResumeThread int32_t @ 0xbe
afvb -60 sus.imp.VirtualFree int32_t @ 0xbe
afvb -108 sus.imp.ReadProcessMemory int32_t @ 0xbe
afvb -112 sus.imp.SetThreadContext int32_t @ 0xbe
afvb -96 sus.imp.GetThreadContext int32_t @ 0xbe
afvb -88 sus.imp.TerminateProcess int32_t @ 0xbe
afvb -44 sus.imp.WriteProcessMemory int32_t @ 0xbe
afvb -104 sus.imp.VirtualAlloc int32_t @ 0xbe
afvb -64 sus.imp.VirtualAllocEx int32_t @ 0xbe
afvb -212 var_d4h int32_t @ 0xbe
afvb -92 sus.imp.CreateProcessW int32_t @ 0xbe
afvb -216 var_d8h int32_t @ 0xbe
afvb -80 sus.imp.NtUnmapViewOfSection int32_t @ 0xbe
afvb -24 sus.imp.RtlZeroMemory int32_t @ 0xbe
afvb -76 sus.imp.memcpy int32_t @ 0xbe
"e asm.bits = 32"
"f sus.hashCheck 103 0x00000057"
"f sus.strLen 25 0x00000000"
"f sus.hashCalc 62 0x00000019"
	af @ 0xbe
	afvb -52 sus.imp.VirtualProtectEx int32_t @ 0xbe
	afvb -84 sus.imp.ResumeThread int32_t @ 0xbe
	afvb -60 sus.imp.VirtualFree int32_t @ 0xbe
	afvb -108 sus.imp.ReadProcessMemory int32_t @ 0xbe
	afvb -112 sus.imp.SetThreadContext int32_t @ 0xbe
	afvb -96 sus.imp.GetThreadContext int32_t @ 0xbe
	afvb -88 sus.imp.TerminateProcess int32_t @ 0xbe
	afvb -44 sus.imp.WriteProcessMemory int32_t @ 0xbe
	afvb -104 sus.imp.VirtualAlloc int32_t @ 0xbe
	afvb -64 sus.imp.VirtualAllocEx int32_t @ 0xbe
	afvb -212 var_d4h int32_t @ 0xbe
	afvb -92 sus.imp.CreateProcessW int32_t @ 0xbe
	afvb -216 var_d8h int32_t @ 0xbe
	afvb -80 sus.imp.NtUnmapViewOfSection int32_t @ 0xbe
	afvb -24 sus.imp.RtlZeroMemory int32_t @ 0xbe
	afvb -76 sus.imp.memcpy int32_t @ 0xbe
	"e asm.bits = 32"
	"f sus.hashCheck 103 0x00000057"
	"f sus.strLen 25 0x00000000"
	"f sus.hashCalc 62 0x00000019"