It's calling these API functions (advapi32.dll) with these parameters:
CryptCreateHash ( 3275488, 32771, 0, 0, 1243424 );
CryptHashData ( 3203040, 'UY30930037661', 13, 0 );
CryptCreateHash ( 3276304, 32771, 0, 0, 46463812 );
CryptHashData ( 3203296, '-585164138661', 10, 0 );
CryptCreateHash ( 3276304, 32771, 0, 0, 46463808 );
CryptHashData ( 3203424, '1db17bd8ef8bcbd734424a9eae818907LOGIN OK³·óéB', 40, 0 );
CryptCreateHash ( 3276304, 32771, 0, 0, 46463808 );
CryptHashData ( 3203296, '1db17bd8ef8bcbd734424a9eae818907HWHASH OK', 41, 0 );
Not sure how it would come to
1db17bd8ef8bcbd734424a9eae818907
Anyone have any ideas?